It's telling that in areas banks don't have responsibility (criminals breaking into individual accounts and draining them for example) they are insecure. SMS 2FA, short pin numbers, etc.
> He said Barclays told him it would do an internal fraud investigation which later resulted in Mr de Simone being held liable for all the losses.
> "They could not identify a point of compromise from the back end - to them it looked like the pin had been entered.
> "The only thing they could suggest was that someone knew the code therefore it's gross negligence on my part apparently.
In the olden days banks used to have decent security. Once you gain access to the account, to pay a new payee you'd need your bank card and pin number to do the 2FA. Now it's all the same phone.
> After eight months of evidence gathering and dealing with the police, an investigator at the Financial Ombudsman Service (FOS) upheld Mr de Simone's complaint against Barclays which now, if it disagrees with this, has the opportunity to ask the ombudsman to examine the case.
https://www.bbc.com/news/business-64240140.amp
> He said Barclays told him it would do an internal fraud investigation which later resulted in Mr de Simone being held liable for all the losses.
> "They could not identify a point of compromise from the back end - to them it looked like the pin had been entered.
> "The only thing they could suggest was that someone knew the code therefore it's gross negligence on my part apparently.
In the olden days banks used to have decent security. Once you gain access to the account, to pay a new payee you'd need your bank card and pin number to do the 2FA. Now it's all the same phone.