Secure PIN
-
Received my new Optum HSA debit card. Called to activate it. Told the security code is in the signature block. (It is well below the signature block, not in the signature block.)
Was informed that the PIN is the last four digits of my card number. No options given to change it.
-
@jinpa said in Secure PIN:
Received my new Optum HSA debit card. Called to activate it. Told the security code is in the signature block. (It is well below the signature block, not in the signature block.)
Was informed that the PIN is the last four digits of my card number. No options given to change it.
So... what will it be? Class action lawsuit, or a government regulatory agency slam?
-
@Kamil-Podlesak It's more ironic than a serious problem. Having a PIN that's essentially public is not much better than not having a PIN at all. But not having a PIN for an HSA card is meh, at least in some cases. You can generally only use them in medically-related establishments (pharmacies, doctor's offices) anyway, so there's usually a trail if someone stole one and used it.
-
@jinpa said in Secure PIN:
@Kamil-Podlesak It's more ironic than a serious problem. Having a PIN that's essentially public is not much better than not having a PIN at all. But not having a PIN for an HSA card is meh, at least in some cases. You can generally only use them in medically-related establishments (pharmacies, doctor's offices) anyway, so there's usually a trail if someone stole one and used it.
Are they only for paying, or also for some self-service machines (like ATMs quite often are today)? Because that could leak personal and medical data. Which, AFAIK is actually even bigger deal than leaking money.
-
@Kamil-Podlesak
They are only for paying.If for some reason the transaction doesn't work, it just displays a generic error message."You can use your HSA card at an ATM to reimburse yourself for eligible expenses paid out-of-pocket. (A transaction fee may apply. See your HSA Bank Fee and Interest Rate Schedule.)"
Now, I can't guarantee that this card can be used at an ATM, but I bet it can be. So your comment is correct.
-
@jinpa said in Secure PIN:
If for some reason the transaction doesn't work, it just displays a generic error message.
Ah, so not unlike the rest of the industry these days.
-
@jinpa said in Secure PIN:
Received my new Optum HSA debit card. Called to activate it. Told the security code is in the signature block. (It is well below the signature block, not in the signature block.)
Was informed that the PIN is the last four digits of my card number. No options given to change it.
My HSA card has a pin
<looks/>that I set. But when I use it at the pharmacy and am prompted for the pin, I just hit 'enter'. It always goes through. Thank you Bank of America...
-
@jinpa said in Secure PIN:
But not having a PIN for an HSA card is meh, at least in some cases. You can generally only use them in medically-related establishments (pharmacies, doctor's offices) anyway, so there's usually a trail if someone stole one and used it.
HSAs are different from other medical reimbursement plans. The main differences are that it's your money, and tax reporting is up to you.
I work for a company that manages a lot of different reimbursement plans. If we give you a card for your FSA plan, then you either have to send us evidence that the purchase was within the rules of the plan, or we nag you for the money back (or as a last resort, short you on your next reimbursement).
For HSA plans, we are out of the picture. It's up to the account owner to keep records and to prove to the IRS that the expenses were valid if it comes to that. No one else is responsible... therefore no one else cares. Blocking a participant's card would only serve to irritate them without reducing our risk.
-
@Jaime said in Secure PIN:
HSAs are different from other medical reimbursement plans.
I didn't actually realize that - explains why it's so much easier to use that card... (I figured each company just had different criteria)
