top | item 40741691

(no title)

Playing devil’s advocate, perhaps the level of risk associated with allowing low-level (or even senior manager-level) support staff to transfer ownership of accounts is too high? The level of sophistication of scammers/hackers/fraudsters is likely well above what Facebook would likely employ as support staff. They likely would need to staff paranoid paralegals to ensure customer support doesn’t become yet another lucrative vector to compromise FB accounts.

discuss

kube-system|1 year ago

I don't think that's an incorrect assessment of the situation Meta has placed themselves in, but it also is entirely their responsibility to solve.

wmf|1 year ago

Yes, the only semi-secure way to do account resets is in person and courts are one way to do that.

robotnikman|1 year ago

Probably a very secure way if it requires you to appear in person at court and provide documents proving you are who you say you are.

For requests of account ownership transfer or resets, I would say this is probably the best way to go about it, as it basically prevents people operating in other countries from having a chance at taking over your account remotely by playing customer service reps, and greatly raises the barrier in general for any fraudulent activity happening in the process.

josephcsible|1 year ago

But in a lot of these cases, ownership of the account isn't in question. I don't see how a request of the form "unban me" could be used to steal accounts.