• Announcements

    • IMPORTANT - REACH US IN THE NEW FORUM   05/04/2017

      Ladies and gentlemen ATTENTION please:
      It's time to move into a new house!
        As previously announced, from now on IT WON'T BE POSSIBLE TO CREATE THREADS OR REPLY in the old forums. From now on the old forums will be readable only. If you need to move/copy/migrate any post/material from here, feel free to contact the staff in the new home. We’ll be waiting for you in the NEW Forums!

      https://community.blackdesertonline.com/index.php

      *New features and amazing tools are waiting for you, even more is yet to come in the future.. just like world exploration in BDO leads to new possibilities.
      So don't be afraid about changes, click the link above and follow us!
      Enjoy and see you on the other side!  
    • WICHTIG: Das Forum ist umgezogen!   05/04/2017

      Damen und Herren, wir bitten um Eure Aufmerksamkeit, es ist an der Zeit umzuziehen!
        Wie wir bereits angekündigt hatten, ist es ab sofort nicht mehr möglich, neue Diskussionen in diesem Forum zu starten. Um Euch Zeit zu geben, laufende Diskussionen abzuschließen, könnt Ihr noch für zwei Wochen in offenen Diskussionen antworten. Danach geht dieses Forum hier in den Ruhestand und das NEUE FORUM übernimmt vollständig.
      Das Forum hier bleibt allerdings erhalten und lesbar.   Neue und verbesserte Funktionen warten auf Euch im neuen Forum und wir arbeiten bereits an weiteren Erweiterungen.
      Wir sehen uns auf der anderen Seite!

      https://community.blackdesertonline.com/index.php Update:
      Wie angekündigt könen ab sofort in diesem Forum auch keine neuen Beiträge mehr veröffentlicht werden.
    • IMPORTANT: Le nouveau forum   05/04/2017

      Aventurières, aventuriers, votre attention s'il vous plaît, il est grand temps de déménager!
      Comme nous vous l'avons déjà annoncé précédemment, il n'est désormais plus possible de créer de nouveau sujet ni de répondre aux anciens sur ce bon vieux forum.
      Venez visiter le nouveau forum!
      https://community.blackdesertonline.com
      De nouvelles fonctionnalités ainsi que de nouveaux outils vous attendent dès à présent et d'autres arriveront prochainement! N'ayez pas peur du changement et rejoignez-nous! Amusez-vous bien et a bientôt dans notre nouveau chez nous

[Notice] Account Security

184 posts in this topic

Posted

Except not everyone has photo-ID, nor can afford it...

I've never owned photo-ID... Why would i need to? If i get asked for ID, i usually show my birth certificate with an old out-dated student card. No one has ever asked for photo-ID from me before.

Couldn't you think of a better method of changing email addresses?

Where do you live? Photo-ID is pretty standard requirement at least in the USA for just about everything. Photo-ID is also really handy

....the 2-step verification is the worst thing i have ever seen and ever used in the past.... sorry....

I think 2-step has its uses, but it does become a problem for people that don't have the right types of cellphones. Some 2-step require a specific app, which if you don't have a phone that can get that app, welp sucks to be you. Also phone numbers change and often the options for changing the phone number for your 2-step is very very very difficult to find and/or use to change your registered number. I have only used 2-step for a couple things, but most of the time I don't use it even if it is available because it is not something that is easy for me to use, I have a very outdated phone lol

Agreed.It's just that I despise professionalism.
Changing myself to another entities standards so that they may have better control over a situation due to the surroundings goes against everything that allows free thinking people to think freely and thus solve problems.
That is my experience with professionalism thus far.
I let my work speak for myself, and if people don't like when I do it, there are others on my team who i'd gladly allow present. I don't have a lust for fame, i just like solving problems. Being kept in a cage deters that. This isn't to say you're incorrect, because you are. It's a issue i deal with in the world i work in daily, an issue caused by my own stubbornness. But who knows our limits better than the tester?

