Discord verification

[Dead Smarty]

What is the reason I can only post on discord after I give my phonenumber?
And please don't say "identification", the number I would enter will only confirm I have acces to a phone. My phone subscription is so old, I never had to ID myself to get it.
This requirement makes no sense, 7d2d is the only discord sofar that needs my number. And it won't get it.

 

[Jost Amman]

I think discord does that also as a rudimentary "spam filter", since land lines and real phones are much more difficult to obtain "en masse" compared to temporary e-mail accounts used only to create multiple discord accounts.

Also, phone check is only applied when the server is set to "high security", and it's discretionary to the server owner.

So, it's probably not much about ID verification, but more about ID duplication in my opinion.

 

[Dead Smarty]

Also, phone check is only applied when the server is set to "high security", and it's discretionary to the server owner.

So, it's probably not much about ID verification, but more about ID duplication in my opinion.

Thanks for the response, just wondering if any of TFP staff knows why this is done? @faatal maybe?

Post automatically merged: Wednesday at 8:13 AM

Or maybe @WretchedDollie ?

 

[Riamus]

As Jost said, it limits spam. It's far easier to create thousands of spam accounts if you don't have some kind of verification than it is to create thousands of different phone numbers that you can verify an account with. Some servers use email addresses, some use phone numbers. Email isn't as good at limiting spam since emails can be created quickly and easily.

 

[WretchedDollie]

Thanks for the response, just wondering if any of TFP staff knows why this is done? @faatal maybe?

Post automatically merged: Wednesday at 8:13 AM

Or maybe @WretchedDollie ?

Hey there,

Discord does have a ruleset for busy servers to require a phone number for verification to assist with ruling out duplicate accounts and bots. I am unsure of when they started enforcing it. That's all I know.

Cheers,
Dollie

 

[Dead Smarty]

Hey there,

Discord does have a ruleset for busy servers to require a phone number for verification to assist with ruling out duplicate accounts and bots. I am unsure of when they started enforcing it. That's all I know.

Cheers,
Dollie

So nothing they can do to turn that phishing modus off? It is BS and does not do anything to preven abuse. In fact, it makes users only more vulnerable, it is not like they are the world safest platform.

 

[WretchedDollie]

If you are concerned about your phone number, have you tried using a Google number for the verification process? Not trying to be a jerk, just genuinely curious about whether this actually works or not.

 

[Kosmic Kerman]

So nothing they can do to turn that phishing modus off? It is BS and does not do anything to preven abuse. In fact, it makes users only more vulnerable, it is not like they are the world safest platform.

You are making transparently bad faith arguments because you don’t like something. If you ask me, the requirement of a phone number has already been effective. It has prevented you from getting on Discord.

 

[Dead Smarty]

You are making transparently bad faith arguments because you don’t like something. If you ask me, the requirement of a phone number has already been effective. It has prevented you from getting on Discord.

No, it has not. I'm using Discord already for ARK, HLL and others in several groups. It only prevents me to POST on 7d2d but I can read and see who's on there, including pm's.
And sure, gaslight with the "bad faith" all you want but discord has been hacked not too long ago. I'm just objecting against data collection without a purpose on an unsafe platform that can't even enforce it's own rules.

Post automatically merged: Wednesday at 2:59 PM

If you are concerned about your phone number, have you tried using a Google number for the verification process? Not trying to be a jerk, just genuinely curious about whether this actually works or not.

No, and I'm not going to. Sofar this forum is more worth than the hassle to fool Discord.

 

[WretchedDollie]

If you are concerned about your phone number, have you tried using a Google number for the verification process? Not trying to be a jerk, just genuinely curious about whether this actually works or not.

Let me be clear, I am not advocating anyone's use of a Google number for verification; it was a question of curiosity more than anything. Whether a phone number is on a paper form or used anywhere online, I don't think they are as private as we would like to believe they are.

 

[warmer]

Whether a phone number is on a paper form or used anywhere online, I don't think they are as private as we would like to believe they are.

