It’s been quite a long time since I wrote about something here – and as usually, I am going to whine about something this time.
Time came for us to renew the car insurance. Related papers were sent by the company through email, suggesting the payment through bank transfer. However, I wanted to use my credit card isntead, as I get some small % as a refund from some payments.
I called the insurance company to ask if this would be possible and they confirmed that it would and that they would send me the details. I was expecting something like a page with an e-POS where I would securely add my card details and my payment would be processed.
Alas, what I was asked to do was to provide a scanned copy of my ID and [drum roll] a copy of BOTH sides of my credit card! Simply put, I would provide a total (or many) stranger with my official identification details AND the details of my credit card (INCLUDING the CCV!!), through an insecurely sent email, without knowing who would have access to them and for how much time – let alone the possibility of an email breach or the unauthorized use of my card by anyone having access to these documents.
To make things even worse, I was asked to sign a form, in a simple, unbranded Word file, stating that I consent to have my card used by the company for paying my insurance. A simple word form that could be easily changed afterwards… and as a bonus I would get the option of paying the sum in two installments 🙂
This was one of the most outrageous and irrational things that I have seen lately; and then we are wondering why people still consider the use of credit cards insecure (yes, in Greece there are still plenty of them).
The suggestion of sharing such data in this insecure way should simply be banned. Period.