As part of some research I was doing the other day I decided to check out my own State Pension entitlement. I logged on to the www.gov.uk website and then realised that I would have to set up a Gateway account if I wanted to access details of the pension I have built up to date.
I started going through the pages and was surprised to find that I was asked to provide details from my passport – specifically the passport number and expiry date. Now I’ve said many times here that you shouldn’t give out that sort of personal information online unless you are really sure of the people who are asking for it. So were HMRC really looking for these details or was it some sort of scam?
The first thing I did was check that I was actually on a secure website – remember you can do that by looking for a padlock next to the web address at the top of the page. I was reassured to find that is was secure, but not reassured enough to pass out personal details without further checks.
So I called HMRC to ask if they routinely asked for this information. The answer was yes, and that by asking for this they feel that are making the site more secure for me to use in future since I would not be allowed access to my pages when signing in unless I provided this information again. Was that good enough for me? I suppose so, given that I has checked that I was on a secure site and that the people who run the site were actually asking for the information.
I also know that I have up-to-date anti-virus and malware programmes on my computer so it is as safe as it can be. But if you are asked for this sort of information when you’re on websites you don’t know, and might not trust, then don’t give it out until you’re happy that it going to the right people and for the right reasons.