Feeds

RSA domain glitch derails UK online retailers

Unverified by Visa

Choosing a cloud hosting partner with confidence

RSA has apologised for a domain name registration glitch, which left clients of its securesuite.co.uk payment processing service unable to process payment as normal last Thursday.

Pizza purveyor Domino's, Dabs and others were hit by the snafu, which meant transactions either timed out or failed. In response to the problems, some online retailers disabled Verified by Visa on transactions that would normally be run through securesuite.co.uk.

RSA, which runs securesuite.co.uk through Cyota (a 2005 acquisition), at first denied knowledge of the glitch, insisting everything was fine with the domain. Initial checks suggested that the domain had expired after someone forgot to renew it. But a web-based system diagnostic tool that RSA uses gave the domain the all-clear.

"RSA is in the middle of updating all of its relevant domain names," the security vendor initially said. "In this particular case presented by The Register, the public WHOIS was not for some reason reflecting RSA's renewal, which has in fact already been processed.

"RSA is unaware of any service outages for our customers and have not received any complaints from card issuers, and all our diagnostics have passed."

However, further investigation, prompted by a request by El Reg to explain multiple independent reports of glitches, yielded the following response:

On 17 July, RSA 3D Secure within the United Kingdom was partially unavailable to certain customers and some transactions were delayed or blocked due to a domain name registration issue. The issue was identified and remedial action was taken. At the time, all Payment Card Issuers were immediately notified of a service interruption and they received continuous updates throughout until resolution.

The securesuite.co.uk is used to add 3D Secure protocol checks as an added layer of security to credit or debit card purchases and offered to consumers through such as the Verified by Visa and MasterCard SecureCode services. The online security and anti-fraud service has been mistaken for a phishing site in the past, but is (though it might appear otherwise) legitimate.

Reports of failed transactions involving securesuite.co.uk came to our attention thanks to Reg reader Martin N. "I first noticed something was wrong when I couldn't order a pizza from Dominos - who have now disabled their Verified by Visa stuff," he told us. "The site [securesuite.co.uk] is down because the site's domain is suspended. Somebody really messed up." ®

Security for virtualized datacentres

More from The Register

next story
Facebook pays INFINITELY MORE UK corp tax than in 2012
Thanks for the £3k, Zuck. Doh! you're IN CREDIT. Guess not
Big Content outs piracy hotbeds: São Paulo, Beijing ... TORONTO?
MPAA calls Canadians a bunch of bootlegging movie thieves
Google Glassholes are UNDATEABLE – HP exec
You need an emotional connection, says touchy-feely MD... We can do that
YARR! Pirates walk the plank: DMCA magnets sink in Google results
Spaffing copyrighted stuff over the web? No search ranking for you
UK.gov pushes for SWIFT ACTION against nuisance calls, threatens £500k fines
DCMS seeks lowering of legal threshold to fight rogue firms
Just don't blame Bono! Apple iTunes music sales PLUMMET
Cupertino revenue hit by cheapo downloads, says report
Hungary's internet tax cannot be allowed to set a precedent, says EC
More protests planned against giga-tariff for Tuesday evening
US court SHUTS DOWN 'scammers posing as Microsoft, Facebook support staff'
Netizens allegedly duped into paying for bogus tech advice
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
How to simplify SSL certificate management
Simple steps to take control of SSL certificates across the enterprise, and recommendations centralizing certificate management throughout their lifecycle.