not receiving verification codes + urgently need to access account

Discussion
1

I’m currently in Ireland (on my UK/GiffGaff number) and trying to log into the Revolut app, which I just re-installed on my phone.

verification codes are not coming through, despite roaming being turned on, there being full coverage and there being no issues on giffgaff’s end.

commute regularly between Ireland and UK and Revolut has always worked perfectly (incl. receipt of verification codes).

urgently need to access account to transfer money to a UK account.

can anyone help?

thanks in advancve

2

have you tried to tap “I don’t have SMS”, then choose either “phone call” or “live chat”

3

Hi there. Please let me know if you need help. :slight_smile:

4

Hi,
I am new here. My son has wiped my phone. I am in Canada, moved from the UK. Can’t open my révolut again

5

I am having the same issue, the only way i appear to be able to verify my identity is via email, but i am not receiving these. Please can someone at Revolut help!

6

Hi all,

because of my user level i currently cannot open new topics. So i need to respond on this topic to create a bug report:

There is a big issue regarding verification codes by email! Currently not every Revolut customer can receive verification codes by e-mail because of misconfiguration of Revolut DNS settings. I already contacted the customer support but they are unable to forward to IT department and think its client side problem. But thats totally wrong.

Lots of e-mail provider are using SPF (Sender Policy Framework) to verify sender Domain and prevent phishing attacks by faking domain.

If SPF is used on client side then the receiving mail server is checking the TXT-DNS record of the sender-domain. In case of Revolut its the following settings:

"v=spf1 include:_spf.google.com include:mail.zendesk.com include:_spf.atlassian.net include:docebosaas.com include:_spf.salesforce.com ~all"

This setting includes a list of IP-Addresses (e.g. references to IP-Lists) which mailserver are allowed to send e-mails under the @revolut.com Domain.

The different departments/services from Revolut are using different mailserver. For this reason not all communication is affected. Currently i could only see the problem for verification e-mails - but they are for sure very important for login process. The IP address of the server sending verification e-mails is missing in this list. So emails to mailserver who are using SPF security are refusing this emails because sender IP is not allowed to use @revolut.com domain:

grafik
grafik1866×109 37.7 KB

In this sample the IP is 192.174.91.95.
Owner of this IP-block is Sparkpost. So Revolut is using Sparkpost for sending verification e-mails. But they forgot to add Sparkpost to DNS TXT entry.

Revolut: Please add this to SPF TXT record

include:_spf.eu.sparkpostmail.com

Its explained in detail here:

Thanks! Hope somebody from IT department read this topic.

7

Revolut.com sets ~all not -all. Maybe your server should not reject on Softfail.

8

I don’t think accepting softfail would be a good solution and will only cause much more spam and phishing. Especially a bank shouldn’t set softfail-option (which was integrated in SPF for testing purposes) to prevent @revolut.com phishing emails. Its not hard to configure SPF correctly !!

There are also lots of big e-mail provider who handle same way softfail SPF as fail. Other options wouldn’t really make really sense - providing a list of allowed IPs but also allow any other IP makes no sense for me.

And even systems who allow softfail would normally classify such kind of incoming e-mail as spam because of bad reputation.