Following up on previous BoingBoing posts (one, two) about a data security weakness in Sprint's automated phone support system for wireless customers, Jennifer Walsh Kiefer of Sprint Nextel Public Affairs says:
Hi Xeni –
In response to your inquiry regarding the verification process for International Calling, I am providing the info below to indicate that we have revised the verification process. Sprint Nextel is committed to protecting the privacy of its customers, preventing fraud and providing quick and responsive handling of customer calls.
To minimize our customers' wait time, for certain types of inquiries we employ an interactive voice response system (IVR).
The process for enabling customers to sign up for an international calling plan includes an IVR identity verification process with checks and balances to prevent fraud and protect privacy.The first step in this fraud prevention process involved an automated verification of a customer's current address.
Although this process operated well within the bounds of applicable federal and state privacy laws, we recognize that there is a heightened sensitivity today by consumers to any use of their personal information, even when it is for fraud prevention purposes.
For that reason, Sprint has revised the process to further enhance security and prevent fraud.
Kudos to Sprint/Nextel for what appears to be a very timely and thorough response to user concerns.
