ING Requesting New Personal Info

Related Stores

ING

• 

  StickMan on 22/10/2020 - 13:15

  +6

  Email? No. Don't do that.

  • 

    jjjaar on 22/10/2020 - 13:16

    Exactly! They haven't provided me with any secure way to get them the information. The option of "password protecting" this via email was provided but that's also awful.

    • 

      whooah1979 on 22/10/2020 - 13:19

      -2

      Emails send and received with TLS is encrypted.

    • 

      Scrooge McDuck on 22/10/2020 - 21:29

      +2

      Send it upside down?

    • 

      Member 0230 on 23/10/2020 - 12:04

      When secure upload is not available (95% of the time!), I always send an encrypted PDF.

      @Chandler is 100% correct: a password can be eventually cracked, but a sufficiently strong password will stave that off for millennia (even with an exponential rise in computing power). For most of us, that's good enough.

      Good tool: 1Password Strong Password Generator I choose a wordlist-based one when I need to provide it over the phone.

      Good read: How long should my passwords be?

      The short answer to the length question is that when using 1Password’s password generator you should just use the default settings: 20 characters for character-based passwords and four words for the wordlist-based ones.

• 

  jnewau on 22/10/2020 - 13:15

  Probably part of their Know Your Customer programme - https://www.ing.com.au/help-and-support/tips-hints-guides/KY…

  I had it for an old account (didnt need to provide passport) but did have to update details

  • 

    jjjaar on 22/10/2020 - 13:17

    Yeah I have just found this online. Seems legit why they are asking me for info. Just not how they want me to get it to them.

    • 

      c64 on 22/10/2020 - 14:00

      can you not post certified copies of the requested documents to them?

      • 

        whooah1979 on 22/10/2020 - 14:09

        +4

        Do you think posting IDs in an envelope is more secure than sending it in an encrypted email?

        • 

          redfox1200 on 22/10/2020 - 15:19

          +5

          @whooah1979: i just sent me passport off overseas in an envolope, hopefully the nigerian prince can confirm my identity and send me some cash soon

        • 

          Chandler on 22/10/2020 - 17:30

          +1

          @whooah1979:

          Do you think posting IDs in an envelope is more secure than sending it in an encrypted email?

          It's not necessarily less secure. Posting requires physical access. Email does not.

          Encryption is also not the silver bullet everyone likes to think it is. Once I have a copy of your email/file, it is a question of when I get access, not if.

          That when may be in hundreds of years, although with improving computational power this is ever-decreasing.

        • 

          c64 on 22/10/2020 - 19:21

          @whooah1979: i imagine that is what australia post does when it verifies your identity. just pops the documents in an envelope and sends them off.

          pay for registered or signature on delivery if you feel overly insecure

          • 

            isthisreallife22 on 27/10/2020 - 17:46

            @c64: I'm fairly certain australia post don't take a copy - they just "assert" you have been satisfactorily identified (I may be wrong though)

• 

  whooah1979 on 22/10/2020 - 13:17

  What is their email address?

  • 

    jjjaar on 22/10/2020 - 13:18

    I didn't even get far enough to find out. They said I'd need to provide it via email and straight away I was asking for alternative, more secure options. They had none.

  • 

    Scrooge McDuck on 22/10/2020 - 21:34

    What is their email address?

    [email protected]

• 

  StickMan on 22/10/2020 - 13:21

  They also said 'internal policies'. Just don't comply unless they block your account or something bordering on illegal, lol.

  • 

    jjjaar on 22/10/2020 - 13:23

    I was told I have 10 business days to get them the information or my account will be blocked…

    • 

      Seraphin7 on 22/10/2020 - 13:48

      +4

      Sounds like you've got 10 business days to get the cash out of there and into an alternative arrangement.

      • 

        whooah1979 on 22/10/2020 - 14:05

        +1

        OP can do KYC with ING or go to another bank and do KYC there. There is no way around KYC.

        • 

          jjjaar on 22/10/2020 - 14:14

          +2

          @whooah1979: The difference is, other banks are providing secure websites to set up new accounts, or allowing me to do so in branch. ING are only offering email (which I don't trust), or in Sydney branch, and I am in Melbourne.

