iPhone 5 Launch Day: An Identity Thief’s Dream
16 times (not nine). 16 TIMES! That’s how many times I needed to provide my Social Security number (SSN) to activate my new iPhone 5 today. With the congestion and havoc of iPhone launch day, the systems at the retailer where I picked up my phone were crashing continuously. Each attempt to activate my new phone required two entries of my Social Security number.
The retailer had a PIN/signature/SSN entry device that I trusted enough to have used it that frequently. At least that’s better than speaking it out loud. However, with six crashes and two failed entries (yes, I was counting) at five different point of sale (POS) terminals, I provided any immoral employee or observant criminal bystander with plenty of fodder to steal my identity.
To complete the full kit that a thief would need, I also dutifully handed over my driver’s license and credit card. Both of these found their way into the hands of multiple employees and were left out for extended periods in open view. Expectedly, the place was a zoo, and anyone could have caught a peek at them. What’s more, since my activation failed so many times (they eventually figured out why on lucky number seven), I was in the store for over 90 minutes.
Between the SSN entries and the handling of my license and credit card, there was certainly ample opportunity for an identity thief to take advantage. Of course, working for an information security company made me hyper-aware.
The lesson to take away is vigilance. While a scenario like this may not be ideal, you can still do certain things to protect the security of your information. When I noticed that the salesperson left my driver’s license and credit card sitting in open view, I picked them up. When he needed them, he was welcome to ask for them back. Even though it was entered so many times, each time I entered my SSN, I made sure to cover the pad with my free hand and look for shoulder surfers. In the crowd, that meant orienting my body to provide coverage. You should always be conscious of how and when your information is exposed. If you’re not, it’s possible that someone else may be.
As an aside, the two entries of the SSN on every attempt each served different purposes. One was for my new mobile account. The other was for a credit check. I wonder what seven credit checks in one day will do to my FICO score? Ah, the things we do for new technology!