Recently I’ve spoken to a mobile phone company about trying to cancel my contract, requesting the cancellation using their online form. Firstly, they said the email address I’d given didn’t match the one on the account, so they couldn’t do anything. I responded that they could have responded to the email address on the account for confirmation – verifying my identity is one thing, using it as an excuse for not trying to resolve the issue and take the requested action is another. However, I resent using the account address (it forwards to my current one, but in 10 years my primary email address has changed… once). In response to this, they asked for my postcode, which I duly responded. This time I got a response saying that it didn’t match what they had on record, so they couldn’t do anything.
Given that I’ve had the same address for 12 years, there shouldn’t have been any other address on record, but in case it was something like my parent’s address (again, I’m going back 10 years here, so I’m no longer 100% sure on what details I used, it’s been a while), I asked if they could confirm the first part of the postcode and (assuming it was a valid one) I could then confirm the second half. No. They couldn’t provide any information because of ‘data protection’. So I’m left with no idea what address they think I have, but I’m pretty sure it’s wrong.
However, given that I had received bills for previous contracts to my current address from this provider, I also know that they have had my current address on the system, so there should be some potential for working out that the postcode I gave them is a known address for me. However, the fallback again was that they couldn’t take any action. I even asked them to contact the email address they had for me to get confirmation (as I know if they send a message to that I’ll receive it), but no, because I couldn’t confirm some unknown but definitely incorrect address they wouldn’t do anything.
To this I cancelled my direct debit and emailed them to confirm this had been done, saying that this should be proof that I am who I say I am and that they should cancel the contract because they have no further authorisation to take payments anyway. Only then did they agree to cancel the contract.
To me this has got far beyond the point of being a reasonable process, but where I reached a point of disbelief was on the phone calls.
Having asked for a formal complaint to be be made as well as the contract cancelled, because they had been overly obstructive to cancelling the account, they phoned me. I got a call from an unlisted number, from someone claiming to be from Three wanting to speak about a recent contact. They wouldn’t provide any further details unless I provided them with my full postcode and date of birth. Now at this point I wasn’t handing over these details. I have nothing whatsoever to validate their identity, but they want me to hand over my security details. I really don’t think that a company should be demanding that their customers be willing to hand over full security details to a totally unverified caller from an unlisted number – that’s just encouraging their customers to leave themselves open to identity fraud.
I said as much. I offered to confirm part of the postcode and part of the date of birth, to which they said no, although I’m not sure the postcode bit would have helped given I was already dealing with a question about whether they had the correct address for me. I asked if they could do anything to confirm their identity to me, some piece of information that they would know, but they refused on the spurious basis of ‘data protection’. How, exactly, is it protecting my data to encourage me to hand over my security detail to a totally unknown caller?
In response to this I made a further complaint, that they were compromising customer’s data security by encouraging the risky practice of divulging security information to unknown callers. I said that since they have called the registered number, partial security information should be sufficient and would mitigate the risk, that they could provide something like an account number of the like to provide some validation of identity, and if someone is not happy to confirm details to an unlisted number, they should have a process in place to give a reference code and get the customer to look up and call a number from the company website, so that they can be confident that they are then speaking to the company and can be happy divulging that information. Additionally, I suggested that it would be simple to allow a customer to register a security word or phrase which can be used by the company to identify themselves if calling, and similarly the contact forms could prompt for a security word or phrase to use in relation to calling about that specific contact.
It’s not rocket science. There are many things which a company can do to sufficiently confirm the identity of who they are speaking to without encouraging excessively risky practices, and there are fairly straightforward practices such as those outlined above (or even just emailing a generated reference number in response to any contact form which can be quoted in any call) which can provide more than enough validation of the caller’s identity before demanding the customer confirms their identity.
