Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsICT Policies and RegulationRetailer demands personal information before issuing a refund. How much is too much?
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 
antonknee
1133 posts

Uber Geek
+1 received by user: 1145


  #2537175 9-Aug-2020 17:14
Send private message

SirHumphreyAppleby:

 

Why should I give a random Customer Service person at a retailer information that potentially puts my financial interests at risk? Posts in this thread haven't exactly painted a favourable picture of retail staff, citing them as one of the main perpetrators of refund fraud.

 

I obviously haven't filled out my date of birth on my Warehouse account, but with a full name, date of birth, phone number, address and account number, they'd have most of the information required to verify my identity with the bank. Default bank passwords used to be your mother's maiden name, so with a quick trip to a major library to look up birth records, there's a good chance you could check that off the list as well.

 

 

But they didn't ask you for that, they just asked for your name..... 



SirHumphreyAppleby

2942 posts

Uber Geek
+1 received by user: 1863


  #2537226 9-Aug-2020 18:10
Send private message

antonknee:

 

But they didn't ask you for that, they just asked for your name..... 

 

 

Sorry, I realise that paragraph wasn't clear. The date of birth is optional information they request. All the details in combination could give someone sufficient information to access personal financial details from other organisations that weren't thorough with their checks. This is particularly true if people are willing to go a little further and steal mail, which would also give the such details as account numbers and credit limits, both of which serve as additional evidence of identity.

 

Keep in mind this thread was posed as a series of questions, in the ICT Policies and Regulations forum. If organisations are allowed to make demands for information they don't need, how much is too much? Clearly, there are differing views on what people consider appropriate, and I am genuinely interested in knowing where other people would draw the line.

BlakJak
1330 posts

Uber Geek
+1 received by user: 735

Trusted

  #2537228 9-Aug-2020 18:16
Send private message

Your name is pretty basic. Knowledge of your name is not going to exposure you to much of anything.

 

Refusing to give it out to a business with whom you are doing legitimate business, is heading toward pointless paranoia.

 

In your scenario i'd question the need for an address (possibly required), a date of both (not required) or any other personal information. But your name? Sheesh.

 

If you suspect an org or an employee at an org is going to use information you provide to commit identity theft, you shouldn't be doing business with them (and you wear the consequence of that).  One can't assume the worst of everyone one deals with




No signature to see here, move along...



SirHumphreyAppleby

2942 posts

Uber Geek
+1 received by user: 1863


  #2541257 14-Aug-2020 18:57
Send private message

This issue has been resolved. It turns out they didn't want my full name at all. Attempts to clarify the actual information they needed kept being bounced back to the same customer service person, destined to repeat the demand ad infinitum.

 

As for paranoia, I have no significant objection to giving people my first name and surname, it's my full name I refuse to disclose. I called the bank on Monday and was asked two security questions, the first of which was my full name; the very information I refuse to hand over indiscriminately. The second security question was a card number of my choice; another piece of information that a retailer would necessarily be provided. With just that information, I was able to converse with bank staff regarding transactions on my account.

 

Technically, my phone number was the third piece of information they matched, but it's trivial to present an outbound caller ID matching any number and my bank makes it easy to find which numbers are linked to accounts by telling the caller they've recognised the number. I actually called from my my landline, where I  present my cellphone number for caller ID. And in case anyone is wondering, that is legal and there are valid reasons to do it. It's not just scammers who do that.

1 | 2 | 3 
View this topic in a long page with up to 500 replies per page Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright