Community

Join the Community

22,956
Expert opinions
43,821
Total members
471
New members (last 30 days)
203
New opinions (last 30 days)
28,972
Total comments
Join Sign in

Cellphone Company doesn't understand Security basics

  0 1 comment
Keith Appleyard
Keith Appleyard
IT Consultant
available for hire
Location
Bromley
Followers
2
Opinions
60
Unfollow

I had an interesting experience during the volcano disruptions which showed how Phone Companies aren't doing joined up thinking on Security.

I was stranded without phone access on my Blackberry. I emailed Virgin Media from my pre-registered e-mail account to ask them to give me international access for my location. Their response was that for my safety & security they couldn't accept a plain e-mail from me. They said I had to logon to the Virgin Media website and login to my BlackBerry account and e-mail them from therein.

Unfortunately I couldn't recall my password to access my Virgin Media account. So I asked them to e-mail me my Password.

They readily e-mailed me my Password in the clear, so it hadn't been stored hashed.

I then logged on, wasn't forced to do a password re-set, and I re-sent my original e-mail request, citing the same e-mail address. They then gave me the international access I needed so that I could make alternative arrangements with family & colleagues in the UK, as I was going to return to UK some 7 days behind schedule. In practice it took 4 days to arrange all of the above.

Given their refusal to accept my initial request from my pre-registered e-mail address, but their willingness to send out my password in the clear, rather than force me to do a password re-set, it would suggest they don't have too much joined-up thinking.

External

This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

4709
 

Share

 
 
 
 
 

Channels

/security /regulation & compliance
 

Whatever...

A place to share stuff that isn't at all fintec related but is amusing, absurd or scary.

Join group

480 opinions 23 members

Comments: (1)

John Dring

John Dring Digital Services and mCommerce at Intel Network Services

I was about to assume that you were going to make a technical/picky point about security, but yep, it looks pretty dumb.  But wait.  Sending a password in the clear is pretty standard for such an account (a reminder might have been marginally better [if there was one].  Or if they didn't trust the integrity of the email sender then they could have generated a new password, which wouldn't expose a potential 'friendly' password and would allow you to set it back to one you prefer.

The obvious thing here, I would think, would have been for them to send you a text with the reminder/password!  Some encryption at least, and they are the phone company.

Keith Appleyard
Keith Appleyard
IT Consultant
available for hire
Member since
17 Aug 2007
Location
Bromley
Followers
2
Following
0
Opinions
60
Unfollow

Barclays On-line Banking deserves better error messages

RBS does have robust procedures

National Savings and Investments are rather too lethargic

RBS Internet Banking is not for the English

RBS don't seem to understand basic book-keeping rules

See all Opinions from Keith

More expert opinions

Elaine Mullan

Elaine Mullan Head of Marketing and Business Development at Corlytics

RegTech’s carrot and stick dilemma and what really makes financial firms jump?

Eugenia Mykuliak

Eugenia Mykuliak Founder & Executive Director at B2PRIME Group

Change vs. Run: How to Structure Operations for Growth and Stability

Dmytro Spilka

Dmytro Spilka Director and Founder at Solvid, Coinprompter

Which Type of ISA Is More Resilient During a Recession?

Hugo Chamberlain

Hugo Chamberlain Chief Commercial Officer at smartKYC

The Challenges of Name Redaction in Adverse Media Screening: Balancing Privacy and Public Interest

See all opinions

External

This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

Join the Community

22,956
Expert opinions
43,821
Total members
471
New members (last 30 days)
203
New opinions (last 30 days)
28,972
Total comments
Join Sign in

Trending

Jamel Derdour

Jamel Derdour CMO at Transact365 - www.transact365.io

From Cash to Clicks: The Digital Transformation of Payments in South Africa

Alex Kreger

Alex Kreger Founder & CEO at UXDA

13 Iconic Innovations to Future-Proof Your Digital Banking Service

Naina Rajgopalan

Naina Rajgopalan Content Head at Freo

Striking the Balance: Navigating E-commerce Trends in the Financial Sector

Naina Rajgopalan

Naina Rajgopalan Content Head at Freo

The Future of Payments: Integrating AI for Seamless Transactions

Now Hiring

All companies

Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.

Please read our Privacy Policy.

Accept