markopoleo
join:2003-04-02
Bonne Terre, MO
 ·Charter Pipeline
| reply to vasftw
Re: This is a good example why Charter tech support is useless.
said by vasftw  :Well you can thank the FCC for the changes, not Charter. The PIN # or security code automatically is assigned to the account and is only available in person or via snail mail. Or according to Charter when you can't access account call them or online chat..what is not true. lol So it is Charter problem partially to. Which is no surprise. |
|
coldbeer
@charter.com
| It is a federal regulation, charter reps need to verify your security code before they can give you access to your account, once you verify the code you can set up your own PIN. The reason they say call them is because you wouldn't know the policy with making contact. FYI if any company provides access to something like this without the code, it is a 100 thousand dollar fine. |
|
markopoleo
join:2003-04-02
Bonne Terre, MO
·Charter Pipeline
| said by coldbeer :
It is a federal regulation, charter reps need to verify your security code before they can give you access to your account, once you verify the code you can set up your own PIN. The reason they say call them is because you wouldn't know the policy with making contact. FYI if any company provides access to something like this without the code, it is a 100 thousand dollar fine.
Charter then needs fined, because they don't always ask for the security code. In fact thats how I finally got access to my account was doing online chat on a weekend and she just needed last 4 digits of SS #.
It must not be a strict requirement. Charter is the only place i know of that asks for it. |
|
Sikmaz
join:2002-04-13
Greenville, SC
·Charter Pipeline
 ·ViaTalk
| reply to coldbeer
said by coldbeer :
It is a federal regulation, charter reps need to verify your security code before they can give you access to your account, once you verify the code you can set up your own PIN. The reason they say call them is because you wouldn't know the policy with making contact. FYI if any company provides access to something like this without the code, it is a 100 thousand dollar fine.
There is no such federal regulation requiring companies to provide a PIN. I am not even away of any Federal laws regarding Identity theft that would require such a thing. I am not saying it is bad that Charter requires a PIN, I am glad to see that they are protecting my account but I don't think they are doing it as a result of some federal regulation. |
|
fromzero
join:2008-06-03
Saint Louis, MO
edit:
June 4th, @05:15PM
| said by Sikmaz :said by coldbeer :
It is a federal regulation, charter reps need to verify your security code before they can give you access to your account, once you verify the code you can set up your own PIN. The reason they say call them is because you wouldn't know the policy with making contact. FYI if any company provides access to something like this without the code, it is a 100 thousand dollar fine.
There is no such federal regulation requiring companies to provide a PIN. I am not even away of any Federal laws regarding Identity theft that would require such a thing. I am not saying it is bad that Charter requires a PIN, I am glad to see that they are protecting my account but I don't think they are doing it as a result of some federal regulation. actually it is required by the FCC's CPNI (Customer Proprietary Network Information) guidelines. It must be verified before disclosing any information considered to be proprietary including billing information and phone records among other things... You can find information on just about any phone carriers website or the FCC's website itself. |
|
BinaryXtreme
join:2004-04-20
Sparks, NV
edit:
June 5th, @03:13PM
| I have searched all over and cannot find this federal regulation. I'd like to see a link to the FCC regulation you're speaking of. So would at »www.fcc.gov/ |
|
fromzero
join:2008-06-03
Saint Louis, MO
| Well you might be able to find it on the FCC's CPNI web page: »www.fcc.gov/eb/CPNI/ there are also example cases with settlements towards TelCo's that have violated the regulations and are being charged $100k per violation. Each company is required to submit CPNI Compliance Certifications which include the processes that have to be followed to ensure they are in spec with the CPNI Guidelines which include verification of customers identity. A security code is provided or security questions must be asked and a PIN code created.
Here's examples of multiple companies (including Charter's) policies concerning CPNI. I can assure you a simple google search will net you plenty more where that came from.
»www.charter.com/customers/suppor···eID=1955
Charter is committed to protecting Customer Proprietary Network Information (“CPNI”) in accordance with regulatory and statutory requirements, as well as in its customers’ best interests.
What is a Security Code
The Security Code is a randomly generated number provided by Charter to all customers as a way to authenticate each customer when you create or change a “PIN”. This code will remain the same as long as you remain at the same service address.
Note: In order to protect your information, Charter Customer Care will not provide your Security Code over the phone or via chat or email, or by facsimile. You may request Your Security Code to be mailed to your billing address by chatting now or contact us at 1-888-438-2427.
»www.qwest.com/cpni/index.html
Qwest is providing new customers with security codes they can use to establish online accounts. Additionally, Qwest is validating the MyAccount profiles of existing customers. For many customers with existing MyAccount profiles, this will require that they request a new security code from Qwest and use it as explained on the MyAccount site.
»www.comcast.com/customers/faq/Fa···?Id=4425
I received a letter saying that I have a new Security PIN number. What is this about?
