I agree with your first point, or at least I'd imagine so. I've heard it suggested though that they don't so who knows!
To me, it seems like they just have a badly thought out verification process when they should be doing something else - for instance, they could just the last four digits of your payment card or some other piece of relatively secret information. You have indeed crystallised what my issue is in this situation there!
To me, it seems like they just have a badly thought out verification process when they should be doing something else - for instance, they could just the last four digits of your payment card or some other piece of relatively secret information. You have indeed crystallised what my issue is in this situation there!