Half a croissant, on a plate, with a sign in front of it saying '50c'
h a l f b a k e r y
Point of hors d'oevre

idea: add, search, annotate, link, view, overview, recent, by name, random

meta: news, help, about, links, report a problem

account: browse anonymously, or get an account and write.



Cross-reference Security Protocol

An app and website on your phone to verify actions raised by your accounts
  [vote for,

Google and some other companies do this

But it should or could be a standard protocol that sends a message to you to verify you want to do something.

When you make a payment. You are asked to approve the details.

When you change address Change account details Change an amount Change phone number Change email

We cross reference the details to see if they match and then approve.

It would show details such as map location, address, even a selfie.

chronological, Nov 02 2023

ID Me https://www.id.me/
[a1, Nov 02 2023]

Authy https://authy.com/
2FA w/o text messaging [a1, Nov 04 2023]


       Do you want to post this idea to the halfbakery?
[ ] Yes
[ ] No
pocmloc, Nov 02 2023

You selected "Yes" to post this idea to the Halfbakery.
Do you want to change your mind?
[ ] Yes
[ ] No
pocmloc, Nov 02 2023

       You selected "No" when asked about changing your mind regarding the posting of something to the Halfbakery. Are you sure you meant to choose "No", or did you mean "Yes"?
[ ] Yes
[ ] No
hippo, Nov 02 2023

       Standardizing something that many companies already do in a standard (to them) way? Can't see how that's an invention.   

       But give me some more info on the way you want to extend this. For example, tell me the use case and value of a company knowing where you where when "you want to do something" unless the thing you want to do is very location specific.,, ?
a1, Nov 02 2023

       All my banks, email providers, relationships with my utility companies, government and companies should use this system.   

       Then I can approve actions to my accounts.   

       As it stands in 2023, every company and government service has to build this functionality, again and again.   

       If we designed the applications interface and technical data protocol, we would have standard audit log and request list across all our accounts.
chronological, Nov 02 2023

       // every company and government service has to build this functionality, again and again //   

       Not really. There are existing services that multiple companies use. In the USA, "ID.Me" comes to mind as most of the government web sites I log in to use it (and so do many private sector firms). According to their own website they have over 600 partners.   

       From what I've seen, most of that is just for login verifications, but there are a couple that ask me to re-authenticate when making account changes. I think most companies will prefer to keep account information in their own silos even if they let a 3rd party authenticate the user.
a1, Nov 02 2023

       How is this better and more secure than the double-authentication done with your cel? I live in the hinterlands and the only drawback to getting a number is the time it sometimes takes. I’m not sure how this works. Does it work? Needs a new app?   

       [ ] Approve triple authentication.   

       [ ] Approve quadruple authentication.   

       [ ] Do not authenticate and just buy the damn thing right now.
minoradjustments, Nov 04 2023

       // is this better than double-authentication done with your cel ... does it need a new app //   

       Even if it's better, it's still not new. Authy provides 2FA *without* needing to get a text message in your phone. There are other apps that do this; Microsoft and Google have the own and there some interoperability between them (that is, even if Google says "enter the code from Google authenticator, I can get it from Authy as well).
a1, Nov 04 2023


back: main index

business  computer  culture  fashion  food  halfbakery  home  other  product  public  science  sport  vehicle