Toggle sidebar Toggle sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Giving out SSN

A

andymac1

macrumors newbie
Original poster
I hate giving out SSN. But for obvious reasons you cant get iphone without giving out one and they need to do credit check etc.

So, Will you give out to ONE company or two companies?

If you buy at apple.com or at an apple store, you are giving your SSN to two companies. On the other hand if you are buying at an ATT kiosk or store, you are giving out to only one company.

Is that better? Any thoughts? Give me one good reason why I should go either route? Are phones better (I mean newer manufacturing stock..), in apple store? Or, are they all the same in terms of quality and reliability?
 
Pay full retail and you don't have to give out your SSN at all. Then you can leave your tin foil hat on in peace.
 
You aren't giving it to two companies if you buy at the Apple store, not any more so than if you buy at Best Buy. The sales person takes your SSN and puts into AT&T's registrations system. AT&T has it, not Apple.
 
You'll be surprised how accessible your SSN is.

I have never worked in telecenter, but all the credit card companies, AT&T and numerous other companies all have access to at least the last 4 digit of your SSN if not the whole thing.

So really, how secure do you think your SSN is?
 
I just find it ironic that people are all suspicious and wary of giving out their SSN to Apple, and are trying to find ways to get around it so that they can buy a device from that same company that they can then put all their calendars, contacts, do their online banking, locate themselves using GPS, store their e-mail passwords and confidential e-mails, make online purchases through the app store using stored credit card account info... you get the idea. All on a device that has background push capabilities, is pretty much always connected, and is tied into Apple's datacenters through iTunes the very moment it's activated.

I'm not saying Apple would actively do anything nefarious with all of this stuff, but if someone is paranoid about what Apple does with their social security number and yet is not paranoid in the least about all the other things they could possibly be telling Apple, then maybe they haven't totally thought this out...
 
and it baffles me how all the people scared to use credit cards have no problems writing checks that have your account and routing #'s on there
 
I have had fraud on my SS number for the past 10 years, before that I was lucky enough to have a Black AX card, it has ruined my life in many ways I know have asked for a new number, and will have to start from scratch, i dont use checks nor any card but 1, ATT has my SS and I feel safe but still I am checking my Credit report monthly.
 
Scaredpoet - I dont do any of those (like stored cc info. for online purchases, banking, gps location etc.) that you mentioned using the iphone.

What do you mean? - "is tied into Apple's datacenters through iTunes the very moment it's activated." I dont think the device is always connected to apple datacenters? is it? (maybe the native weather app perhaps?!) other than that my understanding is using wifi or 3g the device connects directly to the IP that you call for. So, the ISP - comcast or AT&T will have all your information (like always), but not Apple.

See, I like Apple. The question is not about Apple, or who is bad. All big corporations are the same. In fact Google and Apple are better than, say, "big telecom giants and insurance giants". They are PURE evil. Apple and Google is not there. At least not yet!


Usually i am cautious. My question is simple: When you can give it to one company and get the iphone rather than 2 companies, why not choose that option?! I am exploring from that angle.

I agree with cocoapuffs, that unfortunately your SSN is accessible everywhere. If you ever worked in a big company, then you probably heard about ChoicePoint - the "master evil" of all - storing accessing and distributing all personal information for corporate greed purposes. In a nutshell, we live in a society where you almost can't get away from these "necessary evils".

calvy - You are right. In best buy the guy puts in a system to see if your credit is approved. (You don't actually know if it is BestBuy system or ATT system- we simply have faith or keep a blind eye in thinking it is only att systems) 🙂 which is ok. there is no way around it. Lets assume the same thing happens at an apple retail store as well. But how about Apple ONLINE store? The control is still under "apple.com/webojects.." URL. It is actually a javabeans or java object that collects information, you don't know if it simply pass a SOAP or XML string back to ATT systems, or it stores somewhere in a database.

See you enter the SSN in the first page. When you click "submit" a HTTP post occurs. At which point your address is verified. Then on two subsequent pages you select other information (like rate plan, verifying the accuracy of address, etc.), and not until the last page your information is actually sent to ATT for credit check. In between there are atleast 3-4 HTTP posts that happen. Now you never know, from the first screen when you put in your SSN, if it is kept in a Session variable or put in a database until the actual passthrough happens 4 pages down the road!

Guys, this is NOT about paranoia, this is simply exploring options and understanding what happens in the back. If they do store it, then they are obligated to TELL consumers that, this information in being stored, like in their privacy policy. Apple is very secretive company. No transparency at all. This is not good for consumers. Just because we all love their products, doesn't mean we have to put up with "EVERY" thing they do and say!
 
alent1234 said:
and it baffles me how all the people scared to use credit cards have no problems writing checks that have your account and routing #'s on there
Click to expand...

we are not talking about credit cards. we are talking about SSN. they primary information that ties to "YOU". The primary information that could turn your life upside down when involved in an identity theft. this is more serious than people know. Just because people are ignorant doesn't make it ok to use it everywhere.
 
andymac1 said:
Usually i am cautious. My question is simple: When you can give it to one company and get the iphone rather than 2 companies, why not choose that option?! I am exploring from that angle.
Click to expand...
The iPhone is the same, regardless from where you buy it. Apple doesn't manufacture lesser-quality phones just for its resellers.

See you enter the SSN in the first page. When you click "submit" a HTTP post occurs.!
Click to expand...
Actually, it's an HTTPS post that occurs.

AT&T and Apple are both Tier 1 merchants in the scope of PCI/DSS, and thus, are externally audited at least once a year, with their payment processors being the final arbiters of deeming them complaint or not. Technically, the SSN check with AT&T doesn't fall under the scope of PCI/DSS, but purchasing the phone from Apple (either online or in store) does. I find it hard to believe that they'd handle SSN data any less "safely" than they do the credit card data.

