> I hate the term stealing identity, because it implies the victim made some mistake to allow it to happen. When what really happened is the company was lazy to verify that the person they're doing business with is actually who they say they are. The onus and liability should be on the company involved.
Okay, I'm inclined to agree here, but what I don't see addressed is: If you set up an account with a username and password, then write it down on a slip of paper, and then drop that in a cafe, and someone else logs in as you and drains your account, is the bank liable for that too? Are all services with logons? But that looks identical to identity theft in a lot of ways.
If bank mandated security controls are breached, or they don't provide adequate controls, I feel like that that's on them. But if they've done their part and you've been irresponsible then that's on you. But where's the dividing line? And saying the banks have more responsibility can also justify more biometrics and surveillance.
Is the differentiating factor here that the bank (or whatever) is allowing access with insecure credentials (name, date of birth, phone number) instead of the primary credentials?
In the case they gain access to my account, I agree with how you presented it. If someone emptied my account with info about me they could find in data breaches, that shouldn’t be on me.
If they gave a loan or a credit card to someone pretending to be me. That’s now on my credit rating and historically very difficult to undo.
rendaw|7 months ago
If bank mandated security controls are breached, or they don't provide adequate controls, I feel like that that's on them. But if they've done their part and you've been irresponsible then that's on you. But where's the dividing line? And saying the banks have more responsibility can also justify more biometrics and surveillance.
Is the differentiating factor here that the bank (or whatever) is allowing access with insecure credentials (name, date of birth, phone number) instead of the primary credentials?
slashdev|7 months ago
If they gave a loan or a credit card to someone pretending to be me. That’s now on my credit rating and historically very difficult to undo.
MichaelZuo|7 months ago
Buttons840|7 months ago
slashdev|7 months ago