Leoo Posted January 20, 2011 Share Posted January 20, 2011 This year, I decided to instead of having to ring every month to renew my remembership, I'd pay by my card not to mention it's slightly cheaper. When entering my details I noticed something...the only form of security detail they request for is the cardholder's DOB - which can be easily attained from other stolen documents that came with the credit card. Not sure if it's the type of card I was using, but nearly every other website I've used to purchase something always askes for my password. What I mean by password is the security password to confirm you are the cardholder which normally requests specific characters of the password - normally provided by the secure system of your Bank. This did not appear when I purchased my membership which I was quite suprised about. Other than the DOB, every detail that is required to be filled can be seen on the card such as the cardholder's name and the expiry date. By adding the passwords to the checkout process, could this reduce the number of membership purchased through a stolen credit card - or even any other product you can buy from the Jagex store. I repeat, I'm not sure if it's the type of card I'm using but I can confirm that my Bank does have a secure checkout system that is promted on all other websites where I've purchased online. Link to comment Share on other sites More sharing options...
Omali Posted January 20, 2011 Share Posted January 20, 2011 It's been maybe three or four years since I had to enter my credit card details into Runescape's website, so it may have changed, but I remember having to enter in my card number and security code. I don't know why they'd change that. Link to comment Share on other sites More sharing options...
Leoo Posted January 20, 2011 Author Share Posted January 20, 2011 It's been maybe three or four years since I had to enter my credit card details into Runescape's website, so it may have changed, but I remember having to enter in my card number and security code. I don't know why they'd change that. Aren't those on the card though? Link to comment Share on other sites More sharing options...
Capt_Davy Posted January 20, 2011 Share Posted January 20, 2011 It's been maybe three or four years since I had to enter my credit card details into Runescape's website, so it may have changed, but I remember having to enter in my card number and security code. I don't know why they'd change that. Aren't those on the card though?Yup, so it's a pretty dumb thing to ask for security screening (as long as it's the only real security question), but I think the reason why they ask that is because more details like credit card numbers get stolen online rather than physically, so under such circumstances, the thief would have you card number, but (perhaps) not the security code. I still stand by my opinion that asking dumb questions like that is bad form (as far as validating ID anyways). EDIT: just had an idea. Why don't they ask one or two of your recovery questions as a security measure for credit card payments? That's a much stronger proof of ID, combined with the current questions. Link to comment Share on other sites More sharing options...
i_trollz_u Posted January 20, 2011 Share Posted January 20, 2011 I didn't even know there were places that required a code from a bank. Seriously which websites are you talking about that have such a thing? The only other code similar is the CSV code, which is also found on the credit card. Link to comment Share on other sites More sharing options...
lordkafei Posted January 20, 2011 Share Posted January 20, 2011 This sounds like what you are talking about, but I don't think Jagex is using it yet. I also don't know if it's available outside the USA. But I have been seeing it more and more on Internet shopping sites. PvP is not for meIn the 3rd Year of the BoycottReal-world money saved since FT/W: Hundreds of DollarsReal-world time saved since FT/W: Thousands of Hours Link to comment Share on other sites More sharing options...
testingsomestuff123 Posted January 20, 2011 Share Posted January 20, 2011 It's been maybe three or four years since I had to enter my credit card details into Runescape's website, so it may have changed, but I remember having to enter in my card number and security code. I don't know why they'd change that. Aren't those on the card though?Yup, so it's a pretty dumb thing to ask for security screening (as long as it's the only real security question), but I think the reason why they ask that is because more details like credit card numbers get stolen online rather than physically, so under such circumstances, the thief would have you card number, but (perhaps) not the security code. I still stand by my opinion that asking dumb questions like that is bad form (as far as validating ID anyways). EDIT: just had an idea. Why don't they ask one or two of your recovery questions as a security measure for credit card payments? That's a much stronger proof of ID, combined with the current questions. Does Jagex even have recovery questions anymore? I think they use e-mail for account recovery now. Link to comment Share on other sites More sharing options...
gspbeetle Posted January 20, 2011 Share Posted January 20, 2011 This sounds like what you are talking about, but I don't think Jagex is using it yet. I also don't know if it's available outside the USA. But I have been seeing it more and more on Internet shopping sites. Vertifly by visa and the similar system on master cards is available outside US, but more importantly its optional. It only shows up if and only if the person has applied for it, unless of cause the site owner demands only card with vertifcation is accepted. Does the card company actually know our DoB anyway? Examine ChenGMT (level: 138) Link to comment Share on other sites More sharing options...
mister_moocky Posted January 20, 2011 Share Posted January 20, 2011 Considering it's what, $6? I don't think verification is a big issue. quit Link to comment Share on other sites More sharing options...
