Chiswick gym-goer has bank account emptied after locker raid

I saw this first on twitter and it makes no sense. How did they get on her phone? It’s impossible to get on an iPhone or Android phone without the pin or fingerprint or whatever.

Then someone suggested they must have got the pin from the app. Once again not possible as with Santander you need a security code to view the pin.

If someone steals all your stuff including your phone they should only ever be able to use contactless.

Santander have refunded her and given her compensation but why unless there’s something we don’t know :person_shrugging:


… is probably the answer.


I’m thinking though it’s more likely because she posted about it on twitter and it got a lot of attention Santander gave in and changed their mind.

There’s no way someone could just go on the Santander app and transfer out all of her savings into her current account.

From the Santander site:

  • 5-Digit PIN authentication log in option for increased log-in security.

  • Automatically logs out after five minutes of inactivity.

It’s impossible what she said happened without her making some sort of mistake herself.


And she landed a nice goodwill sum to boot. Well done, her :relaxed:

1 Like

There’s this:

Charlotte accused Santander of making a “catalogue of errors”, which included calling her mobile phone after it had been stolen when it was likely to have been in the hands of criminals.


How does she know that Santander rang her mobile phone if it had been stolen?

They could access her phone, they had her card pin and they also had her security code for Santander. I don’t think Santander is the issue here.

If they called her it was because they blocked suspicious transactions. In normal circumstances this would have been fine but yes as it’s automated the criminal can just say everything is fine and keep spending but they should never have had the pin in the first place.


Yeah to be fair I feel like they could have done a little better on the calling a stolen phone front. If there’s suspected fraud, a member of the fraud team should be aside to make calls and cards blocked until they’re satisfied.

There is no algorithm for a truthful person and using a potentially compromised device to authenticate is negligent security (imo).

Edit: wouldn’t surprise me if the banks actually saved money providing and then by making people use FIDO auth keys (much smaller than the card readers) to authenticate things in the app. Could easily be kept in a little pocket or your bra if lady at the gym (as I know women aren’t blessed with pockets like men)

Sure. But if Santander made mistakes in the handling of her case, they might well have decided to put things right with cash, whether or not they strictly needed to.


I hate banks which insist on having a separate gizmo to do things. Annoying and a waste of plastic.

The Nationwide one is a particular pain.

  1. Insert card

  2. Remove card because you need to see all of the last 4 digits

  3. etc…


Google saw successful phishing attempts drop from a decent % to actually zero, when a physical yubikey was added to the equation

Nationwide are the worst for needing the card reader all the time!

I get round it slightly by using their debit card in a Barclays PINSentry reader instead, so at least you can see the last four digits whilst the card is in the device.

1 Like

So would putting all devices/cards authorised to access the account in a vault guarded by armed personnel.

It’s a bit impractical tho.

The direction of travel is (reassuringly) against this nonsense now however, most banks which do the whole separate single purpose device offer an alternative now - for example Natwest Group offer a fascial identification check via their app. Nationwide are something of an outlier, I can only think of Triodos who they have for company in fact.

There might be some bits that Barclays still need PINsentry for too - I think I needed it to regain access to the app after I lost my phone last autumn.

1 Like

Yes, exactly.

Even Triodos allow some two-factor authentication via their app for savings accounts (although I don’t think it covers everything needed for current accounts, that’s clearly the direction of travel).

If you’re seriously suggesting carrying an NFC FIDO authentication device is impractical I’d urge you to Google one and reevaluate your stance, they’re quite literally thin enough to fit in your wallet and survive being ran over by cars. they can also be attached to a keychain. Super easy to carry around

I am suggesting exactly that. I am not adding a dozen fobs to my keychain, and any bank who askes me to will be met by me deleting their app and the account going to the top of the ‘switch donor’ pile.

Quite apart from that - are you sure your idea would actually have made a diff here? I don’t tend to work out with my keys on my person if I’ve put anything in a locker.


I agree with you.

Frankly, there are plenty of “secure enough” ways to verify and authenticate people without any need for a secondary device at all. I simply can’t be bothered to use a secondary device and any bank that requires it is not going to be top of my list.

I can just about still use Nationwide using only the app as I never set up new payees from their accounts, but I don’t find them very good.


Agreed. I couldn’t use Nationwide as a main account for this very reason - I used to circulate money through it to keep the Travel Insurance cover active but this benefit has gone now and the account is on the donor list.

A shame as I’d really like to do my banking with a building society but not at the expense of usability.

1 Like

So as I mentioned, Google really is your friend. You would keep a single one on your person and link to all banks. You would keep a single one at home as a backup.

Not a dozen. That’s not how FIDO keys work.

Yes, it would have. They’re meant to kept on your person and not left.

So the idea is she’d have moved it from her purse to her bosom for the duration or the workout and then anyone trying to use her device would have found it useless.

I’d also say though that she probably could have avoided the whole situation by having a PIN on her phone and/or not writing her PIN on her card.