Basically, a company can royally mess up data protection and customer identity security in multiple ways. They can fail to confirm who they’re speaking to, and accidentally divulge personal information that way, which obviously has to be avoided. However, they can also encourage the customer to adopt bad practices and fail to support the customer protecting their own identity security by demanding the customer compromises their own identity security for themselves. The latter is no better than the former, just probably a bit less likely to see the company in question getting fined. However, banks have realised this problem, and have adopted processes similar to the above to address this, so there’s no reason why other companies should not adopt similarly sensible practices to allow customers to protect the security of their identity. After all, in the former case, unless they’re completely reckless, then they’re unlikely to divulge sufficient information to allow the customer to be impersonated with another company, but encouraging freely divulging security information on the phone does risk exactly that. A company therefore risks causing a far more significant cost and difficulty to their customers if their ‘data protection’ processes are not sufficiently considered. Hiding behind legislation doesn’t adequately justify this – banks can manage to fulfil their identity verification requirements without creating the same risk (and will almost invariably have a process to point a customer to look up a number on the site and call back as a standard fallback), so mobile phone companies certainly can.
The ‘icing’ on the whole scenario was this: Having made a complaint about encouraging the risky practice of divulging full security information to an unlisted number caller, I received a call from the company about my complaint. Before they’d discuss the detail of my ‘contact’ with them, they ‘needed’ to verify they were speaking to the right person, and demanded I give them my full postcode and date of birth. The EXACT thing I was complaining about them doing they were doing again in ‘trying’ to address the complaint. Needless to say, I was gobsmacked by this, and told them that I was astonished that they would do that.
Needless to say I’ve no intention of giving them any further custom, despite having previously been a customer continuously for 10 years… they’ve managed to entirely reverse my opinion of them.
Unfortunately, this means that the book is trying to cover a large number of topics – client-side interactivity, libraries (like JQuery), MVC frameworks, server-side development, security issues, persistence, HTML5, browser storage, differences between browsers, as well as CoffeeScript itself. It doesn’t have space to compare different options and sings the praises of the chosen solution without really justifying it properly. I’m sure on the whole the choices are worthwhile (JQuery, for example, is very widely adopted), but in addition to this the coverage is mainly confined to implementing a particular example solution, rather than giving detailed, comprehensive coverage of even a single solution in any of these.
Anyone who knows me knows that most of my interests involve computers and the internet… as a result a good, reliable broadband service is very important to me.
Now, supposedly the fastest provider in my area is Virgin Media. The Fibre Broadband offerings only offer around 26Mb downstream compared to 60+ on Virgin. So the decision should be easy, right?
Unfortunately, I don’t really have that much indication that the Virgin Media connection is that great… when it’s working (generally after I’ve just rebooted the modem), then I might get the full 60Mb – over WiFi, too, if I’m using an external router (the SuperHub is so misnamed…). However, after a short period then the reliability tanks. Downloads fail, streaming fails, and speed tests fail. The connection seems to go racing off at a decent enough pace initially, but then at some point it’s just lost… stuff like BitTorrent or similar services which are really designed to use connections when available and retry and connect elsewhere as necessary therefore work much better than conventional donwloads, but that doesn’t really help for watching YouTube or Sky HD or the like over the connection.
Combine that with the phone line not having a dial tone for the last few weeks, and noting that this is far from the first time I’ve had problems with the broadband or the phone line or both (the phone went for a few weeks or so over xmas, and just started working again eventually), and that VM claim there are no service issues in my area, and I’m less than happy.
It comes down to an awkward decision – whether to switch to a nominally slower connection in the hope it’s more reliable, or stick with VM and hope they can resolve their problems? if there was an option that cost noticeably more but offered good speed and reliability, then I’d go for it – I’m really not that sensitive to the cost in the range that home broadband runs to, so I’m happy to pay a bit more for a good service. Unfortunately I’m not sure there are any options available. Anyone who knows otherwise let me know, because the issues with Virgin Media are really annoying me…
Well, the Barclays contract came to an end… a number of contractors gone, and some permanent staff, too. Queue the usual period scurrying around seeing what’s around, and then waiting for those efforts to result in something worthwhile. I’m pretty happy so far with the result, though.
