‘New and improved’ – NS&I announces changes which will affect Premium Bonds holders

Martin Lewis offers advice on reinvesting in NS&I bonds

We use your sign-up to provide content in ways you’ve consented to and to improve our understanding of you. This may include adverts from us and 3rd parties based on our understanding. You can unsubscribe at any time. More info

Authentication and logins to NS&I accounts have been upgraded to provide better security for those trusting NS&I with their hard-earned cash. Savers and Premium Bond holders will need to set up their new two-factor authentication in order to login to their account.

Roughly £190billion is lost to scams in the UK every year, and financial institutions have been hard at work to improve their security and communication protocols to help give consumers peace of mind. 

To keep their security up to standard, NS&I has announced new and improved measures that will require account holders to take some extra steps when logging into their accounts.

The first of these changes is an upgraded authentication procedure in order to ensure that people logging into the account are the account holders and not potential scammers or identity thieves. 

Currently, account holders require their NS&I number and password in order to login to their accounts. 

However, NS&I noted that “scammers are becoming more and more sophisticated” which has called for higher levels of authorisation in order to access the accounts. 

NS&I announced that these new security and authorisation features “will use the principles of two-factor authentication”. 

Two-factor authentication uses three different types of information to ensure that the person logging into the account is who they say they are.

For NS&I, these information types will include:

  • Something only the account holder knows
  • Something the account holder owns
  • A unique characteristic of the account holder

The first information type is already used to login to NS&I accounts, usually these are passwords or their NS&I number. 

The second type of information will include something that the account holder uses personally and is unlikely to be co-owned with someone else such as a mobile phone or other personal device.

The third information type will require unique physical characteristics of the account holder to be shown, such as fingerprints or face authentication.

However, two-factor authentication will only require two of these three factors. 

NS&I has stated that for the most part, using one’s NS&I number and password to login to their account will remain the same. 

The biggest change to expect will be account holders receiving one-time passcodes to their mobile phones or an automated phone call to their landline as an added security measure. 

This one-time passcode will be a unique six digit number and account holders will only have a limited amount of time to input the code before it expires. 

NS&I said account holders will be able to ask for another passcode if they do not manage to type in the first one before it expires.

Anyone logging into their accounts will be shown the steps to input the code when logging in.

Once the code has been entered, NS&I will mark the browser or device used to log in as trusted, meaning they will only need to use the passcode method again if they log in via a different device or browser. 

Another security measure that will be added is for account holders to create a six digit PIN to use in the future.

Due to the new security measures, account holders are advised to double check that their phone number is up to date on their accounts. 

Having an old or inactive number attached to the account will mean account holders won’t be able to receive the one-time passcode.

In the worst-case scenario this will also mean that if one’s phone or number has been stolen or is used by someone else now, then the other person will receive their passcode to enter their account. 

Source: Read Full Article