SMS Login Verification - Argh

Status
Not open for further replies.
Pushka said:
Or we can continue to plug for Qantas to change their method of dual log in by sending emails with codes and not simply SMS. MYOB (accounting software) does this.
Click to expand...

How many years have you been doing this? And what has changed?
 
Chicken said:
Here is another article, for those people who say we don't need to beef up security for QFF accounts, because who would bother?

Just someone copy and paste into the wrong CC, without all the PR disasters, still brought the company into a halt, imagine if this was to happen to Qantas. That's why we need to have security (not saying SMS is the best and the be all and end all)

When 'CC' should have been 'BCC': How an email gaffe cost one Australian company dearly (Sydney Morning Herald 02 Aug 2019)

The problem began when the employee mistakenly pasted 300 email addresses in the "carbon copy" or "CC" email field, instead of the "blind copy" or "BCC" field, a technological misstep familiar to almost anyone using email in 2019.

While no serious harm eventuated, six-figures later the company had self-reported to the Office of the Australian Information Commissioner, eight employees had worked full-time on the matter for a number of weeks, and costly advice had been sought from both lawyers and a well-known global consulting firm.
Click to expand...

You conveniently skipped the paragraph that really brought the cost of the issue. Also the company didn't "get brought to a halt."

"But when the company's chief information officer was unable to find a company data breach response plan, legal advice from a top-tier Australian law firm had to be sought."

The article was about the need for policies and plans, not that that copy/paste issue caused major detriment of itself. Qantas would be a completely different situation, and using Qantas' current policies or being more flexible is not going to cause anything like the above.
 
Chicken said:
To all the people about SMS from Qantas, how do you use your credit card on the internet?

The ONLY authentication from Mastercard SecureCode and Verified by Visa is SMS, if you can't receive SMS, you cannot use your credit card.
Click to expand...

I honestly can't remember the last time I got an SMS verification online. It'd be <1% of online transactions I do. And I don't think that's indicating that 99% of vendors have poor security.
 
odysseus said:
I honestly can't remember the last time I got an SMS verification online. It'd be <1% of online transactions I do. And I don't think that's indicating that 99% of vendors have poor security.
Click to expand...

The system is supposed to be 'intelligent' and learns your purchasing history to reduce the number of interventions required. If you do similar purchases all of the time, there is no need to get in the way.

I know I used to have to authorise SQ purchases by SMS code but no longer need to. The system has learnt that I make SQ purchases of a certain value and now lets these through.

Amex actually locked my card when I tried to make two Deutsche Bahn bookings in quick succession (it rejected the second purchase) and sent me an SMS stating that I needed to call back to Australia to get it unlocked. I can now make DB bookings without issue.
 
Pushka said:
It’s only just been rolled out across the membership in last 2 weeks. Feedback en masse just started.
Click to expand...

You were not part of the trial group selected in March 2017 and have not given significant feedback directly to QF since then (which I assume was largely ignored)?

QF trialling two-factor authentication for QFF accounts

They're coming after your frequent flyer points "Qantas won't divulge just how common frequent flyer identity theft is, but it's common. (The airline, like the banks being a bit vague about the extent of credit card fraud, says it's a security issue, not wanting to encourage the criminals. I...
www.australianfrequentflyer.com.au
 
Tallfont said:
I understand that but the Telstra overseas day pass is $10 a day once you hook in to an overseas network whether you do something or do nothing. When I travel to countries other than PNG I am happy with that for the convenience. Not happy to pay, say, $350 for a five week trip. Or $10 just to receive and SMS.
Click to expand...
and we come back to the question of why not simply select the option "Verify another way..." when and if you get the MFA verification. No SMS required.
The SMS is only an issue if you doggedly refuse to use the alternative mechanism presented on the authentication screen.
 
Last edited:
I lost my (well, the company's) iPhone at the start of a 4 week UK trip. Well, I left it on a bus. I immediately bought another and used Find My Iphone to both locate it (uselessly) and then nuke-it-from-orbit. But anyway, losing your phone number is the real deal killer here - you simply cease being able to authenticate a range of services and apps you had been taking for granted. I can forget about bank transfers and ...oh yeah, my tax return. I completed it on about 5 July but had held off filing the thing because that's what the ATO publicised - don't file too early. And MyGov? SMS authentication :rolleyes:
 
Pleb Status said:
You were not part of the trial group selected in March 2017 and have not given significant feedback directly to QF since then (which I assume was largely ignored)?

QF trialling two-factor authentication for QFF accounts

They're coming after your frequent flyer points "Qantas won't divulge just how common frequent flyer identity theft is, but it's common. (The airline, like the banks being a bit vague about the extent of credit card fraud, says it's a security issue, not wanting to encourage the criminals. I...
www.australianfrequentflyer.com.au
Click to expand...
Yes I was part of the trial commenced 2 years ago. I gave feedback via Twitter and Qantas social media team who called me back who said they’d received much negative feedback but Qantas were proceeding the roll out. So I guess you are right in that they don’t give a diddly squat.
 
downgraded said:
and we come back to the question of why not simply select the option "Verify another way..." when and if you get the MFA verification. No SMS required.
The SMS is only an issue if you doggedly refuse to use the alternative mechanism presented on the authentication screen.
Click to expand...
And again I say that if you are booking for a third party and were not notified of the roll out last week you wouldn’t know any of those details. And even having these details doesn’t stop the person who is being booked for from receiving a text and wondering what that’s all about.
 
Pushka said:
And again I say that if you are booking for a third party and were not notified of the roll out last week you wouldn’t know any of those details. And even having these details doesn’t stop the person who is being booked for from receiving a text and wondering what that’s all about.
Click to expand...
If you're booking for a third party that third party is probably in breach of the T's&C's if they've giving you access to their account.
 
Score 10,000 Bonus PayRewards Points on your business spend!*
Elevate your business spending to first-class rewards! Sign up today with code AFF10 and process over $10,000 in business expenses within your first 30 days to unlock 10,000 Bonus PayRewards Points.
Join 30,000+ savvy business owners who:

✅ Pay suppliers who don’t accept Amex
✅ Max out credit card rewards—even on government payments
✅ Earn & transfer PayRewards Points to 10+ airline & hotel partners

Start earning today!
- Pay suppliers who don’t take Amex
- Max out credit card rewards—even on government payments
- Earn & Transfer PayRewards Points to 8+ top airline & hotel partners

AFF Supporters can remove this and all advertisements

kpro said:
I've never seen a plan, pre-paid or post-paid which charges to receive SMS while roaming.
Click to expand...

Really? I'm sure I can dig out bills from 2010 to about 2015 where I was charged for receiving international SMS. Certainly this was very common in the naughties and 90s.
 
Status
Not open for further replies.

Become an AFF member!

Join Australian Frequent Flyer (AFF) for free and unlock insider tips, exclusive deals, and global meetups with 65,000+ frequent flyers.

AFF members can also access our Frequent Flyer Training courses, and upgrade to Fast-track your way to expert traveller status and unlock even more exclusive discounts!

AFF forum abbreviations

Wondering about Y, J or any of the other abbreviations used on our forum?

Check out our guide to common AFF acronyms & abbreviations.

Recent Posts

Currently Active Users

... and 13 more.
Total: 924 (members: 63, guests: 861)
Back
Top