          It's interesting, because I'm sure if you were opening a new account with ING they would have the secure online portal to do this as well, so I can't understand why someone who is being asked to provide this who already has an account doesn't have this option.

          • 

            whooah1979 on 22/10/2020 - 14:48

            @jjjaar:

            secure websites

            That do you mean with secure websites? They using the same encryption that is used by mail servers.

            • 

              jjjaar on 22/10/2020 - 14:51

              @whooah1979: Sending a random PDF via email to a generic email address feels much less secure than uploading it to a secure directory

              • 

                whooah1979 on 22/10/2020 - 14:55

                +1

                @jjjaar: Ozbargain use TLS 1.3 AES 128 which is the same as many other mail servers.

                Your pdf is just as safe in an email as your details are on ozb, eBay, PayPal, Amazon, the CBA, mygov, etc.

          • 

            AustriaBargain on 22/10/2020 - 16:22

            @jjjaar: Is an upload field on a website more secure than an email though?

            • 

              bluesky on 22/10/2020 - 18:31

              @AustriaBargain: If the upload uses SSL, I will feel quite assured because this is endpoint-to-endpoint encryption.

              With email, one cannot be sure how many intermediate hops the email takes to reach the end-point.
              Just because an encrypted protocol is used to connect to an outgoing mail server, there is no assurance of the same for the rest of the hops to reach the end recipient - although generally-speaking, nowadays, it would be the case.

              Also, the encrypted protocol to the outgoing server merely ensures encryption during the transmission to that server.
              At the intermediate servers, if the email is plaintext, what if the administrator there decides to have a look at the email?
              I am not saying this is likely, simply that it is less secure than endpoint-to-endpoint encryption.

              The only way to make an email secure would be to encrypt it yourself, send it over, and have the recipient decrypt it.

              • 

                AustriaBargain on 22/10/2020 - 18:36

                @bluesky: I set up forms that allow upload with free SSL, and usually I set it to just email the upload to the person who needs to see it anyway to keep it off the web server. I know it's then on the email server, but what i mean is behind the scenes you don't know where your uploads are going.

                • 

                  bluesky on 22/10/2020 - 18:43

                  @AustriaBargain:

                  but what i mean is behind the scenes you don't know where your uploads are going.

                  That is why if it is a responsible bank/financial institution (BTW I used to work for a US internet bank), these security considerations must be taken seriously, in the design of how the internal processes work.

                  • 

                    AustriaBargain on 22/10/2020 - 18:59

                    @bluesky: Those sound like a load of assumptions. You'd hope they would have all like iron clad Iron Man level security and protocols and stuff, and teams of people devoted to securing all upload fields and stuff. You'd hope a big bank could afford to do everything right all the time.

                    • 

                      bluesky on 22/10/2020 - 19:34

                      @AustriaBargain: Yes, we hope that all (especially big) banks have the resources to do the right thing. Even then, some will do better than others on this front.

                      Banks are dealing with customers’ critical info, that is why it is reasonable to expect this. Clearly, not every application deals with info that has so much privacy/security implications. For those cases, a more relaxed approach may be justifiable.

                      Irrespective, as a customer, I would take all steps necessary to safeguard my own info as best as I can, in transmitting this to them.
                      Once it reaches them, unfortunately, it is out of my hands if they are incompetent or irresponsible. Which I hope is not the case.

        • 

          Seraphin7 on 22/10/2020 - 14:50

          @whooah1979: I'm fully aware of the KYC requirements (in more detail than I ever cared to acquire) … the point is if OP does not wish to follow the instructions, and I can understand the concerns as outlined in this regard, a new arrangement that is more satisfactory will need to be found.

          OP should act now, and it seems like the approach that will give OP most comfort is to move.

• 

  bazingaa on 22/10/2020 - 13:22

  +1

  I verified my identity at Auspost when I opened my account. May be you can do the same thing ?

  • 

    jjjaar on 22/10/2020 - 13:23

    +1

    I would totally accept this as an option. However, it was not an option they gave me.

• 

  isthisreallife22 on 22/10/2020 - 13:48

  I think unfortunately you are going to need to give them a call.

