Stop asking me for a PIN when I contact support via Chat.

I am logged into the website and open support chat. Chat knows who I am as it displays my name at the bottom of the window. I should not have to authenticate yet again.

Its a pain to get the PIN number from email because you send both billing and support communications from the same address and I have email rules already setup that file the invoices into a separate folder in my mail, and I have to go dig out PIN numbers from that. 

0

Comments

3 comments
  • Hey Andrew, 

    We take privacy and security concerns very seriously at Ting, and will not make any changes to an account, or discuss anything on an account without verifying our customers first. 

    If you would prefer not to receive a new temporary PIN every time you reach out, you are able to ask support to set up a permanent PIN number on your account instead. 

    0
    Comment actions Permalink
  • Whoever you are (I'm sure you do have a name, but its not displayed anywhere), you say "we", but I dont know if you even work at Ting. I can put the little green thing on my avatar too...

    ... and look just like you. 

    If Ting took security concerns very seriously, then the indicator for an employee would not be somewhere that I could just include it on my gravatar and be able to impersonate an employee.

    If Ting took privacy concerns seriously, it would do more than just overprotect its (assumed) representatives, it would extend the same to any user of this forum software. 

    If Ting took security concerns seriously, then the MFA that Ting keeps trying to push on me (that I dont want or need) after logging in to my account would actually work. But it doesn't. Since I dont want it I can just remove the html from the page when I login to view my account and not be bothered to ever enter any of the MFA information that Ting nags me about. 

    > and will not make any changes to an account, or discuss anything on an account without verifying our customers first

    And thats fine except that its not really a mechanism for authentication, and its needless. Its needless because I have already authenticated and logged into my account prior to launching the chat session. The chat session knows who I am, it says it down at the bottom of the window. I'm trying to get help with something that I am paying Ting for and not getting, and my first contact requires a needless email hunting expedition. Wasting more of my time is not really appreciated.

    The pin is actually not an authentication (proof of identity) of a customer. Its primary purpose is to be an authorization that a customer gives to grant the Ting support person to access to an account. Its not that Ting support will only discuss details with an authenticated user, its that they literally cannot open the account to even make notes on it unless I grant them permission to do so by way of giving the pin.  If Ting took security concerns very seriously, whomever came up with this PIN system would know this and would have educated staff about it. But I've seen before at many companies where people aren't sure what to do about security and they end up borrowing or attempt to replicate activities they see or have used in the past, and what ends up happening is that they miss the entire picture and the reasoning for those activities and just end up playing the role of a cargo cult. The half-assed nature of the two security policies Ting has in place makes me worried that there are others that are just as half-assed

    What I want...
    - is for Ting billing info to be sent from a different email account than the support notifications. "help@Ting.com" should be for help, not billing. That would resolve part of this. 
    - is for Ting to stop nagging me for things it doesn't really need.  This would resolve the other part of this issue. 
    - is for Ting to assure me that account passwords are salted and hashed - one way encrypted, undecryptable by anyone except 5 or more years in the future or by quantum computer. This would tell me that Ting are doing at least the minimum thing correctly for their customer's accounts. 

    0
    Comment actions Permalink
  • I would not be eviscerating Ting's operational decision making and pointing out some of the things that you are parroting that are BS if you guys would stop f**king around and attempt to fix the problem that myself and others have reported several months ago. 

    How many times do I have to call or chat before you will actually do something about it?  Its been at least 12 contacts. Every one of them wastes my time with the same dumb things to try before it can be escalated to a supervisor that will also be clueless and who is unable to escalate to someone else or even simply contact an engineer.

    If you arent going to respond, I hope you at least have enough sense to use this to fix the problems you have with false security and training.

    0
    Comment actions Permalink

Please sign in to leave a comment.