Page 2 of 3 FirstFirst 123 LastLast
Results 26 to 50 of 60

Thread: VERY IMPORTANT: Payoneer Security Issue

  1. #26
    God/dess justanothercamgirl's Avatar
    Joined
    Mar 2012
    Posts
    5,199
    Thanks
    17,224
    Thanked 19,866 Times in 4,132 Posts
    My Mood
    Lurking

    Default Re: VERY IMPORTANT: Payoneer Security Issue

    Thanks everyone for all your input on this subject. I am nervous about Payoneer so I am glad to have the heads up on these sorts of things.

  2. #27
    God/dess BlkSharpie's Avatar
    Joined
    Mar 2008
    Location
    FL
    Posts
    3,076
    Thanks
    1,977
    Thanked 4,430 Times in 1,702 Posts
    My Mood
    Cheeky

    Default Re: VERY IMPORTANT: Payoneer Security Issue

    Quote Originally Posted by EricaErotica View Post
    BlkSharpie, that's not the point. Do you realize that a person can go onto Payoneer's Load a Card page and start typing in random numbers and possibly receive YOUR name? After they have your card number and your name they can go on to commit all types of fraud against you. This person does not need to be a client or anyone who has anything to do with you. They just happen to know about this security breach on the Payoneer system and they use it to figure out card holder names once they successfully key in a valid 16 digit card number. That is the fact that I am trying to alert ALL Payoneer card holders about. That is simply appalling and dangerous.
    Got it...from your first message, I thought you were upset that the guy was able to see your name when he typed in your card number, but this clarifies it a bit more, that you mean its about the guys who can just randomly type in card numbers and get someones name...

    That is very good point actually, because in essense, its a cc number verification for payoneer cards... and its possible someone has a program running to have it try different numbers til they hit on one that is legit.

    What did payoneer tell you when you let them know your concerns about this?
    Don't blink. Don't even blink. Blink and you're dead. Don't turn your back. Don't look away. And don't blink!

  3. The Following 2 Users Say Thank You to BlkSharpie For This Useful Post:


  4. #28
    Banned
    Joined
    Aug 2010
    Posts
    2,724
    Thanks
    2,845
    Thanked 3,510 Times in 1,483 Posts
    My Mood
    In Love

    Default Re: VERY IMPORTANT: Payoneer Security Issue

    We would be speculating a program can do this without it being flagged on their site, theres millions (billions?) of numbers for credit cards.

    This would be a wider issue and not just Payoneer, your name and card number is on all your cards and hundreds of random people see it per year. (with the exp date etc)

    I think this is abit blown out of proportion.




    **** Nissim is unable to post in this section, can a mod move this to the appropriate section as it not only concerns us but the wider audience.

  5. #29
    Veteran Member EricaErotica's Avatar
    Joined
    Oct 2008
    Posts
    521
    Thanks
    368
    Thanked 961 Times in 272 Posts

    Default Re: VERY IMPORTANT: Payoneer Security Issue

    PrincessJenny you need to politely remove yourself from this discussion. You do not work at Payoneer. You do not handle their website's programming and technology. You do not handle their website's infrastructure and security.

  6. #30
    Banned
    Joined
    Aug 2010
    Posts
    2,724
    Thanks
    2,845
    Thanked 3,510 Times in 1,483 Posts
    My Mood
    In Love

    Default Re: VERY IMPORTANT: Payoneer Security Issue

    And neither does anyone else here, I have sent a request to have the thread moved.

  7. #31
    Veteran Member EricaErotica's Avatar
    Joined
    Oct 2008
    Posts
    521
    Thanks
    368
    Thanked 961 Times in 272 Posts

    Default Re: VERY IMPORTANT: Payoneer Security Issue

    Quote Originally Posted by BlkSharpie View Post
    Got it...from your first message, I thought you were upset that the guy was able to see your name when he typed in your card number, but this clarifies it a bit more, that you mean its about the guys who can just randomly type in card numbers and get someones name...

    That is very good point actually, because in essense, its a cc number verification for payoneer cards... and its possible someone has a program running to have it try different numbers til they hit on one that is legit.

    What did payoneer tell you when you let them know your concerns about this?
    Nissim at Payoneer is in denial about this being a serious security breach. He said they have systems in place to prevent the random entry of possible credit card numbers, but they do not. Roast confirmed this. She was successful in entering a number of random credit card numbers and their system did not shut her down.
    Last edited by EricaErotica; 04-30-2012 at 09:26 AM.

