Ongoing and increasing issues with Identity Safe

CeeGee · ‎09-03-2008

I tried to reply to an earlier thread but it appears closed. Since new Privacy and Anti Fraud Laws have been implemented, more commercial sites are using what appears to be Java front ends in their login modules. About a month ago I reported a site where ID Safe did not fill in my credentials nor does it ask me to save them.

Since that call, now over half of my online bill paying sites have implemented similar front ends and I am encountering the same problems. I called Support and they verified the issue and that it *is* Norton's problem. However I have no answer as to if and when they plan to update ID Safe to function in these sites.

Anyone who would like to try just to verify my problem, go to either of these sites, go to "Sign In" and try. You will need a real account to actually login but you can verify the function of ID Safe by just making up fake credentials.

I would be interested in seeing anyone else's results and most importantly, a reply from someone at Symantec who is in the know (Engineers please)

Thanks all,

CeeGee

Xcel Energy - Minnesota Power Utility Bill-Paying and

Century Link (Was Qwest) Minnesota/Upper Midwest Telephone Co.

"If you lived here you'd be home by now."
Firesign Theatre, 1969 Album "
How can you be anywhere when you're nowhere at all??

viveksu · ‎02-01-2011

Hi,

Will try exploring both the URLs and Identity Safe Functionality.

viveksu · ‎02-01-2011

Hi,

Thanks for reporting this issue.

We are tracking this issue with a bug.

CeeGee · ‎09-03-2008

Thanks viveksu,

I appreciate your prompt response. It's refreshing to see that in today's outsourced support world.

Please be aware that this issue is far more global than these two sites - it's an app design element for PCI compliance I believe. .

You'd be well served to involve the Privacy or Info Sec group. They will know exactly what solutions are being programmed into financial web apps for PCI compliance.

If I'm not mistaken Cloud Computing (SaaS, IaaS, PaaS) is another angle, making these front ends available to mobile devices.

Best regards,

CeeGee

"If you lived here you'd be home by now."
Firesign Theatre, 1969 Album "
How can you be anywhere when you're nowhere at all??

CeeGee · ‎09-03-2008

Re: Ongoing and increasing issues with Identity Safe

"Hi,

Thanks for reporting this issue.

We are tracking this issue with a bug."

,

"

Any Updates Vivesku?

Regards

"If you lived here you'd be home by now."
Firesign Theatre, 1969 Album "
How can you be anywhere when you're nowhere at all??

CeeGee · ‎09-03-2008

I have been, I think, extraordinarily patient. When I was a tech support pro and a moderator at an (one of the most heavily used and popular) Security Forums - a two + month silence on a commitment to help was unacceptable.

We gave ourselves a period of DAYS to provide a response - even if it was a negative response.

The good reps from Symantec have opened a bug on this issue and that was the last I heard.

How about an update? How about some sort of success/failure report? How about some corporate stance on the issue?

Sheesh - I'm not asking to rewrite the app - just some professional, programming, eyes into the problem. It's clearly a Symantec issue and becoming more and more clear that there is no intent to address it.

I am finding more sites that have changed their front end so there *must* be something going on in compliance and there *must* be something that can be done to make Identity Safe work properly.

"If you lived here you'd be home by now."
Firesign Theatre, 1969 Album "
How can you be anywhere when you're nowhere at all??

Jens_Sorensen · ‎09-05-2008

We appreciate your feedback and your feedback has not gone unnoticed.

a) “myaccount.xcelenergy.com” is a flash based login site which we currently do not support. We don’t support Flash based login however as sites switch to HTML 5 and hopefully away from flash then this should become less of an issue

b) In regards to “q.myaccount.centurylink.com” then I’m pleased to announce that this issue has been fixed. We are still unsure about when the next update will be pushed out to customers but to it should be in the first quarter of 2012.

Thanks
Jens Sorensen,
Symantec Corp.

CeeGee · ‎09-03-2008

Thank you Jens,

It's greatly appreciated to hear the results and to be made aware of the limitations of the Identity Safe module.

I also appreciate response from Symantec on the issues.

Best to you and Happy Holidays.

"If you lived here you'd be home by now."
Firesign Theatre, 1969 Album "
How can you be anywhere when you're nowhere at all??

CeeGee · ‎09-03-2008

FWIW,RE: the hope that vendors will begin migrating to HTML 5;

More and more sites do not function with the ID Safe module. This is more than a "blame the web designers for programming withsomething Symantec does not support."

I am approaching the point where the module is largely useless for the most important purposes.

If I'm not mistaken the total has risen to 8 sites that do not respond to ID Safe.

"If you lived here you'd be home by now."
Firesign Theatre, 1969 Album "
How can you be anywhere when you're nowhere at all??

AllenM · ‎12-14-2008

HI CeeGee,

Jens did say it should be released during the first quarter of 2012.

This is likely going to be part of a major update which means there is more testing impact, etc.

As mentioned, hopefully Flash based logins will become less common as HTML 5 starts being rolled out.

Best wishes.

Allen

Windows 7 Ultimate SP 1, 32 bit, 4 GB * NIS 2012 (19.8.0.14) * Ghost 15 * IE 9, Firefox, Safari.
Test laptop with W7 Home Premium 64 bit * NIS 2012 (19.8.0.14)