Tuesday, March 22, 2016

Credit Cards Calling

   So I'm driving down the road, out of state but heading toward home, when I received a text message.  The message said it was from a credit card company asking me whether a charge was legit.  I did not recognize this charge!

   Receiving this kind of message may concern some of you, but for me this is awesome!  The credit card companies have, by necessity, become really good at detecting fraud.  That could be because of the huge amount of credit card fraud out there!  Fraud is big money and it's both in our, and the credit card companies', best interests to try to get a handle on it.

   Detecting this kind of fraud is basically about big data analytics and anomaly detection.  That's just a fancy way of saying it's kind of like finding a needle in a stack of needles!  It's complex and expensive.  Luckily(?) credit card companies have lots of money!  They have to figure out what might be fraud so they can appropriately allow or block transactions.  If they allow too much then there can be a lot of fraud.  If they block too much then there can be unhappy customers.

   Back to our story... the charge was not legit and I responded "2".  As you can see in the image, the credit card company said they would call me.  I did receive a call and was immediately put into a hold loop!  Wait...

   If I did speak to someone they would first have asked me to identify myself.  However, they called me.  I don't actually know who they are!  This whole event could have been a scam to collect personal information from me.  Had someone connected with me that way, I would not have given them any identifying information.  They called me... at my registered (with them) phone number.  They already know who I am.  They need to positively identify themselves to me!

Wednesday, March 9, 2016

How To Vault (part 2)

   A few posts ago I wrote an overview of why you may want to use a password vault.  This was in answer to reader question to provide more specifics about vaults.

   We've talked about passwords and password vaults a number of times in the past including here, here and here.

   If you haven't read part 1 of this discussion, it's here.

   Hopefully you are now convinced that you should be using a password vault, also called a password manager.  Now what...?

Products & Costs.
   A few years ago there were just a few key players in this field, but the list of products has grown and there are a number of good choices.  I'll briefly mention four of the best known and provide some links where you can get more info.
  • LastPass - the basic product is free.  It has most of the features you'd want, but the free version only supports use in a web browser.  If you want a mobile app and to support password fills in mobile apps then you need to get LastPass Premium, $1/month or $12/year.
  • DashLane - this is another very popular product.  It's free to download and use on any device.  However to have your passwords synced across devices, a very important feature, you need to use the Premium product which costs $40/year.
  • KeePass - this is well known and solid product.  It always has been free and is open source.  It was designed to support an exportable vault.  That means the primary way to use this tool is to keep it on a thumb drive and plug it in to the computer you use it on.  That can be either handy or inconvenient depending upon how many computers you have and how you do your work.  With KeePassX you can store the vault in free cloud storage like GoogleDrive, OneDrive, Dropbox, etc. and can connect with apps on mobile devices.
  • 1Password - many people like this product and consider it easy to use.  It's design is similar to KeePass in that it's basic use is on a single system and you can share your vault using free online cloud storage services.  It's free to download and there is a one-time license fee.  There is also mobile support and that requires a valid license.
   Here are a few review articles that go into more detail about the features of these, and some other, products.