undefined | Better HN

0 pointshavan_agrawal2y ago0 comments

Your comment takes an (unfair IMO) position that it somehow matters what country the OP was in. It's not like the auth systems are designed for higher scrutiny in specific countries. There is more than one way to confirm identity, but somehow BigTech and Co keep assuming a happy path environment for you.

Case in point: my US bank insists on sending an OTP to my US number (and US number alone) for any transaction, making it impossible for me to move money when abroad. The problem exists in the other direction too, my foreign account only allows verification thru one mechanism. It's really frustrating.

0 comments

MR4D2y ago

I worked in the payment card industry for awhile a few years back. There are entire countries that are blocked by card providers due to fraud.

Unfair or not, it actually makes a difference. I was in a neat position to see some of the attempts in real time. It blew me away how much attempted fraud there is. Think of it like spam email - it's that bad.

LeifCarrotson2y ago

I was the operator of a webserver for a small B2B shop for a number of years. We only had a couple dozen local customers, we hand-delivered custom orders with a dedicated truck. If you weren't local, there was nothing on that website that would have mattered to you.

But there were on the order of 50x more attempts from bots trying to log into our Wordpress instance from India (all illegitimate) than from actual customers. It was ridiculous.

aendruk2y ago

Similar situation for a local small business I’ve worked for. Typically I’d respond to contact form spam with a notice to the source network. US-registered networks tended to reliably address the problem while IN- just ignored me, if their contact information worked at all.

PKop2y ago

>It's not like the auth systems are designed for higher scrutiny in specific countries

Of course it matters and of course they are.

Everything you describe and OP describes are frictions that apply by virtue of you not being in the US, on purpose.

woobar2y ago

> sending an OTP to my US number (and US number alone) for any transaction, making it impossible for me to move money when abroad

Strictly speaking it doesn't make it impossible. You have made a choice not to pay roaming fees while using your USA number while abroad.

codegeek2y ago

SMS on roaming can be a hit or miss. I travel internationally every year and I am always worried that some SMSs wont reach and it happens from time to time. I especially hate those product/services that only do SMS based 2FA.

harshalizee2y ago

Nope. I travel to EU often with roaming on. OTP SMSs for many services don't come through. It's a real pain.

woobar2y ago

Very strange. How about regular SMS? Are they dropped too? I had zero issues with TMo, and I don't even need roaming for this.

1 more reply

bberenberg2y ago

Just FYI (because your OTP hell was my OTP hell until recently) if you fly to another country, disable roaming in the phone, and don’t make outbound calls, your phone will receive these OTP messages for free with most US cell providers.

j / k navigate · click thread line to collapse

0 pointshavan_agrawal2y ago0 comments

0 comments

MR4D2y ago

I worked in the payment card industry for awhile a few years back. There are entire countries that are blocked by card providers due to fraud.

LeifCarrotson2y ago

But there were on the order of 50x more attempts from bots trying to log into our Wordpress instance from India (all illegitimate) than from actual customers. It was ridiculous.

aendruk2y ago

PKop2y ago

>It's not like the auth systems are designed for higher scrutiny in specific countries

Of course it matters and of course they are.

Everything you describe and OP describes are frictions that apply by virtue of you not being in the US, on purpose.

woobar2y ago

> sending an OTP to my US number (and US number alone) for any transaction, making it impossible for me to move money when abroad

Strictly speaking it doesn't make it impossible. You have made a choice not to pay roaming fees while using your USA number while abroad.

codegeek2y ago

harshalizee2y ago

Nope. I travel to EU often with roaming on. OTP SMSs for many services don't come through. It's a real pain.

woobar2y ago

Very strange. How about regular SMS? Are they dropped too? I had zero issues with TMo, and I don't even need roaming for this.

1 more reply

bberenberg2y ago

j / k navigate · click thread line to collapse