New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
So basically i couldn't use it at all since i don't own a smartphone.
and letting my government basically control my payment authorization is something i'd feel extremely bad about in general.
Well, kind of, yes. As long as potential damages are not my problem there is very little difference though. It basically means i need to check my bill more closely. As for passwords i prefer to decide myself if i feel 2FA is necessary. Especially since a lot of solutions want to force people into some kind of app and even if not there's always a chance for the system to fail meaning i'm locked out of my account. Not to mention that for some stuff i simply don't attach enough importance to justify jumping through any extra hoops.
Well, i don't claim to be an expert on this but i've looked into it when 2FA on CCs became a thing and what i came up with was that there's basically a shift of the burden of proof. Without 3D secure it's up to the issuer to prove that the charge i'm disputing was in fact not fraudulent but with 3D Secure it's up to the user, so if the issuer doesn't feel like taking the loss you can always be hit with "Please provide proof that you really didn't order any Hosthatch VPS". If that happens all i can say is: Good luck.
Ah you are saying "Why is stealing is not allowed?"
If you say, Money is just money, then just rob your chinese bank there
You also said: "If you use other people's money and they don't notice anything unusual, then that's acceptable!", Use your mother wallet, thats OK for you
Point 1 - If you don't have a smartphone you get a text, if you don't have access to a phone at all you get a piece of paper in the mail with 100 random digits that are then used.
Point 2 - Again, thats personal preference, the system we use here are government funded but are not driven by the government, they own the system and use it for a wide range of things like you personal tax items etc, not trusting the app for your payments would also mean you wouldn't trust it with your taxes, you'd then have to go do that manually at a local help point and hope they can help, nothings perfect but it protects you.
Point 3 - I actually have first hand knowledge of a scenario like this - Abt 10 years ago my cousin got arrested by the police, put in jail and was charged with terrorism, reason? His card had funded purchases related to it online, his card was scimmed in a local store.
Or another scenario, you get a payment from hosthatch that you don't know, you go to your bank and issue a chargeback, you do get your money back, but hosthatch also gets a €50 fine from their gateway in dispute fee, is that fair? You could have taken a simple step to protect you, your card and vendors online but chose not to.
Point 4 - Easy, provide email logs that you never got an email from hosthatch, evidence provided and any serious bank would run a chargeback - It really isn't as "bad" as you put it out to be.
Lastly @totally_not_banned - Appreciate your conduct here, I always find it interesting to see/read other viewpoint on matters like this, thanks for keeping it civil thus far!
You having access to the logs often means that you can also manipulate them/delete something. And generally that's a bit difficult - would you want to simply send nothing as when no email is sent/received, there won't be any log entries about that.
Or do you have log entries like:
Edit: and a transaction can also legitimately happen without prior emails...
Frozen fingers are incompatible with Apple Pay.
Fingers don't taste good, unless it's a chicken finger served in school cafeteria.
Most US cards have 2FA that kicks in only during high risk transactions.
I would get a text message, to which I must respond Y to approve the transaction.
I've seen such messages 4 times in the past 12 years.
3 out of 4 times, it was a fraud case that resulted in card replacement.
MJJ from China got banned.
lmao
It was perhaps a bit short, but if you have a search record, atleast here most people can get that from their email provider stating whether or not there's been any emails from a certain domain, that is enough validation in case you don't know the transaction.
I do agree that it poses a problem, but its a trust based system afterall - It was more meant in the way tht if you dispute something where you claim you do not know it, there's multiple avenues where you can look to, to prove that you do not know it.
That said though, with 3D Secure you are under higher pressure to provide proof that you do not know a vendor if you've also approved it in your 2FA app, but that doesn't stop you from going towards a chargeback in case the service wasn't provided or the vendor scammed you.
If you use gmail fx you can get transcripts of whats come in/out of your inbox - And I do know that you can transact without an email but today the norm is to provide payment confirmations, invoices etc via email - If you can prove you never got any of that, you can also (in my eyes) prove to your bank that you do not know the vendor
@yoursunny - That is the same it is here, but its just mandated now that any payment above €100 (I believe) needs to be 3D Secure verified, anything below that is up to the individual vendor.
All I am saying is that, there are ways to protect you from having your card abused online and I think there should be more focus on preventing, rather than "Oh well, lets just chargeback", but I am also tainted as a vendor that are on the other end and are at risk of chargeback fees - 3DS like systems don't remove chargeback from the internet, but it will cut back dramatically on payments being processed that the card owner doesn't outright know.
That's something at least. While text message is actually somewhat convenient and in my opinion usually good enough it's also not exactly that hard to break for a determined attacker and sadly gets very, very error prone in an international context, so while this might work OK for a local CC it's not really always ideal for random passwords.
Well, in regards to taxes i have to deal with the authorities. I'd just rather not deal with them regarding my personal life. I'm dutifully fulfilling my legal obligations but beyond that the further the government is away from me the better. They are already invading people's private lives more than enough with all their regulations and paternalism. I seriously don't see a need to hand them a killswitch for my payments on top of that even if they are still two steps away from being able to actually press it.
Funny anecdote on the side: The year digital tax filings became mandatory around here i hired a tax consultant to do my paperwork and i get reminded pretty regularly how good of an idea that was by the frustration of the people around me that choose to put up with my government's crappy technology.
Well, sure something like this might happen but i figure chances aren't that high. It'll probably rather involve a bunch of Amazon flat screens delivered to some drop. Personally i wouldn't loose sleep over it. Just as i (usually) don't lose sleep over text messages being intercepted, SIM cards being cloned, numbers being fraudulently transferred or TAN sheets (which are sadly practically non-existent around here these days - i kind of liked those) being stolen from the mailbox.
Fair? No. From a mere consumer standpoint i'm not responsible for agreements entered by third parties though. I can understand if businesses reject such terms just as i hope businesses understand that i don't like jumping through extra hoops which gain me no noticeable advantage (outside the slim chance that someone is trying to abuse my card for terrorist financing but gets stuck on 2FA).
Where would i get such logs? Personally i wouldn't know and email being 100% unreliable i also wouldn't see what those are proving. Yeah, there's probably some spy on everyone indiscriminately law around here that requires email providers to keep logs but i doubt i'll get access to those and even if i'd get it the mail might just have been lost who-knows-where or i could have simply used another email address. In a legal context email is usually pretty bad news. There's a reason why registered snail mail is still the default when things get serious (and even there it's notoriously hard to prove delivery and reception of a specific document).
Sure thing. This is just my personal take on things anyways. Personal meaning me. For other people personal would mean them so they might come to different conclusions or apply different weighting and there's (usually) nothing wrong with that but i think i know quite well what you mean. People these days somewhat tend to take different opinions as a threat... I seriously have no clue what's up with that but it's annoying for sure.
Because of retards like these, we can't have nice things such as being able to pay for a service without emailing an ID.
Or put up with annoying 2FA stuff. As much as i don't like it i feel like it's kinda realistic to assume that the risk put onto businesses will likely force more and more of them to require it (compared to sending IDs i'd actually even see it as the lesser evil).
Once again: using a stolen credit card is fraud. Fraud is criminal. Using it while you know it's fraud/criminal is even worse. You admitted it. @Hosthatch apparantly knows your real bank account. All ingredients to let officials take it from here.
Hope that @Hosthatch will persue this. You are a disgrace to the LET community.
Imagine not having BankID
I've been away from this forum for a while, and one of the first things I read after coming back is someone asking why using a stolen credit card isn't allowed? lol
have you tried it yet?