UK bank blames fraudsters for World of Warcraft ban
Halifax leaves Blizzard out in the cold
Regcast training : Hyper-V 3.0, VM high availability and disaster recovery
Frequent use of stolen credit cards to pay for World of Warcraft subscription has prompted UK bank Halifax to block payments to the game's publisher, Blizzard Entertainment.
In a statement, the bank said its decision to block payments was not a reflection of the integrity of Blizzard or its billing systems.
"We have seen a significant number of fraudulent transactions through Blizzard's gaming sites. We have, therefore, blocked the majority of Visa/Mastercard transactions we receive from there in order to combat this. We do not believe the fraud is anything to do with Blizzard themselves, their sites or the integrity of their billing systems, rather it is site users utilising stolen credit card details to pay for subscriptions," the bank said. "If a customer does want to subscribe to a game site operated by Blizzard, using a Halifax or Bank of Scotland credit card, we can arrange for the payments to be processed for them if they contact us."
A spokesman for the bank declined to elaborate on how many organisations were also blocklisted explaining that details of its anti-fraud systems work is confidential.
The issue came to light after Reg reading expat Brit Michael, who lives in Canada but banks with Halifax UK, complained to the bank about his inability to buy World of Warcraft subscriptions using his card. Halifax apologised for the inconvenience but told him its fraud analysts have "made the decision to decline all Blizzard transactions due to the high volume of fraud and a high incidence of compromised details".
Michael is unconvinced by Halifax's arguments.
"I am not aware of any other bank or credit organization refusing Blizzard transactions, so I assumed their exceptional behaviour in this instance might be worth reporting, especially if it convinces them to resume normal and appropriate behaviour in connection with these transactions," he told El Reg.
It's unclear whether any other banks have acted over similar concerns. Blizzard representatives didn't reply to emails requesting comment. ®
Additional reporting by Dan Goodin
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider
COMMENTS
verified by visa is a piece of shit anyway
if you have a stolen card (which means you have the physical card) then then only extra piece of information you need to reset the password is a date of birth, and i feel fairly sure that that isn't the hardest thing to find out if you are hardened criminal gang.
you can probably google for the account holders name and location in facebook or somesuch.
its just a sop to reassure tim nice but dim.
you should start asking how many people you give your card details to have implemented PCI-DSS (supposed to be mandatory for all 18 months ago). Answer: Virtually no company anywhere.
The game company's side of things
There are some excellent posts here from the banker's side of things, and more good ones from a user's side of things. Not many look at the game company's side.
The fraudulent charges discussed here aren't so much kiddies using their parents' cards to buy an extra month of game time or a new account. Rather, it's organized companies set up overseas, in places like China, well beyond the reach of most law enforcement agencies in the West. These firms employ people to collect as much in-game currency as they can, then they sell that currency to players in exchange for real-world cash. This is referred to as "farming" gold, and the sale is often called real-money transfer, or RMT.
Random_player_1 is a WoW player. He's not especially good, so he decides to purchase some gold pieces (the currency in the game) from one of these RMT companies. He hands over his credit card info, and a few minutes later, a representative of the RMT firm shows up in game and hands him his gold. Random_player_1 uses that gold to buy new gear, which increases the power of his character and lets him do things that were too difficult before, and he's all happy.
Now, what happens to that credit card info? Well, without telling Random_player_1, that RMT firm uses his info to open a bunch of new accounts. Those accounts each get a free month, but require a credit card to activate. Each of those accounts is used to farm more gold (to be sold to other players), or to spam advertisements in the game (an offense that can get the account holder banned, which in this case would be our innocent, blissfully ignorant Random_player_1), or to do other nefarious deeds in the game. If the RMT company is nice, they'll cancel the trial accounts before the free month ends, but more likely, they'll let it roll over to a paid account, hoping to get another month or two of service from it before the card holder notices the extra charges, contacts Blizzard, then (when Blizzard refuses to refund the cash) disputes the charge with his bank.
You see where the problem here lies? It's not with Random_player_1, who didn't do anything illegal. He did something pointedly _foolish_ in trusting his info to the RMT firm, but it wasn't illegal. The fraud happened on the part of the RMT firm, which misused Random_player_1's credit card info. There's no clear evidence that Random_player_1 did or didn't authorize the charges, other than his word against that of Blizzard (note that there's no evidence of the RMT firm's involvement here either). Ultimately, the bank is left holding the bag. They have to refund the cash to the player, and as a result they end up fining Blizzard for excessive chargebacks, even though Blizzard had nothing to do with this whole mess and is as much of a victim as Random_player_1.
Outrageous
I have just been in contact with the credit card company and was informed that they will not authorise payment under any circumstances.
IT infrastructure monitoring strategies
Agentless Backup is Not a Myth
Top 10 SIEM implementer’s checklist
Steps to Take Before Choosing a Business Continuity Partner
Enabling efficient data center monitoring
