20i Reseller Hosting

Just Eat

Discussion in 'The Bar' started by RobM, Jun 22, 2019.

  1. RobM

    RobM Well-Known Member Exclusive Member

    Joined:
    Mar 2012
    Posts:
    2,809
    Likes Received:
    389
    I have been one of many 'victims' of credit card fraud by Just Eat charging my card for £35 for food at the beginning of the month. I have had to cancel my credit card and now I have an 8 week process to recoup the money. However I don't even have an account with them and haven't been to uk for years. So my questions are: is this a UK only company and anyone know of any other delivery companies who might share data with them? I'm trying to find out how they got my info and wondered if anyone has had the same issues with them?
    The article that made me realise I wasn't alone was https://www.bbc.com/news/uk-48719098
    You might want to check your balances if you used them in the past.
     
    Last edited: Jun 22, 2019
  2. Domain Forum

    Acorn Domains Elite Member

    Joined:
    1999
    Messages:
    Many
    Likes Received:
    Lots
    articles.co.uk
     
  3. dazc United Kingdom

    dazc Active Member

    Joined:
    Dec 2008
    Posts:
    257
    Likes Received:
    12
    If you've used your card abroad the chances of your number being collected and used for fraud is much higher than in the UK.

    However, my card has been used fraudulently at a restaurant/take-away. As I understood it, it was just a random card number they used because no other authentication was required, not the expire date or the 3-digit code, nothing.

    The bigger question, I guess, is why credit card companies allow these transactions to be processed in the first place since it requires a degree of diligence on behalf of the card holder to ensure nothing slips through the net.
     
  4. RobM

    RobM Well-Known Member Exclusive Member

    Joined:
    Mar 2012
    Posts:
    2,809
    Likes Received:
    389
    Yeah I suppose it's the risk of using a card for online transactions. I just wonder who is storing the cvv details as well that fraudsters would need. I'll have to look through and see which companies I've used that processed the payment themselves as opposed to using a processor like worldpay, paypal, etc. Unfortunately that includes a few domain related companies so one of them has either shared the data or been compromised.
     
  5. inteldigital

    inteldigital Active Member

    Joined:
    Mar 2018
    Posts:
    605
    Likes Received:
    65
    Some companies (oddly) don't need the CVV to process payments. This is fucking odd to me, Amazon being one of them. It really makes me uneasy.
     
  6. Trauiner United Kingdom

    Trauiner Active Member

    Joined:
    Feb 2016
    Posts:
    161
    Likes Received:
    12
    CVV doesn't add any extra layer of security, which is why companies like Amazon don't request it. If someone has stolen your debit card/billing details, they have the CVV code anyway, so requesting it at checkout doesn't do much apart from reduce payment conversions. (Most payment declines on payments charges for legitimate uses come from the wrong CVV being entered by accident.)
     
  7. RobM

    RobM Well-Known Member Exclusive Member

    Joined:
    Mar 2012
    Posts:
    2,809
    Likes Received:
    389
    But in this case my card was used I guess online as I think Just Eat are an order/delivery service (we don't have them here)? They don't have my card physically. That means they got the cvv from wherever they got the details - which in turn means someone who shouldn't be is storing cvv details. I'll never know.
     
  8. inteldigital

    inteldigital Active Member

    Joined:
    Mar 2018
    Posts:
    605
    Likes Received:
    65
    Not really, people can steal your payment information without having your card. It was introduced as an anti-fraud measure, so how exactly does it not add an extra layer of security? I don't think having to enter a CVV reduces conversions either, I think that's a bunch of shit. If your product is good, people will buy it. If it's not good, people will find any excuse not to buy it.
     
  9. WHM United Kingdom

    WHM Member

    Joined:
    Apr 2019
    Posts:
    18
    Likes Received:
    1
    I don't think that's really the case, I have one card that I use exclusively overseas, must have had 10K+ transactions on it over the last 6+ years. Not had any fraud from that card.

    On the other hand, 2 other cards I've hardly used but all most all transactions were for UK online purchases have had to have to be reissued 3 times because of random fraudulent transactions.

