We use AIM instant messenger almost exclusively in the office for communication and it seems the entire AIM network is down right now. Very weird to see only 1 or two people on my buddy list at the moment, since I am back up but it seems most people are not. Now I see why all the Twitter users get so frustrated 
An article in the Sun Times discusses the failure of the credit protection service, Lifelock, for protecting it’s very own CEO, Todd Davis, from the abuse it’s designed to protect. According to the article, there were 87 instances where people tried to use Davis’s social security number for dubious purposes. One of those times the person was successful, and was granted a $500.00 loan in Davis’s name.
Davis excuses this breach by saying the institution giving the loan didn’t run his social security number through any of the 3 credit reporting bureaus. But this infringement just goes to show that there are a whole bunch of use-cases for bad guys to steal your identity and do other very nasty things with it. The article points out a bunch of examples such as dealing with job applications, medical services and even when dealing with the law. Leave it to the imagination of a determined criminal and with the far reach of the internet and I’m sure the possibilities of wrong doing are limitless.
While the Lifelock service does have some merit, it’s certainly not the silver bullet of identity protection. Just like anything that has value, you must keep your identity information very close to you and only let it out when absolutely necessary. The responsibility of protecting one’s own identity is still belongs to that individual.
At BeenVerified we are super careful not to ask for our users’ social security numbers’ unless absolutely necessary and even then we only ask for the last 4 digits and never store it. We use it one time and it’s gone from our system. Additionally we have super secure systems. We use time tested best practices for locking our servers and keeping our code secure from attack.
Any user that is prompted for a social security number from a website must have extreme confidence in that institutions security measures. Read the security policies, privacy policies and do some research about the company. Even then, I would recommend rethinking the sharing of that information unless it was absolutely necessary.
As for website owners, I suggest to try and find other methods of achieving the same goals without using your user’s social security numbers or any sensitive information for that matter.
Also, to those who wish to get the benefits of Lifelock without paying for it, you can get the same service for free by contacting any of the 3 major credit bureaus.
According to the Transunion Fraud Page:
A fraud alert can make it more difficult for someone to get credit in your name because it tells creditors to follow certain procedures to protect you. It also may delay your ability to obtain credit. You may place a fraud alert in your file by calling just one of the three nationwide credit reporting companies. As soon as that company processes your fraud alert, it will notify the other two, which then also must place fraud alerts in your file
Please make sure to contact each bureau individually to ensure that each one has placed the protection on your account as some people have reported that the sharing of information between the three are sometimes very slow.
We spent the last week or so enjoying working normal hours and just relaxing after the past four months of re-building BeenVerified. Today, we felt it was time to jump right back into mix and kick things into high gear again.
We are very happy to announce the official launch of the BeenVerified API. The API provides an easy and secure way for developers to integrate BeenVerified directly into their own website or application’s look and feel. The authentication process follows the Oauth protocol and is meant to give our users control over who can access what parts of their information without having to give up their username and password. The process we use is similar to how a third-party website and the end-user interacts with a website like Flickr or PayPal.
When we first started BeenVerified, we had a very clear idea of where we wanted to go. The initial concept was that there had to be a better way for online users to secure their privacy and yet increase transparency at the same time. By increasing transparency, we knew that in turn would also make them more successful at whatever they were trying to do online (dating, job seeking, etc.). Also, there were some standards that we personally wanted to adhere to. Exactly how we were going to accomplish all of that, was what took all these months to work out. The feedback we got from “smart money” , fellow entrepreneurs, initial partners, friends in the identity space, and most importantly our users, gave us a very good guideline for what we needed to build.
This new API gives us a great platform for us to grow BeenVerified in terms of scale and also service users in many different ways. We look forward to seeing how the developer community can use BeenVerified within their own applications. While at the moment our API is read only, we are looking for partners that feel they could add value to having their users import data to BeenVerified as well.
You can learn more here or if you have any questions you can check out our API Forums and feel free to pester our development team.You can read up on the API Documentation HERE and get a developer key HERE.
Check out this ScreenCast to see how BeenVerified interacts with third-party applications.
Late last week we pushed live a brand spankin’ new version of BeenVerified.com. The new version does a lot to trim the fat on some of the features that weren’t being used and focuses on making the important features even easier to use. Also, we re-built our entire codebase from the ground up to allow for a simple API and to let developers build on top of the BeenVerified platform. The RESTful API is built on top of the OAuth protocol and allows for our users to grant permissions to third parties to access specific pieces of their information without giving up their username and password. It also allows for users to update those permissions at any time. We like to think that we built something that is a major step forward in the management of your private data online.
