Support NeoGAF

[QuantumBro]

Undisputed proof that All Credit Cards had the CVV2 information on the PSN Network.

Oh fuck.

 

[itxaka]

I'm pretty sure my MC is on there. Ill have to edit that because its been so long since I did it but you have me doubting what I remember

I was surprised because its mandatory. You show the physical card or else you input the cvv to demonstrate that the card is in your possession, no way around it. That mixed with the forbidden storage of the cvv naked it easier to stop massive fraud or massive stealing.

 

[Self_Destructive]

Oh fuck.

It asks you to enter it... it doesn't save it on the network. :/

 

[Carl]

Undisputed proof that All Credit Cards had the CVV2 information on the PSN Network.

As long as it doesn't store it i don't care...

 

[QuantumBro]

It asks you to enter it... it doesn't save it on the network. :/

Oh thank god, started to freak for a min.

 

[Four_Chamber]

Undisputed proof that All Credit Cards had the CVV2 information on the PSN Network.

Very interesting. At least this verifies that some people who have sworn that they put in the security code at some point aren't completely insane

 

[Metalmurphy]

It asks you to enter it... it doesn't save it on the network. :/

That doesn't make any sense... unless that's a menu to do a transaction and not just save your card details.

 

[JudgeN]

I don't think you can buy anything online with a credit card without the security code.

 

[Dr. Malik]

my heart goes out to the poor Socom developers. I don't play it, but man, this must just be crushing for them.

Mine doesn't. Played it 2 days ago and the SP was quite the letdown. They shouldn't have half-assed it for days like these.

 

[Captain Tuttle]

All of these people saying that they're are going to use Playstation Cards. How much do you think that will cut into revenues for Sony. I mean, the retailer has to get a cut right? If there's a heavy demand the retailers can demand a bigger cut right?

It won't hurt them that much but I'd imagine a big part of their strategy with the PSN was keeping as much of the exchange of monies in their network as possible.

And I understand that GAF does not equal the average consumer

Edit: goddamn at that CCV stuff.

 

[WonkyPanda]

Technically they are right, to anyone who joined the PSN no big credit card stuff was obtained, but if you ever brought anything off of it, which most people probably have, This isUndisputed proof that All Credit Cards had the CVV2 information on the PSN Network.

Simply because you have to input a CVV2 code does not mean it is stored on their server. We don't have way to confirm that. Unless, you're one of the hackers...... *shifty eyes*

 

[Rebel Leader]

Mine doesn't. Played it 2 days ago and the SP was quite the letdown. They shouldn't have half-assed it for days like these.

I look up to the sky and I say.... Lord I miss red dead redemption =3

I really do T_T

 

[D4Danger]

I don't think you can buy anything online with a credit card without the security code.

yeah, I don't know if it's different for everyone but here in the UK you have to provide the code on the back of the card every time.

also, most places (at least the few I deal with) will keep the card details on record and ask you for the last 4 numbers (just to confirm it's the right card) and the security code so I guess they don't (aren't allowed to?) store that part.

 

[DavieC726]

It asks you to enter it... it doesn't save it on the network. :/

It has to save it on the network, otherwise you'd be ask to enter it again every time you buy something, which of course you don't. THis obviously won't effect people who just joined to play online, but lets face it, who doesn't get any sort of DLC or PSN game these days?

 

[Degen]

and here i thought it was safe to just smash the ps1 and 2 with a sledgehammer

i see the sony headphones have to be the next to go.

 

[BeautifulMemory]

Guys, credit card is only one of the many things to worry about. They can open NEW credit cards, take out loans in your name, do whatever it is that consists of identity theft. What if you use a debit card? In any case, your bank account info is linked to it. The security number on CC is just ONE credit card, while greater risks are out there.

I once got my debit card stolen---and I hardly, almost never, use debit card online. So be vigilant.

 

[Wario64]

If you guys can't remember if it asks for CVV, then clearly you guys haven't been buying stuff on PSN with a credit card.

 

[Rebel Leader]

If you guys can't remember if it asks for CVV, then clearly you guys haven't been buying stuff on PSN with a credit card.

The last thing I bought was the Brotherhood DLC

 

[Vamphuntr]

It has to save it on the network, otherwise you'd be ask to enter it again every time you buy something, which of course you don't.

Maybe it's stored on the console? I would always use the checkout option and it would add fun automatically and I don't even remember entering it.

 

[Mailenstein]

If you guys can't remember if it asks for CVV, then clearly you guys haven't been buying stuff on PSN with a credit card.

Thought the same lol.

 

[Mooreberg]

Got a credit card statement in today and no shenanigans. What is going on with all the reports of B.S. charges on credit cards if Sony is saying all the CC data was encrypted? They're pretty much letting blogs tell the whole story on this by not communicating anything remotely useful.

 

[gillty]

I was surprised because its mandatory. You show the physical card or else you input the cvv to demonstrate that the card is in your possession, no way around it. That mixed with the forbidden storage of the cvv naked it easier to stop massive fraud or massive stealing.

