I have recently changed my address with two companies who deal with my pension and life assurance and am shocked by their processes.
Both companies security checked me over the phone and allowed me to change my contact details for correspondence. The checks were random asking for information only I knew. After confirming my new address they said they would send me a letter to the new address as a final confirmation.
I have no issue with being security checked on the phone and am happy that they changed my address.
What really gripes me is both companies failed to tell me that a letter would still be sent to my old address advising me again that my address had been updated.
It would appear first hand that the companies are looking out for my interest. I accept it is the 21st century and that ID theft is ripe. Therefore I can certainly understand if someone was impersonating me and did the change maliciously this service would be useful.
However, I think they are just covering themselves.
Firstly if I hadn't had post redirection I wouldn't have known these letters were sent out.
Now you may be thinking what's the issue?
(1) Firstly they are assuming straight away I am not who I say I am even though I passed the security checks.
(2) They don't tell me their full intentions and what letters will be sent out.
(3) Now I am not accusing the person who moved into property as being malicious but.... What if this wasn't the case, they opened the letter that was sent, called the company, passed the security checks but then said the address should not have been changed. How do I get to find out?
Although nothing malicious has happened it has left a sour taste in my mouth. Two separate companies I deal with have indirectly not trusted me but I am expected to trust then with my money.
If they were that bothered about security then they could have asked me to provide proof such as a passport, driving license or proof of my new address all of which could have been couriered at their expense more securely.
Whoever came up with this practise of sending a letter to the old address really needs to go back to the drawing board and have a rethink. I would go as far as calling both the policy implementors and the policy itself stupid.
It's another sad example of companies not trusting their customers and implementing bad policies which probably adds no real value, just the impression that things appear secure.
I would like to see the real statistics to prove if this practise has protected people versus people who were a victim of ID fraud because of these letters being sent to their old address.
We now live in a time where there is a heightened sense of security and are advised to shred documents that can be used to identify us if they are no longer required.
However I am of the opinion this is another sad example of a good intention that clearly has not been thought out or even risk assessed correctly. It is a practice I would like to see disappear and a better process of identification put in its place.
I don't have all the answers but am happy I have not been affected by fraud as a result of this practice. However I do not like the fact that although I took the time to update my contact details there an element of mistrust in me.
Whatever happened to innocent until proven guilty?
Both companies security checked me over the phone and allowed me to change my contact details for correspondence. The checks were random asking for information only I knew. After confirming my new address they said they would send me a letter to the new address as a final confirmation.
I have no issue with being security checked on the phone and am happy that they changed my address.
What really gripes me is both companies failed to tell me that a letter would still be sent to my old address advising me again that my address had been updated.
It would appear first hand that the companies are looking out for my interest. I accept it is the 21st century and that ID theft is ripe. Therefore I can certainly understand if someone was impersonating me and did the change maliciously this service would be useful.
However, I think they are just covering themselves.
Firstly if I hadn't had post redirection I wouldn't have known these letters were sent out.
Now you may be thinking what's the issue?
(1) Firstly they are assuming straight away I am not who I say I am even though I passed the security checks.
(2) They don't tell me their full intentions and what letters will be sent out.
(3) Now I am not accusing the person who moved into property as being malicious but.... What if this wasn't the case, they opened the letter that was sent, called the company, passed the security checks but then said the address should not have been changed. How do I get to find out?
Although nothing malicious has happened it has left a sour taste in my mouth. Two separate companies I deal with have indirectly not trusted me but I am expected to trust then with my money.
If they were that bothered about security then they could have asked me to provide proof such as a passport, driving license or proof of my new address all of which could have been couriered at their expense more securely.
Whoever came up with this practise of sending a letter to the old address really needs to go back to the drawing board and have a rethink. I would go as far as calling both the policy implementors and the policy itself stupid.
It's another sad example of companies not trusting their customers and implementing bad policies which probably adds no real value, just the impression that things appear secure.
I would like to see the real statistics to prove if this practise has protected people versus people who were a victim of ID fraud because of these letters being sent to their old address.
We now live in a time where there is a heightened sense of security and are advised to shred documents that can be used to identify us if they are no longer required.
However I am of the opinion this is another sad example of a good intention that clearly has not been thought out or even risk assessed correctly. It is a practice I would like to see disappear and a better process of identification put in its place.
I don't have all the answers but am happy I have not been affected by fraud as a result of this practice. However I do not like the fact that although I took the time to update my contact details there an element of mistrust in me.
Whatever happened to innocent until proven guilty?
Comments
Post a Comment