  8. The Following User Says Thank You to EricaErotica For This Useful Post:


  9. #32
    God/dess roast's Avatar
    Joined
    Aug 2010
    Posts
    2,182
    Thanks
    14,733
    Thanked 11,294 Times in 1,925 Posts
    My Mood
    Hungover

    Default Re: VERY IMPORTANT: Payoneer Security Issue

    What it will say is:

    "Action was locked due to multiple requests. Please type the text above to unlock. "

    Then you just type in the text, it unlocks it, and you can proceed again. I've unlocked it many many times.

    If you type it wrong it just gives you new numbers to type in. If theyre trying to prevent number generating bots from using it, at the very least their CAPTCHA should not be numbers, lol right? I mean, there are so many other forms of CAPTCHA you can use.

    All I other security alerts I get:

    "Oops.. Maximum field length of 16 for payoneer card number was exceeded."
    "Oops.. Please fill in a valid payoneer card number"

    The longer I try the more the system just gives me more numeric CAPTCHAs that I can just easily bypass. Or, I can get it wrong and it kindly gives me a new one.

    I mean.

    Hey, I get you guys need to save face - but instead of thinking we're the dumb ones and focusing on damage control, can you just look into it and fix it? All you have to do is disable that feature or put it on the confirmation page. This is not people clucking over something trivial.





    Quote Originally Posted by Procrasturbator View Post
    So how many stumps can you fit in your pussy?

  10. #33
    Banned
    Joined
    Aug 2010
    Posts
    2,724
    Thanks
    2,845
    Thanked 3,510 Times in 1,483 Posts
    My Mood
    In Love

    Default Re: VERY IMPORTANT: Payoneer Security Issue

    But a program couldnt do that? and it would be highly impractical to sit and type them manually over and over again.

    Its like trying to guess someones password. In theory it could be done but the chances are slim to 0.

  11. #34
    Veteran Member EricaErotica's Avatar
    Joined
    Oct 2008
    Posts
    521
    Thanks
    368
    Thanked 961 Times in 272 Posts

    Default Re: VERY IMPORTANT: Payoneer Security Issue

    PrincessJenny people spend YEARS planning bank heists. I can see someone spending weeks and months on their computer trying to figure this out. Criminals are VERY VERY persistent.

    This feature needs to be disabled immediately.

    And how do you know whether a program can do this or not. Are you a website developer? Are you a website programmer? You would be surprised what people can create especially when there is the possibility of huge financial gain people will go to great lengths.

  12. The Following 2 Users Say Thank You to EricaErotica For This Useful Post:


  13. #35
    God/dess roast's Avatar
    Joined
    Aug 2010
    Posts
    2,182
    Thanks
    14,733
    Thanked 11,294 Times in 1,925 Posts
    My Mood
    Hungover

    Default Re: VERY IMPORTANT: Payoneer Security Issue

    You dont even need time to plan it - you just need the right number generating scripts. Like DDoS attacks arent people who collect a million computers and slowly overload a server manually, they have bots/scripts doing it. There are a number of easy to download number generating/spam bots out there (it is why CAPTCHA even exists tbh). A variety of computer programming languages support its creation, even if you have the most basic understanding of database language it can be done. I just googled instructions and there are a bunch of directions on how to do it. Many forums devoted to this kind of thing. It is like a blackhat orgasm waiting to be rubbed out.

    Hey, here's an idea, instead of this being a uncomfortably and weirdly hostile debate - how about that feature gets moved to the confirmation page. That is the only place you need to know that the card is valid, also at that point your own information has been submitted which is a bonus for detecting the origin of fraud. Otherwise it serves no other purpose? A lot of people use this service so I understand the vested interest, but no one is calling for it to be boycotted or shut down or anything financially dire (I just used it like 5 seconds ago) - we're just saying: fix it?
    Last edited by roast; 04-30-2012 at 07:28 AM.





    Quote Originally Posted by Procrasturbator View Post
    So how many stumps can you fit in your pussy?

  14. The Following 4 Users Say Thank You to roast For This Useful Post:


  15. #36
    Veteran Member EricaErotica's Avatar
    Joined
    Oct 2008
    Posts
    521
    Thanks
    368
    Thanked 961 Times in 272 Posts

    Default Re: VERY IMPORTANT: Payoneer Security Issue

    PLEASE FIX THIS!!! This feature poses a great danger to EVERY single Payoneer card holder. My client is a very sweet and sincere person. He was so shocked that this feature exists and that the security of all card holders is at risk. That is why he told me about this occurrence when he was trying to load money onto my card for the first time. He wanted to make me aware of the security breach. Now I am trying to raise awareness of this serious issue to Payoneer and ALL card holders.

