Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Detecting fraud at call centres

  • 19-04-2015 9:06pm
    #1
    Registered Users, Registered Users 2 Posts: 1,667 ✭✭✭


    Interview with guys from Pindrop Security during which they go into some detail on how to reduce fraud and also the silly ID questions many companies ask callers.

    Video: http://www.podtrac.com/pts/redirect.mp4/twit.cachefly.net/video/twiet/twiet0136/twiet0136_h264m_1280x720_1872.mp4

    http://www.pindropsecurity.com

    Similar concepts could be applied to applications like online check-in for a flight. If someone knows the 6 character reservation locator and the last four digits of their payment card number, there is no point in also asking them the from and to airports or any other silly info. Ditto for Ryanair and their dogmatic and illegal under EU law requests for ID card or passport info. A company is only entitled to the personal information that is essential to perform its function. Dumb, time wasting and creating a security risk in itself.


Comments

  • Registered Users, Registered Users 2 Posts: 2,626 ✭✭✭timmywex


    Impetus wrote: »
    Ditto for Ryanair and their dogmatic and illegal under EU law requests for ID card or passport info. A company is only entitled to the personal information that is essential to perform its function. Dumb, time wasting and creating a security risk in itself.

    You appear to have serious beef with Ryanair man :-)

    Why would it be illegal under EU law? A company (or individual) can request anything from anyone surely, it's a request, doesn't mean I have to give it to them? If someone doesn't want to give the information they are always free to use another provider

    I'm sure they have a fairly strong argument for ID card/passport info, and given where the state of flight security is ever since 9/11.


  • Closed Accounts Posts: 720 ✭✭✭anvilfour


    timmywex wrote: »
    You appear to have serious beef with Ryanair man :-)

    Why would it be illegal under EU law? A company (or individual) can request anything from anyone surely, it's a request, doesn't mean I have to give it to them? If someone doesn't want to give the information they are always free to use another provider

    I'm sure they have a fairly strong argument for ID card/passport info, and given where the state of flight security is ever since 9/11.


    You're right Timmy, I looked into this after providing my passport to Ryanair to travel within the UK, they're within their rights to ask so long as the policy applies fairly to everyone. This is one of the reasons I think ID cards are a good idea as they're a lot easier to carry around than a passport.


  • Registered Users, Registered Users 2 Posts: 1,667 ✭✭✭Impetus


    timmywex wrote: »
    You appear to have serious beef with Ryanair man :-)

    Why would it be illegal under EU law? A company (or individual) can request anything from anyone surely, it's a request, doesn't mean I have to give it to them? If someone doesn't want to give the information they are always free to use another provider

    I'm sure they have a fairly strong argument for ID card/passport info, and given where the state of flight security is ever since 9/11.

    Why would it be illegal under EU law? A company (or individual) can request anything from anyone surely, it's a request, doesn't mean I have to give it to them? If someone doesn't want to give the information they are always free to use another provider

    I'm sure they have a fairly strong argument for ID card/passport info, and given where the state of flight security is ever since 9/11.[/QUOTE]

    The issue in this case under EU law is the collection and storage of non-essential personal information.

    No other airline requires one to enter (and therefore store) passport info - including DoB, PP number, expiry date etc for all flights. I have no issue with showing the document at check-in. I do have an issue with having to take it out again at the gate (which no airline had before the British Gov tried to steamroll it all over the EU) - aside from BA.

    And while I am an Irish citizen, I have an ID card issues by another EU state - but Ryanair's website has no space for an ID card option in the dropdown list for Irish citizens. Even the dozy Dept of Foreign Affairs will be issuing ID cards from July.

    Germany said no to GB's customer inconvenience while travelling racket, and as a result, a Lufthansa flight is the fastest to board, using an airbridge. You just scan your boarding pass or mobile phone screen and the gate opens. No id required. Lower staff costs - usually just one gate agent to deal with problems from late connections. And Munich Airport for example guarantees to transfer luggage from an inbound flight to an outgoing flight in 45 minutes. In Dublin, the opposite is the case - you waste an hour going through passport checking, and waiting for one's checked luggage in most cases, and re-checking in for the connecting flight. In other words, Ireland adopts Britain's make life as difficult as possible for the PAX making a connection mentality, while you can spend the non-wasted "hate time" and bureaucracy, looking at the latest Audi or BMW, perhaps having a quick lunch, or shopping generally in a German airport.

