Mitnick had so many stories that entranced the people around him. I heard one second hand of Mitnick dealing with a bank who had early voice verification software. Upon meeting the CEO he gave the executive his card and departed for the evening. Arriving back at his hotel, he called the CEO and asked him to read his phone number to him. The phone number contained all ten digits which Mitnick had neatly tape recorded so as to make the CEO’s voice reproducible. He then proceeded to use the bank’s vocal banking system to transfer $1 from the CEO’s account to his as the authentication mechanism was reading out your own account number in your voice.
When Mitnick arrived back in the board room the architect of the voice verification system was crestfallen and the bank CEO delivered a check on a silver platter.
Now how much of that tale is embellished I will never know as it was second hand, but that was the kind of whimsy Mitnick brought to our world.
Rest in Power.
Welcome to the american banking system.
The account number should be just an ID, not authentication mechanism.
Right? One of the many things (and I mean this without any hate whatsoever) I simply can't and will never understand about the US. A bank account number is your mailbox for receiving money. How does that country even operate when they build those mailboxes underground?
(Using a check, the very infrastructure we’ve been talking about!!)
I only send and receive money with Google/Apple Pay & PayPal at this point. This flow is reasonable (every transaction is authorised in a trusted location (ie: PayPal). Further transactions are impossible without additional authorization). It boggles my mind that banks & CC companies haven't made some standard for this. Would save them so much money in fraud protection.