Just got off chat support with N26. It is one of those online banks like Revolut or Wise. Only it isn’t. Because it has everything annoyingly Germanic about it as humanly possible. My feedback at the end of my ordeal (to change the phone number I have declared) was “just copy everyone else”. To which they – predictably – responded that they give great importance to security for the good of everyone, blah blah blah.
It’s not “everyone” with the account. Just me. And I use it for small change. I don’t care if someone hacks it easier, that is how I have it in my head. “Not much money=not worth a lot of security”. Makes sense to me. Not just for banking, for everything. If you are heavily invested in Facebook sure, go ahead, have two factor authentication or whatever else you want. If you don’t care, why bother?
It isn’t just because I am a liberal who believes in choice. It makes business sense too. By all means dream up of extra security. Make it available. Advertise it, explain it, heck you can even charge extra for it. But it makes zero sense for the same high level of security to be compulsory for everyone. This isn’t a physical bank where one thief getting in will risk everybody’s money. This is my personal account. I should be able to choose how to verify what. I might like to sign in from new devices easily. I may not want to rely on a phone for SMS verification. My choice!
I can blame the media. They love to make a fuss about online hazards. I can blame security experts, always exaggerating and talking about crazy breaches they have witnessed which most of us will never get close to. I can blame human nature, some people are security crazy and then try and force it down the neck of the rest of us. And when something goes wrong with security everyone jumps to conclusions and takes the opportunity to increase it with more security.
Enough is enough though.