Nothing says decentralized currency like having a corporation that controls your assets 😋

That looks like a proper request to disable 2FA. Their problem is requiring login to unsubscribe from newsletter emails, which is total BS.

If support won't take your email out of their list, just block the address / domain and move on, I guess.

I wouldn't give them any extra personal info after what happened.

Unsubscribing and disabling 2FA seem like two different things.

GDPR allows for the company to verify your identity before proceeding with deletion. Source: https://commission.europa.eu/law/law-topic/data-protection/reform/rules-business-and-organisations/dealing-citizens/how-should-requests-individuals-exercising-their-data-protection-rights-be-dealt_en

[The company] can ask [you] for additional information in order to confirm the identity of the person making the request.

Probably an unpopular opinion - but I actually think requesting overriding 2fa is a big deal and companies shouldn't do that lightly. If I had a lot of money in crypto I would sure hope the exchange would scrutinize a request to turn off 2fa. And if op had saved their backup words they wouldn't have been in this situation.

Now requiring that to change an email subscription is not great, but again - turning off 2fa without the proper backup options should be difficult and scrutinized.

ahh, the sponsor from LTT that mined your PC while at idle :)

If you really want to be keep using the service, get a non watermarked random guy's pic (he must be holding something) from the internet, write what they want on a paper and edit the pic so that the guy is holding what you wrote. This might not work because of the personal ID requirement but trying it doesn't hurt.

They usually have a face detection algorithm running along with ocr and rarely check if this is a stock photo. I need to use Instagram to be in the loop. They blocked my account for using Barinsta so I did this and they unblocked it.

Don't send any data that you haven't sent already! Just block 'em f out, feels so nice :D Or they'll demand a nude selfie next time!

If its just to verify does that mean they already have the information on record, like their picture? If not whats stopping someone from using someone elses picture and photo editing in the requirements?

I mean, just mark as spam?

It hurts them more if a bunch of people mark them as spam and it becomes a trend doesn't it? Just seems like a design issue on their part.

I always figured that companies generally wanted to avoid that.

I would just block their shit in email

You could block them and the emails will be sent to your spam folder.

If it's just the newsletters that bug you then just use a filter that automatically deletes them.
I do this on my email account I use for websites I don't trust too much and will probably sell the email address for advertising purposes. Sometimes they then subscribe me to their newsletter and the unsubscribe button in the newsletter is often fake. So I use filters that delete them immediately.

well at least they provide this as an option. usually if you lose your 2fa, hardware keys (such as android phones) AND recovery codes, your account is gone. period.
there's literally no other way to confirm your identity without something like id or a credit card if your credentials are gone.

What happens if you just send the example selfie instead of your own? Do they actually check it?

That's stupid and illegal in Europe since you only want to unsubscribe from emails. The few sites for which the unsub button does nothing, I usually contact them and tell them they are breaking the EU law and if they don't stop, I will report them. Works all the time.

Are they considered a bank? Because a be'abnk had to verify your identity and for that they can use a copy of your id.