Originally Posted by
Lussac
Well, it gives us a problem right away. We often travel to NZ for lengthy periods and have always bought a Spark Visitor SIM to replace our PAYG UK SIM so would not be able to receive the SMS as it would go to my registered UK PAYG number. In February this type of problem was brought home to us as we have a similar two-stage verification process for access to our UK bank, as it happens we needed access to the account urgently but found that somehow we had lost our UK SIMS when they were changed over to the NZ Spark SIM so couldn't get access to the account until new SIMS had been sent from the UK, this in itself was a problem as the telco refused to send them anywhere but the registered address so extra time was lost getting them sent then forwarded, in all it took 4 weeks to get it sorted out. I suppose I'm highlighting a problem of swapping SIMS. I guess the only solution to this is to have either a dual-sim 'phone or a completely separate 'phone for the Spark SIM.
Your points are all correct, with increased security there is always a "mafan" factor. Its why I have to keep one phone with my China number on at all times. SMS OTP is also considered quite an outdated technique, but nevertheless its employed by many companies, because people still use easily guessed passwords and they use them on multiple sites and most people accept the hassle rather than turning away from the service. Any other type of 2 factor would have massive impact on the adoption, and its not like they will shell out for keyfobs for all of us (and the banks are moving away from those too). A bit of social engineering with a telco can get you someone's SIM card too. I guess, statistically they know this will result in less fraud and attrition of customers as a result will be minimal.