Please allow international (non-EU) phone numbers to be used. And actually apparently it specifically needs to be a phone number within my country of residency.
Currently I’m being prevented from that and Curve requires me to use SMS for:
- receiving 3DS codes
- receiving login codes
- sending/responding confirmations to support requests to the phone support number
This requires me to have a phone number I have readily access to, can respond to SMS internationally while roaming on foreign networks (can be quite costly/difficult to send SMS abroad).
I use a dedicated non-EU number for all my financial activities, which ensures it’s more secure and easily accessible worldwide during travels.
I imagine there must be at other customers that would like to use their non-EU numbers, or at least other EU numbers for Curve.
My most used traditional financial providers don’t restrict me in this way, but Curve does. Please revisit this.
When I make an online purchase, I could previously authorise it via a push notification to my iPhone. Curve will now let me authorise it only via SMS to my UK mobile number. I can’t always receive SMS on my UK mobile number, particularly while using non-UK SIM cards while travelling, and my UK mobile network doesn’t support eSIM. So I was considering changing my Curve registered phone number to my Google Voice US number, which I can always access via an app. From what you’ve said, I understand that I can’t do this.
Try, but precisely that is not supported and you won’t even be able to add a number from another EU country. It HAS to be one from your country of residency.
Really appalling how old-school banks are way more flexible in that regard.
Actually it worked. I have successfully changed my Curve registered mobile number to my Google Voice US number, which starts +1.
Two-factor authentication requires two of the following:
- Something you know (e.g. a password)
- Something you have (e.g. a card)
- Something you are (e.g. a fingerprint or face recognition)
Financial institutions intend SMS to be “something you have”, i.e. a SIM card. But many mobile network operators allow SMS messages to be read by logging into an app using a password. This makes SMS “something you know”. When SMS authentication is used in combination with entering a card number (also “something you know”), this is not two-factor authentication, but single-factor authentication.
On Android this doesn’t seem to be a problem (see screenshot below). @hind, could you please elaborate in which step you are not succeeding and/or the OS which you are using?
I see the same dialogue, unfortunately my repeated attempts have locked my ability to change the number myself, as I’m being told to contact customer support, due to too many changes.
Support is preventing me from setting a number outside of my country of residency, as that is not supported according to them.
@NFH congrats on the change. Hope it stays for you.
Locking down your Google account with 2FA or specifically the very strict Advanced Protection Program should give you pretty good security and prevent SIM jacking. You’d have your desired 2FA this way.
The 2FA is desired by Curve. But by using SMS, it is not achieving 2FA, only 1FA (only “something you know” and not “something you have”).