    My big issue with Ryanair is the fact that (a) they are storing my passport data, along with my payment card details, which makes them a very attractive site to hack from black hats. even for intra-Schengen flights. (b) they use a US company to store this. I don't want my data in the hands of what I regard as terrorist states - eg 1 million dead in Iraq due to US/GB action. No wonder they are hated and feel the need to impose extreme measures on everybody. And they do so in such an uncouth manner. 9/11 is no excuse for this. The Anglos created 9/11 due to their racist cultural DNA and their war against the brown skinned world. It is also a money racket - this employs millions of people and provides huge revenues for contracting companies. And provides data to the NSA about European transactions that is none of their business.


  • Closed Accounts Posts: 720 ✭✭✭anvilfour


    Impetus wrote: »
    Why would it be illegal under EU law? A company (or individual) can request anything from anyone surely, it's a request, doesn't mean I have to give it to them? If someone doesn't want to give the information they are always free to use another provider

    I'm sure they have a fairly strong argument for ID card/passport info, and given where the state of flight security is ever since 9/11.

    The issue in this case under EU law is the collection and storage of non-essential personal information.

    No other airline requires one to enter (and therefore store) passport info - including DoB, PP number, expiry date etc for all flights. I have no issue with showing the document at check-in. I do have an issue with having to take it out again at the gate (which no airline had before the British Gov tried to steamroll it all over the EU) - aside from BA.

    And while I am an Irish citizen, I have an ID card issues by another EU state - but Ryanair's website has no space for an ID card option in the dropdown list for Irish citizens. Even the dozy Dept of Foreign Affairs will be issuing ID cards from July.

    Germany said no to GB's customer inconvenience while travelling racket, and as a result, a Lufthansa flight is the fastest to board, using an airbridge. You just scan your boarding pass or mobile phone screen and the gate opens. No id required. Lower staff costs - usually just one gate agent to deal with problems from late connections. And Munich Airport for example guarantees to transfer luggage from an inbound flight to an outgoing flight in 45 minutes. In Dublin, the opposite is the case - you waste an hour going through passport checking, and waiting for one's checked luggage in most cases, and re-checking in for the connecting flight. In other words, Ireland adopts Britain's make life as difficult as possible for the PAX making a connection mentality, while you can spend the non-wasted "hate time" and bureaucracy, looking at the latest Audi or BMW, perhaps having a quick lunch, or shopping generally in a German airport.

    My big issue with Ryanair is the fact that (a) they are storing my passport data, along with my payment card details, which makes them a very attractive site to hack from black hats. even for intra-Schengen flights. (b) they use a US company to store this. I don't want my data in the hands of what I regard as terrorist states - eg 1 million dead in Iraq due to US/GB action. No wonder they are hated and feel the need to impose extreme measures on everybody. And they do so in such an uncouth manner. 9/11 is no excuse for this. The Anglos created 9/11 due to their racist cultural DNA and their war against the brown skinned world. It is also a money racket - this employs millions of people and provides huge revenues for contracting companies. And provides data to the NSA about European transactions that is none of their business.


    While I applaud your zeal for your right to your privacy, I think you also need to be pragmatic about what data is going to get out.

    You need to take into account that the mere fact that you're going to a public place like an Airport bristling with CCTV is going to make sure that your movements are a matter of public record - indeed the powers given to Customs Agents are scarily much more far reaching than that of the Police but that's a discussion for another time!

    As for your credit card information, you don't have to choose to store this with Ryanair, if you feel that cut up about it though, feel free to do as I do and have a credit card you use for online transactions, or buy a prepaid Mastercard from your local Post Office.

    How do you think a criminal would make use of your passport number? Do you mean they might try to make fakes, use it for ID fraud?


  • Moderators, Technology & Internet Moderators Posts: 4,621 Mod ✭✭✭✭Mr. G


    What is a concern is with flight time and the person's email address you can find someone's passport number and other private information. I always thought Ryanair was sloppy on the website security now that you say it.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 1,667 ✭✭✭Impetus


    anvilfour wrote: »
    You need to take into account that the mere fact that you're going to a public place like an Airport bristling with CCTV is going to make sure that your movements are a matter of public record - indeed the powers given to Customs Agents are scarily much more far reaching than that of the Police but that's a discussion for another time!

    I have little concern about CCTV cameras at an airport. They don't waste my time getting through the airport. I simply mentioned things (hate factors in my book) that mess the airport experience up and waste my time.

    to enlarge:
    1) "Security" staff asking one if one had liquids, etc? Intelligently designed and run airports have a separate frequent traveller channels, where people who self-elect, go through a frequent flyer channel - and don't spend five minutes emptying their pockets of coins, mobile phones etc - creating a delay for everybody else. People who fly frequently don't leave metal on their bodies period. No to be confused with having to buy a card at every airport to get fast service. This makes the overall security operation more cost effective for airport and PAX.

