Undercover Tourist Demanding I Share Photo of Drivers License or Passport with Plaid Verification

[Mrs.AMC]

That would bother me too. I have never been asked for ID verification from UT and it would probably make me look elsewhere.

Everything is trustworthy until it gets hacked. A lot of people were touting Lastpass for storing passwords, then they recently got hacked. I would rather not have yet another company with my info.

That's why I haven't any issues with Plaid
They are no worse or better in regards to data than others
It seems everyone or everything is hacked or hit with a breach sometime or another
I dare say, if you have ever made an electronic purchase in your life, you have been involved in one.
It's just inevitable.
I'll knock on wood but in all the decades that I've done electronic purchasing I've had exactly 1 fraudulent purchase done, nearly 20 years ago now. For about $20 and the bank immediately reversed it.
I sure hope I haven't jinxed things......

 

[mgarbowski]

That's why I haven't any issues with Plaid
They are no worse or better in regards to data than others
It seems everyone or everything is hacked or hit with a breach sometime or another
I dare say, if you have ever made an electronic purchase in your life, you have been involved in one.
It's just inevitable.
I'll knock on wood but in all the decades that I've done electronic purchasing I've had exactly 1 fraudulent purchase done, nearly 20 years ago now. For about $20 and the bank immediately reversed it.
I sure hope I haven't jinxed things......

In the big picture I'm generally in agreement.
On one hand I'm resigned that my info is everywhere and I have close to no control over how it is protected, or not. I think it is likely Plaid has a decent chunk of my info even though I never heard of them before this week. OTOH, where I can control matters I prefer to avoid sharing info unnecessarily, and I do doubt that Plaid already has an image of my ID, so I'd rather not send it to them to buy a theme park ticket when I can buy the ticket elsewhere without doing that. Maybe it makes no difference and I'm just making myself feel better without any real substantive change in the grand totality of my data online, but one does what one can.

 

[lilmc]

I bought tickets from UT last week. Very old credit card, nothing awry. It also asked me to upload a photo of an ID and it failed several times. Eventually they reached out to me via email as to what would be a good time for them to call me to verify my info. When they called me they didn’t ask to verify anything “sensitive” just basic “it’s you who placed the order info” like type of tickets I bought, address, names, etc.

 

[hsmamato2]

Huh..... I don't think we were asked to verify anything like this in December thru UT.... I know I wasn't a few years back but I wouldn't trust Plaid, they recently had to do a big payout for massive data breach.

 

[Da Bird is Da Word]

That’s weird. I ordered from Undercover Tourist for the first time for my most recent day trip and it was a headache when we got to the parks. Apple wallet didn’t work so we had to wait in line and get ticket cards. Then the cast member told us the tickets were under my 11 year old brother’s name instead of my own, and he’s a minor and doesn’t have ID. The cast member got us taken care of but all the adults in our party had to present our ID, and it was a somewhat stressful couple of minutes waiting outside the gates. I think things might’ve gotten messed up when I had to refund my mom’s ticket because she couldn’t make it at the last minute.

For what it’s worth, the Undercover tourist ticket refund was immediate even though they told me it would take up to 5 business days. And everything worked out in the end. I may opt to use Perks at Work employee discount website that I have access to from my employer the next time I go. The cast member advised to always buy straight from Disney to avoid headaches, and if money isn’t an object then that may be sound advice indeed. But I’m always trying to find ways to save when booking Disney trips lol

 

[DCLMP]

I wouldn't do that either. I have bought tickets from UCT many times, but that kind of hassle and invasion of privacy would have me buying elsewhere. I really don't see why that is necessary to buy a ticket to a theme park. They may lose business doing this and change course.

 

[DCLMP]

That's why I haven't any issues with Plaid
They are no worse or better in regards to data than others
It seems everyone or everything is hacked or hit with a breach sometime or another
I dare say, if you have ever made an electronic purchase in your life, you have been involved in one.
It's just inevitable.
I'll knock on wood but in all the decades that I've done electronic purchasing I've had exactly 1 fraudulent purchase done, nearly 20 years ago now. For about $20 and the bank immediately reversed it.
I sure hope I haven't jinxed things......

I've never been asked to upload a picture of my ID buying any product online. It just seems so odd that they would ask that.

 

[ajrwdwgirl]

I haven't ever had to upload an id for using Undercover Tourist. I have had to check my credit card statement for a small charge from them and then enter that charge amount on the UT site as verification. That was a bit annoying but better than uploading an id, which I don't know if I would do.

 

[Sweettears]

Last time I went to buy one the ID issue came up. Never heard of it in 20 some years of using UCT. I complained about it for safety considerations and they put the purchase through without it.

 

[DisneyTarheel]

Just don’t give them your bank id/password. Some of Plaid’s services require it. Totally unacceptable and not a security best practice.

 

[_19disnA]

I've never been asked to upload a picture of my ID buying any product online. It just seems so odd that they would ask that.

I agree. I buy lots of thing from different companies online and none of them have ever asked for any kind of ID info and certainly would refuse to do that if they asked. Most online purchases involve inputting your CC#/expiration date and you never even interact with a live person. What is it these other companies are able to do that UCT hasn't figured out?

Any company asking for my bank id/password would set off alarm bells. NO ONE needs your password to anything to make a purchase.

 

[Disney_David]

In case this hasn’t already been noted, there’s legislation in place that requires authentication (NACHA rule) the first time a web payment is debited from a (new) bank account. It is supposed to be authenticated and that can be via a number of ways (I will say my experience is collections not this type of payment), but Plaid is one of the companies my clients use to provide that verification service

 

[Disney_David]

https://www.saltmarshcpa.com/cpa-news/blog/nacha_s_web_debit_account_validation_rule.asp

Should have added that is for ACH payments. I don’t pay for anything online using my back account (always card, I run global fraud services and would never put my back account number in anywhere), so I’ve never run across it myself either

 

[Sweettears]

In case this hasn’t already been noted, there’s legislation in place that requires authentication (NACHA rule) the first time a web payment is debited from a (new) bank account. It is supposed to be authenticated and that can be via a number of ways (I will say my experience is collections not this type of payment), but Plaid is one of the companies my clients use to provide that verification service

ACH can easily be verified by the originating bank passing through a pre note transaction which is basically a $0 amount transaction to verify the accuracy of the information.

 

[pigletto]

Interesting. I’ve purchased from Canada many times and never been asked for I.D.
I have been asked to do that thing where they verify by putting a random amount on your credit card and you go and answer what the amount was to verify. It’s always under a dollar and just a test.

That I am ok with. Uploading my drivers license or passport .. not a chance. As someone else said everything is perfectly safe until it isn’t and you hear of the huge data breach. Just because my info is already out there doesn’t mean I need to upload personal ID for theme park tickets. Like I said .. never been asked from Canada.

 

[Disney_David]

ACH can easily be verified by the originating bank passing through a pre note transaction which is basically a $0 amount transaction to verify the accuracy of the information.

Yep, agree, that’s one of the approved methods. There’s a few of them. My clients don’t use that because it’s not instantaneous. This post is more detailed and covers authentication methods

https://www.fiserv.com/en/about-fis...-s-new-web-debit-account-validation-rule.html

 

[Mackenzie Click-Mickelson]

That's why I haven't any issues with Plaid
They are no worse or better in regards to data than others
It seems everyone or everything is hacked or hit with a breach sometime or another
I dare say, if you have ever made an electronic purchase in your life, you have been involved in one.
It's just inevitable.
I'll knock on wood but in all the decades that I've done electronic purchasing I've had exactly 1 fraudulent purchase done, nearly 20 years ago now. For about $20 and the bank immediately reversed it.
I sure hope I haven't jinxed things......

There's a website you can look up although I'm blanking on that right now but it would show you all the times your e-mail address has been hacked. Just about guaranteed you've been part of that. E-mail address may seem harmless but phishing e-mails can be sent there, information obtained, etc.

Paypal just had a breach of customers, T-mobile just had one (a newer one). The paypal one is more grave as people's SSN were part of the information obtained. T-mobile had addresses, name, etc but not pin/password stuff.

Your information is on the dark web have no doubt on that..it just may not be an actual charge to your account..

 

[Lewisc]

Undercovertourist was sold the middle of 2022 to EBG. That may be responsible for changes in processing purchases.

There are other Disney ticket resellers. You can purchase tickets directly from Disney. Guests who aren't comfortable with UT practices shouldn't do business with them

 

[Mackenzie Click-Mickelson]

Undercovertourist was sold the middle of 2022 to EBG. That may be responsible for changes in processing purchases.

It wouldn't be because this process has been in place with UT for years. Even back in 2016 when we purchased our 2017 tickets I remember hearing some people getting the verification request.

We've purchased from them in 2016, 2019 and 2022 for WDW, DLR and USO so we personally feel comfortable using them but understand why others aren't.

 

[Lewisc]

It wouldn't be because this process has been in place with UT for years. Even back in 2016 when we purchased our 2017 tickets I remember hearing some people getting the verification request.

We've purchased from them in 2016, 2019 and 2022 for WDW, DLR and USO so we personally feel comfortable using them but understand why others aren't.

I've never been asked for verification. I don't know if the number of verification requests have increased under the new owners.