CVV is not mandatory in North America.

 

[Zoe]

If you guys can't remember if it asks for CVV, then clearly you guys haven't been buying stuff on PSN with a credit card.

http://www.youtube.com/watch?v=rtjrF8nFPDE&feature=player_detailpage#t=83s

That's the old store, but I remember it being just as easy on the current store.

 

[Metalmurphy]

If you guys can't remember if it asks for CVV, then clearly you guys haven't been buying stuff on PSN with a credit card.

I have and I can't remember. Last thing I bought was Undead Nightmare, so it's been a while.

 

[itxaka]

That doesn't make any sense... unless that's a menu to do a transaction and not just save your card details.

As far as I know you only need the authorization once. After that. The merchant can charge without it. IIRC the first time you used a card on psn it will get hold of 1$/1€ while the auth processed. After the confirmation that hold was released.

 

[TTP]

If you guys can't remember if it asks for CVV, then clearly you guys haven't been buying stuff on PSN with a credit card.

Not true. Have been purchasing stuff from the Store for 5 years and I don't enter my CC data every time I purchase. I even have the automatic funding thing on so that it automatically adds funds to my wallet when needed.

 

[KJTB]

Got a credit card statement in today and no shenanigans. What is going on with all the reports of B.S. charges on credit cards if Sony is saying all the CC data was encrypted? They're pretty much letting blogs tell the whole story on this by not communicating anything remotely useful.

Yeah, Sony really needs to just give us some facts so we can stop screaming about the sky falling and shit. I'd rather know how shitty the reality of the problem is than having to sit here reading shit from random blogs about how there's possibly someone out there taking out loans in my name.

 

[Metalmurphy]

As far as I know you only need the authorization once. After that. The merchant can charge without it. IIRC the first time you used a card on psn it will get hold of 1$/1€ while the auth processed. After the confirmation that hold was released.

And can they charge the card after that without that code?

 

[WonkyPanda]

Guys, credit card is only one of the many things to worry about. They can open NEW credit cards, take out loans in your name, do whatever it is that consists of identity theft. What if you use a debit card? In any case, your bank account info is linked to it. The security number on CC is just ONE credit card, while greater risks are out there.

I once got my debit card stolen---and I hardly, almost never, use debit card online. So be vigilant.

How is it possible to open new lines of credit without a SSN?

 

[ShortBus]

"(excluding security code) and expiration date may have been obtained. Keep in mind, however that your credit card security code (sometimes called a CVC or CSC number) has not been obtained because we never requested it from anyone who has joined the PlayStation Network or Qriocity, and is therefore not stored anywhere in our system."

Bull,Sony.
I've always been asked for a CVC,always.

 

[Rebel Leader]

Yeah, Sony really needs to just give us some facts so we can stop screaming about the sky falling and shit. I'd rather know how shitty the reality of the problem is than having to sit here reading shit from random blogs about how there's possibly someone out there taking out loans in my name.

Without a pic of such transaction occurring.

 

[jax (old)]

Yeah, now we're gonna get "my email got stolen" reports instead of "someone charged $1000 at a gas station in China" reports.

but you know about this? You share your password on things like this? You deserve to have your email stolen.

I need to get 1password at somepoint in time but..

my email passwords + gmail = both about

**************** <---- that literally is how long it is and its not something you can guess as its not really a word. And they're also different.

Yeah, Sony really needs to just give us some facts so we can stop screaming about the sky falling and shit. I'd rather know how shitty the reality of the problem is than having to sit here reading shit from random blogs about how there's possibly someone out there taking out loans in my name.

Sony can't control the misinformation. They haven't said much but the bullshit I've been reading. (mostly from this thread).

 

[Rebel Leader]

I need to get 1password at somepoint in time but..

my email passwords + gmail = both about

**************** <---- that literally is how long it is and its not something you can guess as its not really a word. And they're also different.

I would like to buy a vowel.

A

 

[Metalmurphy]

but you know about this? You share your password on things like this? You deserve to have your email stolen.

I need to get 1password at somepoint in time but..

my email passwords + gmail = both about

**************** <---- that literally is how long it is and its not something you can guess as its not really a word. And they're also different.

Is it "****************" (without the quotes)?

 

[jax (old)]

Is it "****************" (without the quotes)?

yes its literally is that.

 

[Curufinwe]

I went to my bank tonight after work and got a new debit card with a different number than the one I used to buy Wipeout HD and Resident Evil 2 & 3.

Interestingly, the numbers on the front of the card are just printed there - they're not raised & embossed like the numbers on my old card.

http://www.creditcards.com/credit-c...cards-flat-unembossed-raised-numbers-1273.php

 

[Zeliard]

Bull,Sony.
I've always been asked for a CVC,always.

They chose their words very carefully there.

"...we never requested it from anyone who has joined the PlayStation Network or Qriocity" is technically true since you don't enter CC info in just to join PSN. You do so to buy stuff from it.

