AT&T – Did I really just have this chat with you?
(I started the chat session asking for an unlock code for my Nokia Lumia 900 so I can use it internationally - the rest of the conversation is self-explanatory)
Thank you for choosing AT&T International Care a representative will be with you shortly. Please note: Protecting your personal information is one of our highest priorities; hence, you will be required to provide account related information to ensure whom we are working with. Data encryption is also enabled to protect your personal information during this chat session. For more information please go to http://www.wireless.att.com/privacy/ or http://www.att.com/privacy/. Please wait for a site operator to respond.
You are now chatting with Ruben Dominguez.
Ruben Dominguez: Hello! My name is Ruben Dominguez and I am an International Care Representative. I’m reading your inquiry and I will be right with you.
Ruben Dominguez: I have the account open now. What is the IMEI number of the nokia device that you wish to unlock?
Dmitry Kagansky: XXXXXXXXXXXXX
Ruben Dominguez: I would be happy to assist you with this request. I will need to ask you to verify some information so I can access the account.
Ruben Dominguez: Can you please verify the first, last name of the account owner and for security purposes, would you provide me with the last four digits of the social security number on the account?
Dmitry Kagansky: Dmitry kagansky YYYY
Ruben Dominguez: Thank you; please allow me a few minutes while I access your account. I will be right back.
Dmitry Kagansky: you still alive?
Ruben Dominguez: Yes, I am still here.
Dmitry Kagansky: just checking
Ruben Dominguez: Thank you for waiting. I'll be with you in just a moment.
Ruben Dominguez: I apologize but unfortunately I show that the IMEI number of the device you have given XXXXXXXXXXXXX is not eligible to be unlocked because the manufacturer has not provided AT&T with the unlock process or necessary codes. We are not aware of when the manufacture will forward this information to AT&T.
Ruben Dominguez: If you have any further questions or issues with this unlock policy you can contact our AT&T Domestic care. You may reach them at 1-866-801-3600.
Ruben Dominguez: I apologize for any inconvenience this may cause you.
Dmitry Kagansky: It's an AT&T phone
Dmitry Kagansky: with AT&T logos
Dmitry Kagansky: and Nokia has already told me to contact you
Dmitry Kagansky: so ... who am I supposed to call? Nokia says you have the codes. You tell me you don't, when your logos are all over it.
Ruben Dominguez: I am sorry for the confusion, but even though the device is AT&T labeled it is made by Nokia and it has always been the manufacturer that defines if and how their devices are unlocked.
Dmitry Kagansky: No, AT&T defines that with their contract with Nokia
Dmitry Kagansky: Nokia locks the phones at the request of the buying carrier
Dmitry Kagansky: Nokia cannot give out the code without permission from the buying carrier
Dmitry Kagansky: they don't know whether the phone is under contract or not
Dmitry Kagansky: you do
Ruben Dominguez: I apologize for the issue, but unfortunately the results are the same we do not have the unlock codes for your device, nor do we have a method other than what Nokia provides to unlock it.
Dmitry Kagansky: so ... Nokia won't give me the code, and told me to contact you
Dmitry Kagansky: I'll try back at another time, when there is someone qualified on staff that can help
Ruben Dominguez: I am trying to help as best as I can.
Ruben Dominguez: I am sorry that we are not able to unlock your device.
Dmitry Kagansky: well, then just think about your statement
Dmitry Kagansky: you tell me i have to contact the manufacturer
Dmitry Kagansky: but the manufacturer sold your company the phone
Dmitry Kagansky: and locked it at your company's request
Ruben Dominguez: I do not recall advising you to contact the manufacturer.
Dmitry Kagansky: ok, so who do you advise I call?
Ruben Dominguez: Simply notifying you of why we were not able to find unlock codes or instructions for your device.
Dmitry Kagansky: if i can't call the manufacturer, and you can't help, who should i call?
Ruben Dominguez: I do not have another reference for you to call..
Dmitry Kagansky: if you misplaced the codes, then maybe you should offer to get them from the manufacturer and contact me with it
Dmitry Kagansky: well, that's not very good service - you (your company) locked the phone
Dmitry Kagansky: but now you say, "Oops. My bad." and that's it?
