|
|
|
|
|
|
by jedbrown
4653 days ago
|
|
|
Ctrip.com, a Chinese travel site, does this for purchases with a non-Chinese card. I spent a lot of time on the phone explaining why requesting that customers email such information was inexcusable. I've encountered similar problems with badges for site visits at some companies and national labs (which have strict guidelines on PII, including numerous "training courses", but poor implementation and admin staff often overlook the requirements). |
|
|
They (IIRC) asked for a photo of an ID card with the name of the person on the credit card and a photo of something tying that name to the address provided.
Our drivers licenses have our addresses on them. Sent in a photo of a driver's license with all the other information obscured... So it was just the government's identifying marks, the name, address, and photo. The license number, height, weight, barcode, etc were all obscured. In retrospect, a nice big watermark that said "FOR NAMECHEAP ONLY" would have maybe been a good addition.
It was sufficient for them.
I saw no issues with it as far as a security measure. It wouldn't take much to find my name, picture, or address just digging around online - never mind with access to my email.