There’s a scene in the latest season of Ted Lasso when one of the principal characters falls into a canal during a trip to Amsterdam. For the rest of the episode, she finds love in the arms of the friendly guy from a nearby barge who rescued her. All I could think of was, how is she going to use her credit card without a phone? Or fly home without being able to check-in and show her boarding pass?
I’m sure I am not the only Daily Maverick reader who dreads being in this unenviable position. I have a lingering, unspoken anxiety about the terrible inevitability that I might lose a phone, or have it stolen. Or, as happened to me last week, having my phone just die overnight. In its sleep, as it were. Or, at least, in mine.
Because Apple so conveniently backs it up every night for me, I was able to restore it within a few hours – in no small part because of Vodacom’s phenomenal service in getting me a replacement iPhone by lunchtime.
But there are unfortunate repercussions for some services that use your smartphone as a “trusted device”. It’s both a boon and a curse – without being in a foreign country.
The smartphone has usurped so many other devices and services – they are a digital Swiss army knife. They are our diaries, contact books, cameras, provide us with email and messaging, distract us with social media, and open up the world of apps.
Like most of us, my banking app is among the top five most-used apps. I arguably use it every day – and certainly use my credit card through Apple Pay daily.
One of the delights for me about the shift to smartphone app-based banking is that the app has become the trusted device. If I make an online credit card payment, I have to verify it in my FNB app first.
I love that.
There was a time when it was secure to have a one-time pin SMSed to your phone. But that is the easiest way to compromise your security. SMSes can be intercepted, with SIM card swaps being one of the easiest ways to steal someone’s login credentials.
It’s the reason so-called authenticator apps have emerged as a more secure means to provide what’s called two-factor authentication. Generally, when you are logging into your email or social account, the first factor is your password. The second is that six-digit code generated by the authenticator app.
You obviously set this up beforehand and I highly recommend doing it immediately.
When buying something online, either through a website or an app, most banks now push a verification notification to your app, where you have to approve it. It’s genius. No more easily intercepted SMSes.
But there is a downside, especially if you use your smartphone as the trusted device. Without the previous trusted phone, it’s hard to set up a new device. My bank, as it should, requires verification from my smartphone app for certain things, including approvals for releasing payments and (most frustratingly) setting up a new trusted device.
Obviously, this would happen just before the 25th when I had to be the second person to authorise salaries. But, as it happens, recreating a trusted device can be done a lot more easily than I expected.
Apart from the usual login details, FNB used a selfie to verify I was who I said I was (which they confirm against the Home Affairs database) and, well, that I’m alive. It was slightly more complicated for my business account, but now I know how to do it.
Of course, I immediately created my iPad as another trusted device in case I ever fall into a canal. Or have a phone pull a lemming on me. DM
The mobile device – a wonderful servant but a terrible master.
On the bright side – much easier to get a new phone set up than trying to recover from a lost of stolen wallet in the “old days” 😊
Would have liked to have the names of a few good authenticator apps. Also is this quick resuscitation of cell phone facilities easier for contract phones than one bought and owned by the user? I bought mine and am on prepaid so does that leave me with less support if my trusty phone departs my life?
They are normally proprietary. So, I have a Microsoft one and a SBSA one, for example. The whole point of them is that the entity has to trust it, so they aren’t going to be happy with a 3rd party App.
However have you ever needed to use your banking and other apps that require two step verification while overseas? I am unable to receive SMSes when overseas as the institutions do not appear to have realized the phone number then needs your country’s international dialling code. I was consequently left financially stranded!
While I agree with the sentiments about the centrality of a smartphone in one’s life, Toby, why do you have to be such a Crapple fanboy that you can’t resist putting an “i” in front of every device? What is it with you people? Do you have to boast about spending twice what we mere mortals do for exactly the same functionality?
I would have thought that someone of your knowledge of technology would know that exactly the same is available on a phone from ANY manufacturer?