As you’ve noticed, I haven’t been posting much lately. I’ve been trying to wrap up everything here in Bermuda before our big move back to Canada. My last day at the office is on Wednesday – also the day that the movers come – and then we fly out at noon on Friday. We’re both really excited and we’re looking forward to getting back.
Now a word about security. One of the things that we have to do is cancel our services, such as power, cable, Internet, and so on. What completely amazes me is how unsecure their process for doing this is. Take for example my broadband Internet connection. After giving up on calling in, as no one was picking up the phone, I decided to send an email into support asking how to go about canceling my account. Two days later I received an email stating that I could simply email in my name (ok), address (ok, that’s fine), account number (umm…alright), passport and credit card number (sure…wait….WHAT?).
I replied to the email asking why they needed my credit card number to cancel a service. The response, “It’s how we prove that you are who you say you are“. I was beside myself. I replied to the email stating that I would no send my credit card information in over the Internet as this was an Insecure method of doing so. I received a response back, that same day, providing me with an alternative:
“Dear Mr. Hay,
If you are unwilling to send us the required information to cancel your account you can scan the front and back of your credit card and passport and fax it in. Alternately, you can come in and cancel your services at our storefront location.”
“Unwilling?” At this point I decided to stop trying to teach security to this support representative and politely replied back stating that I would do this in person at the storefront location. The storefront location didn’t need my passport, nor did they need my credit card, to cancel my account.