    2) Ryanair is not required by any law to collect passport information at online or desk checkin from passengers on most flights. Yet the company does so on all flights. Which leads me to think that Ryanair is either directly selling these data to NSA & Co (who have been widely reported as paying for info from big companies), or Ryanair's outsourced reservations and check-in service provider gives Ryanair a discount because Ryanair allows them to collect these data. Ryanair's reservation / checkin system in based in the USA. Ryanair does not fly to the USA. Ryanair likes to sell advertising and make every cent they can on these opportunities. Therefore in my mind there is a good chance that FR is selling one way or another its customers personal information to rogue state intelligence services. Ryanair is regulated from a data privacy perspective by a dozy, understaffed, underfunded data protection service. Nobody is controlling how Ryanair manages our personal data properly.
    anvilfour wrote: »
    As for your credit card information, you don't have to choose to store this with Ryanair, if you feel that cut up about it though, feel free to do as I do and have a credit card you use for online transactions, or buy a prepaid Mastercard from your local Post Office.

    Why should one have to buy a prepaid card (they are expensive with % fees here there and everywhere) and are not anonymous. They provide no value other than a ceiling on one's financial exposure from fraud.
    anvilfour wrote: »
    How do you think a criminal would make use of your passport number? Do you mean they might try to make fakes, use it for ID fraud?

    With the passport number, expiry date, dob, and a blank passport, they could make a good copy that would if properly executed would enable them to pretend to be you in all sorts of cases, financial exposure and otherwise. And the passport has no idea that their passport data has been virtually stolen.


  • Registered Users, Registered Users 2 Posts: 1,667 ✭✭✭Impetus


    Mr. G wrote: »
    What is a concern is with flight time and the person's email address you can find someone's passport number and other private information. I always thought Ryanair was sloppy on the website security now that you say it.

    Ryanair's website was like a primary school project. The current, improved website is more flash gloss on the job done at some school. It is still pig inefficient to make a reservation and check-in.

    With www.vueling.com/en you can buy your flight, combine flights and ask to connect two flights and the site works out connections (eg Alicante > Barcelona > Your destination city), and you get an email with your boarding pass without doing anything. The food is better. The prices are cheaper. The staff are friendly. Seats have always been pre-assigned. And they use top quality airport terminals - eg Barcelona's new T1 which has a capacity of 70 million PAX.


  • Closed Accounts Posts: 720 ✭✭✭anvilfour


    Impetus wrote: »
    I have little concern about CCTV cameras at an airport. They don't waste my time getting through the airport. I simply mentioned things (hate factors in my book) that mess the airport experience up and waste my time.

    to enlarge:
    1) "Security" staff asking one if one had liquids, etc? Intelligently designed and run airports have a separate frequent traveller channels, where people who self-elect, go through a frequent flyer channel - and don't spend five minutes emptying their pockets of coins, mobile phones etc - creating a delay for everybody else. People who fly frequently don't leave metal on their bodies period. No to be confused with having to buy a card at every airport to get fast service. This makes the overall security operation more cost effective for airport and PAX.

    2) Ryanair is not required by any law to collect passport information at online or desk checkin from passengers on most flights. Yet the company does so on all flights. Which leads me to think that Ryanair is either directly selling these data to NSA & Co (who have been widely reported as paying for info from big companies), or Ryanair's outsourced reservations and check-in service provider gives Ryanair a discount because Ryanair allows them to collect these data. Ryanair's reservation / checkin system in based in the USA. Ryanair does not fly to the USA. Ryanair likes to sell advertising and make every cent they can on these opportunities. Therefore in my mind there is a good chance that FR is selling one way or another its customers personal information to rogue state intelligence services. Ryanair is regulated from a data privacy perspective by a dozy, understaffed, underfunded data protection service. Nobody is controlling how Ryanair manages our personal data properly.



    Why should one have to buy a prepaid card (they are expensive with % fees here there and everywhere) and are not anonymous. They provide no value other than a ceiling on one's financial exposure from fraud.



    With the passport number, expiry date, dob, and a blank passport, they could make a good copy that would if properly executed would enable them to pretend to be you in all sorts of cases, financial exposure and otherwise. And the passport has no idea that their passport data has been virtually stolen.

