Are there any statutory guidelines for confirming identity correctly over the phone?

Labh_gup on 18/07/2014 - 10:58
Last edited 18/07/2014 - 14:36 by 2 other users

I have made several changes to my FINANCIAL accounts over the phone, without the company rep/call center personnel asking me for more than 2 security questions! When I gave a feedback regarding this possibility of risk in security, they said "It's all good, it's as per the laws", without much regard to my concern.

So just wondering, when I call a FINANCIAL service company (for example, a BANK), how do they verify my identity correctly or satisfactorily?

I know the standard questions are Name, Date of Birth, Address, etc, but I don't know if there are any legal guidelines or written requirements for this. OAIC government website fails to give me a decent or precise answer.

What are your thoughts?

Question: Is the current lack of statutory guidelines for confirming personal identity over phone a concern?

Poll Options

• 4
  Yes
• 2
  No
• 3
  I don't know or Not sure

• 

  pjetson on 18/07/2014 - 11:21

  +4

  Most of the time when these people say "it's the law" it's just their own rules (and often their own stupid rules).

• 

  zzymurgy on 18/07/2014 - 11:22

  +1

  I don't think there is a law about this. The organisation just has to be satisfied that you are you.

  Put it this way, if you rang a local store that you went to every day, and placed an order, they wouldn't check your identity at all. They would just know your voice. They would feel pretty silly asking for your DOB.

  Edit: My favourite line is "for privacy, can I have your full name, address and date of birth?" It always makes me laugh, that's the opposite of privacy.

  • 

    DealzEddy123 on 01/08/2015 - 08:47

    well im sure they mean for your privacy, in case we're divulging your details to someone other than yourself.

• 

  donbot on 18/07/2014 - 11:55

  +1

  Called the ATO recently? To be able to speak in regard to a business account on which you're an authorised contact, you have to identify yourself first: TFN, DOB, Address, sometimes bank details…. THEN identify the company TFN, Address, Document ID.

  Talk about overkill….

  • 

    iseenya on 18/07/2014 - 12:22

    -1

    And if an ATO person calls you and can't get through, they leave a message for you to call them back. But when you return their call, they won't speak to you without your TFN, even though it was them that called you in the first place!

• 

  Settero on 18/07/2014 - 14:35

  +1

  im pretty sure that if the person knows your secret question and answer, they probably have enough info on you to answer most questions that a bank could reasonably ask…

• 

  bombpen on 18/07/2014 - 14:49

  +1

  As others have said, there aren't really any laws to verify your identity other than the normal 100 point ID guidelines — which don't really apply in this situation.

  Different companies have their own internal policies which normally govern how these things are handled. If someone tries to fob you off with the law argument, they are quite easy to defeat by asking them specifically which legislation and what section they are referring too… that normally calls their bluff.

  I'm actually quite scared in Australia when dealing with companies, how little they confirm ID before giving out information or taking instructions from you.

  • 

    Daabido on 18/07/2014 - 16:20

    +1

    There has to be a balance between excessively difficult verification processes and too easy. At the moment, you usually get asked for your full name, address and date of birth and if there is some sort of telephone code attached to your account that too.

    Contrast that with the ATO, which is quite difficult as previously said to interact with because they require a whole bunch of information including document id numbers from a letter they sent you.

    I can imagine that working at a call centre when people can't remember their details must be quite frustrating on both ends of the line at times.