Complete News World

Electronic Banking Security - A Postfinance customer suddenly finds himself in someone else's account - Kassensturz Espresso

Electronic Banking Security – A Postfinance customer suddenly finds himself in someone else’s account – Kassensturz Espresso


Fatal error: Postfinance client ends up in a third party account due to incorrectly submitted login data.

In July 2022, Walter Meyer (name changed) received several recorded messages from Postfinance containing personal access data for his electronic banking services. His correct name and address on all documents. “I would never have dreamed that something could be wrong,” Meyer says.

Suddenly the balance of the account ten times higher

When he logged in, he was surprised: “The account balance suddenly became ten times higher than expected.” No wonder the account balance is incorrect, because Walter Meier ended up not in his account, but in Marta Meier’s (name changed) Postfinance account.

I was really shocked that something like this could happen.

“I was really shocked that something like this could happen,” Mayer says in SRF’s consumer magazine Espresso. Since he not only had insight into the account’s movements in the past four years, he also made payments from Marta Meier’s account.

Fatal error

Because he wants to know how something like this could happen, Walter Meyer reports to “Espresso”. Research shows that Marta Meyer is no longer able to take care of her finances due to health reasons. The position was taken by her son Marcus Mayer (name changed).

Nobody in customer service can help me.

Since he needs access to his mother’s account, he applies for the necessary access data at Postfinance. But this didn’t reach him for weeks. “I must have made 20 phone calls on this, but no one in customer service can help me,” Marcus Meyer says over the phone. In fact, the login data was sent a long time ago. But by mistake to Walter Mayer instead of Marcus Mayer.

Postfinance: “Such an error should not occur”.

At the request of “Espresso”, Postfinance explained the incorrect correspondence as follows: “Due to the mixing of unusually similar personal data, access rights were incorrectly assigned to an unauthorized third party.” Because: Walter and Marcus Mayer not only have the same last name, but they also have the same date of birth. It seems that someone at Postfinance only took these two criteria into account and ignored the different first names. Postfinance writes that such an error should not occur.

The probability is low that a similar error will occur again.

The wrong link was fixed after the account holder’s son was connected. The press office dismisses the fact that Postfinance has a client confidentiality issue with the bank. It is an isolated case. Further: “There is little chance of a similar error occurring again.”

The two sufferers, Walter and Marcus Mayer, have not been sedated. “It leaves marks on me, I no longer feel safe with Postfinance,” Walter Meyer says.