Wachovia Security Badness
I got a letter from Wachovia summarizing some of their methods of over-the-phone identity verification and requesting that I sign an agreement stating that “… this security procedure constitutes a commercially reasonable method of providing security against unauthorized instructions.” I was also asked to agree not to hold Wachovia liable if their identity verification system fails and someone impersonating me is able to tamper with my account.
This is a betrayal of customers in two ways.
(1) Wachovia shouldn’t ask people who are unqualified to do so to state whether or not their security provisions are “commercially reasonable” (whatever that means). And by the way, the letter does not contain enough information for a security expert to assess the “reasonableness” of the policies, anyway.
(2) Wachovia should take responsibility when its identity verification procedures fail, in cases in which the victim has not negligently revealed personal information that made it easy for his identity to be stolen. After all, one of the main purposes of a bank is to keep your money safe.
[...] This post was mentioned on Twitter by Mac Mollison. Mac Mollison said: a pretty poor wachovia customer experience: http://thurly.net/hgo [...]