New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
CoinBase says I can't upload a "watermarked" ID. Your thoughts?
doughmanes
Member
Subject pretty much sums it up.
CoinBase asked for my driver's license for ID verification purposes. I thought this was a reasonable request as this deals with financial type stuff, with the service being located in the US, so with others on here stating to 'watermark' their information with who they are submitting it to I was told by a support member that this is unacceptable.
I referenced some URLs to security incidents of similar companies in my response and asked for reconsideration from my point of view. I will keep you guys updated with the progress (it took them 48 hours to tell me this is unacceptable)
Their past issues:
http://www.pymnts.com/news/2015/coinbase-hacked-via-sendgrid/
Unwatermarked ID request
- What would you do?89 votes
- Submit it, it's their rules4.49%
- Don't submit it51.69%
- Oh hell nawwwwww43.82%
Comments
Seems dodgy.
I would not submit the copy of the document. This seems fishy.
It really is hard to say without context but if there is a very good reason they won't accept watermarks they should be able to give you a very good explanation.
I'm waiting for their response after I cited some security incidents of other similar companies.
It's financial related. I'm sure some people on here use the service. I'll air them out once my support tickets have ran it's course. They're definitely no stranger to security incidents with one as recent as last April.
The "watermarked" part is over my signature. I figured at minimum if my ID ended up traded on some blackhat forums, they wouldn't have a copy of my signature as I placed the watermark over it.
if its a US based financial institution and your watermarked ID appeared elsewhere on the web im sure there are plenty of govt agencies that would investigate.
>
You're probably best putting one over your picture lightly too. I'd ask if there was another way you could confirm your identity, perhaps with a utility bill addressed to you?
Nah, all the NSA is doing right now is spreading propaganda
Yeah, the internet is a really huge place, good luck finding all occurrences of your ID
What service is it? If it's the type where it's unusual for them to ask for it then I'd just take my business elsewhere, like I did after a discussion with BuyVM's sales person, who couldn't grasp the normality of the concept of my work address being about one mile from my home address...
If it is financial in nature, they can just as easily pull a short credit report and prove your identity like that. I know I did the same when I requested a replacement certified birth certificate from Illinois a year or two ago. As long as they were able to verify me in that manner, they were cool with it, and as you may have guessed, I was requesting this to prove my ID to get an ID card in South Carolina since I did not have any valid ID at the time, still don't, but that is a story for another day.
All these places are stocking up on our vital details, and we all need to stand up and give a big FU to every last one of them.
Do not ever, ever, submit a full ID on the internet without extremely good reason (applying for a bank account online etc.)
I've sent in an ID to digitalocean for my github pack and bluehost for verification(some parts removed). And paypal docs. Paypal loves documents.
I feel foolish.
I tend to watermark the name of the company Im sending it to. You should be able to send as grey scale too.They only need the name and photo. Maybe DOB too.
I watermark it in the centre of the photo, and right over my name but hardly visible on my name, never had an issue with providers though
I haven't actually figured out what the "submit your ID" thing is supposed to prove. For some reason, people like to just send in an ID or passport while ignoring our rules (we never ask for this), but, it's usually a scan of said ID or passport. The point of a photo ID is that you verify the photo on the document with the person presenting it. Great, you've scanned and sent in an ID you found lying on the street. Otherwise, you've just uselessly sent in your personal identification... or is it someone else's personal information!?!!? Who knows!?!?
If they accept a grey scale and afterwards they are hacked, what keeps the hacker from sending the same grey scale image when they want to use your identity?
If a business won't accept a watermarked image with their name on it (e.g. "For Example-Inc. Use ONLY"), then I would not want to deal with them either. That goes double if they have already experienced multiple security incidents.
I would mark out like DL number maybe leave last 2 showing. then mark out part of the address. If they wont take that then maybe look at a different provider.
Don't use watermark. Using a watermark == altering your ID photocopy, which turns out to be unacceptable.
Instead, get a small piece of paper, hand writing the purpose of your ID as if it's a watermark, then put it right on the ID, covering part of it but leaving your personal info clear. This way you are not altering the picture and it's properly protected.
This seems perfectly reasonable to me.
And if they reject a covered photocopy, then that's fully their fault.
Some service providers use software to check if an image of an ID or credit card has been photoshopped and having a watermark will make the software return a positive result which means they can't accept it. If they deal with financial stuff like you say then they must have some audits in place and if they get audited by some oversight committee or government agency and they have an ID on file that was flagged positive as a photoshopped image then they're a lot of time and money that will go into the investigation (and trust me, auditors are extremely strict and if the answer is not a clear yes or no then there's a lot of time lost because of it).
Yeah they have ID software when I uploaded it. Had to upload a front and back copy.
This is the software they use:
https://www.jumio.com/netverify/
I felt like the "XXX ID VERIFICATION" over the signature did this.
I guess the software needs to verify my signature but it looks like a drunk guy trying to draw snakes 99.9% of the time because the DMV didn't accept the 'male anatomy looking' signature I tried to run past them as a joke
Proof
Serious, I want to see this!
Just draw it in paint, doesn't have to be exact :P
Haha love you.
That's pretty cool actually.
Post updated- it was CoinBase and they're standing firm on the request.
http://www.pymnts.com/news/2015/coinbase-hacked-via-sendgrid/
Then it makes sense. That software is what many other BTC business use (I think even some Bitcoin ATMs), and if you think about it, a bank won't accept an altered copy.
EDIT: I said bank as an example. These are usually registered as money transmitting / money services businesses at most.