This time, il me faut ecrire l’article en anglais. Because I had a bit of trouble with a bank and this went too far so I even had to contact their international customer service located in London.
What I wanted to do:
As my son had turned 18 years some months ago, I planned on getting him a partner card for my VISA card issued by Barclays Bank PLC.
What I did:
I called their German customer service and asked what I was supposed to do in order to get such a partner card. I was told I had to visit their website and apply for a partner card online. After some research I found this page equipped with a big button „Beantragen“ (translation for „apply“).
So I clicked on this button and found myself on another page titled „Download Center„, offering me dozens of download links to PDF forms. What I really expected was one (1) online form which I would be able to fill out in order to apply for a partner card – and not a jungle of links, forms and expressionless document titles.
Even when I searched the „Download Center“ for the word „Partnerkarte“ (using Ctrl-F) I found – nothing.
So I wrote an e-mail to Barclaycard Germany, asking them to send me the download link for the wanted application form.
What Barclaycard answered:
I received an e-mail which said that they were not allowed to answer my question. They weren’t allowed to answer any question reaching them by e-mail at all for reasons of privacy and data protection.
I sent another mail telling them that I was just asking for a public link to a public document – and that I couldn’t see any reason why this would harm anyone’s privacy or data security.
Barclaycard answered back. And told me again, they were not allowed to answer any questions sent to them by e-mail. BUT … I could send them a PDF document attached to an e-mail in which I had to ask them for the download link. This would be – in their eyes – safe enough to answer me with the needed URL.
What I did after this:
I facepalmed again. Because I couldn’t understand this behaviour at all.
Then I contacted Barclays Bank PLC via Twitter as I told myself: „Maybe they will act a bit more rational when forced to discuss everything in public.“
What happened next:
Barclays Bank PLC from London contacted me via Twitter asking me to send them an e-mail with detailed information about the case. Which I did. Then they told me that they would inform the customer service in Germany which would come back to me within 24 hours.
They did. They called me several times on my mobile phone. Remember: everything started with me calling them via phone, asking them how to apply for a partner card – and receiving the answer, that this wouldn’t work on the phone and had to be done online. So what did they want to inform me about on the phone? Did they want to tell me again that a phone call would not get me to where I was aiming at?
Already desperate, I did not answer the phone. I was tired of the whole process.
Some 2 weeks later, I received a letter. A good old snail mail letter. Which included the application form I had desired, printed on paper. And a cover sheet telling me this:
Wenn du den Fehler findest, beschreib ihn mir hier in den Kommentaren. Zu gewinnen gibt es wie immer keine Gratis-E-Mail-Adresse bei gmail.com!
(Kleiner Tipp: Toll, ich schreibe denen eine E-Mail, und sie scheitern sogar am simplen Abschreiben. Dabei sollte doch weithin bekannt sein, dass es Gmail nur mit einer .com-Domain gibt. Nix hier mit .de – und die fragen sich, weshalb ihr E-Mail bei mir nicht angekommen ist!)
Hab ich jetzt doch noch nach Deutsch geswitcht? Wie blöd! Aber egal. Fazit ist: Manche wissen nicht, wo Sicherheit im Internet wirklich anfängt oder wo alle Bemühungen nur lächerliches Nebelbombenwerfen (aka Security through obscurity) sind. Wer denn denkt, ein PDF-Anhang an einem Mail wäre sicherer als das Klartext-Mail selbst, der irrt halt.
Zum Glück gibt es inzwischen, im Jahr von Edward Snowden und diversen NSA-Abhörskandalen, auch Leute, die einem das Verschlüsseln von E-Mails richtig erklären wollen. Go for it, Hauke Laging!