On Monday, I published a brief post expressing frustration with Conventry Building Society’s paper-based process for resetting an online password. Remember? Of course you do. It’s here, if you need reminding. Frustration’s not the right word, really. Surprise would be better. Although I did use the line “I’m not sure I’ve come across anything so ridiculous in all the time I’ve been using the internet.” Which can’t possibly be true. There’s an awful lot of ridiculousness out there.
Anyway, someone at Coventry is switched on. I published that post on Monday evening. The very next day, Phillip Sawyer, Corporate Communications Manager at Coventry, was busy writing me a letter. Yes, in response to my post. I think that’s simply fantastic. Phillip gives a full and sensible explanation of their procedures which I completely accept. But to be honest the explanation is secondary. What I think is completely marvellous is the very fact that (a) my humble little blog post had come to his attention and the (b) he’d gone to the trouble of looking into my account, getting my address from their records, and responding.
Funny thing is, he both starts and finishes his letter by apologising for writing ‘out of the blue’. No apology needed, Philip. It’s the very fact that you did so that delighted me when I opened your letter. I salute you.
I phoned him this morning (he’d given me a direct line that went straight through without getting troubled by a switchboard. That, in itself, is marvellous) to thank him for great service, and asked if he had any objection to me publishing his reply. He had none. So here it is.
Dear Mr Coultart
Please accept my apologies for the unsolicited letter. However I read your blog post today about Coventry Building Society and I wanted to set your mind at rest about our processes.
As I understand it, you wanted to close your CallSave MoneyManager account, which currently has a balance of 30 pence. On calling our Customer Service Centre you were asked to write in to request the closure, which you understood. However, at the same time a new password request was generated and while you correctly identified that this was a secure process, you were surprised that it relied upon the post.
The first thing to say is that I understand your concern. It is something our members ask us about from time to time. On the face of it, it seems counter-productive to send letters out to members when they all they want to do is to reset their password. Allowing customers to do this online would appear to be more convenient.
Sadly, however, in recent years we have found fraudsters becoming more determined in the methods they use to gain access to their victims’ bank or building society accounts. As you will appreciate, I cannot go into detail here, but it is not unusual for criminals to approach a victim’s bank or building society – sometimes appearing to be using their victim’s computer – and request a new password. Where this is provided online (either by email or other automated means), this process effectively blocks the account-holder from access while allowing the criminal to transfer funds. As more people rely on internet banking, this is becoming a particular risk.
In Coventry’s case, sending out a physical password request form to the address held on our records reduces this risk considerably. Were anyone to attempt to reset a Coventry member’s password, they would also have to be intercepting their post to set up the new one. This adds an additional layer of security to the process
The safety of our members’ money is a subject we take very seriously as we seek to protect savers from the trauma and personal disruption that a successful fraudulent attack may cause. Unfortunately, professional criminals are constantly evolving the methods they use to gain access to their victims’ accounts, and our aim is to stay one step ahead of them.
It wasn’t clear from your blog post whether you had now written to us separately in order to close your account. If anything, I am slightly more concerned about this aspect than I am about the password process, as I don’t think we should be putting barriers in the way when it comes to transactions of this nature. If you still need any assistance with the account closure, please contact me on the number above and I’ll be happy to help you.
In closing, I apologise once more for writing to you ‘out of the blue’. However, at the Coventry we are genuinely interested in understanding how our members feel about us and I wanted to explain why we do some of the things we do.
Corporate Communications Manager