Saved Credit Card Info [merged]
They won’t respond to this question,they have been asked countlessly why they store all your credit card information and why there is no option to remove it,you do also know that they store the 3 digit security code that gives your CC extra security,supposedly they are not to save that part of your CC number.
Personally about the CC number itself that doesn’t bother me because there is other places that store my CC nmumber but the 3 digit is not saved so when I go to buy something all I need to put in the is 3 digit code and I get my purchase.
Gaile was suppose to give a reason why they store all your credit card information and why you cannot remove it but nothing has been said,my guess is that they have no good reasonable explanation why they store everything especially the ccv code.
I hoping that they are implementing or working on a feature to remove your personal CC info.
Thanks for the answer, I’ll keep informed about this.
I was wondering about this myself. I wasn’t even thinking and I hit to store my credit card information. Then I realized after I did it how stupid it was with all the hacking going on.
Hopefully they will resolve this soon and I can get my information off of there.
Keep in mind that a few places do indeed store the CCV as well. Steam is an example.
Yes but Steam doesn’t hi-jack your CC info,you are given an option to remove it.
This is an INCREDIBLY important issue that sadly exposes not only the players, but ArenaNet as well to a horrific level of financial liability. There is a high number of accounts being hacked (and don’t jump me about what the percentage rate is, I am merely saying that hacking is a real and not trivial problem). As it stands, if one hacks an account that has a CC attached, the hacker can with no additional info spend REAL money on the gem store and monetize that through the game. I have written to Arena and asked for an immediate fix. I would caution anybody to think twice about putting that info into the system until Anet has a fix in place.
Hello,
i recently had my account hacked by our loving friends in China. Due to the fact that my 3 digit code was saved into Arenanet’s store, they were able to purchase 250$ worth of gems from my account before i could cancel my credit card. This needs to be changed IMMEDIATELY so other people do not have to go through the same process I am with filing fraud charges and the like. Luckily, the 250 dollars doesn’t break my bank, but at any other stage in my life this would have been a crippling blow that would have impacted mortgage, student loans, car payments, heat, electricity, the ability to buy food and gasoline and a myriad of other things. You need to realize that the store you have is FLAWED and FIX it as soon as possible. I am thrilled to have my account back, I am grateful to be playing again but this “no verification needed” is irresponsible in the modern online gaming world. Accounts get hacked by bad people and they do bad things, that’s why the 3 digit code is there in the first place. I warn everyone that reads this not to save your credit card info in this game until this is fixed. See you all in the Grove.
If they have snagged 250 then you need to do a charge back, because that is no laughing matter, I read somewhere that they have said they are not to be held accountable should your account be hacked and they buy stuff from THEIR store.
It’s disgusting that this stuff is even happening, the customer support is outrageous as well, been waiting 12 days now, still nothing.
I hope your issue gets resolved! Just letting you know that I completely agree with you!
Sorry to hear that Digitalzombi – pretty scary
Not to steal your thunder or anything, but this baffles me because here I am sitting on a week old support ticket because the game wont even let me buy gems because some magical “NCSoft Anti Fraud Protection” has deemed me “High Risk”, meanwhile the same fraud protection doesn’t catch a hacker form a Chinese IP from going rampant on your bank account.
GG Anet.
It’s a shady business practice on NCsoft side and they know it that’s why they are not responding to any CC related problems or why they are saving everything including the 3 digit code and I mentioned this before Gaile was supposed to give a reasonable and hopefully plausible explanation why they will not put in a remove option when it comes to your CC being stored.
dam thats really nasty mate. I hope your bank as put the money straight back in as is obviously fraud. As a gesture of goodwill youd think someone from Anet would ring up folks such as yourself who have had real life bank accounts compromised due to Anets mistakes/inept security measures. Being in customer services in one way or another for over 19 years I would be embarressed by most of the stuff thats happend to innocent customers such as yourself due to Anet/Ncsoft if I was an employee. Perhaps we all shouldve learnt from the Diablo3 fiasco and not used real life auction houses/TPs until well into the games life so any security concerns can be dealt with by the devs over time. I know the next MMO i buy will not be Ncsoft/Anet, will not be anywhere near launch day and will be on a totally seperate email address and any cc details input totally removed after initial purchase. oh yeh and ill makesure not to talk in the /1 channel at all incase someone gets offended.
WAR – Karak-Azgal
Your 3 digit code was not saved, it would have verified the card on its first inputting of your cc details and all other requests to your card provider would not have used it. It is a very common ongoing billing process used for subscriptions and recurring charges. But you are not the only one to have had this happen and even though other games used this system it is not the most safe one to use when ingame items purchased have real life money value.
They don’t save CVV2 codes. You don’t NEED CVV2 codes to process.
It is a very common ongoing billing process used for subscriptions and recurring charges.
And this is exactly why Anet should NOT be holding any CVC numbers, or full credit card numbers in general. It’s a quick fix.. to turn off the “Remember this card”. There should be NO reason to keep the credit card on file, hence why having that option was a very.. very… bad idea.
this is a growing concern. i wish they would just wipe all saved numbers & make a check box on/off for saving the information. Kinda regret selecting save :/
CV numbers are not required to be saved to purchase – if you have an iTunes or Amazon account you will know that you face exactly the same risk there. If someone knows your login AND your password they can make purchases with your credit card.
I don’t disagree that Anet should fix the unsave function but people harping on about how no other business does this are wrong. Many internet businesses give you the option to save your details, and it is considered your responsibility to make sure the account is secured to the best of your ability. The only time it becomes Anet’s fault is if their own servers are compromised.