Anyone in sales will tell you, your number can always be found lol

 

[Riamus]

Anyone in sales will tell you, your number can always be found lol

Yeah. A phone number is a public piece of data. Even if you put your number on the DNC list, it's still public and can easily be found and matched to you. In fact, I can go back decades and find phone numbers for pretty much anyone in the US because it's all public information.

Now, I support privacy and the choice to keep your information secure. However, that is for private information, not public information. I guarantee, at least for the US as I don't know anything about other countries, everyone's phone number can be found regardless if they use a Discord server that requires it or not. As with anything, if you don't trust the security of a site, use a verification method that is temporary rather than your normal data. For email verification, create an email only for that rather than using your real email. For phone verification, use a Google number as mentioned or something similar rather than your real phone number. Or either don't use the site at all or else just accept that you are verifying with something that's already public information and not worry about it. It's really up to the individual.

 

[Jost Amman]

Yeah. A phone number is a public piece of data. Even if you put your number on the DNC list, it's still public and can easily be found and matched to you.

You completely missed the point however, that's not what "sensitive information" is.

Suppose you have cancer, and you register to a private hospital website as a patient and give them your phone number. Now, your phone number is indeed public information, BUT, if it is available or leaked from that hospital's website, it can then be associated with you and your illness may become public domain instead of staying a private matter, as it should.

See the difference?

Same way, some people may not want their association with a specific website/service to be known, and it's their right and if their (public) data is leaked, the leak becomes a violation of their privacy.

 

[Riamus]

And, as I said, it's their choice. Not wanting people to know you are on Discord, when you are joining a channel with a lot of people - not sure how many are on 7D2D's Discord, but I'd assume hundreds, is kind of odd, don't you think? But whatever. People have a choice and they chose not to use Discord. Nothing wrong with that. But there also isn't anything wrong with Discord asking for a phone number to verify you.

 

[theFlu]

Not wanting people to know you are on Discord, when you are joining a channel with a lot of people

I'm here, would you mind DMing me my phone number?

 

[Jost Amman]

But there also isn't anything wrong with Discord asking for a phone number to verify you.

No, as long as they keep your phone number secure and handled only internally. I was addressing OP's concerns about having an account on a website that has data leaked because of a failure in securing it.

See below:

And sure, gaslight with the "bad faith" all you want but discord has been hacked not too long ago. I'm just objecting against data collection without a purpose on an unsafe platform that can't even enforce it's own rules.

 

[JustBrowsing]

Data Minimization (Art. 5(1)(c) GDPR): Organizations must only collect data that is adequate, relevant, and limited to what is necessary for the specific purpose. If an account can be secured or verified via email, demanding a phone number often violates this principle.

No Unbundling of Consent (Art. 7(4) GDPR): A website cannot make access to a service conditional on consenting to the processing of personal data (like a phone number) unless that data is strictly necessary to provide the service.

So in the EU its a problem.

 

[Dead Smarty]

But there also isn't anything wrong with Discord asking for a phone number to verify you.

There is: A phonenumber is not a rocksolid proof of ID, it might be a minor indication. Therefor it falls in the category unnecessary data.

 

[Dark Sun]

No, as long as they keep your phone number secure and handled only internally. I was addressing OP's concerns about having an account on a website that has data leaked because of a failure in securing it.

See below:

While I don't condone leaks, data breaches happen on basically every website there is, if not all of them. When they ask for your email or your phone number, assume they have the level of trust as a day 1 security personnel who is as forgetful and as clumsy as they come (and might have ulterior motives, for all you know). I am not arguing morals, rather just saying "it just is". Companies absolutely should take full priority in maintaining the security of their clients' information. However, many do not, and are more than likely selling it overseas. It's up to each person whether this is an acceptable risk or not. This is why many people swear by the rule, "never share your face online". Or at least that's how it used to be... Society at some point just forgot that.

 

[Riamus]

There is: A phonenumber is not a rocksolid proof of ID, it might be a minor indication. Therefor it falls in the category unnecessary data.

It isn't intended to be proof of ID. It's intended to make it more effort for bots to spam the server. And it works. Some still will make the effort, but it's less than if it was entirely open access.