Tell HN: Things I Learned about Credit Bureaus This Week
1. Equifax has no escalation path for security breaches on weekends. Even if a breach potentially affects millions of accounts, there is no way to report it until Monday.
2. TransUnion has no ability to investigate hacks or security breaches. They can only generate a reference number for the customer to file a police report with. (Note that their top product category is Credit Management & Protection.)
3. TransUnion and Equifax do not cooperate on investigations. Despite evidence that suggests the same hacker was at work, neither credit union indicated any interest in even talking with the other.
4. If your TransUnion account is hacked, you will lose online access for life. You will never be able to download your credit report from TransUnion again, and can only get it via mail. For life.
5. Experian displays your mother’s maiden name on your profile page. There is no way to hide this, obscure your mother’s maiden name, or select a different security question.
6. Experian agents cannot view support ticket numbers or track tickets. Only a supervisor can access ticket numbers. Of course, that means you need to talk to a supervisor…
7. Equifax and Experian are extremely reluctant to generate a ticket or escalate to a supervisor. At Equifax, I requested to speak to a supervisor 7 times. At Experian, the agent awkwardly tried to resolve a CloudFlare server error by asking if I was using Internet Explorer. It felt endemic. I did not sense this at TransUnion.
This experience has eroded my naive confidence in the consumer credit system. The burden for prevention, monitoring, and remediation is borne almost entirely by the customer. This doesn’t seem right.
33 comments
[ 4.4 ms ] story [ 71.8 ms ] threadEdit: [1] http://www.flyertalk.com/forum/chase-ultimate-rewards/168257...
http://aei.pitt.edu/33375/1/ACCIS-Survey_FinalReport_withCov...
Jump to page 31 to see what is stored by the bureaus in each country.
As an aside: Guess it's time to put a credit freeze / lock on my record so the scammers can't hijack things. Lame that the agencies can charge us for this self - protective measure.
If you could create a system using publicly available data that is a statistically and meaningfully superior way of predicting risk, it would be immensely valuable to the asset owners that are buying mortgages, insurance products etc. that rely on credit scores. You’d have to get them to demand it enough to change their underwriting guidelines (a morass of bureaucracy), but once they do, you’d also gain some steady demand and a moat of competitive advantage.
The problem is, making people's financial transaction data public is essentially illegal and represents a competitive advantage.
You'd have to start with convincing major banks / credit issuers to report people to you. With that data, you could build what you suggest. The real hurdle is convincing people to do that and complying with the regulations.
Are you mixing up credit scores and credit histories?
"If you could create a system using publicly available data that is a statistically and meaningfully superior way of predicting risk"
That's what underwriters at banks and other lenders try to do, albeit with not just publicly available data.
With all the recent privacy buzz - this may attract necessary attention to shake out this swamp.
I had my identity stolen and then bad information was mixed into my account information. It took years to get things straightened out.
Even to this day, years later I can't do any online credit verification because it has data mixed with it from the credit bureaus, and I routinely get answers wrong because of this. But there is no one I can complain to, especially for these online data tests.
The best way to get something done is to do a proposition in states that support it, like California, and get a law voted in that forces better behavior from the credit bureaus. Then, because California requires it, chances are change will occur throughout the country.
This stops a lot of the low hanging identity theft cases.
http://www.consumer.ftc.gov/articles/0497-credit-freeze-faqs
https://help.creditkarma.com/hc/en-us/articles/202041774-I-h...
So, I have been told constantly to "correct" my information with them - FUCK THEM! They bought/stole my personal information - I have no business with them.
Call me naive, but I wish more people would not give a damn about them either.
When I needed a loan to buy my house, I spoke directly to the loan officer face to face and told showed them all documents they needed and told them that if they need to consider my approval based on "Credit Score", I did not care.. I showed them the mistakes and mis-information they have in my credit report and -when he asked me to call them to fix it - I told him that I would not do that because I do not consent them holding my information. Two days later, the load officer called me to tell me my application was approved.
People need to do this more often.
Their whole system is based on an antiquated idea of singular "identity" that only worked when it was one small part; it simply doesn't scale. Some arbitrary facts about a person do not form a legitimate authorization mechanism!
The only way things are going to change is for people to realize they have absolutely no responsibility for a third party being defrauded.
Opting out of the entire thing is the best way to eliminate this scam. It is absolutely stupid that in the US your financial life is dictated by an opaque algorithm and an entrenched bureaucracy.
If you live carefully you don't need credit at all, ever, except for possibly buying a house as you said. All other purchases... car, food, etc are easy enough to save up for... and if not, just do without until you can. Such a lifestyle sucks if you are used to instant gratification and living beyond your means (been there) but you can sleep better at night.
If more people followed your advice we would surely be better off... even in the circumstance of buying a house as you said, they will find a way... they are after all paid on commission :)
It's not 'an opaque algorithm'. I'm assuming the US is similar to the UK, in that banks/lenders use credit bureaus for access to data. That data is then fed to the lenders' own systems for processing (to create a score, check against certain criteria etc.).
If banks did not have such reliable access to your credit status and history, they'd be less likely to give you a loan, and offer credit on worse (for the borrower) terms.
Also even if you don't want to borrow money here is a list of things in the US that are increasingly based off of FICO:
1) car insurance 2) employment 3) wireless phone contracts 4) copper phone lines
I'm sure there are more... but you get the point I hope
This is one of few things that I would love to help correct as a business opportunity and a social good, but at the moment, the way the laws are structured makes an EXTREMELY high bar to get in, and these terribly flawed companies are highly protected.
Not to detract from their incompetence, but still: never answer a security question with a true answer. That's what password managers are for.