  16. #37
    Banned Fridays's Avatar
    Joined
    Apr 2011
    Posts
    2,440
    Thanks
    5,169
    Thanked 4,889 Times in 1,426 Posts
    My Mood
    Daring

    Default Re: VERY IMPORTANT: Payoneer Security Issue

    this thread should NOT be moved to "other work"...
    maybe make a duplicate in "other work"..

    this concerns everybody in camming connection whos using payonner...
    WHO decided and WHY did they decide to move it?

    Every thread that does not have " show ass" in it ...is moved???

  17. #38
    God/dess roast's Avatar
    Joined
    Aug 2010
    Posts
    2,182
    Thanks
    14,733
    Thanked 11,294 Times in 1,925 Posts
    My Mood
    Hungover

    Default Re: VERY IMPORTANT: Payoneer Security Issue

    This was rerouted to the wrong area, lol it is currently in jobs? Im assuming it was flagged to go to "Other Work"?

    Well idk, I hope this doesnt turn into a long protracted debate with no resolution. Like I get from a marketing standpoint why admitting error/oversight can be viewed as a dent in branding or promote customer dissatisfaction ... and that ppl will go on the defensive but it really is very simple: move it to the confirmation page or eliminate it, it can even be done quietly?





    Quote Originally Posted by Procrasturbator View Post
    So how many stumps can you fit in your pussy?

  18. #39
    Veteran Member Nissim-Payoneer's Avatar
    Joined
    Feb 2011
    Posts
    522
    Thanks
    263
    Thanked 309 Times in 192 Posts

    Default Re: VERY IMPORTANT: Payoneer Security Issue

    It's possible it was moved so that I may post here, as I am unable to post in the "Camming Connection" section of the forum. As this thread is directly regarding Payoneer and our services, I'd like to comment (I've also posted on the official Payoneer support thread so I'll copy/paste):

    I have been actively monitoring that thread, however unfortunately I cannot post there. It seems like the main issue you have is with:

    1) The card holder name being displayed for full card number loads - Account holder privacy is a top priority of ours, and this will be removed in the near future.
    2) The CAPTCHA - This is an industry approved CAPTCHA that is an image, and not a set of numbers. The image displays numbers, however the coding behind it is for an image so a computer software/program will be unable to auto-generate the required information.

    Of course, there are always hackers and fraud attempts, and in addition to to the security measures you see we also have a fraud engine running behind the scenes. This is constantly monitoring all site visitors and actions, and will immediately shut down any fraudulent or suspicious activity. load.payoneer.com is also a secured, encrypted and digitally certified website (you can click on the "lock" in the address field to view the certificate information) and certain bots/script/proxies will be unable to run on the site.

  19. The Following User Says Thank You to Nissim-Payoneer For This Useful Post:


  20. #40
    Veteran Member EricaErotica's Avatar
    Joined
    Oct 2008
    Posts
    521
    Thanks
    368
    Thanked 961 Times in 272 Posts

    Default Re: VERY IMPORTANT: Payoneer Security Issue

    This is a SERIOUS issue. This thread belongs in the Camming Connection area. All cam models need to know about this security breach.

    There is an Official Payoneer Thread in "Other Work" please start posting there. Do not post in this Jobs Section.

  21. #41
    Veteran Member EricaErotica's Avatar
    Joined
    Oct 2008
    Posts
    521
    Thanks
    368
    Thanked 961 Times in 272 Posts

    Default Re: VERY IMPORTANT: Payoneer Security Issue

    Nissim your organization has not been able to provide a satisfactory answer concerning this issue. And that is because there is no rationale behind the existence of this feature. It needs to be removed.
    Last edited by EricaErotica; 04-30-2012 at 08:49 AM.

  22. #42
    God/dess roast's Avatar
    Joined
    Aug 2010
    Posts
    2,182
    Thanks
    14,733
    Thanked 11,294 Times in 1,925 Posts
    My Mood
    Hungover

    Default Re: VERY IMPORTANT: Payoneer Security Issue

    OK:

    Quote Originally Posted by Nissim-Payoneer View Post
    1) The card holder name being displayed for full card number loads.... this will be removed in the near future.
    do you have a turnaround timeline for when this will be done?





    Quote Originally Posted by Procrasturbator View Post
    So how many stumps can you fit in your pussy?

  23. The Following User Says Thank You to roast For This Useful Post:


  24. #43
    Veteran Member EricaErotica's Avatar
    Joined
    Oct 2008
    Posts
    521
    Thanks
    368
    Thanked 961 Times in 272 Posts

    Default Re: VERY IMPORTANT: Payoneer Security Issue

    It does not seem like we are getting any concrete answers about this serious security issue. That is a problem.

