Monday, May 19, 2008

Is this secure enough?

This Sunday outing had a crop of security questions. The first was at a Kroger store, where the essential id information was requested on the checkout receipt. On closer inspection, it was a credit card application. But it felt in the wrong place. How easily can a person fill all of this out and then lose it somewhere?

On the other hand, Chase bank did it just right. They scanned and printed a deposited check, and lo and behold "Part of the check image has been obscured for security reasons!". Good job Chase.
What is the advice? Often programmers ask for information just because they can, while in truth they do not need it. Today, one should start to collect as little information as possible, not as much.

No comments: