Non-Irish banks and eir

I was on the phone earlier to the telecoms operator eir to change something related to do with my mobile phone contract, and for some reason they requested that I give them my payment details again.

I gave them my details – both the 16 digit number from my debit card and the IBAN for my account – but their system wouldn’t accept either. The problem? They’re for an account run by the German-based mobile bank N26.

eir don’t seem able to accept payment instructions over the phone from non-Irish banks. Instead their direct debit instructions indicate that you have fill in a paper-based mandate form and either post it or fax it (but not email – they don’t accept email) to their office in Clonakilty in Co. Cork.

The Single European Payment Area (SEPA) regulations that came in around 10 years ago are meant to allow customers to make cashless payment in Euros to anyone located in any of the Eurozone counties. So, you should be able to receive your salary into any Eurozone bank account, and may payments to any company around Europe using your IBAN.

It’s entirely possible for business to accept verbal instructions for SEPA direct debits over the telephone and electronically, but for some reason eir doesn’t support this.

To resolve the matter today my customer care agent suggested that I get a friend to volunteer the use of their Irish bank card to set up payment on my account, and then arrange to switch over to my German bank over the next few days.

I asked whether he could guarantee that my friend would not be inadvertently charged for my mobile service, and he said yes. I then asked, if that was the case, whether the agent himself would be willing to use his own personal bank card to set me up. Unsurprisingly, he wasn’t keen!

Password length for my eir

While many online portals are embracing two-factor authentication and other security best practice, our telecoms utility eir seems determined to stop us using good quality passwords.

As you can see from the screenshot below, the self-service portal my.eir.ie doesn’t allow users to set passwords longer than 10 characters.

The error message on screen also notifies anyone (including potential hackers) that all passwords for the system are between 6 and 10 characters – which would be a massive help to anyone attempting a brute-force attack on the site, as it would reduce the number of password combinations they need to try.

This is a shocking example of bad security by design, and is a carryover from the old Meteor self-service portal. Someone at some time in the past chose to limit password length, which forces people to use short insecure passwords.

In accordance with the 2011 European Union directive designed to protect your online privacy, I am required by law to check you consent to the use of cookies on this web site. Click on "Accept" to grant that consent. Click for more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close