May 11th, 2012

mbank.cz: insecure by default

So you want to get a debet card. It comes by email, with instructions, that you need to activate it over the web. So you do activate it. Then you realize that all limits are way too high... like $50000 per day for payments over the web. Oops. So you go to change it quickly. At this point, authorization SMS fails to come, so you can't. Nice.

What about having reasonable limits by default, dear mbank?