Your Security PIN is used to protect your call detail record or CPNI, which includes information on how much you use your phone and the numbers you dialed. In order for this information to be released to you either over the phone or in a chat session, you must provide your Security PIN. You may change this number at any time by logging in to your account on Comcast.net, the Digital Voice Center (DVC) or Comcast.com.
»www.mokandial.com/CPNI%20Passwor···ines.pdf
Password replacement procedures:
The Company will permit replacement of the original password (and a back-up customer authentication method if the customer loses or forgets his or her password) for existing customers desiring another password pursuant to the following procedure:
(i) if they come in person to the Company’s business office, produce a driver’s license, passport or other government-issued identification verifying their identity, and correctly answer certain questions regarding their service and address; or (ii) if they call a specified Company telephone number from their “telephone number of record” and then wait at that number until a Company employee calls them back and obtains correct answers to certain questions regarding their service and address; or (iii) if they ask the Company to send a randomly-generated Personal Identification Number (“PIN”) to their “telephone number of record” by either voice or voicemail or mail it to their “address of record”, and then call the Company back and provide the correct PIN.
»www.vonage.com/help.php?article=···=sign_up
At Vonage, we value your privacy and security. To further protect your personal data, effective December 8, 2007, you will need to provide a unique Personal Identification Number (PIN) any time you contact us by phone or email.
Please take a moment today and log in to your Online Account to set up your PIN. Your PIN is a four-digit number that's unique to you and should be easy for you to remember. Providing your PIN is a quick and easy way for us to validate you as the account holder any time you contact us. This will help us serve you more efficiently!
When you choose your PIN, you will also be asked to set up an account security question. In the event you forget your PIN, the correct answer to this question will help us validate that |
|
MacLeech
The one and only
Premium,MVM
join:2001-07-14
SoCal
| reply to BinaryXtreme
said by BinaryXtreme :I have searched all over and cannot find this federal regulation. I'd like to see a link to the FCC regulation you're speaking of. So would at » www.fcc.gov/ This one?
»hraunfoss.fcc.gov/edocs_public/a···22A1.pdf |
|
BinaryXtreme
join:2004-04-20
Sparks, NV
·Charter Pipeline
edit:
June 6th, @12:55PM
| Yeah, 101 pages? I want to see the specific regulation. I don't doubt you if you say it. It sounds questionable at best yet I see no proof.
Found it, not a PIN, a pass word by the FCC regulations as quoted.
The new safeguards include:
· Carrier Authentication Requirements. Carriers are prohibited from releasing a
customer’s phone call records when a customer calls the carrier except when the customer
provides a password. If a customer does not provide a password, carriers may not release
the customer’s phone call records except by sending it to an address of record or by the
carrier calling the customer at the telephone of record. Carriers are required to provide
mandatory password protection for online account access. Carriers are permitted to
provide all CPNI, including customer phone call records, to customers based on in-store
contact with a valid photo ID.
· Notice to Customer of Account Changes. Carriers are required to notify the customer
immediately when the following are created or changed: (1) a password; (2) a back-up for
forgotten passwords; (3) an online account; or (4) the address of record.
· Notice of Unauthorized Disclosure of CPNI. A notification process is established for
both law enforcement and customers in the event of a CPNI breach.
· Joint Venture and Independent Contractor Use of CPNI. Consent rules are modified
to require carriers to obtain explicit consent from a customer before disclosing a
customer’s CPNI to a carrier’s joint venture partners or independent contractors for the
purposes of marketing communications-related services to that customer.
· Annual CPNI Certification. Certification rules are amended to require carriers to file
with the Commission an annual certification, including an explanation of any actions taken
against data brokers and a summary of all consumer complaints received in the previous
year regarding the unauthorized release of CPNI. |
|
MacLeech
The one and only
Premium,MVM
join:2001-07-14
SoCal
| Footnote 57 of that document:
A carrier could also use a Personal Identification Number (PIN) method to authenticate the customer. A PIN
authentication method could entail a carrier supplying the customer with a randomly-generated PIN, not based on
readily available biographical information, or account information, which the customer would then provide to the
carrier prior to establishing a password. Carriers could supply the PIN to the customer by a carrier-originated
voicemail or text message to the telephone number of record, or by sending it to an address of record so as to
reasonably ensure that it is delivered to the intended party. See, e.g., Letter from William F. Maher, Jr., Counsel for T-Mobile USA, Inc., Morrison & Foerster, to Marlene H. Dortch, Secretary, FCC, CC Docket No. 96-115 at 2 (filed
Nov. 20, 2006) (providing customers with a temporary password by sending it to the customer’s mobile phone
number). A carrier cannot authenticate a customer by sending the customer a PIN (or any other type of carrier
chosen method of authentication) to new contact information that the customer provides at the time of the
customer’s PIN (or other authentication) request. Carriers could also authenticate the customer by requesting that
the customer present a valid photo ID at a carrier’s retail location. A “valid photo ID” is a government-issued
personal identification with a photograph such as a current driver’s license, passport, or comparable ID. |
|
BinaryXtreme
join:2004-04-20
Sparks, NV | Thanks mac.I did see that too, but I still yet to see a law by the FCC for pins. A lot of coulds in there. |
|
MacLeech
The one and only
Premium,MVM
join:2001-07-14
SoCal
| said by BinaryXtreme :Thanks mac.I did see that too, but I still yet to see a law by the FCC for pins. A lot of coulds in there. Do you really think that all of these telcom companies would go through this trouble and expense without some regulation by the FCC.
