Profile picture
Romain Pellerin @rom1_pellerin
, 11 tweets, 8 min read Read on Twitter
@brian_armstrong Cool! Could you also improve the security of your iOS app? In fact, imagine you are on the way, only have your iPhone with you and you recently change your phone number and forgot to change it in your Coinbase account.
@brian_armstrong Imagine someone takes your old number and tries to hack your Facebook account. You will be alerted by a reset password kind of email. Freaking out you will remember that you didn’t change the phone number in your @coinbase account! 😱
@brian_armstrong @coinbase So you will open your Coinbase app protected by your pin code for rapid access, in order to remove your old number and add new one 🤙 So you click on remove and... your app tells you « we sent a confirmation code to your (old) phone number » 💪👀
@brian_armstrong @coinbase Now the hacker knows that you have a @coinbase account and that he has your phone number! 🙏😭
@brian_armstrong @coinbase Hopefully, you are clever and set a 2-step verification via #GoogleAuthenticator, so the hacker should not be able to access your account. lf not, you are💥
@brian_armstrong @coinbase So you rush to add your new phone number and ... the app asks for your 2-step verification code to add it, but displays a very awkward popup that you cannot bypass, that asks to replay the request with a particular header... which you cannot do within your iOS app 🙃
@brian_armstrong @coinbase Then you really freak out because you cannot change anything and the hacker had all this time to start an attack on your beloved @coinbase account... 💅
@brian_armstrong @coinbase So you call @coinbase support and they tell you that there’s no way or procedure in place to change the mobile phone over the phone. You have the choice to: 1) proceed to an ID verification by email which takes a while 2) lock your account but for maybe several months 🙋‍♂️
@brian_armstrong @coinbase So genuinely, you ask the support to report the issue to the @coinbase tech team asap, and they answer you that’s not possible and you should do the ID verification procedure. Well unfortunately the snake eats his own tail at this point. 🐍
@brian_armstrong @coinbase Then finally, half an hour later, you try to change the phone number on your laptop through the @coinbase website and there the 2-step verification process actually displays the form to enter the one time code. 🙌
@brian_armstrong @coinbase Hopefully, your funds are safe 🙈😅 but you dealt with an horrible user and customer experience 🤬😡🤯🤮
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Romain Pellerin
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($3.00/month or $30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!