Community

Join the Community

21,469
Expert opinions
43,716
Total members
378
New members (last 30 days)
131
New opinions (last 30 days)
28,520
Total comments
Join Sign in

Cellphone Company doesn't understand Security basics

1 comment
Keith Appleyard
Keith Appleyard
IT Consultant
available for hire
Location
Bromley
Followers
1
Opinions
60
Unfollow

I had an interesting experience during the volcano disruptions which showed how Phone Companies aren't doing joined up thinking on Security.

I was stranded without phone access on my Blackberry. I emailed Virgin Media from my pre-registered e-mail account to ask them to give me international access for my location. Their response was that for my safety & security they couldn't accept a plain e-mail from me. They said I had to logon to the Virgin Media website and login to my BlackBerry account and e-mail them from therein.

Unfortunately I couldn't recall my password to access my Virgin Media account. So I asked them to e-mail me my Password.

They readily e-mailed me my Password in the clear, so it hadn't been stored hashed.

I then logged on, wasn't forced to do a password re-set, and I re-sent my original e-mail request, citing the same e-mail address. They then gave me the international access I needed so that I could make alternative arrangements with family & colleagues in the UK, as I was going to return to UK some 7 days behind schedule. In practice it took 4 days to arrange all of the above.

Given their refusal to accept my initial request from my pre-registered e-mail address, but their willingness to send out my password in the clear, rather than force me to do a password re-set, it would suggest they don't have too much joined-up thinking.

Sponsored

This content has been created by the Finextra editorial team with inputs from subject matter experts at the funding sponsor.

4658

Share

 
 
 
 
 

Channels

/security /regulation & compliance
 

Whatever...

A place to share stuff that isn't at all fintec related but is amusing, absurd or scary.

Join group

480 opinions 23 members

Comments: (1)

John Dring

John Dring Digital Services and mCommerce at Intel Network Services

I was about to assume that you were going to make a technical/picky point about security, but yep, it looks pretty dumb.  But wait.  Sending a password in the clear is pretty standard for such an account (a reminder might have been marginally better [if there was one].  Or if they didn't trust the integrity of the email sender then they could have generated a new password, which wouldn't expose a potential 'friendly' password and would allow you to set it back to one you prefer.

The obvious thing here, I would think, would have been for them to send you a text with the reminder/password!  Some encryption at least, and they are the phone company.

Keith Appleyard
Keith Appleyard
IT Consultant
available for hire
Member since
17 Aug 2007
Location
Bromley
Followers
1
Following
0
Opinions
60
Unfollow

Barclays On-line Banking deserves better error messages

RBS does have robust procedures

National Savings and Investments are rather too lethargic

RBS Internet Banking is not for the English

RBS don't seem to understand basic book-keeping rules

See all Opinions from Keith

More expert opinions

Nicole Pienkos

Nicole Pienkos Head of Regional Banking at FIS

Four Strategies to Grow Deposits

1

Sergio Barbosa

Sergio Barbosa CIO of Global Kinetic, and CEO of FutureBank. at Global Kinetic and FutureBank

Innovation doesn’t have to become collateral damage to FI legacy system budgets

Sergiy Fitsak

Sergiy Fitsak Managing Director, Fintech Expert at Softjourn

One Year Since the FedNow Launch: What You Should Know

Mete Feridun

Mete Feridun Chair at EMU Centre for Financial Regulation and Risk

What does the EC’s postponement of the FRTB mean for the industry?

See all opinions

External

This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

Join the Community

21,469
Expert opinions
43,716
Total members
378
New members (last 30 days)
131
New opinions (last 30 days)
28,520
Total comments
Join Sign in

Trending

Oleksandr Strozhemin

Oleksandr Strozhemin Co-founder and CEO at Trinetix

Top 3 Key Challenges of Accelerating Digital Dexterity

Elaine Mullan

Elaine Mullan Head of Marketing and Business Development at Corlytics

From bias to buy-in: the behavioural economics advantage in RegTech sales to financial institutions

Abhinav Paliwal

Abhinav Paliwal CEO at PayNet Systems- A Neo Banking Software Platform

What Are Digital Wallets? Exploring Their Rising Popularity

Donica Venter

Donica Venter Marketing coordinator at Traderoot

Why Bankers Need to Think Like Entrepreneurs

Now Hiring

All companies

Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.

Please read our Privacy Policy.

Accept