WTF: Credit Card Activation
Posted by heymoe on March 23rd, 2008
I received a replacement card in the mail for one that is getting ready to expire the other day. I had two options to activate the card: 1) Use the card in an ATM machine or 2) Call an 800 number. Since I was not near an ATM machine I decided to use the 800 number method.
The automated system first asked me for the number on the card. OK, no problem with this one since they need to know what they are activating. Then it asked for the expiration date on the card. OK, I can see this being useful as it verifies I have physical access to the card. At this point I was expecting to get prompted for something that in theory I would only know like the PIN but instead the automated system said the card has been activated. So in theory if someone stole my mail they could have activated the card because all the information they needed they had (the card number and the expiration date). Gee I feel secure now.
The only thing I can think of that might have made this secure, sort of, is that they used caller-ID and verified that I called from the registered phone number on the account. If they did do this it would be nice if they said so.
Oh, one last annoying thing about the 800 activation process is that the automated service tried to sell me their Identity Theft Protection service after I activated the card. I promptly selected the option that said no thanks just for the automated voice to ask me are you sure and tried to sell it to me once again. Geess.. No means No!!!
March 23rd, 2008 at 10:39 pm
Last one of those I did was Amex. They disclose the phone number matching in the call, however they also disclose that my account number may be used to assist me. Duh!
March 24th, 2008 at 12:46 am
Well I’m hopping Bank of America’s 800 activation did use my caller-ID as part of the activation. If not, they really need to fix that.