    Thanks for your reply Impetus, just a few follow up questions:

    - Are Ryanair selling your data to the NSA or to criminals who are going to make forgeries? It's just if it's the NSA you're worried about CCTV makes sharing your passport info something of a moot point, they already have eyes on you going to the ticket desk and sitting in the departure lounge so they know who you are and where you're going! :)

    - The "I shouldn't have to" argument is one I hear often when it comes to Security. You mention that a prepaid credit card can be expensive but there's nothing to stop you having another debit card with your bank. The benefit of reducing your exposure to fraud is rather considerable, don't you think you should rethink this if you're worried about criminals getting your credit card info?


  • Registered Users, Registered Users 2 Posts: 1,667 ✭✭✭Impetus


    anvilfour wrote: »
    Thanks for your reply Impetus, just a few follow up questions:

    - Are Ryanair selling your data to the NSA or to criminals who are going to make forgeries? It's just if it's the NSA you're worried about CCTV makes sharing your passport info something of a moot point, they already have eyes on you going to the ticket desk and sitting in the departure lounge so they know who you are and where you're going! smile.png

    Ryanair may be selling these data, (or their reservation / check-in system outsourced provider - perhaps offering a discount to Ryanair in return - ie passing on the bribe money to Ryanair) from the NSA. The latter has no regard for the US constitution and their behaviour could therefore be judged to be criminal, or at a minimum un-constitutional.
    anvilfour wrote: »
    - The "I shouldn't have to" argument is one I hear often when it comes to Security. You mention that a prepaid credit card can be expensive but there's nothing to stop you having another debit card with your bank. The benefit of reducing your exposure to fraud is rather considerable, don't you think you should rethink this if you're worried about criminals getting your credit card info?
    Having another debit card is an inconvenience and expense, and the card account has to be maintained with a sufficient balance to cover legitimate transactions, while at the same time structured with the bank not to be credited automatically when it runs short of funds, while foiling fraud. Why should I need to keep another card for risky transactions a la Ryanair? It says a lot for the airline and its infrastructure for you to suggest that they are in a different league to say the Logictech online store - http://www.logitech.com/en-ch/home where I wouldn't feel the need for any additional security precautions.

    Mod edit :
    Snipped. Where a poster works is irrelevant. Having an opinion that differs to yours does not equate to them working for any particular body.


  • Registered Users, Registered Users 2 Posts: 1,835 ✭✭✭BoB_BoT


    Impetus wrote: »

    My mind keeps asking me who do you and similar posters work for? Be they pro Ryanair (or at least defending them). And it is not just Ryanair. Your slant smells. You are not alone in this one.

    If you really hate Ryanairs business practices and their service/website/data handling, why would you bother use/fly with them at all?


  • Advertisement
  • Moderators, Technology & Internet Moderators Posts: 4,621 Mod ✭✭✭✭Mr. G


    Impetus wrote: »
    I have little concern about CCTV cameras at an airport. They don't waste my time getting through the airport. I simply mentioned things (hate factors in my book) that mess the airport experience up and waste my time.

    to enlarge:
    1) "Security" staff asking one if one had liquids, etc? Intelligently designed and run airports have a separate frequent traveller channels, where people who self-elect, go through a frequent flyer channel - and don't spend five minutes emptying their pockets of coins, mobile phones etc - creating a delay for everybody else. People who fly frequently don't leave metal on their bodies period. No to be confused with having to buy a card at every airport to get fast service. This makes the overall security operation more cost effective for airport and PAX.

    2) Ryanair is not required by any law to collect passport information at online or desk checkin from passengers on most flights. Yet the company does so on all flights. Which leads me to think that Ryanair is either directly selling these data to NSA & Co (who have been widely reported as paying for info from big companies), or Ryanair's outsourced reservations and check-in service provider gives Ryanair a discount because Ryanair allows them to collect these data. Ryanair's reservation / checkin system in based in the USA. Ryanair does not fly to the USA. Ryanair likes to sell advertising and make every cent they can on these opportunities. Therefore in my mind there is a good chance that FR is selling one way or another its customers personal information to rogue state intelligence services. Ryanair is regulated from a data privacy perspective by a dozy, understaffed, underfunded data protection service. Nobody is controlling how Ryanair manages our personal data properly.



    Why should one have to buy a prepaid card (they are expensive with % fees here there and everywhere) and are not anonymous. They provide no value other than a ceiling on one's financial exposure from fraud.



    With the passport number, expiry date, dob, and a blank passport, they could make a good copy that would if properly executed would enable them to pretend to be you in all sorts of cases, financial exposure and otherwise. And the passport has no idea that their passport data has been virtually stolen.

    Ryanair's booking system is located in the US? Please show evidence of this?


