Cashrewards Proof of ID for Change of Mobile Number

Xena on 10/12/2020 - 13:36

I was trying to make a withdrawal from my Cashrewards account. The process sent an SMS code to my registered mobile number. However, I don't have that number anymore. (It was from a cheap short term starter SIM). I emailed Customer Service and was asked to provide proof of ID. I don't like emailing ID (correct me if I am wrong but I think it is not encrypted). Also, my Cashrewards doesn't even have my full name and the DOB box is empty so I don't know if there is any point in verifying something that doesn't match. Any ideas? TA?

General Discussion

Related Stores

Cashrewards
Cashrewards
Third-Party

Comments

  • AndyC1 on 10/12/2020 - 13:42
    +1

    100% correct as email is not secure. Your mail can be sent through an unknown number of email servers before it gets to the recipient.

    If they give you a PGP key you can encrypt the email and it is secure as only they can decrypt it without using brute force and allot of CPU/GPU resources.

  • SBOB on 10/12/2020 - 13:44

    If it was a scammer contacting cashrewards trying to impersonate you, what would you want cashrewards to do in that instance?

    Sending some id at least provides a barrier to changing account details if you've lost your second factor option. (No idea how well they will verify it etc but it's 'something')

    Ask if you can send an id image with some important details crossed out like card or licence number etc

    • Xena on 10/12/2020 - 14:00

      I'm not an expert in online security but maybe process the withdrawal to the saved bank account. I am not changing bank account details. Similar to transferring money to a saved payee with online banking without 2FA.

      I opened the Cashrewards account many years ago and haven't put my legal name on it. The amount of money is not large (does anyone leave a large amount of money on Cashrewards?) and I can forgo it but my OzBargainer mentality tells me I should try to claim it. Haha

      • avoidfullprice on 10/12/2020 - 15:14

        No regrats, at least didn't buy a 1BR from an auction.

  • nocure on 10/12/2020 - 14:02
    +2

    Don't use a burner number for 2fa…

    • Zachary on 10/12/2020 - 15:41

      How else would you be able to tell where your spam calls and text are coming from?

      • Ughhh on 10/12/2020 - 20:13

        You have a diff number for each store/business? Come on.

        • Zachary on 11/12/2020 - 17:14

          I want to, yes; so I can find out who keeps calling me and then abruptly hangs up as soon as I pick up….and find out where I had that number in and then know it was them who shared my number to some third party or used the number themselves…..

          • Ughhh on 11/12/2020 - 18:02

            @Zachary: So you're going to have a 100 phones, or 50 if dual sim, lying around, fully charged at all times?

  • [Deactivated] on 10/12/2020 - 14:19
    -1

    Cashrewards is basically run by some guy out of his basement fyi…

    • Zachary on 10/12/2020 - 15:39
      -1

      Actually, there's at least 6 guys running the show - David, Jawrdan, Simone, Jackie, Feraida and Andrew….unless these are all aliases for the one guy in the basement…..plus they're making some pretty dough……over 5 million last I read….doubt anyone making over 5 million would still live in the basement of their mother's house to do business in….maybe if you're an ozbargainer….reducing cost to the absolute minimum disregarding any dignity, comfort any other luxuries that doesn't need to be had to function as a business.

      • [Deactivated] on 12/12/2020 - 07:58
        -1

        Sounds like daddy funded their little business mate

    • Blue Cat on 10/12/2020 - 15:40

      ShopBack employee spotted!

    • Clear on 10/12/2020 - 19:42
      -2

      I didn't see you at any of the OzBargain birthday parties they hosted. A real shame because scotty was so happy with the cake.

  • whooah1979 on 10/12/2020 - 14:50
    -3

    I don't like emailing ID (correct me if I am wrong but I think it is not encrypted

    Emails use SSL/TLS which the same encryption used by all the major banks, government websites, Amazon, eBay, PayPal, ShopBack, etc.

