Lidl Pay wants to log into your banking

To register an EC card for Lidl-Pay,
they require you to give them your bank, bank-id and password.

I regard that as phishing and will never give those to them.
I complained at Lidl, but they only told me it were common business practice.
I beg to disagree, unless we are talking about scammer business models.

So after a year of free charging at Lidl, I will not be able to pay for that service.

Can you imagine how strong my motivation to buy in their stores rose?

What is Lidl-Pay and what has it to do with Arduino?

Shouldn't this be in Bar Sport?

Where do you see that in

Feel free to talk about anything and everything in this board.

?

But I'm fine with Bar/Sports, besides being a quite serious matter.

And Lidl-Pay is an app based pay service.

What is an 'EC' card?

Clearly you NEVER EVER EVER give your password!

They are idiots. Unless, you are not actually talking to Lidl, but some scammer pretending to be Lidl.

This is fine, as it says:

Feel free to talk about anything and everything in this board.

EC cards are standard debit cards.

I was talking to the Lidl customer complaint service, via mail.

Google translate

Hello Mr ,

Thank you for your message.

It is very important to us to be able to offer our customers a safe and fast payment method with Lidl Pay. Therefore, in order to secure the payment process, the customer data must be verified during registration.

For this purpose, we use standard test methods and service providers. One of these test procedures is the verification of the account data you have provided by logging into your online banking.
This procedure can be used to determine whether the person who wants to deposit a bank account in Lidl Pay actually has access and thus control over this account.

The verification process is encrypted, which means your personal information is safe.

Further information on our test procedures and the service providers used can be found in our data protection information and conditions of participation.

See you soon in your Lidl branch!

Looks like Lidl was taken over by scammers.

1 Like

I agree and will avoid Lidl Pay and/or banking.

In the UK we have a saying "I would not touch them with a barge pole". I think you will understand the meaning.

Bunch of crooks if you ask me!

1 Like

I will talk to my bank about that matter tomorrow, I had this experience yesterday.

This is absolute BS, and should be forbidden.

Even if Lidl have no nefarious intent they are teaching people that it's OK to give your bank details to 3rd parties.

Correct, in addition my bank warns explicitly about that in their phishing advices.

If they want you to confirm you have control of the account then the way to do it is to ask you to make a payment to them, even if it's only 1 penny / cent / whatever the minimum is for your currency.

This sounds completly crazy, so when (and not if) Lidl is hacked access to your bank account is open to anyone on the Internet ?

I was once asked by Santander, when questioning something, that since I had not used the online banking I needed to provide my PIN to verify my identity, I was surprised that they were surprised when of course I refused.

(I worked in IT security and would not use online banking)

Exactly !

I think it is crazy.

Looks like Lidl Plus is an android/iphone app, I would file a complaint to the app stores about this type of requirement. I can't imagine Google or Apple wanting to allow an app that requests your bank login data.

Good idea.

Too bad, there is no easy way to do that.

Only if you don't know how.
I reported the App as malicious.

Lidl Pay has also had a controversial history and you are not alone with your concerns: [German] Nach Betrugsfällen: Lidl sichert Anmeldung für Lidl Pay ab – und sorgt für neue Irritation - Supermarktblog

So it seems, it's not really illegal, I'm shocked.