Re: My bank...
"say they've verified me by my voice"
Good grief. Wasn't voice recognition demonstrated to be flawed thirty three years ago in the movie Sneakers? If they could pull something like that off by splicing tape, imagine what modern tech could do, especially given the number of people likely to have sufficient voice samples available in social media posts.
The basic authentication rule is very simple: Something you have and something you know. If they want to use voice recognition as the "have" then fair enough. But it shouldn't ever be the only test made.
"This thread should demonstrate to them that they are playing fast and loose with my money"
Banks do that as a matter of course. The pay-by-bonk limit just keeps going up "because convenience" (so I've deactivated it on my cards). The PIN for the card is a mere four digits. The special prove-I'm-me PIN is only five digits, and rarely asked for. They still seem to think that possession of my phone means it is me, thus giving a possibility for somebody who stole my phone to access the necessary and required bank app [1], set up the passcode forgotten routine, and get a temporary code by text...to that same phone. Clever.
I think it says a lot that it is more complicated to set up K9 Mail to access a mailbox with the likes of Google [2] than it is to access my money.
1 - God only knows what happens for people who don't have (or want) a smartphone.
2 - The "terribly insecure" application specific password stuff.
Biting the hand that feeds IT
