Data security and banking

Sir, – With reference to “Why does Revolut keep asking me to reveal my PPS number?” (Business, November 14th), I accept that there may be a valid legal basis for financial institutions (and other specified bodies) to collect my PPSN but I have concerns regarding the manner in which this data is typically collected.

For example, shortly after reading the article I was asked by a bank to complete and sign a form sent to me by email and return the completed form as an attachment to an email to be sent to the bank. The data required in the form included my PPS number as well as other personal data.

To send personal data using an unencrypted email is the equivalent of writing it on the back of a postcard and posting it in a letterbox.

The practice of transmitting documents by email seems to have grown during Covid but also (in my experience) is used to collect forms “that we forgot to ask you to complete when you visited our office”. Often the customer is under time pressure to complete a transaction and left with no option than to put their data at risk.

Buying a home on your own: Here is how to navigate the perils and pitfalls

‘Our daughter blames us for not realising years ago that she was autistic’

Kamala Harris’s storming opening salvo has left Donald Trump scrambling to regain his early momentum

Regarding the security of credit card data, a recent advertisement for a charity appearing in the newspaper facilitated the making of donations by credit card by including spaces for credit card and CVV number to be inserted in a form to be cut out and sent to the charity in the post.

It would be very unwise for a donor to use this option to make their donation because of the risk that their full credit card data could be lost or stolen. Card scheme rules (which a merchant must comply with) are that the CVV is to be used only for online or telephone authentication purposes and should not be retained in written form.

Companies or other entities collecting personal data should be required to provide a secure means of capturing personal data from customers and to implement controls (particularly training and monitoring) to ensure that it is used rather than reliance on unsecure emails or paper forms which put customer personal data at risk. – Yours, etc,

JOE FLEMING,

Glenageary,

Co Dublin.

Data security and banking

Who goes there?

MG’s impressive small hybrid undercuts Toyota and Renault on price

Buying a home on your own: Here is how to navigate the perils and pitfalls

‘Our daughter blames us for not realising years ago that she was autistic’

Kamala Harris’s storming opening salvo has left Donald Trump scrambling to regain his early momentum

IN THIS SECTION

MOST READ

LATEST STORIES

Kylian Mbappé scores on debut as Real Madrid beat Atalanta to win Super Cup

Garda operation begins at north Dublin’s Thornton Hall amid works for asylum seeker accommodation

Denis O’Brien adds over 370 names to defamation case

TDs and Senators claim more than €35,000 in expenses for mobile phones, ear buds and accessories

‘We got a great welcome in Dublin, but this is crazy’: Olympian Daire Lynch relishes Clonmel homecoming

Subscribe

Support

About Us

Irish Times Products & Services