Provincial Credit Union Gets TFA!

I’ve been doing my banking with Provincial Credit Union for 28 years. Which is funny to think about as I still consider myself a “new customer,” when clearly I am that no longer.

I was an enthusiastic early-adopter of the Credit Union’s “MemberDirect” online system, to the point where I only need to go into the physical branch two or three times a year. The system, which was built in-house by collaborating credit unions, is kind of weird, but I’ve grown used to its weirdness, to the point where it seems natural and like all online banking platforms should work.

The one exception to this has been use of reCAPTCHA as a gate on login. Which means that every single time I login, I have to go through the “Select all the images with X” where X is bicycles, or fire hydrants, or motorcycles, or crosswalks. Like this:

Credit Union Login plus reCAPTCHA

From a security point of view I understand this, especially given the lite password requirement that’s always been in place — just a 4 digit numeric PIN.

But from a human point of view it’s been a pain in the ass, especially as sometimes, for reasons unknown, I get prompted with multiple reCAPTCHA challenges, one after the other, even if I answer each one correctly.

But, rejoice, the end of this is near; I received this email this afternoon:

2-Step Verification is the new industry standard and will replace reCAPTCHA when you first login.  reCAPTCHA is the system enabling web hosts to distinguish between human and automated access to websites.  So instead of having to verify numerous images (select all squares with traffic lights) members will be prompted to input a one-time verification code, that you will receive via text message or email.  It’s an added layer of security for our members. 

I’ve yet to learn if this will support TFA apps in addition to SMS and email validation, which would be nice. But never having to identify traffic lights or motorcycles or Australian wolfhounds will be very, very nice.