Blog article
See all stories »

Fraudsters Drive Convoluted Address Change Process

The other day I received a statement from a financial services company with whom I have a small amount of business.  Nothing unusual in that, other than the accompanying leaflet that set out a new process they were adopting to deal with address changes.

Back in the good old days, an address change could be accommodated by a trip to a bank branch, or a letter that would, by its very nature, include a signature that the institution could check against their records.  Not any more with this institution.  Now, they require not only a letter but also copies of a number of items that will verify the details, which include:  passport, driving licence, council tax bill, utility bills, and so on.  Additionally, because they do not want the originals, they require the copies to be verified by any one from a list that includes: lawyers, doctors, bankers, teachers, members of the armed forces, etc.

 My first reaction was irritation that we were getting to such a state where a simple letter, containing my signature, couldn’t be used as sanction to change my address.  But then of course some organisations either never collect a signature or don’t store one any more, so it isn’t surprising that they won’t use this method.  Then I got to thinking about the flaws in this process.  

 First, it would take time from my having moved house to get to the point where I had enough of the necessary documentation to copy and send.  For instance, how long does it take to get a passport or driving licence changed?  How long will it take to get a utility bill after having moved house?  In that elapsed time, the institution could well have already sent my statement to the wrong address, simply because I couldn’t gather the ‘evidence’ fast enough to request a change in my details.

 Second, how difficult is it, in this digital age, for a fraudster to mock up a utility bill or two anyway?  For that matter, because they would only need a copy, they could presumably frag up a passport too…

 Finally, I could get any Tom, Dick or Harry to verify the copies, as there’s no process to ensure that whoever verifies the documents is who they say they are.  What’s the point, therefore, in getting them verified by unverifiable people?

 It’s a measure of how deep fraudsters are now digging in order to relieve us of our money; so much so that I wonder where it will really all end.  Maybe we’ll have to call at a branch in future and take a lie detector test, or something, before we can change any static details.  Or, maybe we need to either go back to old-fashioned values and make these institutions collect and store signatures, or start using properly secure digital identification methods to effect changes like this.

 I guess some good old-fashioned stringent punishment of fraudsters wouldn’t go amiss either, when they are caught…

3057

Comments: (2)

Joe Pitcher
Joe Pitcher - Irrelevant - Wirral 12 November, 2008, 11:24Be the first to give this comment the thumbs up 0 likes

"maybe we need to either go back to old-fashioned values and make these institutions collect and store signatures, or start using properly secure digital identification methods to effect changes like this"

The second option sounds good to me. There are many ways this can be done, its is secure and it is convenient. Why post a letter or go to a branch if you can facilitate the change online or via a mobile etc?

A Finextra member
A Finextra member 12 November, 2008, 12:15Be the first to give this comment the thumbs up 0 likes

You are right there. The 'bring or generate more documents' approach to identity amplifies the risk and compounds the problem. So much personal data is out there already that we need an option to counter it and prevent new fraud. Perhaps we could sideline  'documentation' and make the whole process digital?

Biometrics is intrusive and most of all impractical if not probably immoral. People live longer than governments, and one thing you learn with age is that if it can be abused, it will be abused. It isn't necessary and there are other metrics which can better achieve the desired objectives.

Of course I agree with Joe and have an idea of how the whole address change thing might be more like - a minute twiddling my mobile, and all done. :)

Retired Member

Member since

19 Mar 2009

Location

Blog posts

5,254

Comments

5,722

This post is from a series of posts in the group:

Online Banking

This community is for discussion of developments in the e-banking world, including mobile banking. This can include all the functional, business, technical, marketing, web site design, security and other related topics of Internet Banking segment, including public websites of the banks and financial institutions across the globe.


See all