    Just my 2 pence but online shopping is far worse than overseas transactions for fraud.
     
  10. dazc United Kingdom

    dazc Active Member

    Joined:
    Dec 2008
    Posts:
    257
    Likes Received:
    12
    Perhaps so, I am quite paranoid about giving random sites my credit card details though and tend only to buy from amazon and such?
     
  11. Trauiner United Kingdom

    Trauiner Active Member

    Joined:
    Feb 2016
    Posts:
    161
    Likes Received:
    12
    I'm not sure you read and understood my post correctly.

    "people can steal your payment information without having your card." - This is exactly the reason CVV is pretty pointless these days. Most payment fraud is from the card details being stored from malicious websites or card detail databases being leaked/hacked. If someone has stolen your details from a online transaction, then in nearly all cases, they have your CVV along with your card number.

    "I don't think having to enter a CVV reduces conversions either, I think that's a bunch of shit. If your product is good, people will buy it. If it's not good, people will find any excuse not to buy it." -- Again, you clearly didn't read the post correctly. You can actually split test and see that removing the CVV increases conversions. It's nothing to do with the product being good/bad. It's the fact that the CVV is often incorrectly entered by accident on genuine purchases. This causes abandonment. You can call it a bunch of shit all you want, put the results speak for themselves.

    That's the reason Amazon doesn't request a CVV, it's utterly pointless. If someone has stolen your card details, they've got your CVV.

    CVV was like you said introduced as fraud protection. However, this was introduced something like 18 years ago before online fraud was prevalent. It's a completely useless fraud prevention tool these days, hence why they're trying to push 3D authentication, rotating CVV's etc. This is because the current fraud prevention tools (expiry date, CVV etc) are utterly crap and pointless in the current online landscape.
     
  12. RobM

    RobM Well-Known Member Exclusive Member

    Joined:
    Mar 2012
    Posts:
    2,809
    Likes Received:
    389
    Plenty of places online store your card details but not your cvv. They then ask for it in future transactions and it is passed through to the payment processor so they never even see it. That way if their database gets hacked, or info leaked, people can't use the data. So it's not useless - it just means that someone I used stored *all* the data and it was compromised. You can buy card info (without ccv) easily on the net. Any decent place is going to ask you that info on an online purchase - it's the difference between being able to commit fraud or not.
     
    • Like Like x 1
    Last edited: Jun 23, 2019
  13. Trauiner United Kingdom

    Trauiner Active Member

    Joined:
    Feb 2016
    Posts:
    161
    Likes Received:
    12
    It seems the understanding of online fraud by members of this community is worryingly poor.
     
  14. RobM

    RobM Well-Known Member Exclusive Member

    Joined:
    Mar 2012
    Posts:
    2,809
    Likes Received:
    389
    Lol ok. Try not to let our lack of expertise worry you though.
     
    • Funny Funny x 1
  15. inteldigital

    inteldigital Active Member

    Joined:
    Mar 2018
    Posts:
    605
    Likes Received:
    65
    My bank has already started implementing SCA, which makes it nigh on impossible for someone to use my card details for fraudulent purposes. Unless of course, they make a purchase with my details through a company I have already approved beforehand and that now has continuous payment authority. Like, probably Amazon lol.

    EDIT: Anyway, point is, that I think SCA will eliminate loads of fraud, and everyone should use it ASAP. I'm with Starling Bank, anybody else bank with them? Really good, non-high street bank.
     
  16. RobM

    RobM Well-Known Member Exclusive Member

    Joined:
    Mar 2012
    Posts:
    2,809
    Likes Received:
    389
    Just tried to pay my nominet invoice...wrong cvv...wasn't approved. Lucky they asked for that. I'll email them now and tell them it's an irrelevant piece of information and they don't need it.
     
    • Funny Funny x 2
  17. Trauiner United Kingdom

    Trauiner Active Member

    Joined:
    Feb 2016
    Posts:
    161
    Likes Received:
    12
    Exactly why it's stupid.