I'll have more on the topic on this thread when i get to work.

Just like anything in the world, moderation is always needed. Professionalism does not neccisarily lock someone in a cage persay, but it does indeed limit the tones and actions one is supposed to take, but of course professionalism is not always the way to go, but for me it is the first thing to attempt, as a lot of people respond better to polite tones and often times you can dismiss arguments by being so darned nice and sweet they can't possibly be an asshole back. Of course this doesn't always work which is when you go to plan B, dickface time :D 

1 person likes this

Share this post


Link to post
Share on other sites

Posted

Just like anything in the world, moderation is always needed. Professionalism does not neccisarily lock someone in a cage persay, but it does indeed limit the tones and actions one is supposed to take, but of course professionalism is not always the way to go, but for me it is the first thing to attempt, as a lot of people respond better to polite tones and often times you can dismiss arguments by being so darned nice and sweet they can't possibly be an asshole back. Of course this doesn't always work which is when you go to plan B, dickface time :D 

You'd be surprised how much shit exists today because the gloves came off and stayed off. I'm not here to abide by anything but the ToS. If people would not like my input based on my demeanor, that's their choice, i'll keep giving it either way. Not that i disagree with you :)

 

Share this post


Link to post
Share on other sites

Posted (edited)

My Account was compromise and I was missing 2000+ pearls although its restored after sending  a ticket. I'm not convince with the explanation on this. My rig  is specially design for gaming I only have BDO and steam installed (my steam games been inactive for long) + Firefox (rarely use for FB'ing) never browse other website aside from BDO site.

 

When ask for explanation they've send me this link. I  wont be spending a dime again til this have clear on how this could happen and its been fixed.

Edited by Rvyne

Share this post


Link to post
Share on other sites

Posted

The best method I found by now is Grinding Gear Games authentication solution for their ''Path of Exile'' game. Kakao could work something like that.

Share this post


Link to post
Share on other sites

Posted

They do this to prevent selling of accounts and such. The only other company that i know that ask for this is world of tanks. I have a ID but considering how things are in the world. I am to paranoid give it anyone other then cop if ask for lmao.

I understand, but surely they have access to other information to be notified if an account is suspected of being sold?
I mean, most game companies collect data about IP's, hardware ID's, browser data, all sorts of stuff.

 

I would love to change my email address, as i made a new one for all my gaming accounts about 7 months ago, but couldn't find a way to change my BDO email. I guess my BDO account is going to be the only gaming account i own, that's still linked to an out-of-date email address, because i don't have photo-ID to change my email.
Sucks because if my email account ever gets compromised, I'll be at risk of losing my BDO account - And i won't even realize if my email gets compromised because i never use it anymore...

1 person likes this

Share this post


Link to post
Share on other sites

Posted (edited)

Frankly it's probably payment wall. With the amount of "random" security checks and requests for identification (really wth do you need with a copy of my driver's license) AND the reports of fraud on payment wall's better business bureau page I wouldn't be shocked at all if it was them. I'm really disappointed that the bdo team uses this company and hope they'll come to their senses. Honestly who here had issues with their payment before payment wall? And if they did, didn't the bdo team resolve them right away? There's way to much outsourcing going on...

Edited by Layana

Share this post


Link to post
Share on other sites

Posted

Hola, tengo el problema siguiente, hace días atrás genere una solicitud (311844) de cambio de correo electrónico de mi cuenta, el cambio de correo se hizo efectivo, pero ahora no puedo ingresar al juego o a mi cuenta del foro, al tratar de hacerlo desde https://www.blackdesertonline.com/account/forgotPassword no me llega el correo para el reset. Destacar que ya he revisado en muchas oportunidades la bandeja de spam, promociones, social, etc de gmail, espere los 90 minutos después de solicitar el reset, pero no llega nada, de hecho el GM HUNTER me estaba ayudando, pero al parecer se desligo de mi tema y me dejo en el aire, no me a respondido a ninguno de los correo enviados desde ayer en la mañana, llevo casi dos dìas sin poder entrar al juego y nadie me ayuda, por favor que alguien se pronuncie. Gracias.

Share this post


Link to post
Share on other sites

Posted

Frankly it's probably payment wall. With the amount of "random" security checks and requests for identification (really wth do you need with a copy of my driver's license) AND the reports of fraud on payment wall's better business bureau page I wouldn't be shocked at all if it was them. I'm really disappointed that the bdo team uses this company and hope they'll come to their senses. Honestly who here had issues with their payment before payment wall? And if they did, didn't the bdo team resolve them right away? There's way to much outsourcing going on...

You'll also find that paymentwall is a EU based company which means they don't have to abide by US laws when it comes to certain things. Personally I use paypal and I've never had a problem with them nor have I had any account security problems with them so I might suggest using paypal over paymentwall

Share this post


Link to post
Share on other sites

Posted

You'll also find that paymentwall is a EU based company which means they don't have to abide by US laws when it comes to certain things. Personally I use paypal and I've never had a problem with them nor have I had any account security problems with them so I might suggest using paypal over paymentwall

They do within the US.

Are you somehow contriving to suggest that EU business practices are shady compared to US ones?

And if it was paymentwall, they'd have a huge notice on their website warning their customers about it or the EU would come down on them on a sack of bricks for losing personal information.

Share this post


Link to post
Share on other sites

Posted

They do within the US.

Are you somehow contriving to suggest that EU business practices are shady compared to US ones?

And if it was paymentwall, they'd have a huge notice on their website warning their customers about it or the EU would come down on them on a sack of bricks for losing personal information.

No I am simply saying that there is EU laws and US laws and that if you are familiar with US laws, well they don't necessarily have to follow the laws you know because they follow EU laws. Also remember that with how international law has derived with our internet economy, the business has to follow the laws of the area their business is based in. There are certain treaties and things that they need to follow to do business with US customers, but they do not need to follow every US law because they are not a US based company.  

Share this post


Link to post
Share on other sites

Posted (edited)

No I am simply saying that there is EU laws and US laws and that if you are familiar with US laws, well they don't necessarily have to follow the laws you know because they follow EU laws. Also remember that with how international law has derived with our internet economy, the business has to follow the laws of the area their business is based in. There are certain treaties and things that they need to follow to do business with US customers, but they do not need to follow every US law because they are not a US based company.  

Except they are US based, with HQ in S.Francisco...  https://en.wikipedia.org/wiki/Paymentwall 

They started as EU, but since on this side of the world, laws are a serious thing and no Donald can bind them at his own will they went there :) - or maybe just to avoid taxes, who knows :P

 

Edited by Mjollnir

Share this post


Link to post
Share on other sites

Posted (edited)

Except they are US based, with HQ in S.Francisco...  https://en.wikipedia.org/wiki/Paymentwall 

They started as EU, but since on this side of the world, laws are a serious thing and no Donald can bind them at his own will they went there :) - or maybe just to avoid taxes, who knows :P

 

Well if this were true, that they had a HQ in the USA, I would have been able to purchase the game through them with my debit card. However, since they process payments in the EU, I could not purchase with my debit card because my debit card will not accept out of country vendors. I asked Paymentwall directly in a support email if they had a US vendor and they told me they did not and that I would have to have my bank figure out a way for me to bypass the country lock. 

 

However, they may have an office in san fran that has been mislabeled as a "HQ", it is wikipedia after all. 

Edited by magee101

Share this post


Link to post
Share on other sites

Posted

Well if this were true, that they had a HQ in the USA, I would have been able to purchase the game through them with my debit card. However, since they process payments in the EU, I could not purchase with my debit card because my debit card will not accept out of country vendors. I asked Paymentwall directly in a support email if they had a US vendor and they told me they did not and that I would have to have my bank figure out a way for me to bypass the country lock. 

