I like to tune in to all types of tech-related news so it was no real surprise to me that I might be posed security questions of a personal nature based solely on my name, email address and billing address. For many years there have been some VERY serious identity systems quietly available to companies with big pockets -- identity systems that tie more PII (personally identifiable information) together in more ways than most people imagine. This is an ever-growing field with cloud-based SaaS identify verification becoming the new rage. Still, even though I expect this I was left unsettled by the three questions presented to me during checkout:
- At which of the following addresses have you lived? (5 choices, 1 was for an address of mine from over 10 years ago)
- Which of the following addresses are you familiar with? (5 choices, all wrong -- trick question or just my bad memory?)
- What age range do you most closely attribute to <my mother's name>? (5 age ranges, one obvious correct choice)
Compared to simply reading about identity systems, my reaction to news of their capabilities and routine use was a bit different when it was me answering the security questions. You're not paranoid if an identity system really is out to get you(r personal data)...
No comments:
Post a Comment