5 Years Later, We’re There!
Deleting saved CC's?
5 Years Later, We’re There!
It has happened, someone lost £200 from their credit card. And Anet isn’t responding to the thread because they don’t want people to see it.
I never realized how easy it would be to do a Gem Purchase with my CC on record with the gem store. I think ANet should require the 3 or 4 digit security code on the card as verification.
I had to cancel my card because of this glaring issue…
IMO the Gem store should be closed until people have a way to remove their details, but seeing as it has seen a 99%+ uptime, its clear to see where their values lie.
Adding the fact that the terms and conditions clearly state that they will not reimburse any purchase regardless of the circumstances surrounding its execution, I can only assume that this is by malicious design
I tried to log in from my phone, couldn’t, so assumed I got hacked. I immediately cancelled my card and had it re-issued. turns out I wasn’t, and I am just unable to log in to NCSoft or ArenaNet webpages on my iPhone, but it’s still better safe than sorry.
I never realized how easy it would be to do a Gem Purchase with my CC on record with the gem store. I think ANet should require the 3 or 4 digit security code on the card as verification.
They do,they store everything including the 3 digit ccv code which is supposed to give your credit that added security because if someone has your credit card number but not the ccv security code they can’t purchase anything so basically mr hacker is just a few mouse clicks away to charging up your credit card on the blackmarket because anet has decided that to store all your CC info including the ccv code.
It has happened, someone lost £200 from their credit card. And Anet isn’t responding to the thread because they don’t want people to see it.
They are not responding to the thread because its a my mate thread, as his “mate” he has no right to discuss anything to do with another persons data, and as it is a “claim” of fraud" there may be a criminal investigation.
Also under section 75 of the consumer credit act being that the purchase is over £100 he was covered immediately for the loss.
As for removal of private data the company has 28 days to respond to any request to remove data which comes under Act 1 of the Uk data protection act, similar schemes are run by most Eu countries or US companies that have signed up for safe harbor scheme. Also they may be regulations/ best practices relating to holding CC data by organizations such as PCI Security Standards Council and the EPC in the EU.
However fully agree with everyone here if they have indeed been bypassing even the most basic of security for the processing of payments although it may not be illegal, but in this day and age considering the line of work they are in that is stupid beyond belief. They should shut the system down until their payment gateway has rectified this.
(edited by Pictish.3410)
It has happened, someone lost £200 from their credit card. And Anet isn’t responding to the thread because they don’t want people to see it.
They are not responding to the thread because its a my mate thread, as his “mate” he has no right to discuss anything to do with another persons data, and as it is a “claim” of fraud" there may be a criminal investigation.
Also under section 75 of the consumer credit act being that the purchase is over £100 he was covered immediately for the loss.
As for removal of private data the company has 28 days to respond to any request to remove data which comes under Act 1 of the Uk data protection act, similar schemes are run by most Eu countries or US companies that have signed up for safe harbor scheme. Also they may be regulations/ best practices relating to holding data by organizations such as PCI Security Standards Council and the EPC in the EU.However fully agree with everyone here if they have indeed been bypassing even the most basic of security for the processing of payments although it may not be illegal, but in this day and age considering the line of work they are in that is stupid beyond belief. They should shut the system down until their payment gateway has rectified this.
Well his mate has to, since I am assuming the other guy can’t log in to his account due to the hacker gaining access and spending his money.
And im sure nobody would come on here and say it for a laugh to have a chance to have their accounts banned for trying to stir up trouble.
Common Sense man.
But yeah 3 digit CVV/CVC codes are not allowed to be stored, and monthly payments via CCs doesn’t use these 3 digit codes per month as that has been agreed initially with the first payment.
Either way its still disgusting, the guy who lost £200 may have hit his limit… or maybe caused him to go slightly over it, which means monthly charges for doing so, which means more money to be paid until the guy can do something about it.
It has happened, someone lost £200 from their credit card. And Anet isn’t responding to the thread because they don’t want people to see it.
They are not responding to the thread because its a my mate thread, as his “mate” he has no right to discuss anything to do with another persons data, and as it is a “claim” of fraud" there may be a criminal investigation.
Also under section 75 of the consumer credit act being that the purchase is over £100 he was covered immediately for the loss.
As for removal of private data the company has 28 days to respond to any request to remove data which comes under Act 1 of the Uk data protection act, similar schemes are run by most Eu countries or US companies that have signed up for safe harbor scheme. Also they may be regulations/ best practices relating to holding data by organizations such as PCI Security Standards Council and the EPC in the EU.However fully agree with everyone here if they have indeed been bypassing even the most basic of security for the processing of payments although it may not be illegal, but in this day and age considering the line of work they are in that is stupid beyond belief. They should shut the system down until their payment gateway has rectified this.
Well his mate has to, since I am assuming the other guy can’t log in to his account due to the hacker gaining access and spending his money.
And im sure nobody would come on here and say it for a laugh to have a chance to have their accounts banned for trying to stir up trouble.
Common Sense man.
But yeah 3 digit CVV/CVC codes are not allowed to be stored, and monthly payments via CCs doesn’t use these 3 digit codes per month as that has been agreed initially with the first payment.
Either way its still disgusting, the guy who lost £200 may have hit his limit… or maybe caused him to go slightly over it, which means monthly charges for doing so, which means more money to be paid until the guy can do something about it.
Not really common sense, his friend had already followed the correct process by contacting them, they will not discuss anything on an open thread about financial details nor with a person they can not verify as the owner of the card or account Data Protection Act prevents that. Also he doesn’t name his friend or support ticket number he is not exactly helping speed up things is he. There is not to much proof that this actually happened. Although it is possible.
As for the CCv regs that could cost them their merchant license, unless of course they are not storing them and what is happening is their payment gateway sessions are failing to end after a certain amount of time.
I don’t think the guy was looking for a solution in a public thread, more like an acknowledgement of something getting done about it.