New procedures for verifying identity with EQ Bank? | EQ Bank | Discussion forum

Please consider registering
guest

sp_LogInOut Log In sp_Registration Register

Register | Lost password?
Advanced Search

— Forum Scope —




— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

sp_Feed Topic RSS sp_TopicIcon
New procedures for verifying identity with EQ Bank?
October 16, 2019
11:35 pm
Darkchild
Member
Members
Forum Posts: 7
Member Since:
October 7, 2019
sp_UserOfflineSmall Offline

I'm not sure of how recently the others on here have opened their accounts at EQ, but I just "tried" to go through the account opening process and I'm completely turned off by them. I think in the past they used to verify your identity by you sending them either a cheque or a hydro bill or something along those lines. Now it seems like they force you to verify your identity by logging into your main bank account (the one that you want to link up to EQ) through EQ's website using some third-party software. So basically you have to type in your client card # and your password to your other bank on EQ's system which will basically breach your security agreement with your other bank. Ironically, if you were to do the inverse, in that you were to provide another bank with your EQ client number or password, it would nullify your agreement with EQ--this according to their own savings account agreement. I cannot believe they actually ask people to do this. No thanks. What pisses me off is that I had already gone as far in the application process as entering my SIN.

October 17, 2019
12:35 am
Loonie
Member
Members
Forum Posts: 5551
Member Since:
October 21, 2013
sp_UserOfflineSmall Offline

I opened mine a few years ago, but have never really liked EQ, mostly because of their attitude, which I have always found arrogant and overly focussed on technology to the detriment of the humans involved. I don't find them to be customer service-oriented, although others may disagree. Basically, I only use them when I don't have any other decent alternatives or if they offer a promo. But I could certainly live without them - and so can you.

Sorry to hear of this problem. If it is as you have described, I wouldn't go through with it either.
I don't recall what verification was used back when I applied but I think it involved sending a cheque in the mail.

All the banks are tending to more and more invasions of privacy and stricter (but not necessarily more sensible) verifications. It's a bad trend. They should concentrate more on their own internal security mechanisms, because that's where their customers get hurt.

For this reason, I am reluctant to close any banking relationships, as I fear it will be more difficult to get back later if needed. And I am not given to compromise when it comes to unreasonable demands! For similar reasons, I prefer to visit a physical branch in order to open an account whenever possible. It's less onerous in person, although it may take a bit more time; but EQ makes no provision for that. They do have a physical plant around St Clair and Yonge in Toronto but I doubt you could use it for this purpose. It may be worth asking - and complaining!

October 17, 2019
7:29 am
Londonguy
Member
Members
Forum Posts: 272
Member Since:
May 27, 2016
sp_UserOfflineSmall Offline

Darkchild said
I'm not sure of how recently the others on here have opened their accounts at EQ, but I just "tried" to go through the account opening process and I'm completely turned off by them. I think in the past they used to verify your identity by you sending them either a cheque or a hydro bill or something along those lines. Now it seems like they force you to verify your identity by logging into your main bank account (the one that you want to link up to EQ) through EQ's website using some third-party software. So basically you have to type in your client card # and your password to your other bank on EQ's system which will basically breach your security agreement with your other bank. Ironically, if you were to do the inverse, in that you were to provide another bank with your EQ client number or password, it would nullify your agreement with EQ--this according to their own savings account agreement. I cannot believe they actually ask people to do this. No thanks. What pisses me off is that I had already gone as far in the application process as entering my SIN.  

I wouldn't do it either, but it's my understanding that volunteering your external account's log-in info was a "fast track" procedure to get it done quickly, and it's not the only way to validate the authenticity of the external account if you don't want to surrender your log-in data -- is that not correct?

I've had an EQ account for 3+ years and it doesn't affect me, so I admit I'm not completely up on everything that's changed

October 17, 2019
8:04 am
Pronounced Zed
Toronto
Newbie
Members
Forum Posts: 1
Member Since:
December 9, 2018
sp_UserOfflineSmall Offline

When I opened my account last year they used micro-deposits for linking accounts.
I noticed Meridian is now also using this login system, but they allow you to by-pass and verify by cheque if you prefer. So I'm guessing this is becoming an industry standard.