CV numbers are not required to be saved to purchase – if you have an iTunes or Amazon account you will know that you face exactly the same risk there. If someone knows your login AND your password they can make purchases with your credit card.
I don’t disagree that Anet should fix the unsave function but people harping on about how no other business does this are wrong. Many internet businesses give you the option to save your details, and it is considered your responsibility to make sure the account is secured to the best of your ability. The only time it becomes Anet’s fault is if their own servers are compromised.
You’re missing the point.. No one cares that the option is there to have it saved.. all though, there really shouldn’t be an option as they don’t have a monthly fee or purchase.. but the exact issue is.. You CANNOT remove it.. So using Amazon, Ebay, Paypal or anything of the sort is not valid.
Reading comprehension?
“I don’t disagree that Anet should fix the unsave function but people harping on about how no other business does this are wrong.”
In a previous update unchecking the box SHOULD remove the info – but apparently it doesn’t work. Should it work? Absolutely. Are Anet the evil empire for having a save function in the first place? No.
Digitalzombi, we will definitely process a refund for you. If you have not done so, please update your ticket and let the team know that you experienced this loss and they’ll take care of it for you.
We are working on two things in relation to this situation: The ability to remove cards and increased protection against unauthorized purchases with saved cards. This is a very high priority, and the team will roll this out as soon as possible.
Communications Manager
Guild & Fansite Relations; In-Game Events
ArenaNet
Digitalzombi, we will definitely process a refund for you. If you have not done so, please update your ticket and let the team know that you experienced this loss and they’ll take care of it for you.
We are working on two things in relation to this situation: The ability to remove cards and increased protection against unauthorized purchases with saved cards. This is a very high priority, and the team will roll this out as soon as possible.
Just do what most games do, and have you re-enter your CVC every time…
We are working on two things in relation to this situation: The ability to remove cards and increased protection against unauthorized purchases with saved cards. This is a very high priority, and the team will roll this out as soon as possible.
FINALLY a word on this issue! Thank you for acknowledging this, Gaile, and good luck to your team with this endeavor.
Thank you Gaile for me that is all I wanted to hear,please don’t hurt me! ; )
Thanks Gaile for your words on the issue, and thank you to all who voiced their support. I really like the game, a LOT. It just kinda sucks that there is no verification that you are actually the card holder. I did contact my bank and start the fraudulent charges process, if more needs to be done to get your two organizations working together let me know. I updated my ticket with the information as well. I hope everyone out there is safe and having fun, learn from my problems people
Thanks Gaile for your words on the issue, and thank you to all who voiced their support. I really like the game, a LOT. It just kinda sucks that there is no verification that you are actually the card holder. I did contact my bank and start the fraudulent charges process, if more needs to be done to get your two organizations working together let me know. I updated my ticket with the information as well. I hope everyone out there is safe and having fun, learn from my problems people
Oh shucks! I’d really like US to help you, rather than get the bank involved. If there’s a charge-back, it gets really involved, where we can handle this promptly for you (saving a bunch of time and trouble for you).
Dig — if I can get your ticket number, I’ll point someone at this right now and it can be solved really quickly.
Communications Manager
Guild & Fansite Relations; In-Game Events
ArenaNet
Submitting a charge back request without pursing a solution from the vendor first is going to prove to be a very unwise decision….
And the CVC2 code is not the issue…your CC number being saved for future purchase on your account IS .
Fate is just the weight of circumstances
That’s the way that lady luck dances
(edited by Brother Grimm.5176)
Submitting a charge back request without pursing a solution from the vendor first is going to FUBAR your credit rating….just a heads up.
Well, I wasn’t going to put it quite that dramatically, but yeah, we’re a lot easier to work with that MegaCreditCardConglomerateDotCom.
Communications Manager
Guild & Fansite Relations; In-Game Events
ArenaNet
Storage of CVC2 values after the transaction has completed, is strictly prohibited by and a Violation of the Payment Card Industry Data Security Standard.
https://www.pcisecuritystandards.org/security_standards/
Specifically, Requirement 3.2.2 clearly states:
Do not store the card verification code or value (three-digit or four-digit number printed on the front or back of a payment card) used to verify card-not-present transactions.
https://www.pcisecuritystandards.org/documents/pci_dss_v2.pdf
With all the hacking going on I really do not feel comfortable with my credit card information being saved now. I see no way to delete this and I truly dread the thought of having to jump through hoops with Anet and the bank should I get hacked and someone go on a gem buying spree.
Has anyone been able to get their saved cc info removed and if so how? If not, please Anet, please allow us to delete the saved card.
They have said somewhere else on the offical forums that they are working on this right now and it’s top priority.
Strange glitch repeated earlier post: edited post :
Im glad to hear you will refund us directly.
Although the temptation is there to do a chargeback in order for VISA to notice you guys arent living up to pci standards (which are required to qualify as VISA and MC merchants)
- I would just love to see a response to my 3 day old ticket asking for my details to be removed, rather than having to ask for a refund later if my account is stolen. That would surely also be better for you guys?
Incident: 120909-001610
(edited by Sorry.6741)
Will the GW2 client need to be patched in order to remove the credit card data?
Thanks for implementing a straightforward way of removing the saved credit card info: In the trading window, press “Buy Gems”. You get into the window with payment options. Next to your saved credit card, there is now a button to delete it.
Thanks for implementing a straightforward way of removing the saved credit card info: In the trading window, press “Buy Gems”. You get into the window with payment options. Next to your saved credit card, there is now a button to delete it.
And thank you for pointing that out, Mausler!
Communications Manager
Guild & Fansite Relations; In-Game Events
ArenaNet