Verify and validate customers globally using their phone number.


Discover the network provider for every mobile number globally.


Protect customers, accounts, and transactions within your app.


Discover if a mobile number is assigned to a subscriber.


A real time phone number credibility score.


Identify if a number has the propensity to be used for fraud.

Banks and Financial Services
Mobile Messaging
Gaming & Gambling
Communication and Service Providers
Identity & Verification Providers
About us
Contact us

This Investigation into Online Bank Security has some Important Advice 

Fergal Parkinson

6 min read
Hand holding a smartphone displaying a login screen for "ebank," next to promotional text about an online bank security upgrade.
  • Consumer organisation has had to pivot cover online bank security
  • The latest report looks at the robustness of banking apps
  • Golden rules tell what you can do to beat the scammers
  • Scammers are also moving into… Stamps?

The British consumer organisation Which? Has been around since the 1950s. As its very name suggests, its primary functions for most of its first six decades were product testing – of the ‘what are the ten best washing machines on the high street’ variety – and advising shoppers on things like their right to refunds on faulty goods.

But just lately Which? has found itself concentrating more and more on fraud – such as online bank security – and teaching consumers how to beat it.

This development in itself tells us something striking about just how gigantic a problem scams have become for ordinary people. But I was also struck by something about their latest publication – and how it reveals the extraordinary range and variety of the problems that are out there now.

First though, a recap of its investigation into the online security standards of the biggest banks in the UK.

What the banks were doing wrong

Their investigative reporters looked at four key areas –

  1. best security practices
  2. log in protocols
  3. account management
  4. navigation and log out

And gave them each scores for robustness.

The good news was that overall the banks performed pretty well, though there were areas for concern. For instance TSB was found to be improperly handling sensitive data which meant that it could be read by other apps running on a user’s phone. Or Co-operative Bank was criticised for not demanding two-factor authentication when a user logged in from a new laptop for the first time. While Lloyds – despite generally performing well – was rapped for failing to log users out automatically when they had been idle for more than five minutes.

You can see the full details and – if you have one in the UK – check your own bank’s performance here:  best and worst banks for online and mobile security

But, for me, the most interesting part of their report was not the detailed micro criticisms of individual banks but their more general advice on staying safe when using online banking. Because this is the point at which so much fraud is committed: so many phishing scams, so many muggings, and so much online crime generally. It all occurs in relation to access to and transfers from a victim’s online bank account.

Person holding a credit card and smartphone at a desk with a laptop, improving their online bank security, shopping online or managing finances.

The six golden rules for online bank security

Here’s TMT ID’s take on their suggestions of how to protect yourself – these cannot be repeated enough:

  1. Protect your mobile. As I’ve written before, losing your phone is as bad as losing your password. Have a PIN that is unique to your SIM. Install a find-your-phone function. Disable preview notifications so that, for example, an SMS-sent OTP won’t show up on a locked phone screen
  2. Always keep your phone and your bank cards separate. I despair when I see people use their phones like a wallet with cards attached! When a thief has both in his hands his job is instantly much easier
  3. Make sure your phone or other device is up-to-date on upgrades and has anti-virus protection
  4. Choose unique rather than repeated passwords and make them complex. Use an app to store them if you are worried about forgetting – and keep access to that account completely secure
  5. Don’t let your online social life be a weak point – so keep personal info out of the public domain. Don’t post your D.O.B. on your socials for example. Or your mother’s maiden name – or any of that verification stuff. And don’t accept friend requests or open messages from people you don’t know.
  6. If you are suspicious that you may have been targeted, act quickly: contact your bank, check your transitions, and freeze your cards. It’s better to be inconvenienced than fleeced.

So that was the biggest take-home recently from Which’s pivot from consumer champion to consumer fraud protector. But there was another completely different story they also covered recently which made an intriguing contrast.

Digital…analogue – the scammers don’t care

And this was the surge in the circulation of counterfeit postal stamps. The sudden prevalence of millions of fake stamps came to light when ordinary people started getting fined for receiving post that hadn’t been paid for – despite having apparently legitimate stamps attached to them. This received a good deal of press coverage, I’m guessing because it was simply such a novelty scam.

But what I found intriguing about the episode was the stark contrast between this scam and warnings about online banking. Because what could be more non-digital, more analogue, more retro, than a traditional postage stamp? It’s at the very opposite end of the tech scale from logging into your bank account via your phone while on the dash. It’s positively old-fashioned.

But the fraudsters don’t care – they’re as happy to sell you a bunch of fake first-class stamps as they are to phish your personal details so they can hack your bank account. And – surprise, surprise – people who have been ripped off by fake stamps have often in the process been directed to fake websites designed to steal their personal data. Double bubble for the scammers. These guys really will rip you off in any way you can think of – and often in ways that won’t have occurred to you.

All of which means – as Which?’s recent output confirms – that the smart, contemporary consumer has to be in a state of constant awareness and suspicion on all fronts to avoid being ripped off.

Last updated on May 7, 2024


Related Articles

An advertisement for an online protection article by Mircea Sotir, featuring digital security imagery with a padlock and keyboard.

The importance of Online Protection

Professional woman on a phone call with a promotional banner for an article about phone call etiquette.

Why You Should Pause For Thought When You’re Asked To ‘Ring Me Back’

Graphic promotion for an article titled "In Real Strife: Social Media, Bots, and Customer Awareness" by Fergal Parkinson, featuring a colorful geometric design and highlighting the impact of fake accounts

In Real Strife: Social Media, Bots, and Customer Awareness


There are actions banks can take to protect you too - such as utilising mobile data to spot suspicious behaviour during onboarding, sign-in or during transactions.

Check out Verify
What Our Customers Are Saying

"BTS (Business Telecommunications Services) is successfully using TMT’s Velocity and Live services to check the status of mobile numbers. This way we make sure we optimize the performance of the service offered to our customers and ensure the quality of terminating traffic to all countries.”

Business Telecommunications Services

"TMT is a valued partner that enables us to manage our routing costs effectively. They proactively and continuously expand their operator and country coverage while delivering exceptional customer service. We can always count on them to achieve high-quality results and look forward to our continued collaboration."

Global Message Service

"TMT provides us with the most comprehensive numbering intelligence data through their fast and reliable Velocity and Live services. TMT is a trusted partner for us, their products ensure that we continue to optimise the best performance and service to our customers."

Global Voice

"TeleShield from TMT gives 42com the power to detect and target telephony fraud scams internationally, thereby protecting our company from the financial and customer experience impacts of telecommunications fraud."

Alberto Grunstein - CEO

"It has been a pleasure to work with the team at TMT. They have become an essential provider of accurate numbering data information and Number Portability services globally."

Luisa Sanchez - VP of SMS and Messaging Solutions, Identidad Technologies

"Deutsche Telekom Global Carrier uses TMT ID as one of their key suppliers for Mobile Number Portability Data services. Deutsche Telekom Global Carrier uses TMT ID’s Velocity MNP solution. This is an ultra-fast query service that optimises the routing of international voice calls and A2P messaging."

Deutsche Telekom Global Carrier

Ready to get started?

We provide comprehensive device, network and mobile numbering data available.

Contact us > Chat to an expert >