FWIW this isn’t always true. A few months ago, I needed to add an email to my Zelle account on Chase, and had to call them. I initiated the call and they did issue a text message verification to the phone number in my account while on the phone to confirm.
Well, yeah, because they initiated the code to verify it was you who called them. Better than them asking your “security questions” or such. It’s a completely different situation if you got an incoming call who asks for that.
Negative. Had to do that to cancel a cell phone plan recently. They sent the text to my other phone while I was on the line with CSR. Though I agree it should have been possible on the website.
For example, even when you’re physically in the store, a T-Mobile employee may require you to read back a code that their system texted to you for certain transactions like buying a new phone for someone on your account or something like that.
Step 3 was your earliest big clue. You’ll never give that to a person. You’ll only ever be asked to enter it on the website it originated from.
That being said, the other commentors are right too.
FWIW this isn’t always true. A few months ago, I needed to add an email to my Zelle account on Chase, and had to call them. I initiated the call and they did issue a text message verification to the phone number in my account while on the phone to confirm.
Well, yeah, because they initiated the code to verify it was you who called them. Better than them asking your “security questions” or such. It’s a completely different situation if you got an incoming call who asks for that.
Negative. Had to do that to cancel a cell phone plan recently. They sent the text to my other phone while I was on the line with CSR. Though I agree it should have been possible on the website.
Like the other guy said, it’s not always true.
For example, even when you’re physically in the store, a T-Mobile employee may require you to read back a code that their system texted to you for certain transactions like buying a new phone for someone on your account or something like that.
The problem is that there are two types of codes:
They have different messages on the text, but since I would receive the first while on the phone, I tend to skim the message and get to the number.
For TOTP, yes, you only give your code when initially registering it to verify with the other end that it’s working.