|
|
|
|
|
|
by scbrg
38 days ago
|
|
|
Alright. I didn't know that. "Just call them" did not sound like it included any kind of authentication procedure. But giving birthdate (available to anyone via a single query in a public database) and (sometimes?! - what?!) PIN over the phone wouldn't really be considered good enough here. Birthdate is, as I said, public knowledge. And a phone is too insecure a medium for transmitting a password. I'm not super interested in an long argument about whether it's reasonable that this isn't considered secure or not. I'm just letting you know what reality looks like. And the reality is that "just call them" is not a solution, because such information will simply not be handed out over the phone. |
|
|
It already is a solution, and has been in widespread use for many decades. I don't think it's going anywhere.