  25. #44
    Veteran Member Nissim-Payoneer's Avatar
    Joined
    Feb 2011
    Posts
    522
    Thanks
    263
    Thanked 309 Times in 192 Posts

    Default Re: VERY IMPORTANT: Payoneer Security Issue

    Quote Originally Posted by roast View Post
    do you have a turnaround timeline for when this will be done?
    I was assured that this change will be included in the next routine maintenance update to the loading page. I will see what I can do regarding an exact ETA.

    Quote Originally Posted by EricaErotica View Post
    It does not seem like we are getting any concrete answers about this serious security issue. That is a problem.
    I have addressed your concern regarding the name showing up, and also commented numerous times as to the security of the website. I am doing my best to provide you with as detailed an answer as I can.

    - The name being displayed for full card number loads is being removed
    - The site is a secured, encrypted and digitally certified website. The CAPTCHA is not a set of numbers but an image designed to deter automated scripts. In addition, we have a fraud engine constantly monitoring site activity to detect any automated scripts/bots and immediately shut them down.

    If there is something I am not addressing, or if you have any other questions, I'd be more than happy to address them.

  26. The Following 3 Users Say Thank You to Nissim-Payoneer For This Useful Post:


  27. #45
    God/dess roast's Avatar
    Joined
    Aug 2010
    Posts
    2,182
    Thanks
    14,733
    Thanked 11,294 Times in 1,925 Posts
    My Mood
    Hungover

    Default Re: VERY IMPORTANT: Payoneer Security Issue

    Quote Originally Posted by Nissim-Payoneer View Post
    I was assured that this change will be included in the next routine maintenance update to the loading page. I will see what I can do regarding an exact ETA.
    Given that this isnt a routine issue, Id assume this would be given heightened priority. I look forward to your ETA since part of the fees that people pay is the presumption of security for their accounts. I do, however, appreciate the amount of transparency you're able to provide on behalf of your company and since you arent a security / design tech, recognize some explanations are just out of your hands .... but I hope it is being taken as seriously behind the scenes as youre communicating so that it is handled more expeditiously beyond a routine update.

    Thanks for keeping us in the loop as much as you're able to. Looking forward to an ETA or even confirmation when it is fixed.





    Quote Originally Posted by Procrasturbator View Post
    So how many stumps can you fit in your pussy?

  28. The Following User Says Thank You to roast For This Useful Post:


  29. #46
    Veteran Member EricaErotica's Avatar
    Joined
    Oct 2008
    Posts
    521
    Thanks
    368
    Thanked 961 Times in 272 Posts

    Default Re: VERY IMPORTANT: Payoneer Security Issue

    I will be checking the Load Page over the next few days to make sure that feature is removed. You as an organization are so fortunate that this particular client of mine is the one who actually discovered this. He is a very sweet and sincere person. Once he detected this breach of security and privacy while he was attempting to load funds to my card for the very first time he alerted me right away.

  30. #47
    Veteran Member Nissim-Payoneer's Avatar
    Joined
    Feb 2011
    Posts
    522
    Thanks
    263
    Thanked 309 Times in 192 Posts

    Default Re: VERY IMPORTANT: Payoneer Security Issue

    Quote Originally Posted by EricaErotica View Post
    I will be checking the Load Page over the next few days to make sure that is removed. You as an organization are so fortunate that this particular client of mine is the one who actually discovered this. He is a very sweet and sincere person. Once he detected this breach of security and privacy while he was attempting to load funds to my card for the very first time he alerted me right away.
    I just want to reiterate that our system is designed to prevent fraud attempts, and this is not a breach in Payoneer's security. Your card information is not at risk, and you cannot simply use a program to run through the loading page - there are fraud prevention measures in place to restrict this.

    In regards to privacy, your full card number is highly sensitive information. Loading via the full card number is a feature reserved mainly for friends and family, and in most cases anyone with your full card number will also have access to your name. We realize that for this specific industry that may not be the case, and advise you to use your e-mail address when loading. If you do not want to give that out, you can change it via your My Account page.

    The name is being removed as we very much respect and value your feedback and comments. It is our goal to provide the best service and support possible, and if this is a concern for our account holders it is a concern for us (regardless of what industry they are in). We do not criticize based on industry and value the business of all our account holders equally.

    Even though it's being changed to not show the name, we still recommend that you never give out your full card number outside of secured and encrypted payment forms.

