Hacker News new | ask | show | jobs
by tastysandwich 1092 days ago
One time I received a call from my mobile provider, offering me a free upgrade. I thought I was very smart and sophisticated, and rudely demanded information - "oh yeah? what's your name mr SCAM CALLER!" I also wanted a session ID so I could call back the official number and be reconnected. He was quite baffled and said "errr... we don't do that". I immediately felt like Kitboga - I'm onto you, scammer!!

Turned out it was legitimate and I just looked like a jackass. Got my free upgrade though.

While I didn't need to be so arrogant, I think companies should make it easier to prove their identity. When I call my bank, they ask for information like DOB etc to prove it's me. Fair enough. But it never works in reverse if they call me, like a push message via their app, or an ID number I can call back with. I feel a bit silly asking.
1 comments
RileyJames 1092 days ago
That’s how it works with my Australian bank. It verifies me via a push notification to my app. And vice versa, doesn’t that also validate they’re the bank?

Not that I have an option to request them to perform the validation. But they require that validation to continue the conversation now.

link
jannyfer 1092 days ago
You mean if someone calls you and tells you they are the bank, then you get push notification to your app, then you can validate that they are the bank, right?

That’s true if it’s done right, but it also sounds very similar to how people scam (call a victim, let them know they will receive a message from the bank, and ask them to read the verification code back to them)! It’s a little tricky.

link
RileyJames 1087 days ago
Actually they use it even if you call them. Rather than do the “name, dob, etc”, they send a push notification to the app and require you to accept it.

Which phone verifies you to continue the conversation.

And I guess you’re right. The receive sms and read out the code is similar. Tho this doesn’t have a code. It’s an in app push notification which you simply accept (or reject if not expecting it)

link
LilBytes 1092 days ago
That's cool, which banks that?

I've been looking at alternatives from ING recently.

link
RileyJames 1087 days ago
CommBank. From a tech perspective they’ve been pretty good. They had careless cash early on.
link