    • SBOB on 10/12/2020 - 15:22

      Emails use SSL/TLS

      while your email may be 'encrypted' between you and the mail server depending on client etc (e.g using gmail via a web browser, its https to 'gmail') but there is zero guarantees of any secure connections between email servers or the final email server and the recipient, or any control over which email servers the email may bounce through

      • Zachary on 10/12/2020 - 15:35

        make ur own email server and send them in? or somehow have the email server go direct contact to cashreward's email servers without hopping on intermediary servers?

        • Blue Cat on 10/12/2020 - 15:41

          There is no guarantee that the recipient will receive the mail from your server to his device encrypted.

          • Zachary on 10/12/2020 - 15:42
            +1

            @Blue Cat: …so then how does one securely send something that IS guaranteed to the recipient?

            • Blue Cat on 10/12/2020 - 15:46

              @Zachary: PGP mail encryption, but that requires above average tech literacy to send and receive mail, which might be too much for a simple tech support guy, especially if it's outsourced overseas. Or probably not even allowed by the company or it's policies, or even completely unheard of for them.

              It is not widely used at all because 99.99% of the population don't care about privacy so the current state of "just werks" email systems is all we need at the moment.

              • Zachary on 10/12/2020 - 15:59

                @Blue Cat: ok, if i were to email you something that i want only you to read and no one else, what are the steps to do so using this pgp mail encryption?

                • Blue Cat on 10/12/2020 - 16:04

                  @Zachary: I don't know much details as I read this up a year ago on one of those "privacy nut" posts on reddit.

                  This graph explains it in the most simple way possible and this website explains it in detail.

                  Basically, I don't see this getting popular anytime soon, because nobody wants to "exchange" keys before they send an email to someone.

                  • Zachary on 11/12/2020 - 17:17

                    @Blue Cat: …im guessing you dont use it yourself since you're not able to explain it in your own words but to direct me to a link where you have read it or somewhere else that may be more helpful…..

                    ok, so ive read a bit of that on your links….

                    • content of the email is obfuscated with some hash which needs to be decrypted with your private key that was enrypted using your public key, instead of the usual actual content
                    • email headers are still exposed, so people who want to read you emails by hacking your line or the node it goes through will be able to tell who sent it and to whom and other stuff in the header
                    • Apparently not user friendly to do the encryption and the decryption….
                    • was used in ransomware due to its unbreakable chain probably why you can easily decrypt files that were encrypted with ransomeware…..
                    • a few email clients uses this, most notable is protonmail

                    So I looked up some security mail services and messafe safe is also one that's bound to security and privacy at its core. Development/support team seems to be …a bit dead lately…..so if you want to find out the details use to get it working on a 3rd party email client like outlook or protonmail, gg….

                    I'm somewhat keen on trying this out, would you like to be my test partner?

                • SBOB on 10/12/2020 - 20:06

                  @Zachary:

                  if i were to email you something that i want only you to read and no one else

                  • compress it with encryption/password using something like 7-zip and email that, supplying the password via an alternate communications method (eg phone call)

                  • upload it somewhere like google drive and share it as a file requiring a password to access it, again supplying the password via an alternate comms method

                  • Zachary on 11/12/2020 - 17:15

                    @SBOB: is that the general gist of pgp or is that you would have done for a secure guarantee email?

                    • SBOB on 11/12/2020 - 19:57

                      @Zachary: That's a non PGP solution

                      It's what I do sometimes for work when needing to transfer files to customers in a simple to understand manner.

  • Store Reptightarse @ Cashrewards on 10/12/2020 - 17:07
    +3

    Please PM me and we'll discuss an alternative method offline so you're able to change your mobile number. Thanks.

    • Xena on 13/12/2020 - 02:32
      +1

      Thanks for sorting it out for me. I've updated the mobile number and have activated 2FA.

      • Zachary on 02/01/2021 - 13:29

        so what method did u end up using offlinely?

  • coloururwings on 23/02/2022 - 23:56

    I have the same issue..what is the alternative method?

Login or Join to leave a comment
Login Join