How should programmers handle email-username identity theft?
Posted
by
Craige
on Programmers
See other posts from Programmers
or by Craige
Published on 2011-01-05T22:49:17Z
Indexed on
2011/01/05
22:59 UTC
Read the original article
Hit count: 383
Background
I recently signed up for an iTunes account, and found that somebody had fraudulently used MY email to register their iTunes account. Why Apple did not validate the email address, I will never know.
Now I am told that I cannot use my email address to register a new iTunes account, as this email address is linked to an existing account.
This got be thinking...
Question
How should we as developers handle email/identity theft? Obviously, we should verify that an email address belongs to the person it is said to belong to. Why Apple did not do this in my case, I have no idea.
But lets pretend we use email address for login/account identification, and something slipped though the cracks (be it our end, or the users). How should we handle reports of fraudulent accounts?
© Programmers or respective owner