No you “think about”. He opened the account didn’t he. So he came in person, presented id and everything, and defined the security questions that he then correctly answered. He passed authentication and then they just… didn’t believe it. It’s a systemic failure.
I’ve had a specific bank account in the old country for 17 years, the last 15 spent outside of said country. I went there exactly once - to open the account. Since then I have used that account regularly including to buy, and later sell, an apartment and still didn’t have to go there.
your bank’s security leaves you exposed to attacks via social engineering.
Confirming someone’s identity over the phone is almost impossible to do these days. security questions are, if you’re not giving false answers (or just random strings, etc), then someone who knows your entire life is able to just bluff their way through them. For most people, that kind of social engineering is difficult (they fail more than they succeed). But for someone like the freakng Pope… yeah. No. That information is out there and it’s easily found.
it’s actually a huge problem that a lot of “older” institutions have yet to fully grapple with, but this is now one of the most common forms of identity theft. there’s ways of getting around it, but that’s not going to something the first-line CS rep is going to be able to do.
No you “think about”. He opened the account didn’t he. So he came in person, presented id and everything, and defined the security questions that he then correctly answered. He passed authentication and then they just… didn’t believe it. It’s a systemic failure. I’ve had a specific bank account in the old country for 17 years, the last 15 spent outside of said country. I went there exactly once - to open the account. Since then I have used that account regularly including to buy, and later sell, an apartment and still didn’t have to go there.
your bank’s security leaves you exposed to attacks via social engineering.
Confirming someone’s identity over the phone is almost impossible to do these days. security questions are, if you’re not giving false answers (or just random strings, etc), then someone who knows your entire life is able to just bluff their way through them. For most people, that kind of social engineering is difficult (they fail more than they succeed). But for someone like the freakng Pope… yeah. No. That information is out there and it’s easily found.
it’s actually a huge problem that a lot of “older” institutions have yet to fully grapple with, but this is now one of the most common forms of identity theft. there’s ways of getting around it, but that’s not going to something the first-line CS rep is going to be able to do.