  31. The Following User Says Thank You to Nissim-Payoneer For This Useful Post:


  32. #48
    Veteran Member EricaErotica's Avatar
    Joined
    Oct 2008
    Posts
    521
    Thanks
    368
    Thanked 961 Times in 272 Posts

    Default Re: VERY IMPORTANT: Payoneer Security Issue

    Nissim, I have read your response. I understand your points completely. Well this client of mine is basically a very good friend. He has been supporting me financially for over a year and I trust him very much. He is actually the only client that I have that I trust in this manner. My biggest concern was not with him having my card number or my real name. I provided him with my card number. My concern was raised when he told me that by entering my card number he saw my real name and could easily have gained access to the names of other cardholders. It was my client being sincere and honest and feeling the need to alert me about how easy it was for other people to obtain my cardholder name even if I NEVER provided them with my card number. He was very disturbed by this and he felt that I should know the risk that I was being unnecessarily exposed to due to the mere fact that I am a Payoneer cardholder.

  33. #49
    God/dess roast's Avatar
    Joined
    Aug 2010
    Posts
    2,182
    Thanks
    14,733
    Thanked 11,294 Times in 1,925 Posts
    My Mood
    Hungover

    Default Re: VERY IMPORTANT: Payoneer Security Issue

    Quote Originally Posted by Nissim-Payoneer View Post
    I just want to reiterate that our system is designed to prevent fraud attempts, and this is not a breach in Payoneer's security. Your card information is not at risk, and you cannot simply use a program to run through the loading page - there are fraud prevention measures in place to restrict this.
    I and a few others have been plugging numbers in for quite awhile without any hassle from the site. I get more hassle if I put in the wrong password more than 5 times when I log into my Payoneer account. Itd be easy to use a script to expedite the process, find, verify and save all of the valid card numbers that one can do currently with the system as is, and Id really rather not download one to check. If there wasn't an error there would be nothing to fix.

    So, not to belabor a point since no one's goal here is to be right, and debating it just feels like a way to stretch out the timeline from resolution - just looking forward to this being fixed as soon as possible.





    Quote Originally Posted by Procrasturbator View Post
    So how many stumps can you fit in your pussy?

  34. The Following User Says Thank You to roast For This Useful Post:


  35. #50
    Veteran Member Nissim-Payoneer's Avatar
    Joined
    Feb 2011
    Posts
    522
    Thanks
    263
    Thanked 309 Times in 192 Posts

    Default Re: VERY IMPORTANT: Payoneer Security Issue

    Quote Originally Posted by EricaErotica View Post
    Nissim, I have read your response. I understand your points completely. Well this client of mine is basically a very good friend. He has been supporting me financially for over a year and I trust him very much. He is actually the only client that I have that I trust in this manner. My biggest concern was not with him having my card number or my real name. It was him alerting me how easy it was for other people to obtain my cardholder name even if I NEVER provided them with my card number. He was very disturbed by this and he felt that I should know the risk that I was being unnecessarily exposed to due to the mere fact that I am a Payoneer cardholder.
    It is certainly not easy to do this. The card number is 16 digits in length, of which there are trillions of possibilities, most of which not Payoneer cards. After a small amount of attempts, the page locks down and requires a CAPTCHA, which is an image and cannot be auto-entered by a basic program/bot. If any program or script were used to circumvent this, the system would immediately recognize it and shut it down. There are ways to detect such technology/attempts, and our fraud engines and technical support teams are monitoring site activity 24x7, for the sole purpose of finding and shutting down any such attempts.

    We live in a technological and digital world, and the sad truth is that there are people out there with the intent of fraud and stealing information. Payoneer's security is industry leading, and we are focused on being equipped with cutting edge technology so that we can confidently prevent any such attempts. There have been DDoS attacks and attempts on Payoneer in the past, all of which were prevented and shut down with absolutely no security breach. We are a company serving millions of users and those attempts are inevitable, however I assure you that we are well equipped and prepared to stop them.

  36. The Following User Says Thank You to Nissim-Payoneer For This Useful Post:


Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. Security
    By justsomeone in forum Camming Connection
    Replies: 17
    Last Post: 12-04-2011, 03:37 AM
  2. Replies: 2
    Last Post: 06-07-2011, 03:41 AM
  3. PP security
    By Jayde81 in forum Private Party Dancing
    Replies: 6
    Last Post: 02-10-2008, 04:33 AM
  4. Replies: 0
    Last Post: 11-11-2007, 08:17 PM
  5. Very important issue! My boyfriend wants to work as a bouncer in a club, please help
    By MoneyLover in forum Stripping (was Stripping General)
    Replies: 33
    Last Post: 10-15-2006, 03:46 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •