I too can verify your identity. All I need is your first name, last name, date of birth, and last four digits of your SSN. Which are all floating around the darknet in one of the dozens of large data breaches American companies have had over the years.
Should I be able to get your replacement credit card delivered to my home address with that?
> Both your and the parent's points are valid. Identity verification is a hard problem that the major legacy banks have a big problem with. Their processes are both extremely annoying and can fail and lock out the legitimate account owner (the reason many of you have had trouble replacing cards abroad is because "shipping to a previously known address" is itself a security measure) while at the same time being vulnerable to a targeted attack from someone with knowledge of how the process works.
Neither my primary bank nor my primary credit union support 2FA.
If you're conditioned to give your password to your bank over the phone, I can use those three piece of information, and will happily call you up, posing as a bank CS representative.
If you think you're smart enough to not fall for that, let's suppose for a moment that you may be right. But what about your 76-year-old grandmother? Is she going to consistently be able to make a determination between a legitimate, and a fraudulent bank CS representative who wants her to confirm her username and password? Or is she going to have an easier time in a world where you never, ever, ever, ever give another human being your password over the phone?
Do you want convenience, or security? Actually, the better question is, does your bank want convenience for you, or security for them? (Because they are ultimately on the hook for fraud)
>If you think you're smart enough to not fall for that
What? Seriously? There's nothing to fall for here.
You should never trust an inbound call. If your bank calls you, you take their information, immediately hang up, find the banks phone line and call that number back yourself.
'We have detected fraudulent activity, call us back with the number on the card.'
You hang up. They don't. You pick up the phone, and dial the number on the card.
Depending on how landline phone routing works in your area, you hanging up does not end the call. You picking up the phone again resumes the previous call, you dialing some numbers does nothing, the scammer makes some telephony noises, and goes ahead and resumes their conversation with you.
Nothing to fall for, eh?
Also, please keep in mind, we are apes. The logical centers of our brains turn off when your bank calls you to tell you that you are being robbed. Especially if your mind isn't as sharp as it used to be.
I literally do not know a single person with a landline, so I cannot say if that is remotely true or not. I'll take your word for it. But what I am 100% sure of is that you could make any telephony noises you like down my phone and you will not succeed getting access to my banking details.
You'd probably have better luck calling the bank and trying to persuade them.
The point isn't making the telephony noises, the point is that most people have no idea that in certain situations, hanging up the phone and dialing a new number does not actually dial a new number. It sounds like you didn't know about this, for instance.
And again, this isn't about you. Most of the time, you don't pay for fraud, the bank does. That means that your bank is incentevised to reduce fraud, at the expense of your convenience - because not all of their customers are as smart as you are.
Do you have a scam in mind that doesn't depend on a rampaging time machine forcing me back to the 1990s? I don't think I've used an analog land line for decades, and I definitely don't know anyone who has one now.
