Printed from www.pcpro.co.uk
Posted on October 15th, 2008 by Barry Collins
WHSmith’s strange idea of security
I’ve been attempting to buy an Ebook reader from WHSmith over the past couple of days… with “attempting” being the operative word.
The WHSmith website sensibly allows you to enter a delivery and billing address for your goods, and so I opted to have the reader sent here to PC Pro Towers. The website took my order, the confirmation email duly arrived, and all was well and good.
Until a day after I placed the order, I received an email saying:
“Unfortunately we have been unable to obtain name and address verification from the card issuer for this transaction. As such I would appreciate your assistance by faxing to us a copy of your bank statement. (Please note that we do not need to see your current balance).”
Excuse me? You want me to fax a copy of my bank statement – with account numbers, sort codes and all manner of other personal details – so that it can lie about on a printout at WHSmith HQ? And this is your idea of security?
Natrually, I picked up the phone to protest. ”If you’re worried about the fax, sir, you can always attach it to an email,” the nice lady reassured me, as my jaw walloped into the desk. “And what about all those personal details being sent in an insecure email attachment?” I enquired.
“Oh, you can blank out the personal details. We just need to see your name and address.”
“So, just so that I’ve got this straight – you want me to send you a copy of a piece of paper with just my name and address on it to verify I am who I say I am?”
“Yes, sir.”
Order. Cancelled.
3 Responses to “ WHSmith’s strange idea of security ”
Leave a Reply
Authors
- Barry Collins
- Chris Brennan
- Christine Horton
- Darien Graham-Smith
- Dave Stevenson
- Davey Winder
- David Bayon
- David Fearon
- Ewen Rankin
- Ian Devlin
- Jon Honeyball
- Jonathan Bray
- Kevin Partner
- Mike Jennings
- Nicole Kobie
- Sasha Muller
- Steve Cassidy
- Stewart Mitchell
- Stuart Turton
- Tim Danton
- Tom Arah
Categories
- About the bloggers
- Android App of the Week
- cloud computing
- Green
- Hardware
- How To
- iPhone App of the Week
- Just in
- Microsoft Office 2010
- Newsdesk
- Online business
- Random
- Rant
- Real World Computing
- Software
- View from the Labs
- Windows 7
- Windows 8
Archives
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
advertisement
October 15th, 2008 at 3:19 pm
I wonder if WHSmith also provide secutiry consultancy services to government officials?
October 15th, 2008 at 3:44 pm
So they want your personal details but are happy for you to blank them out. Do they not count name and address as personal details.
October 24th, 2008 at 3:38 pm
I would imagine it’s for the letter head more than anything else.
It’s a daft question then, but how else could they verify you are who you say you are ?
I frequently ask for things to be delivered to work, but many companies refuse this – which I accept because at some level they’re not sending things out to an address where the card isn’t registered.
It’s a thorny subject with arguments on both sides, but it is a daft concept of security, I admit.