| MarkMan |
10-14-2006 08:06 AM |
actualy .. just noticed this..
Quote:
Originally Posted by Chris Mallick View Post
There can only be 2 possibilities: You either made the transactions yourself; or you have been the victim of a Phishing attack. The latter is what our data supports. Nothing, however, supports all of this ePassporte bashing. You have been in contact with our CS people and Risk people. Your issue is being addressed, as I will describe for the audience later in this post. I am, as a result of this post and a few others, changing our Policy regarding Board posts (see the end of this post for that information).
Now, to your specific issue:
Assuming you were the victim of a Phishing attack, our policy is and has always been to return funds IF THEY ARE WITHIN OUR SYSTEM, if the fraud claim can be reasonably substantiated. We would typically believe that you were the victim of such an attack and your funds would be returned IF we could recover them from within our system. That is to say, if the funds were transferred to another eP client, we would roll back that transaction and credit your account, possibly blocking both accounts until the issue is sorted out.
What happened here is that 1 hour after 2 transactions were run, you called the Call Center. The transactions were at a merchant outside of our system. The funds were gone at the point of authorization through the Visa system. Effectively we have to pay that (those) authorized amount(s). We have done so, as it is not even an option to not pay a Visa Interchange Demand.
The answer as to how these amounts could be done in such close time proximity and in such ?high amounts? (they were $500 btw) is simple: You are an ePassporte Select Card Holder. You authenticated yourself and requested higher spending limits. These were all Virtual Visa transactions. They were fully authenticated with card expiry date, CVV2, address verification. This further supports a Phishing attack.
As you know, the only way to access the ePassporte account is to have the User Name and Password ? none of the transactions you claim as fraudulent are P2P; they are all Virtual Visa transactions. The only way to complete a Virtual Visa transaction is to have ALL of the Card Holder data. Nobody in our company, not one single person, has that data. It is an outside, Visa approved vendor?s data base, not ours. The communications between you and us, when it comes to password authentication or changes to any data requires this vendor?s involvement for verification. They have not been hacked or compromised. This is a fact. And this is not an inside job, as some have suggested. In fact, this sort of fraud happens all the time, as I am sure you are aware from just reading any publication. We are fortunate to have had only a few cases of this at ePassporte.
More importantly and most telling as to the fact that this is a Phishing attack: You share an IP with an ePassporte Card Holder that has been the victim of a Phishing attack in the past.
All of this, to our Team, suggests clearly that you in fact are a victim to this type of fraud. Lately the fraudsters are sending emails asking you to click a link to get to the Message Center. We would never do this. Some people click the link and enter their User Name and Password without even thinking. There are many scenarios one could think of when understanding that you share an IP with a know victim?s machine or system.
Again, had the funds not left our system, we would have been able to recover them and return them to your account. As it stands, the funds were properly authorized and are gone. Certainly you can understand that our policy must be as stated. If it were different, we would become victims of fraud, over night, with fraudsters attempting to spend funds and then recover.
As you also know, we have begun our Dispute Recovery Process. Unfortunately you have stated to our Team that waiting for the recovery was too long of a process. Be that as it may, we are attempting to recover the funds. This is our procedure: to first go to the Merchant and ask for a credit, then go the chargeback route, although this is cumbersome. If we issue a chargeback you will get the funds credited to your account, however, the funds would then be blocked for your use in our system for several weeks or months, as this process is easily reversed by the Merchant by Representing the original transaction. As the transaction was fully authenticated there is a good chance a chargeback issued by us for you would not stick and the transaction would end up where you are today. So as you can see, getting a credit is better and faster than starting down a chargeback route, which could take up to 6 months. These are not our time periods, rather Visa?s. Those are the rules. We will however go the chargeback route, as you have claimed fraud, if we are unable to get credits. Getting a credit is difficult as well, again as these are fully authenticated transactions.
We follow all Visa rules when it comes to these things. We are truly sorry for anyone that is the victim of any type of fraud. We do everything we can to help you avoid becoming such a victim. But given your shared IP with an admitted victim, we are pretty sure that this is what has happened.
Again, we are sorry for the loss of your funds, however our policy is consistent with all Issuers of Visa cards and we are unable to recover your funds without going through the process described above.
ePassporte is a trusted brand in the Adult space. We have thankfully only had a handful of these attack victims. We believe that we do a better job than most in protecting data security. Our track record is long and successful. We do not want to lose the trust of anyone, however, our policy is not going to change.
Lastly, I want to understand why, when you know fully what we are doing to recover your funds, you would start a thread like this? I assume it is to try and pressure us into just giving you money. I hope I am wrong. I won?t reply to any more posts here, I think my answers and descriptions are clear and detailed. If you, or anyone, has a question about this or any other issue, please contact me via email: [email protected] I will always do my best, as will my Team, to answer Card Holder questions. But issues like these are not for discussion on Boards. They involve financial transactions, fraud, data and procedural security and the like. I am sorry that there are those out there that love to take shots at our CS and our operations ? it is easy to see their motives. All we ask is for you all to take a look around at the biggest and most respected names in Adult and they will all tell you that ePassporte is their currency of choice. We strive to do better everyday and we always welcome constructive criticism and positive advice from those that are not trying to simply tear down what they do not understand or can?t compete with, fairly.
C
PS:
A new Board Policy is now going into effect: ePassporte will not post on any board or in any forum in response to Card Holder specific issues. We will be here to answer general, serious questions about our products and services. Keyser (Michael) will still be here daily, but will only post in threads as described above.
This policy is to allow us to operate our business properly and professionally and privately. And again, I am always available by email.
C
|
so they closed the Thread becouse their is nothing more to say |
