It got even worse. A spokesman from UK Payments assured the host, Paul Lewis, that the banks’ services are secure because they ask you to choose from a list of dates of birth, and “only your bank would have that information about you”. Someone needs to tell UK Payments that dates of birth aren’t secret – they’re matters of public record. What’s more, if your date of birth ends up in the hands of an identity thief, you can’t change it, making it completely unsuited as a means of authenticating oneself to a bank. Our passwords shouldn’t be issued to us at birth, one to a customer, without any means of changing them.