Lone Wolf Development Forums  

Go Back   Lone Wolf Development Forums > Realm Works Forums > Realm Works Discussion

Notices

Reply
 
Thread Tools Display Modes
KanNotASpammer
Junior Member
 
Join Date: Aug 2017
Posts: 1

Old August 23rd, 2017, 04:03 PM
This is the 3rd time I ask this question and it somehow always vanish into the ether, without even a moderator response, if one is warranted.
In case I don't see my post nor have a response I would have to consider this is silent censorship and post elsewhere with a description of what happened.

I have seen on your CC card payment page all the things you don't want to do (PayPal etc ) and you ask a LOT of personal information (personal phone X and such) on top of asking about the credit card details.
You don't give any information about how these informations are processed or secured :

- Who is your credit card processor ?
- Do you store credit card information on your systems ?
- If yes are you PCI compliant (https://www.pcisecuritystandards.org)
- Are all payment and personal informations encrypted and salted ?

Thanks a lot for your answers
KanNotASpammer is offline   #1 Reply With Quote
Aaron
Senior Member
 
Join Date: Oct 2011
Posts: 6,793

Old August 24th, 2017, 06:41 AM
Sorry man, first posts require mod approval and lots of folks were gone for GenCon. It's normal for us to take a couple days rest after, too. I'll flag your question for someone more knowledgeable than I to answer.
Aaron is offline   #2 Reply With Quote
rob
Senior Member
Lone Wolf Staff
 
Join Date: May 2005
Posts: 8,232

Old August 25th, 2017, 04:33 AM
As we posted prominently here on the forums and elsewhere, nearly the entire company spent the past two weeks scrambling to get ready for GenCon, at GenCon, and then digging out after returning home from GenCon. So nobody has been actively monitoring the forums for new members that required approval of their first post. Due to major issues with spammers in the past, we long ago switched to requiring that first posts be approved by a moderator, but there was nobody to see and approve your posts this past week. Your timing was just right - in the exactly wrong way.

To answer your questions...

Our bank and credit card processor are both among the largest in the US. We've been with both for almost 20 years now, and we've never had any issues with either during that time.

Your credit card information gets captured and transmitted by our server, but it never actually gets stored on our server. We pass it directly through to the credit card processor and only store transaction codes given to us by the processor. So there's nothing kept on our server that can be compromised regarding your credit card details.

Even though we don't keep any credit card details on our server, we still strive to maintain PCI compliance. Just out of an abundance of caution.

You mentioned phone numbers, so I'll comment on that. We ask for a phone number so that we can resolve any issues that may arise for users during the purchase process and immediately following. Either a work or personal number will suffice - we only need one of them. Over the years, having the phone number has been invaluable on a regular basis, especially with chargebacks. The number of wives/mothers that I have personally spoken to regarding the uncommunicated purchases of our products by their husbands/teenagers is astounding. Once they realize it's for "those games they play", everything is fine, and it avoids the complications of terminating licenses/accounts for everyone involved.

Information like names and order history are neither encrypted nor salted, as we need to be able to quickly look up account information using those details for support queries and the like. None of that information is typically considered sensitive, so I assume that's not your concern. You're probably referring to identifying information that is typically captured with credit card payments, which we don't store anywhere. That said, passwords and similar types of information are absolutely encrypted and salted.

Hope this helps!
rob is offline   #3 Reply With Quote
EightBitz
Senior Member
 
Join Date: May 2013
Posts: 1,458

Old August 25th, 2017, 08:43 PM
Asking for a phone number is not uncommon. Several other sites through which I've made purchases have also required phone numbers.
EightBitz is offline   #4 Reply With Quote
kbs666
Senior Member
 
Join Date: Oct 2014
Location: Chicago, IL
Posts: 1,690

Old August 26th, 2017, 02:28 AM
I've coded quite a few ecommerce sites. Asking for a contact phone number is considered a best practice. Even sites where no physical good is being sold there might be a problem with the transaction after the payment is processed that requires contacting the purchaser.

Anyone worried about identity theft based around giving out of their phone # is a tad paranoid.

my Realm Works videos
https://www.youtube.com/channel/UCZU...4DwXXkvmBXQ9Yw
kbs666 is offline   #5 Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -8. The time now is 12:19 AM.


Powered by vBulletin® - Copyright ©2000 - 2024, vBulletin Solutions, Inc.
wolflair.com copyright ©1998-2016 Lone Wolf Development, Inc. View our Privacy Policy here.