Ruben Dominguez: My only advise would be to check back with us regularly over the next few months.
Ruben Dominguez: No that is not it at all.
Dmitry Kagansky: next few months?
Ruben Dominguez: Yes.
Dmitry Kagansky: you think now, and in the next few months you'll find the codes?
Ruben Dominguez: As I said the unlock information is not available now, but Nokia will eventually update that information to their databases.
Dmitry Kagansky: you realize how silly this conversation is
Dmitry Kagansky: you bought the phones from nokia
Ruben Dominguez: I am very serious,
Dmitry Kagansky: so why not ask them to update the information
Ruben Dominguez: I am not being silly at all.
Dmitry Kagansky: instead of waiting for them to do something
Ruben Dominguez: I am sorry that you are taking this situation so lightly.
Dmitry Kagansky: wait
Dmitry Kagansky: i'm taking it lightly?
Dmitry Kagansky: hardly
Dmitry Kagansky: seems like you are
Ruben Dominguez: Believe me I reviewed all possible options before letting you know that I was not able to unlock your device.
Dmitry Kagansky: "just call back now and then in the next few months"
Ruben Dominguez: That is why it took soo long.
Dmitry Kagansky: If you're really in customer service, you would say "i will ask for your unlock code, and let you know when we will be able to get it"
Ruben Dominguez: I am merely providing with the best advise available for the issue.
Dmitry Kagansky: took so long?
Ruben Dominguez: I know that is not what you wish to hear, but it is the truth.
Dmitry Kagansky: really? that's the best advice?
Dmitry Kagansky: again, try to be a little bit more proactive here
Dmitry Kagansky: not "call back and we'll help when we're good and ready"
Dmitry Kagansky: but "yes, we'll proactively get on this, and then notify you when we get something"
Dmitry Kagansky: what's this "call back in the next few months" junk
Dmitry Kagansky: how about you open a case with nokia, since i can not, and let me know when you'll get the code?
Ruben Dominguez: That is my personal advise.
Dmitry Kagansky: so it's not at&t advice?
Dmitry Kagansky: by the way, the word is advice
Dmitry Kagansky: not advise
Dmitry Kagansky: what is at&t's advice
Ruben Dominguez: Oh thank you for the correction.
Dmitry Kagansky: i don't want your personal advice, i want at&t's advice
Dmitry Kagansky: what is that?
-------------
And then something happened to the chat session. Either Ruben disconnected it, or my connection drop, but it doesn't really matter. He wasn't going to help me tonight. I don't know. I'll give it another try tomorrow with some other CS wonk but I doubt it will amount to much. Oh, AT&T ... I can't wait until our contract ends ...
National Car Rental Mea Culpa?
With no email response, tweet or DM on Twitter, reply to Google Plus, or even a post to this blog, it looks like someone came to their senses. I just got an email confirmation of a single reservation for the entire time block. And logging in online, I confirmed that my 3 other reservations have been wiped out, and a single one put in to replace them.
I'm genuinely surprised, and pleasantly so. This was going to be a convoluted mess, and I was going to deal with it, cursing National the entire way. So now I have to take back most (not all) of what I said. I'm very happy, and pleased with the service, but it's also somewhat sad that I had to do all this to get on someone's radar.
I remember doing consulting work for GTE back in the 90s, and they had some informal, internal motto they always threw around, "GTE - the company easiest to do business with." I didn't come up with the slogan, and still cringe at the awkward grammar, but I think it's an admirable goal. I hope that National is thinking along the same lines for the long term.
National Car Rental finally came through, and did the right thing by their customer, but it certainly wasn't easy on my end to get them to do it. So, I'll fess up to my change of heart, but it would be nice for someone on the National side to also say that there was a problem, and that it should get fixed. We'll see if that happens, or if they just exit from this discussion quietly.