The new version is feature packed so we will not get into all the specifics right now, but in short, the emphasis has been on allowing users to have more control over their data and choose when, where, and what people see about them. Some of the features include giving users the ability to create as many personas as they wish, sharing their credentials with third-parties, managing private info requests, and a much easier sign up process. We also added in some free verifications like email and website ownership, which is being supported by MicroID. Therefore, allowing users of sites like Claimid.com and Plaxo.com to be able to verify ownership of their profiles instantly. In a few short clicks, (cut and copy) you’re also able to verify any website where you have access to the HTML.
We will be explaining all of these features in depth over the upcoming weeks, but for now we wanted to thank a few people for their support in helping us get from our initial beta to where we are today. First, we’d like to thank Bill Al who pulled us aside at Sun Startup Camp and said “Hey, I know these Identity people you should meet”. He was right and at each step of the way members of the Identity Gang have been there to guide us and throw in their two cents. Thank you especially to Bill Washburn whose advice and brainstorming with us has been invaluable. We look forward to working with him even more in the future. Also, the gracious hosts of IIW; Phil Windley and Kaliya Hamlin.
A huge thank you to Eran Hammer-Lahav whose personal guidance on OAuth has helped shaped our API and allowed us to get to this point in a big way. Writing the spec for a protocol as important as OAuth is no easy task and he was just the person needed to see the spec to its completion. Thank you also to Chris Messina and everyone else who pitched in on making Oauth possible. The last thank you goes out to the New York City tech scene which we are proud to be a part of. Allen Stern, our transparency brother in arms John C. Havens, and all of the NextNYer’s out there every day representing the NYC and those of you who continue to build invaluable web services.
The really, really last thank you goes to the whole BeenVerified.com team over here. A monstrous amount of time and effort has been put in these last few months to get our product to where it needed to be and they all deserve a very big thank you (and lots of beers!). If I never have to look at our CTO, Jason Amster, at the office at 2am for 5 nights straight again I would be a happy man. He took on an enormous effort and worked harder than one man should. Also, if you find a bug in the code, I’m sure he’d love to hear about it!
There are many more people to thank but we can save that for the next awards speech. For now, it’s back to work and back to making BeenVerified.com the easiest and most secure way for you to prove your identity and accomplishments online. Much more to follow, stay tuned…
Some interesting stories coming out of South by Southwest today, but none more appropriate for us here at BeenVerified than the media frenzy surrounding the chaos of Zuckerberg’s keynote interview and his admittance that Facebook messed up when it comes to user privacy. The Wired Magazine article, “SXSW: Zuckerberg Keynote Descends Into Chaos as Audience Takes Over”, detailed how the audience was not happy with the questions being asked and took it upon themselves to ask what they felt were the real issues. Apparently, “after some more shouted remarks, Lacy turned the microphones over to the members of the audience, challenging them to come up with better questions. Attendees rushed to the microphones and got right to it, asking Zuckerberg about privacy and data portability…”
We see this as momentum building around giving internet users control of their online identity and making it easy for them to take their data where they want, when they want. As mentioned in our last post, we have been working on something for the past few months that does just that and we are getting pretty excited to roll it out very soon.
Business Week also had an interesting detail of the events, “Facebook CEO Admits Missteps”, although a much more water downed version of the events. They focused more on Zuckerberg’s comments that indeed users want more privacy and control of their data. According to the article, Zuckerberg said, “almost all of the mistakes we made, we didn’t give people enough control,” he said. “We need to give people complete control over their information. The more control and the more granular the control, the more info people will share and the more we will be able to achieve our goals.”
We are curious to see what Facebook comes up with (if anything) to actually rectify this or if they are just talking to satisfy the masses. One thing I will mention about our upcoming new release is that the major focus is on granularity and giving our users the most control possible on each piece of information they wish to share with the world. It took a lot of work (basically, re-building our entire web application) but as Mark noted here, and we were able to tell months ago, we felt it was of utmost importance to help advance our business.
New release is coming soon and then we can really talk without being so cryptic ;)…
Photos: Jim Merithew/Wired
It’s been quite a long time since our last blog post but we are happy to say that pretty soon BeenVerified is going to have a whole new feel and agenda. We spent the last few months analyzing requests from our users and taking a look at how BeenVerified was being used and more importantly how people wanted to use it. We met with tons of smart people, both in and out of the identity field, and added their feedback to our list of things to accomplish as well.
The results of three months of being locked in our office (it’s winter in NYC so no big loss, really) is pretty close to being unveiled and we are extremely excited about it. We added tons of flexibility to the use of our services and actually wound up taking out a lot of features that weren’t being used. We tried to keep things simple as possible. We will keep you all posted and of course provide full details of our new updates once we go live with them.
