To register an EC card for Lidl-Pay,
they require you to give them your bank, bank-id and password.
I regard that as phishing and will never give those to them.
I complained at Lidl, but they only told me it were common business practice.
I beg to disagree, unless we are talking about scammer business models.
So after a year of free charging at Lidl, I will not be able to pay for that service.
Can you imagine how strong my motivation to buy in their stores rose?
It is very important to us to be able to offer our customers a safe and fast payment method with Lidl Pay. Therefore, in order to secure the payment process, the customer data must be verified during registration.
For this purpose, we use standard test methods and service providers. One of these test procedures is the verification of the account data you have provided by logging into your online banking.
This procedure can be used to determine whether the person who wants to deposit a bank account in Lidl Pay actually has access and thus control over this account.
The verification process is encrypted, which means your personal information is safe.
Further information on our test procedures and the service providers used can be found in our data protection information and conditions of participation.
If they want you to confirm you have control of the account then the way to do it is to ask you to make a payment to them, even if it's only 1 penny / cent / whatever the minimum is for your currency.
This sounds completly crazy, so when (and not if) Lidl is hacked access to your bank account is open to anyone on the Internet ?
I was once asked by Santander, when questioning something, that since I had not used the online banking I needed to provide my PIN to verify my identity, I was surprised that they were surprised when of course I refused.
(I worked in IT security and would not use online banking)
Looks like Lidl Plus is an android/iphone app, I would file a complaint to the app stores about this type of requirement. I can't imagine Google or Apple wanting to allow an app that requests your bank login data.