National Car Rental replies – but rather poorly
If you read the last post, you know I posed a question to them, and apparently, the answer is, "Yes, we do treat our premium, loyal customers shabbily. Thank you for asking." The exactly reply was actually:
| Response Via Email (Prestigue) | 06/19/2012 10:49 AM |
| Dear Dmitry Kagansky,
Thank you for your reply. I understand your frustration. You booked 3 reservations to get around the system and use coupons and free day. Combining them would do what you were trying to get around. We are disappointed that this policy was a source of dissatisfaction for you. We appreciate your comments and will take them into consideration for future policy review. We can assure you that it is never our intention to disappoint a valued customer, and we appreciate your taking the time to share your thoughts. Again I apologize for any inconvenience. Sincerely, |
|
So using coupons, which I've earned, and free days, which I've also earned, is "[getting] around the system." And now this ticket is simply logged as me "sharing my thoughts with them." I'm done venting. I have other work to tend to, but I do wonder whether anyone is awake at the wheel over at National Car Rental.
What is it with Bad Customer Service at National Car Rental?
Some customers are more troublesome than others. I'll be the first to agree on that point. But they're still customers, and unless you have something truly unique and compelling that they can't get anywhere else, you don't have the luxury of making things difficult for them.
This week, I need to use some free days, and coupons, with National Car Rental. I'm Executive Elite with them, which means I rent a lot. I'm in a National car at least 2-3 days per week. Every week. And they had some good promotions, so I racked us some coupons for free days, and then also accumulated some free days. However, they have a really crappy website, which doesn't let you use more than 3 coupons per rental (and each coupon I have is only for 1 day).
The email from me below pretty much explains what I need:
| Customer By Email (Dmitry Kagansky .) | 06/14/2012 06:13 PM |
| I have 3 itineraries right now:
376xxxxxx Atlanta Intl Arpt (ATLT01) Sat, Jun 23, 2012 02:00 PM I need to combine them all into a single itinerary, so I don't have to go Thank you, |
|
So you can see, this is not some exotic, ridiculous request. I just need a car, for a week, and using all the points/coupons/rewards I've accumulated.
It took them close to 48 hours to respond, and here's what they sent:
| Response Via Email (Prestigue) | 06/16/2012 02:31 PM |
| Dear Dmitry Kagansky,
Thank you for your email. If we were to combine the reservations into one, the coupons would be voided out. It will not work that way, we can either combine them and take some of the coupons off, or leave it as it is. I apologize for any inconvenience. Sincerely, |
|
My response back to them spells it out:
| Customer By Email (Dmitry Kagansky .) | 06/16/2012 04:31 PM |
| So you're telling me I have to drive back to the airport twice during the rental period? And that I really don't need to do anything there except say, "I'm taking this same car again under a new agreement?"
That's really screwed up, especially since your closer location in Atlanta closed up. We're talking about a location that is 60 miles away from where I'll be the rest of the week, and huge inconvenience. You're saying that I have to take 2-3 hours out of my day --TWICE-- to do this, just to use my coupons and days? Do you really think that's an appropriate answer? Can you explain to me why I shouldn't switch to Hertz or Avis? I've used both in the past, and have never had this sort of problem. Regards, |
|
Someone really needs to give me a good reason not to switch to Avis or Hertz. Avis I'm indifferent to, but I've loved Hertz for years. My company prefers National, so I don't buck the trend, but if I can't make use of my rewards, why be in a loyalty program? In fact, why be loyal? After more than 25 rentals this year alone, this is what I get back? I don't think so. I've already cut Hilton out of my life. National doesn't look to be too far behind unless there's a satisfactory answer here.
Breach Directory Doc – First draft
I just posted an incomplete, and rough document here:
http://www.federalcto.com/quest/breached-directory.docx
Going forward, this link will always have the latest, published version of the doc. For more information about the overall project, have a look here:
http://www.federalcto.com/2012/05/breached/
Your Directory Has Been Breached – landing page
This is a landing page for a project Bob Bobel and I have been working on recently. Today (May 30th, 2012), I am presenting the first draft of the slides which will be posted shortly. A white paper is due out shortly. All information will be posted on this page, so it will be revised in the coming weeks.