Current users there should be no disruption in our service, so nothing but good things to look forward to…fingers crossed
BeenVerified would like to officially welcome all Citizendium.com members to BeenVerified. Citizendium is an online encyclopedia project that was started by Larry Sanger, one of the founders of Wikipedia. The Citizendium project is different from Wikipedia in the fact that they use real names and real identities. Additionally, Citizendium puts more emphasis on transparency and does not tolerate some of the policies that have gotten Wikipedia in trouble in the past. Their goal is to create a knowledge base of resources that can be trusted because editors are held accountable. For full details on the difference between Citizendium and Wikipedia, check out “We aren’t Wikipedia”.
BeenVerified will be providing Citizendium members with identity verification should they choose to become members of BeenVerified and it will be an optional service for Citizendium users. Going forward we will be working with Citizendium to implement some features that would let members voluntarily choose which credentials they would like to present on their Citizendium pages. We are very excited to be working with Larry, his team of editors, and all of the Citizendium members. We think having the ability for authors to prove their credibility from within their wiki postings is a huge advancement in the wiki process. Additionally, prior to BeenVerified, this was something that was not possible on the anonymous web.
If you would like to contribute to Citizendium, you can do so here. If you would like to read more about how they review a contributing editor’s application you can go do so here.
If you would like to learn more about becoming a BeenVerified Partner, please visit our Partner Page.
VisionWiz writes a summary of start-up companies on his blog and posted a summary of BeenVerified, titled “BeenVerified—Now You Can Trust Internet Profiles”. I wanted to pass this along because I think that line makes a great point about BeenVerified. Prior to the launch of our service, it was virtually impossible for an online user viewing someone’s profile on a social network, dating site, or job site to know whether or not that person is a) who they claim and b) has accomplished what they claim. The reason Ross and I started this company is because we had gotten burned so many times hiring freelancers from all over the globe that turned out to be nothing but fraudsters.
In the last few years, the Internet has built up a huge infrastructure capable of handling millions of meetings, interactions, and discussions amongst people. Does anyone even remember when the web was called the “Information Super Highway”? For the most part, the web has become about people and meeting people for fun, romance, money and all the other things you do with people offline. The downside to all of this is that people can create a profile with a false identity instantly. It doesn’t even take stealing an identity, as much as just signing up for a service and filling in the blanks on your profile and then start sending it to people.
In the Sunday New York Times this weekend, they ran an article about the founder of a website called PlentyofFish.com which is a free online dating site. From the article, “the principal customer service that Plenty of Fish provides is responses to complaints about possibly fraudulent identities”. This is not surprising considering that the site lets anyone sign up and then anyone can post any info about they want. It is very easy to create a profile that says you are a 35 year old doctor from New York City but you really are a 15 year old from the Midwest. That is one of those things that doesn’t seem like a big deal, until you are the person who spent months investing in what you thought was a legitimate relationship.
So I thought the title to that blog posting, “Now You Can Trust Internet Profiles”, was great. It sums it all up, that NOW communities have an easy, free way for members to prove they are who they claim. Since BeenVerified is always voluntary, communities just need to offer it and let their users decide if it is beneficial. We started this for freelancers and job seekers but almost everybody and every community has a need for knowing the true identity of the people they are meeting online.
Everything our service represents revolves around transparency, being open, and the ability to communicate effectively about yourself and your product or services. That’s why we are excited to announce that we will be using Get Satisfaction to help manage and improve the dialog between us and people interested in our service. The great thing about Get Satisfaction is that while it functions as a FAQ, Forum, and Help Desk all rolled into one, it is set up so that anyone can jump in and participate in the discussion. You can go right to the BeenVerified “Get Satisfaction” Page and get involved immediately.
It took a little tinkering to see the real value in how much “Get Satisfaction” could help our users but once we saw how easy it is to use and the open discussion a business can have with its stakeholders, we figured what’s the harm in giving it a try. We think this can grow into a community where people can ask other members how something works, success stories, or just rant about features we aren’t rolling out quick enough. Really a great product and we are working now on adding content and some of the FAQ’s to the page.
Additionally, seems to me that this is another great community where the BeenVerified service itself can add to the value of user participation. The concept of Get Satisfaction is to increase transparency, which it does a great job off by letting users contribute to the discussion, but I wonder if adding a bit more transparency to the actual users (employees or non) couldn’t improve it even more. Either way, this is a product we will be following going forward as so far it looks really promising.
