I put in a credit card application for Bilt and they want address and id verification via fax. They really want me to send a fax apparently

Most of my documents are virtual now, and I don’t have a fax machine. I see that on Google play there are a variety of apps for sending faxes. Is this a good option to go through? Or should I print stuff and find a library with a fax machine

  • cereals@lemmy.ml
    link
    fedilink
    arrow-up
    41
    arrow-down
    2
    ·
    6 months ago

    Do they want you to fax them your Id?

    Whatever this company is doing, stay away from it. This is ridiculous. Fax isn’t encrypted at all. Anyone asking you to do this has no idea about security and shouldn’t handle your data.

    Also please don’t use some random fax app from the play store. They all seem sketchy as hell.

      • MajorHavoc@programming.dev
        link
        fedilink
        arrow-up
        12
        ·
        edit-2
        6 months ago

        Great question. There is an important difference:

        A standard phone call places a burden on malicious listening software to decode raw audio into computer parseable text, before it’s useful to an attacker. Computers are getting to be pretty good at this, but it’s still kinda expensive, relative to the massive amounts of hours of calls that one might need to snoop and parse to get a good tidbit worth stealing.

        Fax, being already raw image data, incurs a much lower cost of doing ocular character recognition (OCR).

        So an attacker can pay a lot for expensive voice recognition to pull an SSN off a voice call, or pay far less to pull an SSN out of a fax using OCR.

        Attackers like both, if they’re motivated and well financed. But an underfunded or lazy attacker is going to prefer to listen in on the fax line.

        Note that this is a reversal of previous security preferences, when the snooping would have usually been done by a bored human. Bored humans are great at parsing audio calls, and have no idea what they’ve overheard in a (bleep boop beepity boop) fax call.

        This has been: “Cybersecurity insights that make us all sleep a bit more poorly.”

        • explore_broaden@midwest.social
          link
          fedilink
          arrow-up
          4
          ·
          6 months ago

          This is a really good point, but I’m still curious how bad actors are doing the actual wiretapping on any more than a targeted scale.

          • MajorHavoc@programming.dev
            link
            fedilink
            arrow-up
            5
            ·
            6 months ago

            Great point. As far as I’m aware, for the most part, they’re not. Lazy bad actors can just buy a bulk set of fresh SSNs and credit card numbers off of the dark web for cheap.

            Fax is still a terrible solution, overall. But it’s not usually a huge risk - other than as a warning sign that one might be working with an incompetent or malicious organization.

          • cereals@lemmy.ml
            link
            fedilink
            arrow-up
            3
            ·
            6 months ago

            Probably nothing bad happens with those faxes. A malicous actor would still need access to the physical analogue line or to the network to sniff the RTP packets (depending on how the fax is transmitted) on one of the two sides. In theory all providers involved could also sniff the traffic since calls/faxes are never end to end encrypted. But something could happen, and I dislike it very much that they demand their users to take this risk.

    • stoy@lemmy.zip
      link
      fedilink
      arrow-up
      3
      ·
      6 months ago

      The financial, legal and medical sectors are built on fax, I know that companies often use efax services.

      This means that you email the efax provider, they turn the attached document into a fax and send it, then if the recipient uses an efax service the fax gets turned back into an attachment and emailed to the recipient.

  • darklamer@lemmy.dbzer0.com
    link
    fedilink
    arrow-up
    35
    ·
    6 months ago

    I would like to suggest that anyone who in the year 2024 insists on you communicating with them by fax can’t be trusted and your best solution is therefore to stay away.

  • Onno (VK6FLAB)@lemmy.radio
    link
    fedilink
    arrow-up
    20
    ·
    6 months ago

    The comments here in relation to the arcane nature of fax machines might not be aware that often this relates to legal requirements to receive physical proof.

    Interestingly, nobody has to my knowledge challenged the wisdom of this requirement in court. At the end of the day, there is no real way to prove your identity using either a letter or a fax.

    Using email, you could exchange an electronic key in person and know that the sender has the agreed key. Note that it still doesn’t prove the identity of the sender.

  • sndmn@lemmy.ca
    link
    fedilink
    arrow-up
    14
    arrow-down
    1
    ·
    6 months ago

    They don’t have fax machines where I live.

    The 21st century.

    • MajorHavoc@programming.dev
      link
      fedilink
      arrow-up
      5
      ·
      edit-2
      6 months ago

      Yes, but also somehow, fax machines will also outlive us all.

      Fun fact: It’s actually possible to avoid being exterminated by a T-800, if one sends a properly formatted fax to the correct number, during business hours, with a correct cover page.

  • Mountaineer@aussie.zone
    link
    fedilink
    English
    arrow-up
    12
    ·
    6 months ago

    This requirement is designed to be hard, and as such is a major red flag to me.
    What else is this company going to be difficult with?
    Can i only get customer support or cancel my account in person, between 9-4 on the 2nd Friday of the month?
    I would consider alternatives, if possible.