This is all part of or extentions of the 1996 Telcom Act. |
|
BinaryXtreme
join:2004-04-20
Sparks, NV
·Charter Pipeline
| I'm not saying they wouldn't but, a problem we have with free media is that we can post anything at anytime and want people to believe it so I say, show me. Show me a specific 1996 Telcom Act that states this or it's a moot subject.
BTW: I'll make it easier »en.wikipedia.org/wiki/Telecommun···_of_1996 |
|
MacLeech
The one and only
Premium,MVM
join:2001-07-14
SoCal
edit:
June 7th, @11:52AM
| said by BinaryXtreme :I'm not saying they wouldn't but, a problem we have with free media is that we can post anything at anytime and want people to believe it so I say, show me. Show me a specific 1996 Telcom Act that states this or it's a moot subject. BTW: I'll make it easier » en.wikipedia.org/wiki/Telecommun···_of_1996 I'll make it even easier:
»ftp.fcc.gov/cgb/consumerfacts/ph···you.html
quote:
FCC
Consumer Facts
Information that Your Telephone Company Collects
Your local, long distance, and wireless telephone companies, as well as your Voice over Internet Provider (VoIP), collect information such as the numbers you call and when you call them, as well as the particular services you use, such as call forwarding or voice mail. These companies collect this customer information, also called Customer Proprietary Network Information (CPNI), so they can provide the services you have requested and send you bills for them.
Protecting Your Customer Information
Both Congress and the Federal Communications Commission (FCC) impose requirements on telephone companies and VoIP providers about how they can use this personal information and what they must do to protect it from disclosure. Both Congress and the FCC have strengthened their rules to combat a practice known as “pretexting,” or posing as the actual customer or a law enforcement official to obtain telephone calling records. In some cases, data brokers offer calling records for sale on the Internet. Congress has passed a law making it a crime punishable by fine or imprisonment of up to 10 years to obtain calling records from a telephone company or VoIP provider by: making false or fraudulent statements, providing fraudulent documents, or accessing customer records without prior authorization through the Internet or fraudulent computer-related activities. The law also prohibits the unauthorized sale or transfer of confidential phone records or the purchase or receipt of such information with knowledge that it was obtained fraudulently or without authorization.
Both a law passed by Congress and FCC rules impose a general duty on telephone companies and VoIP providers to protect the confidentiality of your customer information. Telephone companies and VoIP providers may use, disclose, or permit access to your customer information in these circumstances: (1) as required by law; (2) with your approval; and (3) in providing the service from which the customer information is derived.
Disclosing Your Customer Information At Your Request
The FCC prohibits your telephone company or VoIP provider from releasing your customer information to you when you call the company except when you provide a password. If you do not provide a password, your telephone company or VoIP provider may not release your customer information to you except by sending it to your address of record or calling you at your telephone number of record. Your telephone or VoIP company must provide password protection for your on-line account. If you come in person with valid identification to a company store or office, your company can provide you all your customer information. Your company must notify you immediately when it creates or changes a password, a back-up for a forgotten password, an on-line account, or an address of record. Finally, your company must disclose your customer information to any person you designate if you make your request in writing.
»a257.g.akamaitech.net/7/257/2422···0732.htm
quote:
SUMMARY: The Commission adopted rules to implement section 222 of the
Communications Act of 1934, as amended, which governs carriers' use and
disclosure of customer proprietary network information. In this
document, the Commission responds to the practice of ``pretexting'' by
strengthening its rules to protect the privacy of customer proprietary
network information (CPNI) that is collected and held by providers of
communications services.
»www.fcc.gov/eb/CPNI/
quote:
Pursuant to section 64.2011 of the Commission's rules (47 C.F.R. § 64.2011), a telecommunications carrier or interconnected VOIP provider that determines that a person, without authorization or exceeding authorization, has intentionally gained access to, used, or disclosed CPNI is required to electronically notify the United States Secret Service and the Federal Bureau of Investigation through a central reporting facility. That facility is available at »https://www.cpnireporting.gov
»www.cybertelecom.org/CI/cpni.htm
»epic.org/privacy/cpni/#overview
Actually it looks like the the 96 telcom act part was overturned... so it reverted to the 34 telcom act with some extra provisions added recently. I'm not quite sure though as there are so many different parts it reads like tax code... and I'm not a lawyer. |
|
BinaryXtreme
join:2004-04-20
Sparks, NV | Yeah, thanks for the post. You'd have to be one to understand half of that garble. I think most attorneys would be confused reading the FCC document. |
|