(2012-05-30 - 13:00 ET)
First up, here is Bob's initial post on the topic:
http://www.bobbobel.com/active-directory-was-compromised-now-what/
(2012-05-30 - 16:15 ET)
Here is the slide deck just presented at the Department of Energy NLIT Conference (National Laboratories IT Summit):
http://www.federalcto.com/quest/breached-directory.pptx
(2012-06-05 - 18:00 ET)
Here is the first (rough) draft of the document to correspond with the slides. Yes, whole sections are missing, and will be filled in during the coming weeks. Stayed tuned.
http://www.federalcto.com/quest/breached-directory.docx
Apple doesn’t like kids (and their iTunes security stinks)
This is the story of why Apple is slowly losing favor in my household, even though both of my kids use Mac Minis, I have 3 MacBook Pros (2 personal, 1 work), a boat load of various iPods, iPhones, iPads, AppleTVs and other Apple devices. It turns out that Apple does not want my daughter, or kids under 13, to use their devices.
It's all about the iTunes store, and their need to put security in blindly, without regard for their end user community, or a serious thought about how people use their products. Below is the entire thread I've had with Apple support, but to make a long story short, Apple recently put in a requirement that all users of the store answer 3 challenge questions. This seems like a great idea, and many other online sites (notably online banks) already use such a mechanism. However, when you think about who Apple sells to, and what they provide, it's very poorly thought out. The bottom line is:
- I have to answer these 3 questions, or I cannot make any more purchases; that includes free songs, Starbucks 'pick of the week,' my company's apps (which are all free, I believe), and anything that comes via the iTunes store
- I am not supposed to share my account with anyone else
- This including my wife (who owns an Apple iPhone)
- This includes my 11 year old daughter (who got an iPod Touch for Christmas - the only gift she wanted)
- I cannot opt out of answering these questions to make any further purchases
- I cannot create my own questions which I can then share with my family
In the thread, I point out to Apple some other options I'm willing to take, but none of those are possible, according to the last response from support. I also think it's ridiculous for them to suggest that my wife, daughter and I all have to buy the same apps, songs, and other content from the iTunes store, instead of sharing it all under 1 household account. Basically, Apple has said that my daughter cannot use the iPod Touch in the way they intended, and advertise. I wish they had put a warning on it saying, "please do not purchase this device for your children," but their commercials and marketing don't mention a single thing about any of this.
And so, I have to reconsider whether we're going to continue to use the 2 iPhones, 1 iPod Touch, 2 iPads, 4 Mac Minis, 2 AppleTVs, 3 MacBook Pros and other Apple gear we have. All because of a poorly designed feature, meant to enhance security, but one that makes me very uncomfortable.
So here's the entire thread, re-ordered so you can read it from top to bottom. I've removed out identifiable information, such as case numbers, and email addresses, but that shouldn't alter the exchange at all.
-----------------
(This was my first entry on the Apple support site, so it was not an email I sent, but one that the support person initially received)
First Name : Dmitry
Last Name : Kagansky
Email : apple@customdomainname.com
Lang_Country : en_US
Product : iTunes Store
Support Subject : Purchases, Billing & Redemption
Sub Issue : How do I opt out of providing the security questions that are now required?
GCRM Case ID : XXXXXXX
See additional info below
What device did you use to connect to the store? Mac computer
Which operating system is installed? Mac OS X v10.7.x
What version of iTunes is installed on your computer? iTunes 10.6
Choose the iTunes Store or App Store for your country: United States
Item title:
Order number:
Details:
How do I opt out of providing the security questions that are now required? I share my account with my wife and 11 year old daughter, who both have apple devices. They don't need to know my security questions.
-----------------
| from: | iTunes Store iTunesStoreSupport@apple.com | ||
| to: | apple@customdomainname.com | ||
| date: | Sun, Apr 29, 2012 at 11:28 AM | ||
| subject: | Re: Purchases, Billing & Redemption; Follow-up: XXXXXXXXX |
Hi Dmitry,
Good day! Thank you for contacting iTunes Store Support. I'm Grace and it's a great pleasure to assist you with your concern.
