Amex personal docs over email

Please note this sub-forum does not provide professional finance advice. You should seek advice from a licensed financial advisor.

To post in this sub-forum you must have made 100 posts or have Trust status or have completed our ID Verification.

If investing please consider our affiliate link for new accounts: Sharesies.

Forums › Finance and wealth management › Amex personal docs over email

DarrenJ

147 posts

Master Geek
+1 received by user: 28

#303964 24-Mar-2023 09:49

I'm wondering if anyone can offer advice.

I'm applying for an Amex and I have to send in payslips and a copy of drivers licence. Their secure upload site just gives an error when I submit, so I gave them a call and they said email it or keep trying the website (2 days now I've been trying). They won't escalate it as a potential issue. I've tried multiple computers, browsers, file types, no go.

I expressed concern about personal info in the documents being sent over email and asked if they could sort the website. Pretty much they were "there is no problem" email or cancel your application (the guy must be waiting for his customer service course) and no ability to log as a potential issue. They kept saying email is 100% secure.

Keen for other people's thoughts on sending this stuff via email? Am I being too nervous?

Thanks

Darren

openmedia

3449 posts

Uber Geek
+1 received by user: 878

Trusted

#3053982 24-Mar-2023 10:01

Just had a similar issue with a finance company. They didn't provide a secure portal to provide bank statements etc, only email. Their only alternative as to use their webapp which proxies your login to your bank to collect statements - which is even worse from a security perpsective.

Generally known online as OpenMedia, now working for Red Hat APAC as a Technology Evangelist and Portfolio Architect. Still playing with MythTV and digital media on the side.

richms

29098 posts

Uber Geek
+1 received by user: 10208

Trusted

Lifetime subscriber

#3053990 24-Mar-2023 10:34

Really they are both just getting the document to them where they will sit on it for a while and then let it out to the world like latitude finance when they get breached.

Email can be secure over TLS but in both cases you have no idea what is happening to it once it hits their end, and you also have the added concern about it remaining in your sent items for if your mail account gets compromised.

Richard rich.ms

Handsomedan

7769 posts

Uber Geek
+1 received by user: 7402

ID Verified

Trusted

Subscriber

#3053991 24-Mar-2023 10:36

I'd use something like Winzip and zip/password protect the documents, email the docs, then call them and give them the password.

Under no circumstances should any financial institution be encouraging non-secure transmission of private data or potentially sensitive documents and information.

Personally, I'd be going somewhere else and telling them what they can do with their application process.

Handsome Dan Has Spoken.
Handsome Dan needs to stop adding three dots to every sentence...

Handsome Dan does not currently have a side hustle as the mascot for Yale

*Gladly accepting donations...

razor2000nz

229 posts

Master Geek
+1 received by user: 36

#3054066 24-Mar-2023 12:24

Just went throught his with Amex, upload site wouldnt work used email. Only had to provide 2 most recent pay slips. No drivers licence.

The first email we received (sent overnight) said we had to provide proof of income and ID as well as get them signed by a JP. Received a 2nd email later in the day saying proof of income only and nothing about getting them signed by a JP, so sent them off at 3.30pm, had approval 60mins later.

DarrenJ

147 posts

Master Geek
+1 received by user: 28

#3054068 24-Mar-2023 12:28

The DL was for my wife, they just needed her ID.

I may have to resort to email. On the up side, it's a fully recorded message with AMEX and I stated to them email is not 100% and the guy insisted it was. So if anything happens at least some onus is on them (I hope!)

bagheera

544 posts

Ultimate Geek
+1 received by user: 189

#3054102 24-Mar-2023 13:19

their faq say

What is the maximum file size allowed when uploading documents?
The maximum size for a single file is 10MB. The maximum size for a submission is 30MB. Larger files may take longer to upload depending on your connection.

What file types can be uploaded?
The file types that can be uploaded are BMP, GIF, JPEG, JPG, PDF, PNG and TIF.

do you meet these requirements?

https://online.americanexpress.com/docupload/us/en/landing.do?_flowId=authentication_US&_flowExecutionKey=e1s1

HP

Shop now for HP laptops and other devices (affiliate link).

DarrenJ

147 posts

Master Geek
+1 received by user: 28

#3054112 24-Mar-2023 13:35

Tried PDF's and JPG's. Tried shorting filenames, removing _ and - . No difference.

Total size is around 1Mb for 3 docs JPG, PDF is around couple of mb.

Also tried single files.

Edge, Chrome, 2 different PC's.

SirHumphreyAppleby

2938 posts

Uber Geek
+1 received by user: 1860

#3054121 24-Mar-2023 13:45

E-mail is not secure, unless you're using end-to-end encryption, which almost nobody supports. TLS may secure your e-mail in transit, but it has to be used at every step, intermediary storage is unencrypted, as is the final destination.

Of course, uploading via a Webpage isn't guaranteed to be secure either. They should generate a random (usually) AES key for every upload, encrypt the data using the random key and encrypt the random key using an RSA public key. That way, only someone in possession of the data, encrypted key (may be sent together) and the private key can decrypt the file. Given these recent breaches, I'd bet most just stick the file in storage (cloud storage!) and call it a day, instead of limiting access to only those who need it, for the purpose which it was acquired. Most of it should have been deleted and never stored.