Big_Stingman Posted January 20, 2011 Share Posted January 20, 2011 Considering it's what, $6? I don't think verification is a big issue. And credit card companies will almost always reverse the charges if you report it stolen anyway... Link to comment Share on other sites More sharing options...
lordkafei Posted January 20, 2011 Share Posted January 20, 2011 Vertifly by visa and the similar system on master cards is available outside US, but more importantly its optional. It only shows up if and only if the person has applied for it, unless of cause the site owner demands only card with vertifcation is accepted. Does the card company actually know our DoB anyway? It's a pretty standard application requirement, on both credit cards and checking accounts (debit cards) PvP is not for meIn the 3rd Year of the BoycottReal-world money saved since FT/W: Hundreds of DollarsReal-world time saved since FT/W: Thousands of Hours Link to comment Share on other sites More sharing options...
Vex Posted January 20, 2011 Share Posted January 20, 2011 I think for verified by visa, as an example, the company itself has to elect to sign up to the scheme. But due to the small scale payments available on the Runescape site, it's probably not worth it for them.Having said that, it would of fixed their problems I think they had with people reverse-charging on CC's or stolen CC's in their RWT article a while ago. Another example of relatively dodgy card storing is Amazon. There when you load your card onto your account to buy something, it automatically saves it unless you remove it (your card details).So all people need is your email address + your password. I found this hard to believe from such a big internet shopping site such as Amazon, but it seems they've elected for convenience rather than security (I can just click something to buy it and off it goes) Verified by Visa is also available outside of the US, at least I have it here in the UK. http://www.[Caution! Jagex Rule Violation].com Link to comment Share on other sites More sharing options...
bored321 Posted January 20, 2011 Share Posted January 20, 2011 Jagex does not handle the payment themselves. Its upto the payment provider to ask (providing its been enabled), and usually for recurring payments they don't. Also did you know, that if someone manages to get your Visa/verified MC/SecureCode and card details you will have more difficulties claiming back (if at all) the money they spend compared to non-verified payments. And another thing, Jagex used to use Worldpay, they were worse than paypal at not investigating chargebacks. Thanks Gradeskip93 for my awesome sig! Link to comment Share on other sites More sharing options...
essiw Posted January 20, 2011 Share Posted January 20, 2011 I didn't even know there were places that required a code from a bank. Seriously which websites are you talking about that have such a thing? The only other code similar is the CSV code, which is also found on the credit card.In the Netherlands you have iDeal which is that you can login at your bank (if you have internet-banking [not sure if that is correct in english]) and then to verify you are the bank-user you have to fill in a code (you get a paper send home with 100 different codes on it) like code nummer 78: 325587 Not sure if you meant that, sorry if you didn't. http://sign.tip.it/1/2/79/260/essiw.png Retired item crew I would like to be credited as essiw at the website update & corrections forum. Thanks! Link to comment Share on other sites More sharing options...
Sbrideau Posted January 20, 2011 Share Posted January 20, 2011 Considering it's what, $6? I don't think verification is a big issue.It is to some. You're rich and I dislike rich people. Link to comment Share on other sites More sharing options...
obidiah Posted January 21, 2011 Share Posted January 21, 2011 It's been maybe three or four years since I had to enter my credit card details into Runescape's website, so it may have changed, but I remember having to enter in my card number and security code. I don't know why they'd change that. Aren't those on the card though?Yup, so it's a pretty dumb thing to ask for security screening (as long as it's the only real security question), but I think the reason why they ask that is because more details like credit card numbers get stolen online rather than physically, so under such circumstances, the thief would have you card number, but (perhaps) not the security code. I still stand by my opinion that asking dumb questions like that is bad form (as far as validating ID anyways). EDIT: just had an idea. Why don't they ask one or two of your recovery questions as a security measure for credit card payments? That's a much stronger proof of ID, combined with the current questions. Does Jagex even have recovery questions anymore? I think they use e-mail for account recovery now. I think the lost password system is now recovery questions combined with e-mail (i.e just e-mail may not do the trick.) I hope so e-mail accounts can be as easy to steal as recovery questions. It was sold as adding another layer of security, not replacing one with another. The points a but moot though, as I don't think all that many of the stolen credit cards numbers used were connected with Runescape accounts, so wouldn't have associated recovery questions. (Could be wrong, but I didn't hear that many people crying on the forums that their credit card details had been stolen and used to pay for someone else's membership) Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now