I understand that you want to remove the security question that you're required to answer in order to continue purchase from the iTunes Store.
Dmitry, from time to time, Apple enhances the security of our valued customer's iTunes Store accounts. I apologize for any frustration this has caused, and I assure you that the recent changes are not meant as an inconvenience, but rather to help safeguard your account details and activity. Apple is pleased to provide this feature and hopes that keeping your safety in mind, will help you to better enjoy the iTunes and App Store.??With this new system in place, when a purchase is attempted from a new device or computer, the store selects, at random, two of the three challenge questions for your Apple ID to verify that you are the account owner. If the questions are answered incorrectly ten times, your account becomes temporarily locked. When your account is locked, you cannot make purchases using any device that has not previously used the Apple ID. It also prevents you from changing your challenge questions. However, you are still able to make purchases using a trusted device.??At this time, in order to add this feature to existing iTunes Store accounts, Apple had to pre-set the questions on your Apple ID. When you are not able to access your account, I can clear the challenge questions for you.??Once I do this, you will be able to sign in and add your own challenge questions. You will also have the option to enter a "rescue" email address. This option will allow you to send a message to the rescue email, should you forget the answers to the challenge/response questions in the future.??Now, in order to clear the questions for you, Apple requires that you provide at least one of the following, for your security:??- the order number of one of your purchases?- the last four digits of the credit card used for your iTunes Store account??And two items from this list:??- your birth date?- the billing address listed on the account?- the phone number on the account??Upon receiving your response, I will verify your information and clear the pre-set challenge questions.??Once again, I apologize for any inconvenience this situation has caused and I look forward to your reply.
Sincerely,
Grace
iTunes Store/Mac App Store Customer Support
Please Note: I work Friday-Tuesday, 9am-6pm CT
-----------------
| from: | Dmitry Kagansky apple@customdomainname.com | ||
| to: | iTunes Store <iTunesStoreSupport@apple.com> | ||
| date: | Sun, Apr 29, 2012 at 6:10 PM | ||
| subject: | Re: Purchases, Billing & Redemption; Follow-up: XXXXX | ||
| mailed-by: | gmail.com |
Please clear out the challenge questions.
- A recent order number is:
XXXXXXXX
- the phone number tied to the account is:
770-xxx-xxxx
- the billing address is:
XXXXXXXXX
XXXXX GA XXXXX
Please let me know when this is ready. Thank you.
-----------------
| from: | iTunes Store iTunesStoreSupport@apple.com | ||
| to: | apple@customdomainname.com | ||
| date: | Sun, Apr 29, 2012 at 6:54 PM | ||
| subject: | Re: Purchases, Billing & Redemption; Follow-up: XXXXX |
Hi again Dmitry,
Thank you for getting back to and providing the information I have requested.
Dmitry, I wanted to let you know that in an effort to better assist you I have consulted with a Senior iTunes Store Advisor who has advised me that you have to confirm your account name as "apple@customdomainname.com". Also, you cannot opt out of providing the security question on your account.
Also, we checked your account and found out that the security question have not been set and we cannot reset it.
To set security questions, sign in to http://appleid.apple.com with your Apple ID and follow these steps:
1. Click the "Manage your account" link
2. Enter your Apple ID and password then click "Sign in"
3. Click "Password and Security" on the left
4. Enter your new security questions and answers then click Save
5. Click Sign Out in the upper right-corner of the site
Once you have answer your security questions, you can sign into your iTunes Store account and try your purchase again.
If you have any other questions and concerns regarding this matter, please feel free to email me back. Thank you for choosing the iTunes Store. I hope you have a fantastic day!
-----------------
| from: | Dmitry Kagansky apple@customdomainname.com | ||
| to: | iTunes Store <iTunesStoreSupport@apple.com> | ||
| date: | Sun, Apr 29, 2012 at 7:36 PM | ||
| subject: | Re: Purchases, Billing & Redemption; Follow-up: XXXXX | ||
| mailed-by: | gmail.com |
I'm confused. I don't want to answer the 3 challenge questions you provide. I don't need my daughter needing to know those answers. I don't mind providing my own questions and answers, though. I can also provide a security question. How would you like me to do that?