What is “Get Satisfaction” in their own words:
“Satisfaction is people-powered customer service for absolutely everything. More specifically, though, it’s a place where communities of customers come together to answer each others questions, share ideas with each other or with an organization, report and solve problems and generally talk about about what matters to them around these products or services.”
Screenshot of our cool, new Customer Driven Support Page:
Everyday we are amazed at the stories of identity that circulate around the net and we say to ourselves “jeez, BeenVerified would have been nice there”. What’s amazing about this story is how fast it circulated and how passionate people have been over it. For those who haven’t been following this story of the internet scammer who got exposed from a car forum for being the crook that he is, here is a quick summary which is quoted from Museum of Hoaxes. The original thread can be read on the NSX Prime car forum.
“Page 1
– Spammer NSX_NICK tries to peddle his website by bragging he’s made a bunch of money and bought a NSX for $63k in cash.– Spammer gets exposed as owner of said website and his name is Nick Sitko.
– NSX_NICK denies identity and address.
Page 2
– NSX_NICK gets exposed for lying about paying in cash.– A Nick Sitko is found on South Carolina Sex Offenders website.
Page 3
– Nick Sitko is found on familywatchdog.us– Thread starts to spread around the interweb.
Page 4
– NSX_NICK attempts damage control still denies identity and address and the fact that he’s a pedo. He’s still claiming that he bought the NSX with $63K in a suitcase full of 20s.Page 5
– NSX_NICK lies some more against direct evidence.Page 6
– NSX_NICK lies some more while being a condescending douche, bragging about his income and new Porsche 911.Page 7
– NSX_NICK gets exposed for lying about his income by his postings in other threads.– NSX_NICK’s lie bout not owning the poker site advertised in his profile is exposed when pictures of his NSX is found in the site’s image directories.
Page 8
– Nick Sitko myspage page is found. His picture matches the sex offender websites and his myspace is peddling the same gambling sites, proving conclusively what we knew all along that Nick Sitko the spammer/gambler and Nick Sitko the pedo is one and the same.– Anonymous poster ran the tag of Nick’s NSX and it comes back to a Nick Sitko with the same exact address as the spammer/pedo, proving conclusively that the poster NSX_NICK is in fact Nick Sitko the pedo spammer. Anonymous poster also discovers Nick’s NSX has a lien holder on it.
Page 9 and 10
– Nick Sitko still denies his own identity, but gets caught deleting his NSX pictures from the poker site’s directory.Page 11
– User Kevin1965 pops up, poses as a random stranger and defends Nick, citing libel, defamation etc. One can safely assume this is one of Nick’s acquaintances or it’s Nick himself.Page 12
– Kevin1965 gets exposed for cutting and pasting from a Defamation of Character article.Kevin 1965, total stranger, then claim he just spoke with Nick’s attorney and proceeds to defend Nick’s pedophile charges.
Page 14
– Kevin1965 gets his lies thoroughly exposed by a real attorney.– More corroborating evidence from Nick’s mechanic, proving NSX_NICK and Nick Sitko the spammer pedo are one and the same.”
At this point there are now roughly 33 pages of this thread and over 1600 posts have been made. Essentially, someone tried lying about who they were and the group collectively got together to expose his real identity and some previous crimes he committed. The conversation seems to have died down for now, but some really interesting things to note.
First, why are we posting about something that happened on a car forum? We ourselves are quite shocked at how seriously the members of a car forum took identity. Also, not only did they take it seriously but this story clearly has some buzz throughout the entire Internet and it shows how close we are to a tipping point in online identity. People seem to not want to stand for scammers, spammers, and people misrepresenting themselves online even its just on a car forum. They clutter communities and lower the overall value of other member contributions because it becomes tougher to root out the good.
Another thing to note is that the members of the community were pretty vigilant in their approach to rooting this guy out. Unfortunately, it took roughly 3 days to do so and over 1000’s of posts, googling, researching, and detective work to find all of this out. What about for people who aren’t as online savvy as the member’s of that community? Why did it take three days to do so? Having a tool that allows people to know your true identity and at the same time maintain your privacy, would have stopped all of this nonsense before it even started. Although, admittedly it probably wouldn’t have been as interesting to watch.
BeenVerified was built for job seekers, freelancers, online daters, and people who have a monetary or higher level of interest in representing and proving who they are. However, stories like these encourage us that BeenVerified can be of use in communities and places that we never would have thought. We often tell ourselves that the internet isn’t ready for a service like ours and we need to focus on offering it to people who need it the most. Maybe we’re wrong, maybe a new day is here where THE PEOPLE in these communities and forums are starting to demand accountability for the actions, words, and claims made by their peers. Only three days into 2008; should be an interesting year!
