When Security Becomes a Burden: The Headache of Using Your Online Accounts While Traveling and Some Ways to Get Around the Problems

Would you give Facebook a copy of the information page of your passport, even if they promised they would destroy it once they used it to verify your identity? I didn’t think so. Nonetheless, that was the dilemma I was faced with on my recent trip to Japan. Now, I understand that Facebook is just trying to protect me. After all, they’ve been repeatedly criticized for their security, but this seemed to be going a little too far.

So how did it come to this? Well, first of all, when you are overseas or, sometimes, even just on another computer, a security alarm is automatically activated that tells Facebook that something might be wrong. Commonly, as it was in my case, you get a message saying that a code has been sent to your cell phone that you can use to get into your Facebook accounts. That sounds simple enough, IF MY CELL PHONE WAS WORKING IN JAPAN! As it turned out, even though I had my cell phone, my European cell phone provider had no branches in Japan. I really didn’t want to go through the trouble of having my phone activated through a Japanese service provider just to get into Facebook. I tried the alternate route of answering my secret security question, but it ended up just leading me back to the page that told me a code would be sent to my cell phone. I then tried the last resort they gave me: that for a person who did not have access to their phone. That’s when they told me to “Please upload a digital image of your government-issued ID. Once we use this image to confirm your identity, we will permanently delete it from our servers.” I almost did it. I luckily had access to a scanner, but, at the last minute, security concerns made me hesitate.

So, if you find yourself in this situation, here’s the workaround. I asked a friend in Japan if I could use their phone number to retrieve the code. This worked. Facebook sent the code to this number and my friend relayed the information to me. But this got me thinking. If I was a hacker say, just for example, from Russia or China, and I happened to get your password, could I just get into your account by using my own cell phone to get your code? Probably.

That took care of Facebook, but what about other online services? Well, Yahoo was a simple security question and I was in. Gmail just let me log in normally. Whether this was good or bad was another question, but, at the time, I appreciated it. You may find that some of your Google Apps are grayed out. This is because Google detects your location and, I guess, supposes you aren’t interested in certain apps. This is why I was given Google Japan as my default search page. I wanted to use Google News but it was grayed out. To get around this problem, go to the bottom right hand corner of your Google search screen and choose the “use Google.com” option. Then, there was Linkedin.

Linkedin said they would send a code to my email account and then I could enter it and get into my account. That sounded fair. I got the verification code, entered it, and got a message saying that the code was invalid. How was this possible when they had just sent me the code? So I tried it a few more times before I gave up and decided to get another code. This also received the invalid message. I tried to get another code, but got a message that I had exceeded my number of code requests and should wait before requesting another one. I couldn’t find a way around this and simply gave up in frustration. However, the next day when I tried one of the codes, it unexpectedly worked.

It is not unusual to encounter credit card problems when traveling abroad. Normally, if I make an online purchase over a certain amount, the bank gives me a call and asks if it was, indeed, me who made it. However, if they called my home phone while I was in Japan, I clearly could not answer it. That initiated a block of the credit card. I thought maybe I had maxed out my credit card. I tried to remedy the situation by logging into my online account (which, surprisingly, I did with no problem by using the Polish site for my bank) and transferring money into my Visa card account. However, I got a message that I could not do this so long as my card was blocked. No problem, I thought, I would just call Visa Japan, explain the situation, and have them unblock my card. If only life were so simple.

Visa Japan couldn’t help me. They told me I would have to call my bank in Poland. I went through the usual list of automated messages until I heard, “For English, press 5”. I did so and, after waiting for a couple of minutes, some guy came on and, in Polish, asked me how he could help me. I asked if he could speak English and he said no. I asked him if someone was there who could speak English to which he also gave a negative response. These questions seemed to aggravate him. After all, it was 2am in Poland and I had probably just woke him from a sound sleep. So, I tried to answer all of the random questions he threw at me in Polish. Although I am communicative in Polish, there were some words, like mortgage, which I simply did not know. He refused to help by simplifying the questions and, even though I explained that my Polish wasn’t that great, he kept rapidly firing question after question at me. In the end, I suppose I did enough to convince him I was who I said I was. Either that or he just wanted to get back to sleep.

Finally, if you have any accounts that require passwords and those passwords are remembered by your browser, be sure to get those passwords before you leave or you will have to get new passwords for each site. This happened to me when I was planning to use Skype. I got my email from Skype with instructions for resetting my password but noticed that the username in the email they sent me was not mine. In fact, my account had been compromised. I then found information published online earlier this month, on how any Skype account can be hacked using only a person’s email address. I did not click on the token that was sent me. I decided to wait until I returned to Poland to solve this problem. To do so, you will have to fill out a form that asks for a lot of uncomfortable information…twice.  They finally told me they would send me another reset password token, which is how the aforementioned hack begins. I am, therefore, reluctant to take this step, even though Skype is said to have fixed this hole. Since you will not know if your account has been hacked, I would STRONGLY recommend that you change your Skype password. If you receive a message from Skype identifying you with the wrong username, you have been compromised and so has everyone in your contact list. In this case, you may have to set up a new account with a different email name and tell all your contacts to do the same. I know this isn’t what anyone wants to hear but such is the case. I regret that the media hasn’t given this exploit more attention as it could have far-reaching consequences.

To put it simply, the next time you travel, expect to encounter some online problems that grow proportionally with the distance you travel from your home. If you plan on traveling to Russia or China, expect to experience a number of cyber security adventures you have only had nightmares about. The good news is that, after such adventures, returning home to the world of normal security problems will be a comforting experience.

 

 

About Steve Mierzejewski

Marketing consultant for InZero Systems, developer of the next generation in hardware-separated security, WorkPlay Technology. I've worked in Poland, Japan, Korea, China, and Afghanistan. I'm a writer, technical editor, and an educator. I also do some work as a test developer for Michigan State University.
This entry was posted in Uncategorized and tagged , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s