And what's the problem with my email address?
-----------------
(Note: At this point, I just went ahead, registered 3 bogus questions with Apple, along with a new email address I created at customdomainname.com specifically for this whole adventure, which is why the next email is also from me.)
-----------------
| from: | Dmitry Kagansky apple@customdomainname.com | ||
| to: | iTunes Store <iTunesStoreSupport@apple.com> | ||
| date: | Sun, Apr 29, 2012 at 8:01 PM | ||
| subject: | Re: Purchases, Billing & Redemption; Follow-up: XXXXX | ||
| mailed-by: | gmail.com | ||
Ok. I've answered your silly challenge questions and have set up a rescue email address (fuck_apple@customdomainname.com). Can you now reset the challenge questions so that I can enter in my own questions and answers as you told me I could do originally? I don't really care for the answers I put in for all 3 and won't remember them on an on-going basis.And, long term, I'd love to know how apple intend on doing this for households that share an apple id. It doesn't look like much thought has been put into how to work with people that own a ton of apple equipment among members of the same family.
-----------------
| from: | iTunes Store iTunesStoreSupport@apple.com | ||
| to: | apple@customdomainname.com | ||
| date: | Mon, Apr 30, 2012 at 8:57 AM | ||
| subject: | Re: Purchases, Billing & Redemption; Follow-up: XXXXX |
Hi again Dmitry,
Thank you for getting back to me.
I understand that you want to reset the security question on your account to create questions on your own. Before we could do that, please note that you cannot opt out of the security question and it is not possible to create your own security question after we reset it for you. You have to choose from those questions and provide the answers.
While I understand that this change was not announced, Apple is constantly looking for ways to improve the security of the iTunes Store and help safeguard your account details and activity. The security questions were implemented for your protection and will help ensure that no one other than you can gain access to your account on a new device, without your direct authorization.
Please know that this innovative system is not intended to upset you; it is in place for your peace of mind. I can certainly appreciate that you would like to retain the old sign in format, however, this new format will soon be the same on all iTunes Store accounts and Apple IDs. The following page outlines, in detail, how Apple protects your information:
Apple Privacy Policy
http://www.apple.com/legal/
While you may never have fallen victim to an account breach, please understand that Apple does not want your account to be in jeopardy at any time and feels that this new security feature will only make your experience safer and more enjoyable.
If you would like to voice your opinion on this new feature, I encourage you to use the iTunes Feedback page to submit your comments about Apple's new security enhancement here:
http://www.apple.com/feedback/
By taking the time to contact Apple about your concerns, you provide valuable input on how to make iTunes better for everyone. Apple recognizes that no one is better qualified to provide feedback about iTunes than the people who use it. Your email may make the difference.
While you will not receive a response from this department, please be assured that the advisors who review all of our patron's concerns do take these matters seriously. The more feedback we gather on these issues, the better and more likely to incite changes. Your efforts to share your feedback are very much appreciated.
Also, please feel free to review the iTunes Store Terms and Conditions which outline Apple's right to enhance features and make changes to your account and the iTunes Store:
http://www.apple.com/legal/
Thank you for your patience and understanding in this matter, Dmitry. Your experience is very important to us and we truly appreciate your continued devotion to the iTunes Store. Please let me know if there is anything else I can assist you with.
-----------------
| from: | Dmitry Kagansky apple@customdomainname.com | ||
| to: | iTunes Store <iTunesStoreSupport@apple.com> | ||
| date: | Mon, Apr 30, 2012 at 9:34 AM | ||
| subject: | Re: Purchases, Billing & Redemption; Follow-up: XXXXX | ||
| mailed-by: | gmail.com |
1. I want my challenge questions reset. That request still hasn't been satisfied. I answered them with the impression that I'd be able to change them to something of my own choosing later. Even if I can't do that, I don't like the answers I provided. I need to reconsider the answers if I'm actually to share this account with others.
As a final note, I will probably post this thread on www.FederalCTO.com. It is a blog I run and find this to be very interesting content for it.