  • Closed Accounts Posts: 720 ✭✭✭anvilfour


    Impetus wrote: »
    Ryanair may be selling these data, (or their reservation / check-in system outsourced provider - perhaps offering a discount to Ryanair in return - ie passing on the bribe money to Ryanair) from the NSA. The latter has no regard for the US constitution and their behaviour could therefore be judged to be criminal, or at a minimum un-constitutional.
    Having another debit card is an inconvenience and expense, and the card account has to be maintained with a sufficient balance to cover legitimate transactions, while at the same time structured with the bank not to be credited automatically when it runs short of funds, while foiling fraud. Why should I need to keep another card for risky transactions a la Ryanair? It says a lot for the airline and its infrastructure for you to suggest that they are in a different league to say the Logictech online store - [ where I wouldn't feel the need for any additional security precautions.

    My mind keeps asking me who do you and similar posters work for? Be they pro Ryanair (or at least defending them). And it is not just Ryanair. Your slant smells. You are not alone in this one.

    I don't work for Ryanair and couldn't care less whether you fly with them or not.

    My point is that

    a) It's a being a bit silly to say that the only way the NSA could tell you've set foot in an airport is by raiding Ryanair's records. Surely you need to be pragmatic when it comes to international air travel, there's not much privacy to be had in Airports. :)

    b) Companies like Logitech are just as vulnerable to being hacked as any other to get your credit card details. You can get a free debit card from your bank by opening another current account and can wire funds there (again free of charge) as and when is needed. I agree you'd need to ask the bank not to extend you credit in case the card would put you in the red but this is one phone call, what's the big deal?


  • Registered Users, Registered Users 2 Posts: 1,667 ✭✭✭Impetus


    Mr. G wrote: »
    Ryanair's booking system is located in the US? Please show evidence of this?

    http://www.navitaire.com/our-customers.aspx


  • Closed Accounts Posts: 18,966 ✭✭✭✭syklops




  • Registered Users, Registered Users 2 Posts: 1,667 ✭✭✭Impetus


    anvilfour wrote: »
    I don't work for Ryanair and couldn't care less whether you fly with them or not.

    My point is that

    a) It's a being a bit silly to say that the only way the NSA could tell you've set foot in an airport is by raiding Ryanair's records. Surely you need to be pragmatic when it comes to international air travel, there's not much privacy to be had in Airports. :)

    b) Companies like Logitech are just as vulnerable to being hacked as any other to get your credit card details. You can get a free debit card from your bank by opening another current account and can wire funds there (again free of charge) as and when is needed. I agree you'd need to ask the bank not to extend you credit in case the card would put you in the red but this is one phone call, what's the big deal?


    I am totally pragmatic about air travel etc. I fly a lot (yuk). I am in a lucky position where I can pick and choose and avoid problem airports and airlines. The issue in mind is that NSA (who I have no relationship with, that I know of) may be (smells like) one of Ryanair's partners in €€€ terms forceably collecting ID stuff at check-in - unlike any other airline on the planet. Given Ryanair's focus on selling information (a la stupid voice spam for sugary drinks and other nasty stuff while waiting for take-off), it seems to me that this company has no our compunction about unhealthy stuff like their inflight trolley crap, not to mention even less healthy snooping - which is against the ECHR - Euro Convention on Human Rights - something unknown to our friends on the other side of the Atlantic.


  • Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    Impetus wrote: »
    I am totally pragmatic about air travel etc. I fly a lot (yuk). I am in a lucky position where I can pick and choose and avoid problem airports and airlines. The issue in mind is that NSA (who I have no relationship with, that I know of) may be (smells like) one of Ryanair's partners in €€€ terms forceably collecting ID stuff at check-in - unlike any other airline on the planet. Given Ryanair's focus on selling information (a la stupid voice spam for sugary drinks and other nasty stuff while waiting for take-off), it seems to me that this company has no our compunction about unhealthy stuff like their inflight trolley crap, not to mention even less healthy snooping - which is against the ECHR - Euro Convention on Human Rights - something unknown to our friends on the other side of the Atlantic.

    You don't sound pragmatic. You sound like you have a serious beef with Ryanair. You repeatedly accuse them(and only them) of collusion with the EN-ES-AY. Ryanair don't have any transatlantic flights or flights to the middle east, unlike Aer Lingus and BA, but you disregard them of sharing, either knowingly or otherwise, information with the NSA.

    Also, If you dont want a relationship with the EN-ES-AY, stop ranting about them on online fora. If you honestly think they are in cahoots with Ryanair, just avoid Ryanair, and move on.


Advertisement