I was carelessly logging into my Keypoint Credit Union account online today, and messed up three times. BAM—with no prior notice at all, I was locked out of my account.
What would most normal banks do under this circumstance?
- Require me to answer additional questions that ideally only I would know before allowing me to try logging in again.
- Or throw up a captcha.
- Or, at worst, make me wait [x] minutes before allowing me to log in.
Keypoint? They make you call. Here’s what I had to do when I phoned in:
– Listen to a welcome announcement
– Navigate through a phone tree
– Enter in lots of data (social security info, phone numbers, home address, etc.)
– Wait for an agent (thankfully not long).
– Wait for the agent—I kidd you not—to put me on hold while he updated my records to show there was no change in my info.
All in all, a bit over four minutes. Hardly the end of the world, but a not-insignificant annoyance… particularly if I had been overseas, not near a phone, etc.
So, the $100,000 FDIC Insured Question: Why couldn’t I have simply been asked to Prove I’m Me… online? Sheesh.
* * *
And now for something even sillier.
I’ve been a member of 24 Hour Fitness for more nearly a decade. I love my gym at work, but I enjoy being able to take fitness classes on the weekend and such. So when I learned that 24 Hour Fitness was building a swankier gym literally around the corner from the existing somewhat-cramped gym, I was pretty excited. Building, building… done!
This past Sunday I admirably dragged myself out of bed, gym bag in tow… and here’s the entertaining (and somewhat baffling) conversation I had with the front desk staffer and the (apparent) manager who walked on over.
ME: Good morning [handed him my 24 Hour Fitness card]
STAFFER: Hi. [Scans card. Pauses, with confused look…] Hmm, are you a member?
ME: Um, yes. [pointed to card still in his hand, which also had my photo on the back of it].
STAFFER: But… but… hmm… your membership isn’t good here.
ME: Yeah, I have a Sport membership, not a Super Sport [rolling eyes invisibly], but I brought this 7 day trial pass. [I hand him the pass]. I’ve thought of upgrading.
STAFFER: Er… erg… hmm. [looks at paper, turns it over to the blank side, then back over to the unblank side and literally scratches head]
MANAGER: Hi, can I help you? [Staffer mumbles confusedly, hands him paper; Manager looks at computer screen]
STAFFER: Oh, you’re in luck! [Yes, he seriously opened with this line with a straight face] You have a Sport membership, and this is a Super Sport gym, so you’re not eligible to work out here. But I can have someone walk you around the corner—we have a Sport gym there for you!
ME: But I logged into my 24 Hour Fitness account online and printed out a trial pass for this gym. Just wanted to try it out, maybe upgrade and…
STAFFER: [shaking head] No, no… sorry, that was last week. Um, we had the open house last week. It ended. But here, let me have someone show you the other gym…
ME: Er, but what about the pass?
STAFFER: You’re a member, right?
ME: Yes [pointing to my membership card which was in the hand of a still-rather-confused staffer]
STAFFER: That’s the thing. That pass [pointing to tiny print] is only good for non-members.
ME: So, for the past 4 months, you’ve had flyers up urging members to upgrade, but now we can’t check out the new…er, nevermind, I’ll just head over to the other gym. Thanks!
* * *
I’m thinking about quitting my membership. The classes aren’t even that great, and I’m embarrassed to be giving my money to a company that’s so consistently clueless.
Lol that’s the usual annoying thing I experienced when I need to call and inquire on something – go through with the phone tree and answer a lot of questions from the customer service rep himself. Somehow after 3 years of calling to my mobile service provider, I found out that my middle name was misspelled and they need me to go to their nearest office and hand in my birth certificate. I complained and said that it is their fault because I clearly did not misspell my middle name. Told them to retrieve their records and they won’t do it. After three years I have to submit my birth certificate again. Until now I was not able to do it. I am thinking of cutting it off. Convenience is one thing I need when I am busy. The net could be faster.
You’d be a lot grouchier if someone had been able to get into your account in 3 tries and wiped your account clean.
Surely an offline verification process can always be streamlined to take fewer steps and less time, but I’d say three failed attempts is a reasonable hacker alert. If it was your Facebook account instead of your bank account, I’d say giving folks a couple more tries would be okay. But it’s YOUR money they’re trying to protect. They aren’t trying to make it inconvenient for you simply as a policy.
Also worth noting that Captcha wouldn’t do anything to prevent fraudulent access to your account, nor would it do anything to confirm your identity. It would simply weed out automated attacks on their system.
I appreciate the comment and always like getting dissenting views here. With that said, though, I very firmly disagree with your take on this.
1) Making me call in and keying in / voicing answers to verify identity isn’t an ounce more secure than making me enter it online.
2) The three-failed-attempts is *NOT* reasonable. Do you know how easy it’d be for me to maliciously lock up others’ accounts just by guessing usernames? Answer: very!
3) A captcha would make the bank a far, far less attractive target to hackers engaging in dictionary attacks. And if it were non-automated fraudulent access I was worried about—e.g., someone knowing my password—than a three-strikes-you’re-out isn’t very useful at all either! 😀
Stuff like this is incredibly frustrating – especially when you have to call in. Seems like it could be set to email the account holder, and go through a verification process. That would be a lot less hassle.
I have exactly the same problem. With so many different logins it is all too easy to get the wrong one three times and making time-consuming calls to unlock the account is really frustrating. Simple web verification would be as much secure and wouldn’t unnecessarily frustrate the user. Sadly, all I can do is to be very carefull when signing in… or change my bank, but that’s not really an option.
I have accounts at three different banks and each one uses totally different log in and verification procedures. Like you, I suffered a blonde moment about a month ago and got locked out from one of them. It was annoying and calling in wouldn’t really stop a serious thief.
I’d have liked a time lock that cycled through and let me try again later but I don’t know of anyone who uses that process anymore.
I agree on 24Hr fitness. If I had a gym at work I would defiantly cancel my membership! The classes are ok. The quality varies dramatically by instructor. Really the only reason I belong to that gym is that my gym buddy has a membership there and the location is convenient.
Also, I think they are slowly upgrading their gyms to the more expensive variety. I don’t actually use any of the features that make my gym a Sport location. I might use the pool, but the water is mega gross.
24 – hour fitness’ customer care SUCKS! I’ve tried to put my membership on hold for past three months – and they keep giving me a run around and keep charging my bank account – ASSHOLES!!! (PARKER& ARAPAHOE 24-HOUR FITNESS – AURORA, CO 80015) And that is their regional headquarters!!! Assholes!!!
Hey, everyone, thanks for the friendly sympathy 😀 Nice to know I’m not alone in my frustration with this stuff. Gotta love the Internet! 😀