Hacker News new | comments | show | ask | jobs | submit login

The problem is that authenticating the customer is harder than authenticating the bank. If I call my bank, I can pretty well trust (within reason) that I've reached my bank. Once that happens they can authenticate me by asking for my private information, which I am not comfortable with unless I authenticate them first. Calling back with a ticket number doesn't solve both auths, but it does order them in a secure way.

You edited before I submitted :)

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact