We anticipate that even with this update, third parties will continue

[kpxmanifesto]

wdym, I love inciting people, I'm good at it.

Ahahaha, fair enough.

[IkaraGreydancer]

Okay, fair question, as I didn't make that part explicit.

It works in 2 parts.

1: Those RMTers who acquire their dodgy codes through hacked accounts will be stopped immediately, as OTP/2FA accounts don't get hacked readily enough for it to be practical.
2: As for those using stolen Credit Cards on their own account. Being able to track where the gifts went, means as soon as a chargeback occurs, the account gets banned. Which means to get a new account going, they need to
--A: Buy a new copy of FF14.
--B: Buy a new phone SIM card (Yeah we can link phone numbers to accounts, after all)
--C: C buy a month of Subscription time
--D: Wait 30 days before being able to send out new gifts.
These costs, and delays, are designed to move the setup from 'profitable' to 'unprofitable' and encourage the RMT CC faudsters to use another game as their laundry.

In the end, it's all about making friction to discourage people from using FF!$ as their method to clean their stolen money.

But best solutions will putr more friction on the fraudsters than on honest players.

Huh I see. That does sound like a solid choice to make. Ofc we wouldn't know 100% that it'd do the trick but I'd say it's worth a shot. The current move feels more like a placeholder decision til they have a more solid plan. Can't say I'd like to be getting hit with chargebacks like that lol

Also I meant to say existing not exciting xD

[KremlinKOA]

Huh I see. That does sound like a solid choice to make. Ofc we wouldn't know 100% that it'd do the trick but I'd say it's worth a shot. The current move feels more like a placeholder decision til they have a more solid plan. Can't say I'd like to be getting hit with chargebacks like that lol

Also I meant to say existing not exciting xD

Not 100%, but this wasn't me being insightful or original.
I cribbed this idea from things other game companies did that was effective.
So it should be effective here.

[Jojoya]

Okay, fair question, as I didn't make that part explicit.

It works in 2 parts.

1: Those RMTers who acquire their dodgy codes through hacked accounts will be stopped immediately, as OTP/2FA accounts don't get hacked readily enough for it to be practical.
2: As for those using stolen Credit Cards on their own account. Being able to track where the gifts went, means as soon as a chargeback occurs, the account gets banned. Which means to get a new account going, they need to
--A: Buy a new copy of FF14.
--B: Buy a new phone SIM card (Yeah we can link phone numbers to accounts, after all)
--C: C buy a month of Subscription time
--D: Wait 30 days before being able to send out new gifts.
These costs, and delays, are designed to move the setup from 'profitable' to 'unprofitable' and encourage the RMT CC faudsters to use another game as their laundry.

In the end, it's all about making friction to discourage people from using FF!$ as their method to clean their stolen money.

But best solutions will putr more friction on the fraudsters than on honest players.

The phishing scams exist precisely to have a way to get into accounts protected by OTP/2FA. We see players fall victim to those frequently.

I don't know if it's still required but at one time the cash shop was requiring account verification to get entered twice - once to select items to be purchased then again to make the purchase. As annoying as it is to players trying to make a purchase, it does prevent fraudulent purchases from being made on a compromised account with OTP. The thief might get in the first time but the OTP would no longer be valid by the second time it has to be entered.

Without a second verification needed, it's easy for the thief for load up a cart, move to the account verification page and wait for the dumb player to enter their information into the phsihing website to capture and enter into the purchase website.

The credit card and retail industries together need to step back and see what can be done to get compromised payment methods under control. So much gets done online today that it's hard to say if any of them are properly identifying anyone. Should all payment methods themselves now requires OTP/2FA for all online transactions? The 3 digit CVN they tend to rely on for credit card transactions is not truly a form of identification. It's merely confirmation that someone knows the number for that particular credit card number and not that they have possession of the card or are the card's actual account holder.

That brings up the question of how all these fraudulent credit card transactions are occurring in the first place (assuming it's credit card and not other payment types at the root of the problem). While databases are storing the payment information, they should not be storing the CVN. How are payments getting initially approved for online transactions if the correct CVN isn't being submitted?

[KremlinKOA]

The phishing scams exist precisely to have a way to get into accounts protected by OTP/2FA. We see players fall victim to those frequently.

I don't know if it's still required but at one time the cash shop was requiring account verification to get entered twice - once to select items to be purchased then again to make the purchase. As annoying as it is to players trying to make a purchase, it does prevent fraudulent purchases from being made on a compromised account with OTP. The thief might get in the first time but the OTP would no longer be valid by the second time it has to be entered.

Without a second verification needed, it's easy for the thief for load up a cart, move to the account verification page and wait for the dumb player to enter their information into the phsihing website to capture and enter into the purchase website.

The credit card and retail industries together need to step back and see what can be done to get compromised payment methods under control. So much gets done online today that it's hard to say if any of them are properly identifying anyone. Should all payment methods themselves now requires OTP/2FA for all online transactions? The 3 digit CVN they tend to rely on for credit card transactions is not truly a form of identification. It's merely confirmation that someone knows the number for that particular credit card number and not that they have possession of the card or are the card's actual account holder.

That brings up the question of how all these fraudulent credit card transactions are occurring in the first place (assuming it's credit card and not other payment types at the root of the problem). While databases are storing the payment information, they should not be storing the CVN. How are payments getting initially approved for online transactions if the correct CVN isn't being submitted?

Those Phishing sites you mentioned? They can be designed to get CVNs

The scams are usually around falsely claiming debts and guiding the victim to the phishing site to 'pay what you owe' by credit card.
Since such transactions would expect the CVN they can put a request for it in the website. BTW am Providing this level of detail about the scams to help readers defend against them but hopefully not enough detail to let someone run one.

Interestingly, my suggestion provides a defense against that, because it gives the card owner 30 days to realize they were scammed, and report their card stolen.

[Kio]

Just transfer the money to your friend and they will get it on the shop, what's wrong with your people overacting with this? SE its always right and they made the best game ever in the history of MMO'S

So, your solution is to create RMT where RMT didn't exist before? For a problem that was created by RMT. Also, this is not as easily said and done if your friend is from another region with different currency exchanges and bank fees involved.

I feel like there could be easier safeguards then just gutting the store exchange.
* use the existing system to check whether the chosen recipient already has the item prior to the transaction end
* rather than sending the item directly to a mailbox, require a handshake by making the recipient log into their mog station account to accept or reject the gift. Item isn't charged to the gifter's card until it is accepted. There can be a time frame for how long they have to accept it before the transaction is cancelled
* limit the amount of items which can be gifted in a day
* Don't run promotions unless they can be run in all regions simultaneously
* Increase the duration required for friendlist registration required

[LaylaTsarra]

I'm curious how gift cards work? I've use time cards and sent the code to a friend and have done that quite a bit but with gift cards it seems they want the persons email to send it directly to them. Are there gift cards where you simply get a code like a time card that you can dm in game or on discord etc. I prefer not to be asking for personal emails and so on.

[Seymour_Rainecourt]

Oh no, how will RP venues be able to lure people to attend their crappy openings if they don't have cash shop items as prizes?

Seconded. It's so strange how this Second Life stuff came to be, and it's eerie how some people are claiming that this behavior- the RP venues and "giveaways and DJs and 'Gamba' and 'Auctions-'" has been a part of this game's "community," as if it were normal and not outsourced. I understand that the people who enjoy this/these activities will give me flak, but the activities and processions in question are what I heavily despise. Flooded chat anywhere you go full of the same schlock, flooded Party Finder of the same schlock; you see one venue "pop up" but then there's five more, etc.. Every single one of them advertising ToS-breaking activities each and every time. I've stopped reporting them as they show up on my screen because there's always five to replace the one, and that's if anything is done to correct it. RP is fine, finding others to RP with is fine, but I'm so sick and tired of it persistently being shoved into my face at every turn. I refuse to "turn off a chat channel" to be free of it, also.

Besides this, the players who want to "do giveaways" need to make do: resign yourselves to using in-game-based rewards or motivations. It may not be the same as what you once had, but with a little time and a smile, it can be tested to reasonably function. Perhaps it would also serve to spark creatives' brains to search for more than one way to do things. It's fun to give and it's fun to receive. Surely, together with your friends or FC mates or Sprout constituents, most groups can start a new page and take after the other in a less flagrant, recrudescent way; perhaps, too, a few more players might take to the in-game world a bit more.

To those who aren't a part of nuSecond-Life-notXIV: I'm sorry. It really was too easy to buy something, get the code, and copy/paste the code to a friend over Discord or email. I know you've probably already thought of such, and it may seem impersonal, but money-sending programs like Venmo or etc. may be the best bet here, but the point of the gift is the thought behind it and not what it is or how it's delivered (for example, sending someone actual cash or via Venmo. It really is the thought that counts.) I understand that it's different and that given it's a change with what seemed normal, it sounds offensive and lesser, but hopefully the recipient and the donor both can understand this change and make do.

[Shibi]

I'm curious how gift cards work? I've use time cards and sent the code to a friend and have done that quite a bit but with gift cards it seems they want the persons email to send it directly to them. Are there gift cards where you simply get a code like a time card that you can dm in game or on discord etc. I prefer not to be asking for personal emails and so on.

Paysafecard maybe. You can paste a 16 digit code to someone, and they can redeem the code and get the cash.

I say maybe, as I have to try it and see if the unregistered account can buy on the store.

I don't know if it's still required but at one time the cash shop was requiring account verification to get entered twice - once to select items to be purchased then again to make the purchase. As annoying as it is to players trying to make a purchase, it does prevent fraudulent purchases from being made on a compromised account with OTP. The thief might get in the first time but the OTP would no longer be valid by the second time it has to be entered.

Yes, you are asked for the password again, but it's more...

Unless it's different for NA players, there is no option in the cash shop to save a card number. Every single buy you need to manually enter your credit card, name, expiry date and cvv. This is verified by the payment processor in an Interstitial screen - In my case, I see my own bank's falcon site appear after I enter the details and press continue

[DPZ2]

Unless it's different for NA players, there is no option in the cash shop to save a card number

NA mog store is the same.