October 17, 2019
10:23 am
Selkirk
Member
Members
Forum Posts: 168
Member Since:
January 12, 2019
sp_UserOfflineSmall Offline

Loonie said

. . . Basically, I only use them when I don't have any other decent alternatives or if they offer a promo. But I could certainly live without them - and so can you . . .   

'Amen' to that ⬆❗

I packed it in with EQ Bank almost a year ago, now. I still maintain a HISA with them, but the present balance is $0.00 .

They don't offer a full range of products (no TFSA's / no RRSP's / no RRIF's / etc.), and their GIC rates are just too low, to bother with. Much Better Rates can be found, elsewhere ➡ https://www.highinterestsavings.ca/gic-rates/

October 17, 2019
3:19 pm
andied20
Member
Members
Forum Posts: 4
Member Since:
October 10, 2016
sp_UserOfflineSmall Offline

I opened an account with EQ when they first went online, so I have not experienced this new procedure, but it appears very similar to what Canada Revenue has been using for several years using a sign-in-partner, and I find it fast and efficient.

This is from the CRA site, but may also apply with the EQ procedure:

"The information you enter (e.g. username, password) and the identity of the financial institution are not shared with the Government of Canada. Similarly, none of your personal tax information will be shared with your financial institution. No personally identifying information or banking details are ever shared."

"Remember that when you use a Sign-In Partner, none of your banking or personally identifiable information is communicated to the government service you are accessing and the Government of Canada does not know which Sign-In Partner you have used. Similarly, no information about the government service being accessed by the user will be shared with the user's Sign-In Partner."

October 17, 2019
3:26 pm
AltaRed
Member
Members
Forum Posts: 931
Member Since:
October 27, 2013
sp_UserOfflineSmall Offline

The sign-in partner approach appears to be the next big thing in Canadian finance. When I opened my EQ account, it was the micri-deposit approach noted in post #4.

October 17, 2019
5:11 pm
Darkchild
Member
Members
Forum Posts: 7
Member Since:
October 7, 2019
sp_UserOfflineSmall Offline

AltaRed, you are probably right in that this is the way things are going with finance. However, I'm not comfortable with it and I'm sure others feel the same as me.
I did phone up EQ and asked if there was another way to verify identity and they confirmed what I thought that this is the only way they are doing it now. The CSR went on giving the standard spiel about it being safe and blah, blah, blah, but I explained my situation to him and he said they do welcome the feedback and that if they deem that they are losing too many potential customers because of something like this, then they would respond to the concern. I do take that with a grain of salt. It's really about my comfort level and my options are limited. I either comply or look elsewhere. Any other bank that is using something like this is out of the question for me.

andied20: I'm aware of CRA using this as well, but I've always cringed as well and have never used it.

October 17, 2019
6:34 pm
Loonie
Member
Members
Forum Posts: 5551
Member Since:
October 21, 2013
sp_UserOfflineSmall Offline

These things are always perfectly safe...
until the day the CEO has to stand in front of the media and try to explain why things went wrong.

I remember when the Dalkon shield was perfectly safe.
I remember when cigarettes were perfectly safe.
I remember when Peoples Trust weas perfectly safe.

and so on.

October 17, 2019
7:03 pm
AltaRed
Member
Members
Forum Posts: 931
Member Since:
October 27, 2013
sp_UserOfflineSmall Offline

The sign in partner approach is as good for security as is the security of the sign in partner itself. One is just using the https site of the sign in partner as the portal, and by using the portal of the sign in partner, it validates one as a valid person of the sign in partner.

The primary risk of this system is whether someone has successfully hoodwinked the initial FI in this chain, but that is not your problem.

October 17, 2019
7:17 pm
Norman1
Member
Members
Forum Posts: 2565
Member Since:
April 6, 2013
sp_UserOfflineSmall Offline

One needs to be careful as the different methods are not always safe.

The SecureKey method used by CRA is safe because CRA does not actually handle the banking ID and password. Instead, CRA causes the bank's web site to show a page to ask for the ID and password. The bank then passes back a message to CRA indicating a successful authentication along with the verified info, like name, address, and account number.

