Other providers than TT .

Discussion in 'Broadband' started by David, Oct 24, 2015.

  1. David

    David Guest

    Those of use not with TalkTalk, I'm with Plusnet, what should we all be
    doing if we can to stop the same happening to our personal data as TT from
    our various providers?
    Regards
    David
     
    David, Oct 24, 2015
    #1
    1. Advertisements

  2. David

    David Hume Guest

    Ask them if they have encrypted their data. Choose a small ISP which is
    less likely to be the target of hackers. There are probably some warning
    signs, like if they send bills by unencrypted email then security isn't
    top on their list.

    (I haven't asked my ISP).
     
    David Hume, Oct 24, 2015
    #2
    1. Advertisements

  3. David

    Graham J Guest


    Don't pay by credit card or direct debit.

    If we the customers only pay by cheque the likes of TT will go out of
    business if they are not prepared to accept cheque payments and give
    30-day credit accounts.

    The alternative will be for the banks to develop a secure payment system
    that is available to their customers. Perhaps something like this:

    1) You want to pay for something, so you give payment details to the
    supplier. Supplier responds with unique reference.

    2) Supplier passes payment details to its bank, which in turn passes the
    details to your bank.

    3) You log onto your bank using card machine & PIN, or other two-factor
    authentication. You see the request for payment from the supplier, with
    its reference number. You authorise the payment.

    Advantages:

    A) You never give the supplier any information that would allow them to
    take payment directly.

    B) You only authenticate yourself with your bank. Now we know that the
    criminals have compromised this process, but mostly the cause is lax
    practises on the part of the banks.

    I'm sure with a bit of collective thought we in this NG could come up
    with a very secure system.
     
    Graham J, Oct 24, 2015
    #3
  4. David

    Roland Perry Guest

    If they were to be sending the bills by encrypted email, how will you
    read them? Or would you expect the ISP to demand that all its customers
    used PGP.
     
    Roland Perry, Oct 24, 2015
    #4
  5. David

    Chronos Guest

    Personally, I'd avoid any form of continuous payment authority like the
    plague. You're SOL with Plusnet, though, since they won't allow any
    other payment method than direct debit.

    Also consider the information asked of you. Do they need your DoB, for
    example? If they don't, have no way of verifying it and they insist,
    give them a false but memorable one. Mother maiden name? It's Smith
    unless you're my bank. Where was I born? Timbuktu. Use a password
    manager like KeePass and store these in the notes. Sync it with your
    mobile but keep it secure and only open the database when you need it.
    Consider having two databases, one for banking, tax and government
    accounts and one for companies with different master passwords.

    In short, adopt a "need to know" policy with your personal information
    for anyone using a database. Today, that's everyone. Only give the real
    stuff to those who need it.

    Oh, and don't give identifying information out over the telephone - at
    all, ever, no matter who they claim to be. These measures won't just
    protect you from ISPs leaking information, they'll protect you from
    most forms of identity theft.
     
    Chronos, Oct 24, 2015
    #5
  6. David

    David Hume Guest

    I think such systems already exist for mobile phone payments.

    Maybe payment by Paypal would be an option. You could set up a standing
    order so that there was only money once a month, enough to pay the
    subscription.

    Once your bank details are on the ISP system though, can you ever trust
    them to delete them? When I asked Blockbuster to delete my credit card
    details it drew a blank look.
     
    David Hume, Oct 24, 2015
    #6
  7. David

    David Hume Guest

    You send an email saying "your bill is ready, please log on to read
    it". Then you log onto the secure server, read, download, etc.
     
    David Hume, Oct 24, 2015
    #7
  8. David

    Roland Perry Guest

    If your objection is to them being emailed at all, then say so.
     
    Roland Perry, Oct 24, 2015
    #8
  9. David

    Roland Perry Guest

    Were you asking their finance director, or a spotty youth on minimum
    wage in the shop?
     
    Roland Perry, Oct 24, 2015
    #9
  10. David

    David Hume Guest

    No, that is not my objection. If they managed to send by encrypted email
    that would be fine. If for example they provide their own secure email
    server, and you collect from it using TLS that would be OK.
     
    David Hume, Oct 24, 2015
    #10
  11. David

    me Guest

    The problem with even paying by Direct Debit, is most isp's ask you
    for card details as a back up should D/D not work.

    I know BT phone bills had the option to pay by paypoint, could we all
    do that, pay each month at the corner shop and email the receipt to
    the isp as proof of payment.
     
    me, Oct 24, 2015
    #11
  12. David

    Roland Perry Guest

    That's not an encrypted email, it's an encrypted transmission of an
    unencrypted email. And it's not something that's "sent" (ie pushed) you
    have to "pull" it.
     
    Roland Perry, Oct 24, 2015
    #12
  13. David

    David Hume Guest

    Listen, if you have any other problems with my perfectly innocent
    suggestion in this brain storming session, could you write a letter to
    me? Thanks.
     
    David Hume, Oct 24, 2015
    #13
  14. David

    Roland Perry Guest

    That's the problem, actually. The so-called "innocent suggestion" was
    feeding the already considerable amount of misinformation circulating.
     
    Roland Perry, Oct 24, 2015
    #14
  15. David

    Scott Guest

    Or an encrypted email :)
     
    Scott, Oct 24, 2015
    #15
  16. David

    Chronos Guest

    Ubj rapelcgrq jbhyq lbh yvxr vg? :p
     
    Chronos, Oct 24, 2015
    #16
  17. David

    Ant Guest

    I have always paid my BT bill every quarter by cheque and have ignored
    invitations to pay by direct debit or online.
     
    Ant, Oct 24, 2015
    #17
  18. David

    Bob Henson Guest

    Forgetting for a moment possible prying eyes at a handful of Royal Mail
    sorting offices en route, where is the advantage in giving any Tom, Dick
    or Harriet in the post room and everywhere else at BT your bank details
    (printed on the cheque) every time you write one instead of giving them
    a direct debit online where only a limited number of (presumably
    financially trained) employees will see the data. If it is a question of
    computerised storage that bothers you, do you not think they when they
    cash your cheque that every detail is not recorded on line in their
    banking and financial records, along with your date of birth, home
    address and your credit history?
     
    Bob Henson, Oct 24, 2015
    #18
  19. David

    Bill Borland Guest

    That is precisely what TalkTalk does. So you consider their security
    satisfactory in that respect, at least?
     
    Bill Borland, Oct 24, 2015
    #19
  20. David

    Brian Mc Guest

    : Those of use not with TalkTalk, I'm with Plusnet, what should we all be
    : doing if we can to stop the same happening to our personal data as TT from

    I personally don't particularly care! I have a Direct Debit with
    Plusnet and the terms of the DD Guarantee explicitly guarantee that
    I cannot lose money this way.

    I don't think I believe the reports (today) of TalkTalk customers "who
    MAY have lost £1000s"....I rather expect most will be proved to be
    trying it on!
     
    Brian Mc, Oct 24, 2015
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.