But do whatever floats your boat. If you're paranoid about giving two companies your SSN (well, three, actually -- the credit bureau) when there's an option that only involves one (well, two) companies, then just go to AT&T.
 
andymac1 said:
we are not talking about credit cards. we are talking about SSN. they primary information that ties to "YOU". The primary information that could turn your life upside down when involved in an identity theft. this is more serious than people know. Just because people are ignorant doesn't make it ok to use it everywhere.
Click to expand...

6 months ago my wife goes into a starbucks and can't buy coffee on her debit card. turns out someone bought $4000 of airline tickets to Dubai and somewhere else. i think it's because she went to a gas station and the pump cc machine was "broken" and she gave the card to the attendant.

the SSN isn't magic and you need other numbers to steal identity. all the data can be bought. all the other data you give to Apple and AT&T helps thieves as well. you give that data to a lot of other companies as well.

most of the data breaches in the last few years weren't some high tech hackers, but a lot of companies allowed employees to grab data from corporate databases into MS Access databases or Excel and then when the laptop or USB stick was lost, so was the data. in a few instances the backup tapes were lost while being transported to the offsite vendor
 
aristobrat said:
The iPhone is the same, regardless from where you buy it. Apple doesn't manufacture lesser-quality phones just for its resellers.


Actually, it's an HTTPS post that occurs.

AT&T and Apple are both Tier 1 merchants in the scope of PCI/DSS, and thus, are externally audited at least once a year, with their payment processors being the final arbiters of deeming them complaint or not. Technically, the SSN check with AT&T doesn't fall under the scope of PCI/DSS, but purchasing the phone from Apple (either online or in store) does. I find it hard to believe that they'd handle SSN data any less "safely" than they do the credit card data.

But do whatever floats your boat. If you're paranoid about giving two companies your SSN (well, three, actually -- the credit bureau) when there's an option that only involves one (well, two) companies, then just go to AT&T.
Click to expand...

My bad- I did mean HTTPS post.

Anyway, I know about PCI/DSS very well and SSN does not fall under that. Even those audits are to make sure the systems are applied patches, and vulnerability testing etc. and more specifically the PCI states NOT to store CVV2 codes in the systems as well as un-encrypted storage. thats all.

Nothing prevents SSN being stored. I am not worried about the security of the transmission in general. (Any good programmer knows, even a 256-bit encrypted data transfer can be hacked into, with proper tools..so lets not go there.) The question is about storing the SSN. I see your point - they may not handle SSN data less safely than CC data. Even if they apply the same standards, nothing prevents them from storing. There is NO law, or regulation that governs SSN and the way companies store them and use them.
 
alent1234 - very interesting point!

(Sorry to hear your family had to go through that situation...)

Makes you wonder, "Good Old Cash Days"!! 🙂 But back then you had cowboys and guns to deal with! (unless you aren't one of them!)
 
andymac1 said:
we are not talking about credit cards. we are talking about SSN. they primary information that ties to "YOU". The primary information that could turn your life upside down when involved in an identity theft. this is more serious than people know. Just because people are ignorant doesn't make it ok to use it everywhere.
Click to expand...
Maybe if you were more educated on this subject you wouldn't even be asking this question. 🙂 There are many ways to protect yourself form identity theft, some you do yourself and others you can pay a fee for. Freeze your credit, look at lifelock, etc, etc, etc.
 
nikhsub1 said:
Maybe if you were more educated on this subject you wouldn't even be asking this question. 🙂 There are many ways to protect yourself form identity theft, some you do yourself and others you can pay a fee for. Freeze your credit, look at lifelock, etc, etc, etc.
Click to expand...

Obviously you are totally uneducated on the issue.

Lifelock will NOT protect you from identity theft. Go and read the fine print. It will only help you while you struggle to restore everything back. Like making phone calls among other things. People like you are easily fooled by big companies. All you see is the main marketing message. Its like insurance. You never really understand what you get and what you dont, UNLESS you pay close attention to the fine print. I am not paranoid or blaming these guys for the fine print issue. It is a simple math. They highlight the benefits with BIG BOLD marketing messages, and they try to keep the risks and "cover their ass" clauses in the fine print. It does make business sense. But people like you are totally fooled by these practices.
 
I am new here. I thought there will be more interesting and sophisticated discussion here. But seems like most of them are teens and youth, who don't have a clue of what they are talking about. (of course with few exceptions, where I see some great responses to some posts), I guess may be about 50-100 of those people and the rest junk! Comments posted by nikhsub1 and people alike show this to be the case.

GoodBye!!
 
aristobrat - i agree. but once a key value finds its way to a database field, trust me, it is more likely to stay there, than getting deleted. Like in our online purchase workflow, unless it is being stored in the session variable and sent to ATT, it is likely NOT to get deleted after the response back from ATT after the credit check.

For instance in Canada, (Quebec) there is a law that prevents companies from requiring SSN from people. (they can ask, but if the consumer doesn't want to give out, they cannot deny services, or else they could get in big trouble with the law..)

Again it circles back to the philosophy here in US.. the decades long practices by corporations that eventually get most people are accustomed to giving out SSN like Halloween candies!
 
nikhsub1 said:
Maybe if you were more educated on this subject you wouldn't even be asking this question. 🙂 There are many ways to protect yourself form identity theft, some you do yourself and others you can pay a fee for. Freeze your credit, look at lifelock, etc, etc, etc.
Click to expand...

lifelock... ROFL... That idiot got his identity stolen. If someone really wants to steal YOUR identity, they pretty much can, its just a matter of making it harder to steal yours vs someone else...
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back