Security Basics mailing list archives
Re: How to authentificate an user via telephon?
From: Brad Arlt <arlt () cpsc ucalgary ca>
Date: Wed, 4 Dec 2002 14:21:03 -0700
On Wed, Dec 04, 2002 at 11:05:22PM +0500, Muhammad Naseer Bhatti wrote:
What my credit card company has done, when you call their help/support desk for any assistance, they first authenticate you. They do it by letting you enter your secret pincode into the system. The computer authenticates the code and thus you are authenticated. Then the operator manually fulfills your request. I think this may work out for you as well.
This jogs my memory, one of my credit card companies verifies the correct person got the card by having you phone from the phone number you specified on your application. They do this for other things as well (not cancelling the card, thankfully), such as inquiring about billing information. Depending on the silliness of the phone numbers placed on your application forms (or whatever you want to call them), maybe mother maden name and they are calling from the "correct" phone number. This would prevent the need for call backs to verify identity. You could even tie in the phone number with customer records such that they appear automatically when the phone rings. But that is beyond the scope of this thread :) ----------------------------------------------------------------------- __o Bradley Arlt Security Team Lead _ \<_ arlt () cpsc ucalgary ca University Of Calgary (_)/(_) I should be biking right now. Computer Science
Current thread:
- How to authentificate an user via telephon? Robert Sieber (Dec 04)
- Re: How to authentificate an user via telephon? Matthew McCleary (Dec 04)
- Re: How to authentificate an user via telephon? kawaii (Dec 04)
- RE: How to authentificate an user via telephon? securityfocus (Dec 04)
- Re: How to authentificate an user via telephon? Brad Arlt (Dec 04)
- Re: How to authentificate an user via telephon? Muhammad Naseer Bhatti (Dec 05)
- Re: How to authentificate an user via telephon? Brad Arlt (Dec 05)
- Re: How to authentificate an user via telephon? Muhammad Naseer Bhatti (Dec 05)
- Re: How to authentificate an user via telephon? Gene Barlow (Dec 05)
- Re: How to authentificate an user via telephon? Valter Santos (Dec 05)
- Re: How to authentificate an user via telephon? Gene (Dec 06)
- Re: How to authentificate an user via telephon? Valter Santos (Dec 05)
- RE: How to authentificate an user via telephon? Burton M. Strauss III (Dec 05)
- Re: How to authentificate an user via telephon? James W. Meritt (Dec 05)
- Re: How to authentificate an user via telephon? Marc Cuypers (Dec 05)
- Re: How to authentificate an user via telephon? J . Reilink (Dec 05)
- Re: How to authentificate an user via telephon? Richard Caley (Dec 05)
- Message not available
- Re: Switch and Hub Testing Project Julian Young (Dec 09)
- <Possible follow-ups>
- RE: How to authentificate an user via telephon? Bent.Mathiesen (Dec 04)