Advertisement: Free banner ad
Recent Notes and Tags
Top Searches: • do you trust your employer • employer identity theft • identity theft disclosure by employer • trusting your employer • can you sue your employer for identity theft • employer ask for bank statement • does your employer know your bank account • what if my past employer leaks my personal information • employer wants bank statements • giving bank information to employer • my employer wants to see bank accounts • employer wants bank my information • is it ok for employers to ask for your bank card • can employers ask for credit card statements • is a demanding job with • employer wants full disclosure what to do • employer wants personal information • bank account details what does employer need to know • do employers check your individual bank statements • do employers check bank statements • do i have to show bank statements to a new employer • can you trust employers with your ssn • secure your employee bank account number to employer • how to know if your employer is legit • can an employer access my bank account • employer wants to see bank statements • employeer asking for credit card records • how will i know whether the employer is not a fake • sue employer for identify theft • can an employer ask for statement if account • bank records disclosure to employer • when a employer gives out your personal information can you do anything about that • |
how well do you trust your employer - Identity Theft
| how well do you trust your employerHow well do you trust your employer, perspective employer, or even the people working for your employer. We all know identity theft is on the rise but high unemployment is bringing to the spotlight a related issue. Your employer or perspective employer (legit or not) wants a lot of personal information about you. They have or will ask for your full name, past names, address, past address, phone numbers, social security numbers, drivers license numbers, and they will even photocopy most of these items. The real problem comes when they ask if you want direct deposit. Do you realize that you are giving to them? YOUR BANK account number to go along with all the rest of your personal info. If the employer is fake, you are screwed. If the employer has bad people working for them, you are screwed. If your employer does not keep your data secured, you are screwed. All it takes is access to this information and ANYONE, can call your bank and prove they are YOU and do serious damage by taking YOUR money from YOUR own bank. I have been trying unsuccessfully to make this issue known to those who can do something about it. We know that employers need your personal info for tax and legal working purposes. But what I want to propose to banks is the ability to provide a "Virtual Account Number" to the employer instead of your REAL account number. The Virtual Account Number will be mapped to the real account number within and secured by the bank. This way anyone calling pretending to be YOU and giving the Virtual Account Number will tip off the bank right away. The direct deposit will go through as normal and routed to the real account based on the match to the virtual account within the banks own system. BEST of all no one but you and the bank will know your real account number, All your employer will know is the Virtual number. Lets get the word out and have this implement asap. |
|  "It is the same as an SSN"
The *ONLY* danger of your SSN is that it maps to everything. So whoever has this "virtual" key has the key to your life, so to speak.Making some database of virtual IDs to real numbers... means anyone with access to that database becomes all powerful. It solves nothing. |
| "you missed the boat"
In the original post I am strictly speaking about bank account numbers. Its already easy for someone to get your SSN. But the real damage comes when they get your bank ACCOUNT NUMBER. This is why phising attacks like to have you cash checks and try to get your account information. Its when your SSN is combined with your real bank account number that the real damage is done. And as far as the bank is concerned, since they MAINTAIN YOUR ACCOUNT, they are the only ones with access to mapping of the virtual account to the real account. And since the bank bears responsibility for your funds, IT IS IN THEIR best interest to keep that mapping secret. It might not solve everything but it does become another tool to stop scammers. AND IT IS IN our best interest to have our banks become more secure. Because if your read the fine print on your statements you will see that many banks are making it more difficult for you to recover your funds if you get scammed. So rather than shooting down anyones idea, at least be constructive and offer your own solutions. Because if all we do is act like sheep and not offer anything constructive then that really does not solve anything. Any todays scamming is nothing compared to the zero day exploits I have come across in my research. Hundreds of thousands of computers contain rootkits that are completely undetectable to any current antimalware scanner. If you want to know more, read why Microsoft pulled the plug on one of its most recent patches. |
| "wanted to add"
I also wanted to add that in its current form of just having real account numbers, if someone scams you using your bank account information and taking your identity, you are really at the mercy of the bank. But if there existed virtual accounts and you externally use your virtual account number then someone scams you using the real account number; it would obviously be an inside job and would completely be the banks responsibility. |
| "direct reply"
"Making some database of virtual IDs to real numbers... means anyone with access to that database becomes all powerful."You are very correct in this statement, but just as a bank gives only certain employees the combination to the safe. The same applies to access to the encrypted database. So the employee with the safe combination is all powerful? True, but do they act on it often? No, because of obvious reasons. |
| "I stand by my comments"
and add:When you write a check you are giving out your bank account number. The banks need to encrypt the account numbers on your checks so each one is is one use, virtual account number. Each BANK should be issuing virtual account numbers (I think payment will do this with one time, credit card numbers). Having anything in a CENTRAL database base leads to the exact same problems you have with a single id, like an SSN. Yes, it is "encryped" and access is "limited". But when someone does get in... his power will be immense! Doing it bank by bank means even if one bank is breached the rest aren't. So one would have to beach all the banks to gain the same power as breaching your single database. Thank you, no. |
| "I stand by my comments"
and add:When you write a check you are giving out your bank account number. The banks need to encrypt the account numbers on your checks so each one is is one use, virtual account number. Each BANK should be issuing virtual account numbers (I think payment will do this with one time, credit card numbers). Having anything in a CENTRAL database base leads to the exact same problems you have with a single id, like an SSN. Yes, it is "encryped" and access is "limited". But when someone does get in... his power will be immense! Doing it bank by bank means even if one bank is breached the rest aren't. So one would have to beach all the banks to gain the same power as breaching your single database. Thank you, no. |
Reply Options Share your opinions, advice, questions or comments on this post. | You must a registered user and logged in to use this feature: It is quick easy and offers many advantages when using our site. |
Social NetworkingShare this with your friends on facebook, twitter and Google+ | | Social sharing because it feels good:
| |
|
RelatedSome related posts that may be of interest to you. | Related posts: Related posts on other sites: Related eBooks: |
|
• Privacy RSS Feeds
