Mt.Gox / exchanges should confirm bigger transactions by phone/SMS

[fastandfurious]

Because we know that all Bitcoin transactions are not reversible, and that we know that many peoble have large amounts of USD money and Bitcoins at the exchanges. I think that as a customer, if I want to have a safety net where the exchange calls me up or even easier SMS me that we have gotten a order to withdraw, then I as a customer can just confirm this.

The mobile phone number shouldn't be possible to change easily, that way we know that the real account holder will get a notice. At the same time Mt.Gox / exchange waits 12 hours or so to get a confirmation from the real account holder. If someone has hacked the account, then they will not be able to withdraw the money.

[1715026053]

1715026053

[1715026053]

1715026053

[fastandfurious]

For example:

Mt.Gox gets a request of a withdrawal of 100 bitcoins -> Mt.Gox sends a SMS with a unique code -> real account holder log in and writes it in -> bitcoins are released to the new address

[repentance]

The yubikey pretty much does the same thing as an SMS token would and it's probably more cost effective from MtGox's point of view.  The international SMS thing can be a bit of a problem, with not all carriers supporting some types of SMS (this used to be an issue with Twitter), and phone calls would be both expensive and impractical.

[Rassah]

Another option would be for users to change their own withdrawal limits (within the range already set up by MtGox), with the limit changes not going into effect for 24 to 48 hours after change, and an e-mail sent out warning about the change. That way, even if the daily withdrawal limit is $1000, I know that I don't ever need to withdraw more than maybe $50 a day and can limit all withdrawals to that, and if I need to withdraw a few $100's, I'm willing to wait a day for that to happen. Make a separate limit on Bitcoin, too. Limiting Bitcoin amount by its USD value can have problems if BTC market price drops.

[kjj]

I would like to be able to limit logons for my account to just the two IPs I use in person, and the API to just the one IP I use that from.  If all three change at once, I'd be screwed, but that seems unlikely.

[hugolp]

Another option would be for users to change their own withdrawal limits (within the range already set up by MtGox), with the limit changes not going into effect for 24 to 48 hours after change, and an e-mail sent out warning about the change. That way, even if the daily withdrawal limit is $1000, I know that I don't ever need to withdraw more than maybe $50 a day and can limit all withdrawals to that, and if I need to withdraw a few $100's, I'm willing to wait a day for that to happen. Make a separate limit on Bitcoin, too. Limiting Bitcoin amount by its USD value can have problems if BTC market price drops.

Im programming a web that will use bitcoins and what I have done is that the out address does not change until 24hours after the change request has been made. So the user sets an out address, and if someone gets hold of his/her password and tries to change the address it wont work for 24 hours. We also send an email to the user if it has set up an email.

this way the user has some time to discover the "hack" and contact us.

[Piper67]

Another option would be for users to change their own withdrawal limits (within the range already set up by MtGox), with the limit changes not going into effect for 24 to 48 hours after change, and an e-mail sent out warning about the change. That way, even if the daily withdrawal limit is $1000, I know that I don't ever need to withdraw more than maybe $50 a day and can limit all withdrawals to that, and if I need to withdraw a few $100's, I'm willing to wait a day for that to happen. Make a separate limit on Bitcoin, too. Limiting Bitcoin amount by its USD value can have problems if BTC market price drops.

Im programming a web that will use bitcoins and what I have done is that the out address does not change until 24hours after the change request has been made. So the user sets an out address, and if someone gets hold of his/her password and tries to change the address it wont work for 24 hours. We also send an email to the user if it has set up an email.

this way the user has some time to discover the "hack" and contact us.

This is a similar system to the one used by Bitmarket (except they send you an email and only change the address when they get your confirmation, not 24 hours later). I always thought it was a very simple and elegant solution.

[cepler]

this way the user has some time to discover the "hack" and contact us.

Just make sure your support response times are fast enough to support those cases otherwise the delay is useless.

[Rassah]

Im programming a web that will use bitcoins and what I have done is that the out address does not change until 24hours after the change request has been made. So the user sets an out address, and if someone gets hold of his/her password and tries to change the address it wont work for 24 hours. We also send an email to the user if it has set up an email.

That's actually how BTCGuild works, and you're right, that would remove the need to limit BTC transactions.

[TraderTimm]

Im programming a web that will use bitcoins and what I have done is that the out address does not change until 24hours after the change request has been made. So the user sets an out address, and if someone gets hold of his/her password and tries to change the address it wont work for 24 hours. We also send an email to the user if it has set up an email.

That's actually how BTCGuild works, and you're right, that would remove the need to limit BTC transactions.

Nice, makes it harder to 'hijack' an account and push coins willy-nilly to a bazillion addresses. That combined with transfer limits should do the trick. Optional two-factor notifications would be nice, much like credit card companies do - sending an alert if your balance falls from 'x' amount.

[Rassah]

Im programming a web that will use bitcoins and what I have done is that the out address does not change until 24hours after the change request has been made. So the user sets an out address, and if someone gets hold of his/her password and tries to change the address it wont work for 24 hours. We also send an email to the user if it has set up an email.

That's actually how BTCGuild works, and you're right, that would remove the need to limit BTC transactions.

Nice, makes it harder to 'hijack' an account and push coins willy-nilly to a bazillion addresses. That combined with transfer limits should do the trick. Optional two-factor notifications would be nice, much like credit card companies do - sending an alert if your balance falls from 'x' amount.

Though on the downside, that will kill MtGox's service as a means of paying people in the go with their phone app.

[wolftaur]

Though on the downside, that will kill MtGox's service as a means of paying people in the go with their phone app.

Unless you combine that tactic with two-factor, the second factor being the cellphone. SMS on attempt to exceed limit, limit is waived if it's proven the person attempting to exceed the limit has the correct cellphone.

So you can withdraw without limit to either your confirmed-valid and locked address, or, to another address IF you have the second factor. Meaning lower SMS fees incurred for the lower-risk activity. Better still, let that 'lax behavior' be user-configurable.