| ▲ | sneak 4 days ago |
| > The real problem is that companies do not offer any accessible, powerful, and intelligent customer support. No, the real problem is that we have no reasonable alternatives when companies misbehave. There is no meaningful way to exist in society today without an Apple or Google account, and that's actually insane. It's doubly insane for people who aren't citizens of the United States (although the CCP addressed this by requiring Apple make a separate iCloud for them). The solution isn't to legislate a right to a bank account, it's to preserve the usefulness of cash so banks don't get too far out of line. |
|
| ▲ | lxgr 4 days ago | parent | next [-] |
| > There is no meaningful way to exist in society today without an Apple or Google account As is the case for many other infrastructure companies, such as your local electricity network operator (or even supplier depending on market liberalization). We also didn't solve that problem by ensuring everyone's right to run a generator in their backyard or heat their city apartment with a coal oven. If tech companies have become essential to our day to day lives and are not willing to allow for horizontal interoperability, i.e. to split over-the-top services from infrastructure and individual elements of infrastructure from each other – because walled garden lock-in undoubtedly increases profits – why not regulate them as infrastructure entirely? |
| |
| ▲ | rsync 4 days ago | parent [-] | | I have neither a Google nor an Apple account. Well, to be fair, I do create an ephemeral Apple ID every time I get a new phone… But I immediately log out of iCloud after downloading the two or three apps that I use. I have no idea what my Apple ID or password is… I would have to go look them up. Further, if I lost said Apple ID, I would lose nothing of value. I believe, as you say, I exist meaningfully in society. | | |
| ▲ | eCa 4 days ago | parent [-] | | > I do create an ephemeral Apple ID every time I get a new phone In other words, you do have an in-use apple id at (pretty much) all times. | | |
| ▲ | rsync 4 days ago | parent [-] | | Sure, but it has no value and nothing negative happens if it is revoked. Further: the three apps I install are not crucial - I could live just fine without them. All I really need is Safari and a working POTS endpoint for my cloud-hosted phone number ... | | |
| ▲ | lxgr 3 days ago | parent | next [-] | | It's nice that this works for you, but unfortunately I strongly suspect that you are part of a tiny and shrinking minority. Not every service provider offers a web app anymore, and if they do, it's often penalized in terms of functionality or fraud screening hoops one has to jump through (since mobile apps offer device attestation and generally have a higher cost per bot action than browsers). Some even outright demand device attestation, which not only excludes non-iOS/Android devices, but even custom ROMs or non-Google-blessed phones, since they lack the necessary keys. And yes, people could protest that by just not using these services if they're not strictly necessary to survive, but the dynamics here (tragedy of the commons etc.) just don't work in favor of individual people. | |
| ▲ | tgsovlerkhgsel 4 days ago | parent | prev [-] | | Curious: How do you do your banking? Most of my banks de-facto require an Android or iOS app for authentication, unless you want to do all your banking in person and pay hundreds of Euros in fees every month (and even that would exclude you from many services). | | |
| ▲ | rsync 4 days ago | parent [-] | | I am a US person and the four (three very large and one smaller, regional) banks that I use do not have any such requirements. Web based online banking (since nothing related to banking requires 3D or VR/AR or camera/mic access or other fancy things that apps do) and 2FA auth. That is all I have ever seen or used. | | |
| ▲ | lxgr 3 days ago | parent | next [-] | | The big difference is that, historically, there wasn't much you could do in a US bank's online banking other than checking your balance and maybe initiating a wire transfer (which usually costs double-digit USD amounts in fees, so it can be economically secured by manual human fraud investigation for every case). By contrast, all European bank accounts offer outbound payments, which nowadays clear and settle instantaneously. The fraud risk is just orders of magnitude higher. The US now has Zelle, which is actually showing just that friction and not going especially well for banks that were kind of blindsided by the sudden requirement to actually authenticate their customer, which is why you see all kinds of strange stopgap solutions mixed with proper security. | |
| ▲ | tgsovlerkhgsel 4 days ago | parent | prev [-] | | In the EU, banks are AFAIK banned from using SMS 2FA, and the 2FA needs to be tied to the specific transactions. Which nowadays de facto means a bank-specific (sometimes country-specific) 2FA app, possibly with the alternative option of purchasing a pricey dedicated 2FA device. | | |
| ▲ | lxgr 3 days ago | parent | next [-] | | > In the EU, banks are AFAIK banned from using SMS 2FA That's not the case, but SMS-OTP only counts as one "possession" factor, leaving only "knowledge" or "inherence" for the second one, and both are awkward to ask for in a payments flow. (You don't want to train users to enter their bank's password at a merchant site, and biometry/inherence isn't easily possible from an untrusted device.) By contrast, doing biometry on a linked device provides two factors (possession of the device and inherence), and is significantly cheaper than SMS too. SMS in Europe can be pricey! As a tangent, they are in fact banned from using email as a factor, which I find infuriating – my mailbox seems much better protected than my SIM card or phone number, which is one successful attempt at social engineering away from being swapped out or ported away. The SMS industry must be pretty good at lobbying. | |
| ▲ | rsync 4 days ago | parent | prev [-] | | For the sake of completeness I will mention that one US bank that I use, Wells Fargo, issues the classic RSA keychain tokens: https://www.wellsfargo.com/biz/online-banking/securid/ ... which is quite simple and cheap ... and can be used in place of SMS 2FA. The fact that these tokens exist and are so simple to deploy and use really deflates any claim (by banks) that banking and/or auth apps are required. It causes one to consider what the real motivation is behind the bank desperately pushing customers away from the simple and adequate web service towards the apps. | | |
| ▲ | novok 3 days ago | parent [-] | | something something anti-fraud something something PM's promo packet something |
|
|
|
|
|
|
|
|
|
| ▲ | wat10000 4 days ago | parent | prev | next [-] |
| China is quite a bit worse. Not having an Apple or Google account in the US would be kind of inconvenient. Not having WeChat Pay or AliPay in China means you can't buy stuff most places. They've ensured that their de-facto-mandatory services are domestic, but they're a lot more mandatory. I assume the Chinese government is quite happy with this, because they have no trouble bringing their large companies to heel, unlike the US. And centralizing payments like this gives them a great deal of information and control. |
| |
| ▲ | sneak 4 days ago | parent | next [-] | | The US also has no trouble bringing their large companies into line. Apple willingly preserves a backdoor in the e2ee of iMessage for the FBI et al in the form of effectively unencrypted iCloud Backups. The whole “Apple won’t decrypt stuff for the FBI” narrative is farce. Post Snowden, all the tech CEOs met in person with Obama to do damage control, as they all had some serious credibility problems once the reality of FAA702 (warrantless one click direct access, aka PRISM, aka the #1 source for the IC) came to light. | |
| ▲ | 4 days ago | parent | prev [-] | | [deleted] |
|
|
| ▲ | Apreche 4 days ago | parent | prev | next [-] |
| Even if there were viable alternatives, I believe people who chose to use an Apple, Google, or any other account should still have the rights I proposed. |
| |
|
| ▲ | criddell 4 days ago | parent | prev | next [-] |
| Cash being more useful wouldn't help you regain access to your photos, music, email, etc... when your account has been deactivated.. |
|
| ▲ | raverbashing 4 days ago | parent | prev [-] |
| This is the naive tech bro view You can't keep chasing alternatives when companies misbehave That's why there's a thick list of contract law precedents and consumer's rights and what not |