 

[Raistlin]

That doesn't make any sense... unless that's a menu to do a transaction and not just save your card details.

I may be completely off-base here, but I believe this is done for authentication when setting up a repeat purchase account. Basically it is only used right then (not stored), and after that the company can use your information (minus the security code) for future purchases.

I think sometimes (and this may have happened with PSN IIRC) it actually does a few microtransactions (like $0.70 or so) and then refunds them immediately? Not sure if that's necessary. You typically then have to verify the amounts. I really don't recall if we had to do that here.




Note: Not just any company can do this. To my knowledge it's something that's set up with credit card companies beforehand for 'trusted' sellers. Basically big companies like Sony, Amazon, etc. Also, it can't be used carte blanche. It is tied to a specific purchase designation - the one that shows up on your statement. It will only work with that one (in this case, whatever the designation is for PSN purchases).

 

[Majine]

Wonder if you can actually use stars in the password. That would've been the bestest pw ever.

 

[Zutroy]

http://www.youtube.com/watch?v=rtjrF8nFPDE&feature=player_detailpage#t=83s

That's the old store, but I remember it being just as easy on the current store.

Oh shit, I had completely forgotten about how the old store was with the manual movement of the pointer. Looks so old!

 

[Zoe]

yeah, I don't know if it's different for everyone but here in the UK you have to provide the code on the back of the card every time.

The EU FAQ actually doesn't say that they never asked for it.

http://faq.en.playstation.com/cgi-bin/scee_gb.cfg/php/enduser/std_adp.php?locale=en_GB&p_faqid=5593

 

[itxaka]

And can they charge the card after that without that code?

I think big companies can as long as the first charge was authorized with the cvv.
Of course is for big big companies. I guess that someone could confirm it with paypal for example, if they have a credit card attached, they can try transferring funds to their account to see if it asks for it again or not.

Edit: Raistlin says the same, so I'm not mistaken then.

 

[MGR]

And can they charge the card after that without that code?

Not sure of security law/policy differences between country/companies but you can generally charge a credit card provided you have the number and expiry date.

I believe Sony only use the CVV code when you first enter your card details on the PSN to verify you are actually the physical holder of the card. After that card it attached to your account they don't need it.

 

[Metalmurphy]

I may be completely off-base here, but I believe this is done for authentication when setting up a repeat purchase account. Basically it is only used right then (not store), and after that the company can use your information (minus the security code) for future purchases.

I think sometimes (and this may have happened with PSN IIRC) it actually does a few microtransactions (like $0.70 or so) and then refunds them immediately? Not sure if that's necessary.


Note: Not just any company can do this. To my knowledge it's something that's set up with credit card companies beforehand for 'trusted' sellers. Basically big companies like Sony, Amazon, etc. Also, it can't be used carte blanche. It is tied to a specific purchase designation - the one that shows up on your statement. It will only work with that one (in this case, whatever the designation is for PSN purchases).

I see, in that case it would make sense that they'd ask for it and not save it.

I think someone said that by law they're not allowed to save it. Any truth to that?

 

[itxaka]

I see, in that case it would make sense that they'd ask for it and not save it.

I think someone said that by law they're not allowed to save it. Any truth to that?

Not law but visa, Mastercard, amex requirements. You can lose charging with credit card if they catch you storing them.

 

[Curufinwe]

Hah, I totally forgot that I once set up a New Zealand PSN account so I could download a demo of Wipeout Pulse. But Sony sent me an email to the email addres for that account, too. I never had any CC info on that account, though.

 

[Raistlin]

I see, in that case it would make sense that they'd ask for it and not save it.

I think someone said that by law they're not allowed to save it. Any truth to that?

I'm not familiar with the law for stuff like that.


If I had to guess, it may not be a law but a rule from the CC companies. If someone breaks it though the CC would pull them from being a supported seller, so it's not something a company would fuck with. Particularly for a big company that can set up a repeat transaction scenario anyhow.

 

[Raistlin]

itxaka,

lol We're sharing a brain right now




BTW - I'm actually kind of guessing here. But the fact we seem to think it's handled in the same manner tells me it's probably something we've read way back when.

I blame alcohol

 

[TTP]

I see, in that case it would make sense that they'd ask for it and not save it.

I think someone said that by law they're not allowed to save it. Any truth to that?

quick google search gave me this

One of the PCI standards prohibits the storage of sensitive authentication data, such as magnetic stripe data, credit card security code numbers, or debit card PIN authentication numbers. The Minnesota law essentially codifies this prohibition by requiring the destruction of such data within 48 hours after a transaction is authorized.

http://www.dlapiper.com/files/upload/E-Commerce_and_Privacy_Jun07.html

 

[whalleywhat]

If you guys can't remember if it asks for CVV, then clearly you guys haven't been buying stuff on PSN with a credit card.

I literally just click 'confirm purchase' and it does the rest.