 

However, they may have an office in san fran that has been mislabeled as a "HQ", it is wikipedia after all. 

 

Nah, man, usually it's the merchant (kakao in this case) refusing to accept payments from debit cards (even those backed up by an international circuit like MAESTRO - which runs on MasterCard). They do this to avoid the nuisance of debit card specific settlement/clearing process (a bit different from a real credit card). They bounce off also revolving card - well this ain't a bad thing but can annoy revolving cards' users. It's more a businness choice by the merchant, and you were quickly dismissed by an extremely poor quality customer care. 

If you want to avoid these kind of problems you may try with https://www.paysafecard.com/en-us/buy/. shouldn't be hard to find, it's a one shot voucher code for payments, beware it has some limitations regarding gambling sites (they usually don't accept it), but for BDO works wonderfull - and you don't share you PAN with anyone). I've used my card just for the initial purchase (back in the preorder days), afterwards, also seeing the generally bad quality of their payment processor, I've switched to the more secure (on my side) paysafe option, worst case scenario I will lose just the 50 or 100€ I'm recharging, without any trouble for my credit card.

https://profiles.wordpress.org/paymentwall/ it's not a misspell, they're really 'murica based :) 

Share this post


Link to post
Share on other sites

Posted

 

Nah, man, usually it's the merchant (kakao in this case) refusing to accept payments from debit cards (even those backed up by an international circuit like MAESTRO - which runs on MasterCard). They do this to avoid the nuisance of debit card specific settlement/clearing process (a bit different from a real credit card). They bounce off also revolving card - well this ain't a bad thing but can annoy revolving cards' users. It's more a businness choice by the merchant, and you were quickly dismissed by an extremely poor quality customer care. 

If you want to avoid these kind of problems you may try with https://www.paysafecard.com/en-us/buy/. shouldn't be hard to find, it's a one shot voucher code for payments, beware it has some limitations regarding gambling sites (they usually don't accept it), but for BDO works wonderfull - and you don't share you PAN with anyone). I've used my card just for the initial purchase (back in the preorder days), afterwards, also seeing the generally bad quality of their payment processor, I've switched to the more secure (on my side) paysafe option, worst case scenario I will lose just the 50 or 100€ I'm recharging, without any trouble for my credit card.

https://profiles.wordpress.org/paymentwall/ it's not a misspell, they're really 'murica based :) 

It had nothing to do with them refusing my debit card and had everything to do with that my debit card specifically cannot be used by a vendor outside the united states. If Paymentwall was US based, then I should have been able to purchase with my debit card, because I linked my debit card to my paypal account and then used paypal and bam I bought the game, so idk. 

Share this post


Link to post
Share on other sites

Posted

Hola, tengo el problema siguiente, hace días atrás genere una solicitud (311844) de cambio de correo electrónico de mi cuenta, el cambio de correo se hizo efectivo, pero ahora no puedo ingresar al juego o a mi cuenta del foro, al tratar de hacerlo desde https://www.blackdesertonline.com/account/forgotPassword no me llega el correo para el reset. Destacar que ya he revisado en muchas oportunidades la bandeja de spam, promociones, social, etc de gmail, espere los 90 minutos después de solicitar el reset, pero no llega nada, de hecho el GM HUNTER me estaba ayudando, pero al parecer se desligo de mi tema y me dejo en el aire, no me a respondido a ninguno de los correo enviados desde ayer en la mañana, llevo casi dos dìas sin poder entrar al juego y nadie me ayuda, por favor que alguien se pronuncie. Gracias.

You're not alone!! My IRL friend have the SAME problem and can't play anymore! and its just you don't receive the email password change, it looks like deleted or something! My friend was able to REGISTER AGAIN with his email account and everything is deleted! The old support tickets are there ! I wonder what the hell they've done to the accounts omg

Share this post


Link to post
Share on other sites

Posted

I would also like to see two factor authentication, the easiest and most convenient being SMS text messaging.

Share this post


Link to post
Share on other sites

Posted (edited)

or just dont be stupid and use the same password everywhere else. gg.

Edited by FamousAzzkicker
2 people like this

Share this post


Link to post
Share on other sites

Posted

Where do you live? Photo-ID is pretty standard requirement at least in the USA for just about everything. Photo-ID is also really handy

 

In england...

If i want Photo-ID, i would have to apply for either a passport, or a provisional drivers license.

Both of these require a ton of documentation - One of which is your original, full birth certificate.

Me, and many other people in England, do not own a full copy of our birth certificate. A lot of us only own a half-copy, which they refuse to accept because the information on it is so limited. (It's basically a super short version of your birth certificate, but only includes D.O.B, Full name, and the signature of the midwife).
I would first need to apply for a full copy of my birth certificate, which is rather expensive - Plus pay the price for whichever ID i chose to apply for.

With both cases of ID applications, if you make the slightest error, they can refuse to issue the ID, but will keep the payment, and you would need to correct the error, and resend it with a second payment.

There is also the possibility of losing your documents in the post, so if you need to re-apply, you would have to repurchase a birth certificate again.

It's a massive ton of expensive and risky hassle - And it's rather common for someone in England to have never owned a Photo-ID card, just because its far too much bother to get one in the first place.

1 person likes this

Share this post


Link to post
Share on other sites

Posted

13. PRIVACY

 

Kakao Games Europe undertakes, in the Privacy Policy, to ensure in the protection of the User’s personal data in compliance with Directive 95/46/EC of the European Parliament and its transposition in Dutch law.

 

About that.... sigh.

 

Hmm - wait - when I did authorize you to use 3rd party services to render my gamin....grrrrr. This is one of those Damn Daum moments and I can't even say it cause I've been Kakao'd.

 

Why don't you read that directive? If you actually read it you will learn that them using a 3rd party data center is completely in line with that directive. As long as the Company "Kakao" themselves sets up the securities whether it be local or with a 3rd party they are legal. 

 

However, This situation SUCKS and could have easily been avoided. This is why i posted in the new beta forums post a month ago about your security issues. Of course no one wants to even acknowledge that. Simply adding a PIN stops most all issues, and it's already been seen that other versions have the PIN... Aren't we to be better since we actually paid to play this game? 

Share this post


Link to post
Share on other sites

Posted (edited)

In england...
If i want Photo-ID, i would have to apply for either a passport, or a provisional drivers license.

Both of these require a ton of documentation - One of which is your original, full birth certificate.

Me, and many other people in England, do not own a full copy of our birth certificate. A lot of us only own a half-copy, which they refuse to accept because the information on it is so limited. (It's basically a super short version of your birth certificate, but only includes D.O.B, Full name, and the signature of the midwife).
I would first need to apply for a full copy of my birth certificate, which is rather expensive - Plus pay the price for whichever ID i chose to apply for.

With both cases of ID applications, if you make the slightest error, they can refuse to issue the ID, but will keep the payment, and you would need to correct the error, and resend it with a second payment.

There is also the possibility of losing your documents in the post, so if you need to re-apply, you would have to repurchase a birth certificate again.

It's a massive ton of expensive and risky hassle - And it's rather common for someone in England to have never owned a Photo-ID card, just because its far too much bother to get one in the first place.

Well then mate, I have no idea why they make it so complicated in England. Most kids about 15-16 have a full photo ID either as a regular state photo ID or a driver's license. We need two forms of identification (birthcertificate and social security card usually) plus something that proves we are a resident in that state (utility bill, bank account statements, certified mail with our address on it). If we make a mistake they just have us correct the mistake because you can only get the photo id by going in to the office, can't send off for it. 

 

Thank you for the information, always neat to learn about how other countries do things compared to my own. 

Edited by magee101
1 person likes this

Share this post


Link to post
Share on other sites

Posted

I would also like to see two factor authentication, the easiest and most convenient being SMS text messaging.

Now, (almost)I'm all for 2fa. 89.9% all for it.
Have you ever implemented 2fa?

There is no such thing as "Easy" anything in regards to what you just stated.
These should be examples.

There are also a lot of legalities and agreements, etc, in regards to setting these technologies up.
Do not assume that because something Seems simple, means it is.

Even so. Even with 2FA, if this particular issue was to occur, the same precaution would need to take place.

Share this post


Link to post
Share on other sites

Posted

Now, (almost)I'm all for 2fa. 89.9% all for it.Have you ever implemented 2fa?

There is no such thing as "Easy" anything in regards to what you just stated.
These should be examples.

There are also a lot of legalities and agreements, etc, in regards to setting these technologies up.
Do not assume that because something Seems simple, means it is.

Even so. Even with 2FA, if this particular issue was to occur, the same precaution would need to take place.

The only problem I have with 2FA is that even in today's world there is still a lot of people that don't have cell phones. Like myself, I don't have one because where I live I don't get cell reception, so 90% of the time a cellphone is f'ing useless anyways. Gonna keep me from playing a game because geographically I wouldn't be able to 2FA from my house anyways? I think it's a neat system but gates a game somewhat

Share this post


Link to post
Share on other sites

Posted

Frankly it's probably payment wall. With the amount of "random" security checks and requests for identification (really wth do you need with a copy of my driver's license) AND the reports of fraud on payment wall's better business bureau page I wouldn't be shocked at all if it was them. I'm really disappointed that the bdo team uses this company and hope they'll come to their senses. Honestly who here had issues with their payment before payment wall? And if they did, didn't the bdo team resolve them right away? There's way to much outsourcing going on...

... So.. Payment wall uses a token auth system, NOT our bdo login information(significantly less secure on all levels in regards to this type of business, not to mention, would invalidate PCI DSS compliance).

If paymentwall had a breach in their system, the last thing we'd be needing to reset is our passwords.

The only problem I have with 2FA is that even in today's world there is still a lot of people that don't have cell phones. Like myself, I don't have one because where I live I don't get cell reception, so 90% of the time a cellphone is f'ing useless anyways. Gonna keep me from playing a game because geographically I wouldn't be able to 2FA from my house anyways? I think it's a neat system but gates a game somewhat

2fa isn't actually limited to phone access.
It's any level of secondary factor authentication, this includes email or even desktop application level interface.
Of course as you move up the tiers, the more secure things become, but two factor auth isn't limited to any specific types of technology(not on the surface at least, there are some requirements for the technologies allowed) but more so the aspect of a second layer of auth to verify the first.

It's redundant but it is it's redundancy that makes it effective.

In reality, they are all insecure. Nothing is impenetrable. This entire industry is more so about making it not worth the time of pesky little kids running backtrack or kali.

1 person likes this

Share this post


Link to post
Share on other sites

Posted

Well guess I can't change email because I don't have any newspaper.

You want me to hold my ID + newspaper + take a photo? Amazing.

Share this post


Link to post
Share on other sites

Posted

-----ing add the 2 factor authentification yet and stop being the WORST BY FAR company in the business!

Clearly never had to deal with EA ^

Second, its obvious the people that were affected are the ones curious about gold sellers, or intended to buy. It's the site being spammed in-game.

Third, original post was definitely not vague at all. As stated the reset the passwords on the accounts that were affected. If your password is still working, then they didn't reset yours because it wasn't affected. People are seriously lacking common sense today.

Fourth, why would they post a malicious website, and increase risk of someone being affected by said issue. If your password was reset, then you already know what site you went to. Selling silver/gold for real money is clearly a scam since you can not trade directly in game, on top of violating the TOS.

P.S. I do agree on the 2 step verification. Not just for logging into the game, but web access to your account. Doesn't hurt to have extra security.

1 person likes this

Share this post


Link to post
Share on other sites