Two Factor

Any company you work for that offers two factor authentication? Some of these companies are used old/personal software that is only one data breach away from obtaining out information.

I've also noticed that a lot of these companies are using the same software stack. Anyone have any company recommendations that have payed on time AND has an extra layer of sign in protection?

There are things that shall remain a mystery.

Create an Account or Log In

Membership is free. Simply choose your username, type in your email address, and choose a password. You immediately get full access to the forum.

If you are wanting an MSC that uses MFA, you are not going to find it. I can't think of a single company that has it. Now some of the payment systems they use have it, but as far as seeing what jobs/shops are offered and getting into your "account", there is no current MFA set up.

Had a feeling, but happy to hear about the payment system. Can you (if willing) provide the companies that have at least payment systems with MFA?

There are things that shall remain a mystery.

Tipalti is a 3rd party payor used by BARE International and Curinos. I'm not sure what other companies use it. But I receive payments from these

What are you worried about them accessing your Sassie, or similar, profile? Any info that is there is basic contact plus some demographic information. All of that is already on the dark web, I guarantee.

And all the digital payment systems, every one of them, have MFA. You may have to enable it, such as Paypal, but they all have this option. It seems you are trolling for information here.

I'm not trolling? Me wanting to know if there's mystery shop sites that offer MFA for user login so that people can't changing specific details like my payment information is reasonable in todays information age.

There are things that shall remain a mystery.

That would be pretty hard to do. Go look at one of your of MSC profiles, and you'll see why. Also the amounts due are generally pretty low, so not a lot of juice for the squeeze if someone was to somehow figure out you had an account with an MSC, and how to get in to it, and you'd be notified. Bit of a reach.

Edited 1 time(s). Last edit at 11/16/2024 10:36PM by Cassiespark.

@Kaito wrote:

I'm not trolling? Me wanting to know if there's mystery shop sites that offer MFA for user login so that people can't changing specific details like my payment information is reasonable in todays information age.

I can't think of any that do MFA now that you mention it.
Sassie used to send you an email when you would update your profile, but I suppose if a hacker was to change the email address to their own, and change the payment info to their own paypal, you would never receive the notification about the profile being updated and they would get your payment. You could try sending Sassie or another platform an email about this being a risk, but they don't seem to move super quick with changes for shoppers.

If you change your address on Sassie, you receive an email to your current email address advising you of the change.

Honestly this all really far fetched. I sell cyber security software in my real job, and this isn't a place fraudsters are hunting. There isn't enough account or money to be had for them.

but all those $3 phone call shops I do add up :-P

@Cassiespark wrote:

If you change your address on Sassie, you receive an email to your current email address advising you of the change.

Honestly this all really far fetched. I sell cyber security software in my real job, and this isn't a place fraudsters are hunting. There isn't enough account or money to be had for them.

I did update one of my sassie emails to a different email and it notified both emails, so that's good. If a hacker got into Sassie or one of the other platforms, it could hit thousands of shopper accounts. I had a payment of $800 come in today, so not all payments are peanuts.
I'm in IT as well and we "never say never" so I'm surprised that you think this is so far fetched if you're in cyber security. Not being snarky or argumentative but my company would consider this a risk, maybe not at a critical priority, but a risk nonetheless.

I think only a platform like iSecretShop / Prism Intelligence could add MFA functionality. But I believe the platform pays via PayPal and Venmo. Not necessarily payments, but they could require the MSC to confirm login by pushing a confirmation request through the mobile app. I don't think they would add this for shoppers.

For work, I have to use a mobile app/device to authenticate and connect to the company network. And more personal brokerage/investment accounts are requiring it to login, even if you're not on a VPN.

I think its far fetched that an individual account would be hacked, which is what he is asking about with 2FA.

Is it far fetched that Sassie itself would be hacked? Who knows. They are in EC2, so it wouldn't be super easy. Or frankly, why anyone would want to do it. To harvest data? They'd have to be at the account level if you are concerned about payments being re-routed. I'd just think through, again, where fraudsters and hackers hunt and if the juice would be worth the squeeze here.

@joanna81 wrote:

@Cassiespark wrote:

If you change your address on Sassie, you receive an email to your current email address advising you of the change.

Honestly this all really far fetched. I sell cyber security software in my real job, and this isn't a place fraudsters are hunting. There isn't enough account or money to be had for them.

I did update one of my sassie emails to a different email and it notified both emails, so that's good. If a hacker got into Sassie or one of the other platforms, it could hit thousands of shopper accounts. I had a payment of $800 come in today, so not all payments are peanuts.
I'm in IT as well and we "never say never" so I'm surprised that you think this is so far fetched if you're in cyber security. Not being snarky or argumentative but my company would consider this a risk, maybe not at a critical priority, but a risk nonetheless.

@Cassiespark wrote:

What are you worried about them accessing your Sassie, or similar, profile? Any info that is there is basic contact plus some demographic information. All of that is already on the dark web, I guarantee.

Most of that information is publically available without any costs. Phone numbers, e-mail addresses, physical addresses, a list of your relatives, any roommates you've had, and more can be found online. Plus, historical data on all of those can be found.

It is also safe to assume that more sensitive data, like SNNs, are on the dark web. Your best defense against identity theft is simply a strong password that is frequently changed, don't use that password elsewhere. Also, do not use the same username throughout all your social media. That makes it much easier for someone to track you down. Nowhere else will you find me under the name ServiceAward.

There is the truth.
Then there is the right thing to say.

Edited 1 time(s). Last edit at 11/23/2024 05:18AM by ServiceAward.

All of this, yes!

@ServiceAward wrote:

@Cassiespark wrote:

What are you worried about them accessing your Sassie, or similar, profile? Any info that is there is basic contact plus some demographic information. All of that is already on the dark web, I guarantee.

Most of that information is publically available without any costs. Phone numbers, e-mail addresses, physical addresses, a list of your relatives, any roommates you've had, and more can be found online. Plus, historical data on all of those can be found.

It is also safe to assume that more sensitive data, like SNNs, are on the dark web. Your best defense against identity theft is simply a strong password that is frequently changed, don't use that password elsewhere. Also, do not use the same username throughout all your social media. That makes it much easier for someone to track you down. Nowhere else will you find me under the name ServiceAward.

Sorry, only registered users may post in this forum.

Click here to login

Two Factor

Create an Account or Log In

Official List of Mystery Shopping Companies

Mystery Shopper Magazine