Should a BT call centre operative be allowed to send a one time use code number to my phone and ask me to tell them that number??
Data protection alarm bells are ringing!
It’s called 2FA ( two factor authentication ), BT Business use it all the time.
Yes, but surely you would enter it into a secure web page, and not divulge it to a third party over the phone, any more than you would with a code sent by your bank?
Its meant to be secure, so only the recipient knows it.
That’s not how it worked with BT Business Keith. I contact them by landline phone, they ask me the usual security questions then send the text and I read back the code. Yahoo and iCloud do it how you describe.
I had not come across this before.
Provided the person calling was from BT, and not just somebody who knew you mobile number, and was simply sending the code to try to convince you that they were genuine, when in fact they were simply someone wanting more personal information.
I would be very suspicious of anything like that.
Yes of course Keith but keep in mind that I called BT in the first place. This is not a call out of the blue. Don’t know about the OP?
I was the one who initiated the call.
The operator said they were going to send a code and they would like me to tell them, It was the fourth or fith department I had been transferred to, I gave them the code and they replied "Yes you are using the correct login details". To me it seems as though he used the code to access my account bypassing my password, which I hadn`t forgotten the call was not related to passwords or login details, without asking permission.
Thought I would just quickly jump on this thread to clear up any confusion.
As part of our High Validation process, we send customers a one time which the customer needs to read back to the adviser. Once this pin is confirmed and our system confirms the pin is correct the adviser will be able to make changes to the account which require high validation. The pin can only be sent to the contact email address or mobile number set up by the customer.
Normally you will only be asked to confirm the pin when you call into our contact centres or if we call you off the back of an email/private message or a complaint you have sent or raised with us.
Could you tell me the wording of this high validation pin message. I just need a bit more assurance as the message I recieved was not worded as if it was to be used as a reply to a validation request.