-----------------
| from: | iTunes Store iTunesStoreSupport@apple.com | ||
| to: | apple@customdomainname.com | ||
| date: | Mon, Apr 30, 2012 at 10:16 AM | ||
| subject: | Re: Purchases, Billing & Redemption; Follow-up: XXXXX |
Hi again Dmitry,
I do want to start out by offering my apologies for this situation and assure you that I will do everything I can to help you get this resolved. It is not my intention to frustrate you.
Dmitry, I have reset your security questions for you. To choose new security questions, sign in to http://appleid.apple.com with your Apple ID and follow these steps:
2. Enter your Apple ID and password then click "Sign in"
3. Click "Password and Security" on the left
4. Enter your new security questions and answers then click Save
5. Click Sign Out in the upper right-corner of the site
Once you have reset your security questions, you can sign into your iTunes Store account and try your purchase again.
Again, I apologize for any inconvenience this may have caused you, and I thank you for being an iTunes Store customer.
-----------------
| from: | Dmitry Kagansky apple@customdomainname.com | ||
| to: | iTunes Store <iTunesStoreSupport@apple.com> | ||
| date: | Mon, Apr 30, 2012 at 10:37 AM | ||
| subject: | Re: Purchases, Billing & Redemption; Follow-up: XXXXX | ||
| mailed-by: | gmail.com |
I am not frustrated. I just find it interesting that your product group is so short-sighted to not have provided you with an appropriate response to my simple question. Which is, how does apple expect me to share my account with my family members, and without disclosing my challenge questions to them? I've offered several suggestions (opt-out, or create my own Q&A) but it seems neither one is possible. We're at an impasse, as I can't use iTunes in the way it's currently set up and you're not giving me other options.
-----------------
| from: | iTunes Store iTunesStoreSupport@apple.com | ||
| to: | apple@customdomainname.com | ||
| date: | Mon, Apr 30, 2012 at 11:21 AM | ||
| subject: | Re: Purchases, Billing & Redemption; Follow-up: XXXXX |
The changes made by Apple is not meant as an inconvenience to it's customer. Apple doesn't expect anyone to share their accounts, technically we expect customer's to each have their own iTunes Store accounts as stated from the iTunes Store Terms and Conditions which outline don’t reveal your Account information to anyone else:
http://www.apple.com/legal/
Apple is doing this changes to increase the security of our customer. I appreciate your understanding for this changes.
Again, I apologize for the inconvenience this changes may have caused you. Apple cares about it's customers and we want you to continue enjoying our products and services.
-----------------
| from: | Dmitry Kagansky apple@customdomainname.com | ||
| to: | iTunes Store <iTunesStoreSupport@apple.com> | ||
| date: | Mon, Apr 30, 2012 at 11:51 AM | ||
| subject: | Re: Purchases, Billing & Redemption; Follow-up: XXXXX | ||
| mailed-by: | gmail.com |
How do you reconcile your stance with 11 year old minors? Do you really expect my daughter to have her own email account, credit card, etc? And how do you expect her to answer the challenge questions should she have her own account? Or would you rather minors not own apple devices that use iTunes? When she accepted the EULA of the iTunes store, do you really think that's legally binding?
I should point out that google and others do not allow minors under the age of 13 to have accounts with them.
-----------------
| from: | iTunes Store iTunesStoreSupport@apple.com | ||
| to: | apple@customdomainname.com | ||
| date: | Mon, Apr 30, 2012 at 12:23 PM | ||
| subject: | Re: Purchases, Billing & Redemption; Follow-up: XXXXX | ||
Dear Dmitry,
We appreciate your interest letting your 11 years old daughter using the iTunes Store.
To buy from the iTunes Store, you need to be at least 13 years old.
If you have any questions after she turned 13 and create an account, please don't hesitate to contact us at that time. We will be happy to help you.
Also, a change to the iTunes Store Security Policy now requires you to choose three challenge/response questions. The questions are pre-assembled, and can not be changed, and you can not create your own questions. You need to choose 3 of the pre-assembled questions.
