Lol it’s funny the bank didn’t have a little note in their system saying that particular customer is actually the pope. They don’t have anything to flag VIPs?
It’s because he’s a VIP that they wanted him in person.
Think about.
How do you know that he’s really the pope? It’s a phone call. Maybe he has 28 character long randomized strings for secret questions, but maybe it’s actually his family’s dog’s name. The family dog he uses in a favorite homilies that everyone has heard before, and knows the name of.
Most of Pope Leo’s life is probably among the most researchable in the world right now. Most of the kinds of questions people answer is actually public info if you know where to look.
The answer is you don’t. At least not on the first call in.
Chances are it’s going to get escalated and a more senior team is going to get involved that can verify things and get it done.
But the bank CS rep was in fact protecting him, not screwing him over.
No you “think about”. He opened the account didn’t he. So he came in person, presented id and everything, and defined the security questions that he then correctly answered. He passed authentication and then they just… didn’t believe it. It’s a systemic failure. I’ve had a specific bank account in the old country for 17 years, the last 15 spent outside of said country. I went there exactly once - to open the account. Since then I have used that account regularly including to buy, and later sell, an apartment and still didn’t have to go there.
your bank’s security leaves you exposed to attacks via social engineering.
Confirming someone’s identity over the phone is almost impossible to do these days. security questions are, if you’re not giving false answers (or just random strings, etc), then someone who knows your entire life is able to just bluff their way through them. For most people, that kind of social engineering is difficult (they fail more than they succeed). But for someone like the freakng Pope… yeah. No. That information is out there and it’s easily found.
it’s actually a huge problem that a lot of “older” institutions have yet to fully grapple with, but this is now one of the most common forms of identity theft. there’s ways of getting around it, but that’s not going to something the first-line CS rep is going to be able to do.
Stuff like canceling XVIII’s mail.
I don’t see why this is mildly infuriating. Seems like given the situation it would be expected.