  • 

    jjjaar on 22/10/2020 - 14:15

    This information was provided to me during a phone call with them.

    • 

      isthisreallife22 on 22/10/2020 - 14:19

      I mean call them and discuss other options for providing the info e.g. auspost

      • 

        jjjaar on 22/10/2020 - 14:32

        +1

        I asked for all of the options available to me - email, or email with a password attached to the file.

• 

  Snake 4 on 22/10/2020 - 14:12

  +1

  And if you don't have a passport?

  • 

    jjjaar on 22/10/2020 - 14:15

    Oh, other forms of ID were also acceptable.

• 

  Agarwal on 22/10/2020 - 15:40

  +4

  Can you open a new account online, verify your info, link it to your existing account and close the new one?

• 

  PissLUR on 22/10/2020 - 15:58

  +1

  I have to do the same for Bankwest. they asked me to visit one of their branches to update my ID document.

  • 

    jjjaar on 22/10/2020 - 17:38

    See, I would be more than comfortable with this option, but they are an online only bank.

    • 

      AustriaBargain on 22/10/2020 - 18:37

      Why don't you open an account with NAB or something instead. They resell insurance don't they.

• 

  bluesky on 22/10/2020 - 16:59

  +2

  ING should have provided the ability in their secure messaging within the account to be able to upload documents.
  Some banks have this if my memory serves.

  I have done this with another bank, which is a bit better than sending plain text. Not identity docs though, but to open term deposit. I sent the pdf doc encrypted with a password in email, and I provided the customer rep on the phone with the password. This assumes you have already connected with a particular person, who will be dealing with your document. And the email can ATTN that person specifically. If this makes you more comfortable, it is worth a try.

• 

  OzHunterNSW on 23/10/2020 - 11:05

  STOP….. ring the company via a number sourced via phone directory.
  Enquire then toward this odd request.
  Who is required to proffer pass ports… what if you do not have a pass port… you opened the account with the appropriate identification, so why now is that no sufficient?
  Take your business elsewhere

• 

  gyrex on 23/10/2020 - 13:05

  I had to do the same thing since I've had an ING account for around 15 years. I sent the requested documents via their secure messaging feature on internet banking.

  • 

    jjjaar on 23/10/2020 - 14:02

    Wow! That was not suggested as an option. I might give them a call back and see if I can do that. Cheers

  • 

    bluesky on 23/10/2020 - 14:28

    When I first saw this post, I went and had a cursory look at their secure messaging, wanting to suggest this to OP. But there does not seem to be a way to attach documents. How did you do it? Just curious.

    • 

      gyrex on 23/10/2020 - 17:02

      +2

      My apologies, I got confused with my Bankwest & ING accounts. ING doesn't have a secure message system which you can upload documents to whereas Bankwest does.

  • 

    PissLUR on 23/10/2020 - 17:05

    were you dealing with the bankwest's KYC?

    • 

      gyrex on 23/10/2020 - 17:36

      I had to do it for both of them.

• 

  LFO on 23/10/2020 - 19:11

  -2

  S C A M !!!

  Do nothing.

  Ask or wait for a printed letter to your address.

  • 

    gyrex on 23/10/2020 - 19:41

    +1

    It's not a scam. ING is undertaking KYC for a number of customers who signed up before KYC legislation was drafted and enacted.

  • 

    this is us on 27/10/2020 - 17:51

    That was hysterical…

• 

  LFO on 23/10/2020 - 19:13

  -1

  One more:

  To prove your identity is normally done via Australia Post.
  They will physically check your ID and then report to ING.

  • 

    whooah1979 on 23/10/2020 - 21:14

    Aupost will check the ID, note down all the information and email it to ING.

• 

  Neoika on 24/10/2020 - 23:56

  Passport, Driver licence expired, number changed. I think ING got my outdated info in 2013 as well.

• 

  this is us on 27/10/2020 - 17:54

  +1

  There was a similar discussion weeks/months ago, and someone suggested sending the documents with something like "FOR ING ID CHECK" crossing the image of the documents. Not sure if they accept that, though…

  It is kind of ridiculous to ask people to send copy of documents by email (or by fax) when there are many automated ways to do ID checks. They should at least offer alternatives.