    • Sinfaen@beehaw.orgOP
      link
      fedilink
      arrow-up
      6
      ·
      6 months ago

      Bilt is backed by Wells Fargo I’m pretty sure. All of their other communication has been through email, it’s just this one thing

      Context: I’m trying to get points for rent

      • MajorHavoc@programming.dev
        link
        fedilink
        arrow-up
        8
        ·
        edit-2
        6 months ago

        Bilt is backed by Wells Fargo I’m pretty sure.

        I just threw up in my mouth a little.

        Surely those raging asshole scammers (in leadership) at Wells Fargo wouldn’t back an untrustworthy organization. (This was sarcasm. I believe they have before, and will again.)

        On getting points for rent, you’ll find that many law abiding organizations don’t allow it, under debt swap laws.

        Using points to encourage people to put a large critical expense such as rent, on a high interest rate credit card - is (correctly) considered unacceptably predatory, even in most modern capitalist dystopias.

        My recommendation is be very alarmed, and flee from this plan.

      • HottieAutie@lemmy.dbzer0.com
        link
        fedilink
        arrow-up
        2
        ·
        5 months ago

        First Union, which was bought by Wachovia, which was bought by Wells Fargo was my first bank account. Sometime around 2009, it came out that they were doing some pretty shady shit along with going out of their way to fuck their customers out of money by posting their purchases in a way that would maximize fees. It was a blatant dickhead move. I immediately closed my account with them and will never go back.

  • CaptainBasculin@lemmy.ml
    link
    fedilink
    arrow-up
    10
    ·
    edit-2
    6 months ago

    Post offices could work; hovever I wouldn’t really reccomend working with a bank that doesn’t have modern ways to recieve customer data.

  • 667@lemmy.radio
    link
    fedilink
    English
    arrow-up
    8
    ·
    edit-2
    6 months ago

    FaxSalad. I also have needed to send a fax when I have virtually zero paper, or even when I do have paper I still have no fax machine.

    You can even send it as HIPAA-compliant which they don’t (or are not supposed to) keep a server-side copy.

  • StrawberryPigtails@lemmy.sdf.org
    link
    fedilink
    arrow-up
    6
    ·
    6 months ago

    Well that’s a tech I haven’t heard of in a while. I suppose it tracks that if telegrams were still in use till 2006 that fax’s would still be in use today.

    To help answer your question, a cursory search turned this up:

    https://www.howtogeek.com/218505/how-to-fax-a-document-from-your-smartphone/

    https://www.getfaxing.com/2016/05/02/can-i-use-my-mobile-cell-phone-as-a-fax-modem-to-send-a-fax/

    Honestly, it should be possible to send faxes from your cell phone for free though. Or from a laptop using your cellphone’s voice line. It’s a phone after all and fax machines sent their data over phone lines. I seem to remember using my cell phone for dial up internet back in the day, so it should have been possible to send faxes at that time as well. Unless there is an OS limitation, I can’t see any reason why that might have changed, even with the changes in tech since then. Hell of a rabbit hole you’ve found for me! Thanks!

    • StrawberryPigtails@lemmy.sdf.org
      link
      fedilink
      arrow-up
      6
      ·
      6 months ago

      @Sinfaen@beehaw.org

      Digging into it further it looks like modern phone technology has become incompatible with fax and modem technologies. Seems to be something to do with how voice over IP (VOIP) compresses the voice line which damages any digital signal sent over it. It looks like this affects both cell phones and modern landlines as well.

      The only real options in 2024 seem to be to use a fax service, or to purchase a landline that explicitly supports fax and use a fax machine or a computer with a modem to send the fax. A fax service would probably be cheaper for a one off fax. Thanks again for the rabbit hole. That was interesting!

      https://forums.macrumors.com/threads/can-i-hook-up-a-fax-machine-to-my-iphone.485116/

      https://superuser.com/questions/748154/use-a-smartphone-as-a-dial-up-modem#748163

  • DudeDudenson@lemmings.world
    link
    fedilink
    arrow-up
    3
    ·
    6 months ago

    Have you asked if you can’t use regular physical mail or walk the papers to an office yourself?

    Otherwise you’d be better off finding someone in an office somewhere that still has a working fax machine and offering them a few bucks to send it

  • pelletbucket@lemm.ee
    link
    fedilink
    arrow-up
    1
    ·
    6 months ago

    there’s an app called eFax but I don’t know if it’s free. your local FedEx store will probably send a fax for you for like a dollar

  • pelletbucket@lemm.ee
    link
    fedilink
    arrow-up
    1
    ·
    6 months ago

    I used to work at a car dealership, this was like 15 years ago, and even then we already had an email system set up that could send and receive faxes for insurance shit.