From our perspective, this means: the media that warns people, the police that track down and prosecute fraudsters, the banks that monitor transactions and warn people, and the telecommunications and internet companies that also monitor things and act accordingly. Banks play an important role in ensuring security, but with the advent of digital technologies, this has become a shared responsibility: we will only be able to combat banking fraud effectively if all parties work together.
Point by point answers to your questions:
Safety is the number one priority. So we have consciously chosen not to have phone support for years, specifically to prevent phishing. All our communications take place exclusively via the secure application environment. It has been made clear to users (repeatedly) that we never contact you by phone:
– Every email we send to users (automated emails like welcome email)
– When registering in the application
– When making a transfer (via app or web)
– Via newsletters
– And even through the employees' photo on LinkedIn.
The Bunq app is (very) well secured, via something called “two-factor authentication.” This means you must first grant your phone access via biometric verification (for new devices, your face must be scanned before the new device is added to your account). For payments over €100 (daily total), you must also enter your personal PIN. These two factors together are two factors. When people fall victim to phishing, it means that, despite all the warnings, they have been granted access to a new device (through a face scan) and have also handed over their PIN.
When you're approved for a new phone, you'll also receive an additional warning: via a notification and via email. This way, the user can still take immediate action if they grant someone else access to their account. The user then has several options to keep their account secure. They can block access directly via the app, call our emergency number (which will block the account immediately) or they can contact SOS support (where they will be assisted within 10 minutes).
Despite all these precautions, some people are unfortunately still victims. As soon as this message reaches us, we will do everything we can to minimize the damage: we will immediately block all accounts and try to recover transfers that have already been made. For the latter, we are completely dependent on the cooperation of other banks. If there is any residual damage, we will take both statutory regulations and NVB guidelines into account to assess any compensation. What is important here is the extent to which the people themselves are responsible (in solidarity) for the damage that occurred.
For example: Let's say someone rings the doorbell, asks for your debit card and PIN, and you actually provide that information (negligence), that's a different situation – however unfortunate – than when someone copies your debit card and PIN. Your PIN code.
[Anydesk]
Anydesk is an excellent example of the importance of collaboration. With this software, you can completely open your computer to third parties to do whatever they want: bank transfers (from any bank), view your emails, copy and/or edit your data, view your browser history, view photos/clips Your video, etc. However, we have no influence or access to Anydesk. So it would be a good idea to contact the software developer to find out what they are doing against fraud. There is a huge amount of fraud visible through this platform.
[Bereikbaarheid]
I have already explained the accessibility through different channels in Bunq in my previous email. Naturally, we are always looking for how to make things better and clearer, and we are happy to consult frequently to this end.
What we notice is that users often realize too late that they have fallen into a trap of something, and then they blindly panic and don't know how to react. Even in those cases, we do our best to be prepared and help victims clearly and promptly, but it is often too late.
[Limieten]
As for the wait time for the new frontier: Bunq actually introduced this a long time ago, before it was on others' radar. The evaluation showed that it did not make any difference in fraud cases, while it led to many complaints from our users.
That's why we reversed it. I think it is good to realize how this type of fraud works: if there is a delay, the so-called “bank employee” simply says: Thank you for your cooperation, I will call you tomorrow to make sure you are safe. People are still framed (one day later).
The limits you set are incomplete: – Up to 100 EUR per day: authorized device – Up to 5,000 EUR per day: authorized device and login code – For cards: up to 1,000 EUR per day, card and PIN required – Cash operations Withdrawal: 250 euros per day. – To change your limit: approved device and login code
[Cijfers]
I think I already explained the NVB question in my previous answer. For many years, Bunq has not released numbers that can be directly traceable to our users to protect their privacy. I don't have access to data from the anti-fraud helpdesk, but the day before yesterday I read, for example, that 28 million were stolen last year. Hence the fact that punk users are overrepresented seems to contradict the actual situation. Finally: We would very much like to draw attention to further cooperation. As a bank, we are doing everything we can to keep people as safe as possible. It would be very helpful if the media paid more attention to this problem, and if these criminal gangs were tracked down and arrested. Crime should not pay.
Additional question from CASA editors:
“We have noted that the standard limit for transfers to third-party IBANS is EUR 5,000 and the maximum is EUR 1,000,000 (for personal use as our software is consumer-focused). Source: Bunq. If this is not correct, please let us know today at the latest.”
The answer is in:
It is true that the maximum limit for bank transfers can be changed. In response to user requests, the limit has been increased because many transfer large amounts to and from Bank, for example when buying or selling a house. Different limits apply to cards (as described previously). For savings accounts, a maximum of two transfers are applied per month.
