Hacker News new | ask | show | jobs
by chuckdotis 1657 days ago
I got this message last night. I started the process to reissue the cards, but I was immediately asked to provide my social security number. Privacy.com already has my bank account number and routing details, but TBH I'm not super comfortable providing even more personal info such as my SSN. Privacy.com has been an amazing service, and although I'll likely cave to their request for my SSN, I'm not all that happy about it.
4 comments
regulatorynerd 1657 days ago
Hi -- I'm the head of legal and compliance for Privacy.com. Unfortunately this is a bank partner requirement, otherwise we wouldn't ask.

We do take customer privacy and security very seriously, and have worked hard to have similar data security safeguards as larger companies like Square and Stripe (both places I've worked, so I would know!). You can read more about some of our security practices here. https://privacy.com/security

link
chuckdotis 1657 days ago
Hey, thanks for the response! Does this apply to both the linking of a bank account (ie account number w/ routing number) and linking a debit card?

Thanks for responding to these questions. Very much appreciated.

link
regulatorynerd 1657 days ago
Yes, it should be funding source agnostic. Anyone moving to the new card types will be prompted to provide their SSN.
link
danr4 1656 days ago
What if i'm not a US citizen? don't have a SSN...
link
leephillips 1656 days ago
“Unfortunately we cannot support international bank accounts or non-US users at this time.”

https://privacy.com/virtual-card

link
danr4 1656 days ago
But I already have a Privacy account... with many cards... am I just completely screwed?
link
llaolleh 1657 days ago
It's a little ironic that privacy.com is asking for your SSN lol.
link
toomuchtodo 1656 days ago
Privacy.com is to firewall you from service providers, not the government. There is no way around KYC/AML if you’re operating legally.
link
nucleardog 1656 days ago
I’m not American. I opened a U.S. bank account with a major U.S. bank (I.e., presumed to be operating legally) without a SSN or US address. I have no other US identification or number.

There is no way around know your customer, but that doesn’t mean “requires SSN”. That’s just the easiest path from point A to point B and most businesses don’t care to support anything else.

link
tuankiet65 1656 days ago
I'm also not American and I was able to open a US bank account without a SSN, however they instead put in a dummy SSN of 300-00-0000. I suppose your bank might have also given you a dummy number like that.
link
toomuchtodo 1656 days ago
I wouldn't say it's the easiest path, but a critical path. A social security number is usually required to provide identity resolution confidence (name, birth date, and address are insufficient). Don't take my word for it, that's straight from the Internal Revenue Service's Privacy Impact Assessment for it's ID.me identity proofing partner [1].

[1] https://www.irs.gov/pub/irs-pia/id-me-pia.pdf (Pages 2-3)

link
chuckdotis 1657 days ago
Yeah, a bit. Despite that, I still perceive them as a good barrier (and defense) between my personal financial account and random online businesses whom I would very much like to not provide any personal info whatsoever. An example is wanting to buy a LOSSLESS album from Bandcamp, I can use Privacy and I don't even need to give the musician or Bandcamp my real name or actual financial details.
link
skinnymuch 1655 days ago
I was under the assumption you never need to give your real name when using a debit or credit card. Zip code and the number of the address like 7 for "7 Main St" are required usually.
link
aaomidi 1657 days ago
If it makes you feel better, your SSN is dumped into thousands of leaks already, most likely.
link
chuckdotis 1657 days ago
> If it makes you feel better, your SSN is dumped into thousands of leaks already, most likely.

Actually, this reminder does make me feel slightly better about giving my SSN to Privacy.com.

link
aaomidi 1656 days ago
Yeah at this point I assume my SSN is more of a UID username that isn't just fully-public, but I need to monitor credit and be pro-active about it, rather than some secret value.
link
chaikasumu 1657 days ago
Maybe it's because you have your funding source as your bank account, but I was never asked to provide my SSN with a debit card funding source.
link
chuckdotis 1657 days ago
> Maybe it's because you have your funding source as your bank account I originally had it tied to a debit card, but for some reason Privacy.com forced me to provide a bank account about a year after I started it. I asked support why and they couldn't give me a good answer other than my credit union is no longer supported (though I think the agent I spoke with was blowing smoke and it might have had something to do with my always-on VPN).

Have you been asked to provide an SSN with the latest change?

link