This morning the email arrived from AirBnB. Here was their answer:
Sara R, Mar 31, 14:58 PDT:
This is Sara here with Airbnb I am emailing you to let you know that we are unable to support your military ID. In order to verify your ID please upload your Government issued license or a Passport.
If you have any other questions or concerns please feel free to email back or call in.
Thank you for being apart of our Airbnb family,
Three days ago I had looked at AirBnB’s offerings in Albuquerque and decided I wanted to try it out. What followed has been an exercise in futility. I spent hours both online and on the phone with AirBnB trying to sort out a fundamental issue about what I was willing or not willing to share with a travel agency, and their insistence that my uber sensitive personal information was safe with them.
NO it’s NOT.
Perhaps what was the most offensive was the smug assurances from a front line customer service rep that my data was encrypted. How about you tell that to all of us whose data was hacked through Equifax? Uber? Yahoo? OPM? Homeland Security?
Here’s my problem, and AirBnB’s issue. They are on track to book far more than 100 million nights each year, and are increasing by leaps and bounds.
According to Fortune Magazine, they could be booking a billion nights a year by 2025. Each one of us who signs up is required to produce the Holy Grails of our identification: a Passport or our license.
The two perfect passports for ID theft. Billions of people’s precious identification, all waiting for one wily hack to be able to sell our data on the Dark Web, just like Equifax. Oh, you’re safe with us, all right. Um, NO.
The bigger AirBnB gets, the juicier a target they become. Like Uber. Like hospitals. Like the City of Atlanta which got pushed back into the dark ages of requiring folks to show up with checks for their water bills.
AirBnB isn’t the NSA
Disregarding the breathtaking hubris that a travel company has to pretend to guarantee the safety of my personal information, this totally disregards the reality of our world. Just in the last few years I’ve had eight credit cards compromised and had to replace them. My identity has been stolen. In one spectacular case, I came home from a business trip only to find out that my entire Wells Fargo business account had been emptied to the penny, putting my business in jeopardy and causing me to miss supplier payments. It took weeks for Wells Fargo to vet me just in case I had tried to stage a fraudulent claim. Nobody is safe from this. Nobody.
I am in no goddamned mood to hand over my passport to a travel company which is increasingly a perfect target for a hack. They cannot guarantee you or me anything. Not a damned thing. And it is the height of arrogance to claim to do so. When hackers can hold a massive American city hostage, puh-leeze. I’d rather pay for a hotel. And I did.
The Speed of Trust
Today’s hackers are taking advantage of a younger generation’s compulsion to trust people online, and that is one of our downfalls. As a Baby Boomer I am less inclined to trust those I haven’t met or have direct contact with. When LinkedIn was in its infancy, some kid I’d never heard of emailed me demanding that I recommend him for a job to someone in my network. I refused. I didn’t know this kid, I knew nothing of his work or reputation. It was my good word on the line if it turned out he was a complete bust. When I refused, he went ballistic. How dare I not give him what he wanted? That’s all the proof I needed to know that my gut instinct was right on. The kid was a jerk. I still don’t recommend people for jobs unless I have first hand knowledge. My rep is worth protecting, and my word is important. Trust is earned. Call me old-fashioned, but if I don’t protect my integrity then I am for sale to the highest bidder.
Scams are Everywhere
The more often I have my cards stolen, the more often I am beleaguered with scams, the less I am willing to trust anyone simply because the number of people who have figured out that we are gullible has exploded. Because we are gullible. Witness the millions lost every year to patently fake IRS Scams. Linked In scams. It’s endless. And they are getting far more sophisticated at separating us from our IDs and our money.
As a perfect example, a few years ago I was planning a trip to Cambodia and Laos. As I tried to book an excursion with one outfit, I got an odd email that demanded that I send a copy of a cancelled check (which of course had all my account and routing numbers on it) as well as a copy of my passport. Unless you know what to look for, you might assume that this is what it takes to get a booking.
Pardon my French, but bullshit. I rerouted my research and found someone else I trusted, and informed Lonely Planet of the activity.
Think of it this way. If you have a yard, and have ever put out hundreds of dollars for a so-called “squirrel proof” bird feeder, you already know that there’s no such thing. A squirrel is unbelievable at finding a way to get to that food. Hackers are no different. It doesn’t matter what kind of system of encryption you put in place. A hacker will spend months, years finding a way to get it. It’s a point of pride. Besides, it’s highly lucrative. Two massively important motivations. The problem is that it’s your personal information that’s the bird seed.
The Gold Standard
The American passport is the world’s ticket to a great many opportunities. Let that out into the world and you have to replace yours, not without a lot of explaining to the Feds about how the hell you let THAT happen. These days we have to carry RFID pockets to protect our passports when we travel because scammers have sophisticated machines that can steal the bar codes. That’s how precious our passports are.
Hand this over to AirBnB? Not on your life.
AirBnB has a reputation to protect. Anyone who opens up their house to a host of strangers wants to know who and what they’re getting. That they want to vet me and everyone else makes perfect sense. That’s why I offered them my VA Card, which has a photo. As a veteran, that card is easy to check out. They refused, as above. They didn’t offer a viable alternative. That rigidity, I believe, is going to backfire spectacularly at some point.
A Fair Warning
So I am writing this story as a fair warning. Your most precious and valuable identification information is not safe with AirBnB. Any more than it was with Uber or Yahoo or ebay or Adult Friend Finder or TJ Maxx or Target or JP Morgan Chase (https://www.csoonline.com/article/2130877/data-breach/the-biggest-data-breaches-of-the-21st-century.html). In a world where hackers are honing their skills to be ever more effective and breaking in than we are at keeping them out, we should not be asked to provide a TRAVEL COMPANY with the most vulnerable and valuable pieces of data we have. While on one hand AirBnB offers an admirable service and a great business model, the bigger they get, the more likely they are to be hacked. They’re not the NSA. They don’t have that level of sophistication.
The fact that they are in denial of it is precisely what makes them vulnerable- and along with them, the millions upon millions of people whose private identification they have in their possession.
I’m sticking with hotels. I may miss out on some savings, and most importantly some wonderful personal experiences, but I am not willing to risk having my passport or license stolen. It’s happened too many times at companies that know a lot more about ID theft than AirBnB.
I don’t trust them, and I have good reason not to. So do you.