I've seen other methods that are not safe because the site (not your bank's site) asks for the banking ID and password. The site then connects to the bank as you, using your ID and password and scrapes the resulting web pages from the bank. Some of them will actually save the banking ID and password so that they can continue to scrape future info!

October 18, 2019
7:09 am
Londonguy
Member
Members
Forum Posts: 272
Member Since:
May 27, 2016
sp_UserOfflineSmall Offline

andied20 said
I opened an account with EQ when they first went online, so I have not experienced this new procedure, but it appears very similar to what Canada Revenue has been using for several years using a sign-in-partner, and I find it fast and efficient.

This is from the CRA site, but may also apply with the EQ procedure:

"The information you enter (e.g. username, password) and the identity of the financial institution are not shared with the Government of Canada. Similarly, none of your personal tax information will be shared with your financial institution. No personally identifying information or banking details are ever shared."

"Remember that when you use a Sign-In Partner, none of your banking or personally identifiable information is communicated to the government service you are accessing and the Government of Canada does not know which Sign-In Partner you have used. Similarly, no information about the government service being accessed by the user will be shared with the user's Sign-In Partner."  

That's all good, except in the case of EQ Bank they are using a private third party company called Flinks (https://flinks.io/about/) to do the authentication, and gawd-only-knows what they might later do with your information, or how secure it is, or where in the world it's being stored, etc., etc., etc.

I absolutely would NOT give them jack in the way of my information

October 18, 2019
6:00 pm
andied20
Member
Members
Forum Posts: 4
Member Since:
October 10, 2016
sp_UserOfflineSmall Offline

Perhaps EQ's website has not caught up with recent changes, but their FAQ states you can verify identity with "microdeposits" or an "original e-document".

Even if you did provide your banks client # and password to get signed up, could you not then change your bank's password after opening the EQ account? If you do not want to give your client card #, you should be able to change the login info from your main bank to a different username before opening the account at EQ, and then changing your main bank's login back. A bit of extra effort, but I recently had a family member open an account at EQ and they said super quick and easy, with the new identity verfication.

October 18, 2019
6:52 pm
Loonie
Member
Members
Forum Posts: 5551
Member Since:
October 21, 2013
sp_UserOfflineSmall Offline

I really think this sort of thing ought to be resisted in the strongest possible way.
But people are suckers for quick and easy.

October 18, 2019
7:11 pm
Londonguy
Member
Members
Forum Posts: 272
Member Since:
May 27, 2016
sp_UserOfflineSmall Offline

Loonie said
I really think this sort of thing ought to be resisted in the strongest possible way.
But people are suckers for quick and easy.  

Precisely. It never ceases to amaze me what people will forfeit in the way of their personal information and privacy in exchange for a minuscule amount of added convenience.

November 2, 2019
8:31 pm
fv
Newbie
Members
Forum Posts: 1
Member Since:
November 2, 2019
sp_UserOfflineSmall Offline

I also turned EQ Bank down for the very same reason.

I would never, EVER, type my bank id/password on a website other than on my own bank, and it seems that's a requirement to open a account with them now (got an official confirmation from their customer service).

The issue is not only the security of your password. It doesn't matter if you change it after giving it to EQ or someone else. The issue is that by giving your password, you are most likely violating the service agreement with your bank.

Notice that your bank won't come after you if you give your password to someone else. They won't close your account either. But (and this is an very important "but") if anything out of ordinary happens to your account (say, one day you log in just to see a withdrawal that wiped out your account), then you're SOL because the bank will deem themselves with no obligation to refund or even investigate the issue after they discover you gave your secrets to a third-partly (which they'll surely know).

BTW I ended up opening an account with Alterna Bank. Interestingly enough, Alterna also ask for your bank password to link your account, but at least they give you the option to use other methods (cheque, microdeposits etc.)

November 3, 2019
8:35 am
AltaRed
Member
Members
Forum Posts: 931
Member Since:
October 27, 2013
sp_UserOfflineSmall Offline

Seems this is the new way to open accounts. It is not just EQ Bank. Oaken now does it as well using Flinks, and likely others. I suppose as long as FIs provide alternatives like micro-deposits (a winner in my books), I have no issues with folks who want super simplicity.

Not that I particularly care. I hope never to open another account with another (new to me) FI ever again (famous last words).

Please write your comments in the forum.