[hopscotch]

Why are banks liquidating such huge assets without proper ID or delay?

I guess people can't remember secrets, so you have to use something as a root of trust for password resets and so on.

Would be good if the banks realised that the available roots are all dubious and so they should require authentication on several for suspicious transactions.

Phone numbers aren't secure. Post isn't secure. Email isn't secure (and can often be rooted with the phone number---thanks shitty 2fa). Credit cards can be stolen.

But it's hard to get the phone number and the postal address and the physical debit card and the email all at once.

[skellera]

As someone mentioned elsewhere, the article left out a huge part. It was in cryptocurrency. A normal bank would never let that much money move out like that.

[perl4ever]

"Why are banks liquidating such huge assets without proper ID or delay?"

I don't think real banks/brokers allow you to liquidate and transfer stuff that easily. They're going to limit you to something like $100K in ACH transfers, and transferring your entire account needs a notary or signature guarantee or something like that, I think.

[dragonwriter]

> But it's hard to get the phone number and the postal address and the physical debit card and the email all at once.

Not much harder than getting the physical card plus, maybe, one of the other three. All the rest can frequently be traced from any one of the three, and sometimes the card, via the name on the card,is enough to find the rest.

[hopscotch]

I meant control of the postal address, which is quite hard. A little harder than access to the physical debit card.

Same for email and phone. Gaining control of the account.

[Nextgrid]

Cards can be stolen, but card + PIN is usually good enough (even better when combined with other factors like email or phone number).

They should give out smart card readers or EMV-CAP readers (stand-alone devices which generate an OTP after inserting a credit card and entering its PIN).