Although it was a bit more of a break than planned (6 weeks), and the new location isn’t ideal (Welwyn Garden City), the team and project are much more interesting. I’m working on a project that’s importing a genuinely large amount of transaction data (expected to be in the hundreds of TB of storage space required in the end), and getting further experience with MongoDB – a NoSQL technology that has generally seemed like a good option for flexibility on schema, levels of adoption, and scalability. Hopefully by the end of the project I’ll have a degree of confidence in its scalability from personal experience, as well as some additional experience with resolving those issues that arise particularly at larger scales (when schema migrations may not be so readily performed in a single hit, and when backups take long enough that they have to be able to be run while new data is being loaded and queried). It should be an interesting project, and the kind of work that I’ve been looking to get.
Now, if it veers off into classification and statistical analysis to make use of the Machine Learning and Data Analysis knowledge I’ve been acquiring of late, then it will be even better still, but we’ll have to wait and see…
Since Donna’s on a diet, she had some low-calorie Jelly pots in the fridge by way of dessert. Since she’s vegetarian this rules out most of the Jelly pots like Rowntree’s, so she has Hartleys instead.
Having found another in the series impenetrable, I wasn’t sure what to expect of this book. What I found was a book that covers a number of topics on risk modelling in turn, going through in about as easy to approach a manner as the topic is likely to receive.
Each chapter first outlines the subject, discussing the previous mainstream theory, its failings, and the latest methods to address those shortcomings. It describes these before providing equations to outline the necessary maths. It doesn’t aim to offer full proofs (instead referring to other texts for those if desired), but rather aims to provide the key equations having outlined their purpose. Having done this it then outlines the relevant packages available in R, highlighting key functions and particular limitations or areas where they each excel. In many cases multiple libraries are identified which offer similar functions, and their support for standard R statistics functions and what class model was used to implement them is noted. Finally, it provides a sample script to do some example processing using those libraries, giving an example of the main calculations required for the theories detailed earlier in the chapter, then providing a detailed explanation of how the script works and the output it creates.
The presentation is excellent. Even where the maths proves formidable the text could be used to identify the necessary derived functions and how to use them, so this could be used to implement the necessary calculations without a full understanding. Meanwhile, it provides a lucid explanation for why they are used, and reasonable detail to seek to understand both the theory and the maths behind the functions to gain a full understanding. As such, it provides an excellent insight into the techniques which will be relevant to those seeking to move beyond he basic financial models outlined in introductory finance classes, and those wishing to develop more sophisticated models suitable for use in real-world investment situations.
From the peaceful, warm start, through the complex perspectives of the members of the family later, the story is a harrowing exploration of the emotional challenges of bereavement. The stories start out separate, with each suffering from their own pains, and gradually the events of the past become clear. The story unfolds in a manner that draws you into their emotions. Emotionally sophisticated, well written and engaging, it is one of the most emotive and painfully beautiful pieces of writing I’ve had the privilege of reading in a very long time. Simply breathtaking.
Recently I’ve been playing around with Microcontrollers. I’ve got a Freescale board to play with at some point, but mainly I’ve been looking at the Arduino/Atmega and MSP430 boards. While using an Arduino with the various shields available is fairly convenient (and can make hooking up a few micro servos even easier), I’ve mainly been wanting to set things up so that simple circuits can be set up which I don’t have to pull apart for my next project without buying lots of expensive components.
There’s usually not that much to say about a case. The weight is reasonable, it feels like it should protect the screen very well with a sturdy front cover, and it’s not too bulky. Additionally the Paperwhite feels like it’s very secure in the case while not sticking up from it thanks to the choice of materials as well as shape. Finally, there’s a magnet to hold the cover closed and, like a Blackberry, it also controls the power – close the case and the Paperwhite goes off, open it and it automatically turns on. It’s that kind of little bit of smart thinking to save time and battery that makes this case worth 5 stars. I doubt a better case will be released for the device.