The iTunes Store asks you to answer challenge/response questions when both of the following happen:
You try to make a purchase on the iTunes Store using a device that has not previously used your Apple ID.
You do not have a credit card on file for your iTunes Store account.
You can edit your challenge/response questions at the My Apple ID site: https://appleid.apple.com/.
NOTE : You can optionally enter a "rescue" email address when you choose the challenge/response questions. Apple sends a message to your rescue email address when you forget the answers to the challenge/response questions.
I apologize that there is no other option available, you will need to choose from the list of questions provided. If you do not wish to provide answers to the questions provided you will be unable to use the iTunes Store.
Thank you for choosing the iTunes Store. I hope you have a fantastic day!
Sincerely,
Grace
iTunes Store/Mac App Store Customer Support
Please Note: I work Friday-Tuesday, 9am-6pm CT
Think there’s no cold war?
You think the cold war is over? You think things have settled? Have a read of this article - Full on hacking and cyber warfare is going on as we calmly surf the web. Have a read of this Business Week article: China-Based Hacking of 760 Companies Shows Cyber Cold War
Meant to mention
I put up a post on 2-factor authentication here: http://www.idmwizard.com/2011/10/31/quest-on-2-factor-and-3-factor-authentication/ that can be considered an addendum to the last post I had here.
Going forward, this blog is going to be more about my travel and observations in my job as Quest's Federal CTO, and the IDM Wizard site will be for the more technical, identity-focused activity. With any luck, that site may have a new contributor as well, which is why I'm looking to revive it.
US Government Smartcards; CAC, PIV and PIV-I
Recently, I had the pleasure of trying to get some government certified smart cards for some of the technical people at Quest, and I can't believe how much of a headache and hassle it was. I actually don't work for Quest Software, but a subsidiary (Quest Software Public Sector) which is focused on the public sector space. And while most Quest employees don't have a need for government-issued or government approved smart cards, our company does. And while I knew that non-government employees can get a relatively new (a little over a year old) flavor of the PIV card called PIV-I, I was amazed at how difficult the process was to navigate. Thankfully, we have some pretty good and persistent purchasing folks, but the process is still pretty arduous for an organization that has been working with the government for years.
I won't get into all the details, but if you're interested, feel free to contact me offline.
In any case, I find myself constantly having to explain what the different is between a smart card, a CAC, a PIV card, and now a PIV-I card. A smart card is pretty straight forward - it's a generic term, and all the other cards fall into this category. You can find a lot more details on them here at Wikipedia. In any case, the thing that makes a smart card a CAC (which means Common Access Card, so please don't say, "CAC Card" as it is redundant) is that it is used by the US DoD (Department of Defense). If you want to do any work on government systems in the military, you will most likely need one of these.
Like their military counterparts, employees within civilian agencies also need smart cards. Of course, they opted for a similar, but not the same, standard. That standard is a PIV card (Personal Identification Verification). The cards are slightly different from CACs, and have varying information printed on them, depending on the issuing agency. Plus, they use a different set of CA (Certificate Authority) servers than the ones that CACs use, as the DoD have their own servers.
Finally, and this is the confusing thing, there are PIV-I cards. PIV-I stands for PIV-Interoperable. There are some great docs about PIV and PIV-I at www.idmanagment.gov which is a site run by GSA but I'll save you the trouble of wadding through a lot of documentation. The PIV-I FAQ here states:
2.2 What is the difference between a PIV-I Card and a PIV Card?
The term “PIV Card” may only be used to describe an identity card that is fully conformant with Federal PIV standards (i.e., FIPS 201 and related documentation). Only a Federal entity is capable of fully meeting these standards and issuing a PIV Card. A PIV-I Card meets the PIV technical specifications of NIST SP 800-73 and is issued in a manner that may be trusted by Federal Government Relying Parties, but does not meet all of the requirements of FIPS 201.
What does this mean? A Federal entity (aka employee) uses a PIV card, and a trusted, non-government entity has to use a PIV-I card.
So there you go. In summary:
- CAC is for Department of Defense users
- PIV is for civilian users working for the Federal government
- PIV-I is for non-Federal entities that need to access government systems