How should programmers handle email-username identity theft?

Posted by Craige on Programmers See other posts from Programmers or by Craige
Published on 2011-01-05T22:49:17Z Indexed on 2011/01/05 22:59 UTC
Read the original article Hit count: 383

Background

I recently signed up for an iTunes account, and found that somebody had fraudulently used MY email to register their iTunes account. Why Apple did not validate the email address, I will never know.

Now I am told that I cannot use my email address to register a new iTunes account, as this email address is linked to an existing account.

This got be thinking...

Question

How should we as developers handle email/identity theft? Obviously, we should verify that an email address belongs to the person it is said to belong to. Why Apple did not do this in my case, I have no idea.

But lets pretend we use email address for login/account identification, and something slipped though the cracks (be it our end, or the users). How should we handle reports of fraudulent accounts?

© Programmers or respective owner

Related posts about programming-languages

Related posts about best-practices