
Bank's antifraud tactics stun security expert: How much do they know? - iamelgringo
http://www.networkworld.com/news/2009/121409-bank-antifraud-measures.html?t51hb&hpg1=mp
======
joezydeco
He's confused about how a credit bureau might know about his daughter in law?

Perhaps he co-signed on a card with his son. Now his SSN is linked to his
son's. Maybe the son filed a change of address card when he moved out. Now the
son gets married. Now his daughter-in-law is linked to him.

All of the major credit bureaus in the US have some kind of identity-
verification spinoff that mines all the
credit/mortgage/marriage/divorce/postal-address-change data out there, makes
connections, and uses it for these kinds of questions. This is how you get
those "Which one of these streets did you live on?" questions when resetting
your password with a bank. I doubt they're mining Facebook for this kind of
info.

I've found that the US Postal Service "Change of Address" card is the source
of more privacy problems than any other source. They'll pimp that data out to
anyone and everyone.

