Support NeoGAF

[m@cross]

Yes it sucks, but at this point I find it hard to sympathize with a very avoidable situation like this after numerous examples of it occurring. Sony has their stated policy, it is not their job to secure your poor security practices and eat the bill as well.

NOW if it was leaked due to their service security being hacked, whole different story. I would wager though that the majority of these issues are not related to direct Sony hacks.

1. Don't use the same password on any sites, doesn't matter how good it is if you use it every place else and one site flaw gives up multiple sites access.

2. Don't store CC info in any online store.

3. Don't share your account info. with anyone.

4. Use a real password 12+, upper, lower, symbols, numbers etc.

5. Require your password to make purchases.

 

[bomblord1]

You don't have to store your credit card on PSN. I do one offs all the time with them, mostly using my paypal account. And no system should be like Nintendo's.

Can you tell me how to do it then. Without having a paypal or credit card attached to the account automatically.

 

[Mupod]

I got a PS3 long after the PSN attacks so I didn't trust Sony as far as I could throw them, went out of my way to use a weird password I don't have anywhere else. Got FIFA'd anyways. They reversed the charges immediately but I still was baffled how it could have happened.

Doesn't everyone just use PayPal on steam, psn, etc? Its much more secure than using a card directly.

This is how I usually do things, especially on xbox. I buy something with paypal then go into the paypal account itself and cut off any preapproved payment things that may have showed up. I just got lazy ONE time with PSN because I saw Ni no Kuni was on sale and I was about to leave to go somewhere with shitty internet.

 

[MrSpaM]

It's a pretty commonly know fact that the only people who have their accounts 'hacked', are ones that submit their username and password into stupid "Free PSN fund cards! Click here!" or "Enter your username and password here to recieve a free game!" scams, or gamesharing with people they don't know.

If people were actually getting their accounts hacked from stolen data off of Sony's servers, the problem would be a lot more widespread than it currently is.

If you are stupid enough to give somebody your account details, you deserve to have your account compromised. You wouldnt just hand somebody you didnt know your bank card pin number would you?

 

[SMOK3Y]

I removed my credit card and added my Paypal account instead a while back. Its an extra layer, but it still isn't as good as 2 step authentication.

These policies are seriously bullshit and something needs to be done about it.

Same here

 

[11redder]

I"m pretty sure Sony allows 1 online deactivation every six months.

It's meant to. But when I got my PS4 near the end of last year I discovered that two PS3s and a PS4 had been added to my account. When I tried to deactivate all systems online, to enable activation of my PS4 as primary, I got a message saying I wasn't able to.

This despite the fact that no such deactivation had ever been undertaken on my account, let alone within the previous 6-months, evidenced by the fact that my launch PAL PS3 and other systems were all still listed as active.

A call to customer service sorted the situation however.

 

[Rocky]

Can you tell me how to do it then

I mostly use the web store and just use my Paypal account. Then when I get to my devices, my purchases are all waiting to be downloaded.

 

[labaronx]

Same here

Also prepaid bank cards are good

 

[Starwolf_UK]

Was it FIFA related? That happened to me, got it taken care of in 2 weeks. and ever since then, i've always rotated my passwords around every other week.

Being Fifa'd might soon be a thing of the past as EA are changing the ultimate team auction house to only allow offers within a small price range. Really shitty if you paid for a player which you now can't put on the market for as much but at the same time it stops this kind of money laundering (from what I understand is people buy lots of coins for cheap online which are exchange by them listing a worthless player for a high purchase amount which is then bought).

 

[epmode]

The "ban for chargeback" rule applies to practically every digital distributor.

Doesn't happen with Steam. The worst they'll do is temporarily prevent you from adding new games to your account. You can always download and play your old games.

2 factor authentication pls.

 

[LX_Theo]

Sony's policys regarding this kind of activity are an absolute joke.
My PSN account was hacked last Sunday. Luckily the asshole only ran up £49.99 (The Order: 1886) but he/she also changed my log-in info so I was locked out of my account with no way to unlink my credit card to prevent more purchases and had to go through a help line to regain control. The rep I spoke to informed me the I wouldn't be offered a refund of any sort because, and this is a direct quote " I'm responsible for the security of my own PSN account".
Rediulus. Just glad it was only £50. Sorry to hear about the Reddit guys situation, that sucks man.

You are responsible. They didn't do anything to cause your account to be compromised.

Come on people. You can't just be all willy billy with your security and then expect Sony to have your back on shot like that

 

[FHIZ]

2 pass authentication or riot

They need it in a big way, but I feel like they'd botch it and everyone would be locked out of their accounts for a few days, because that's just how the PSN rolls.

 

[Horsemama1956]

Not like they'll ever do anything about it because people keep buying their stuff, even when they do incredibly stupid stuff. Sell your Sony shit and don't look back if it's that big of a deal. You won't explode if you don't get to play an exclusive on Sony, MS or Nintendo systems.

 

[Neuromancer]

This is why I don't have a CC linked to my account, and only use codes and cards.

 

[BlackbirdFlyAway]

Will that gmail + trick work on PSN? Where you edit your PSN email address with a username+PSN@gmail or something, just for extra security.

 

[Crayon]

Sony proved themselves incompetant in this area years ago. I only use psn cards now and i recommend the same to all my friends.

 

[Lockjaw333]

I just logged into my account on the playstation website, just to check my account details, and there is an old credit card on file that I must have used on the PS3 years ago. I know I have removed all of my credit card info a while ago, no idea why this is still there.

I feel like Sony's different sign-ins are not connected or something. What I do on my PS4 doesn't seem to always be reflected on the website.

I don't trust them at all with security basically. I also primarily use PSN cards from Amazon when I purchase something.

 

[pager99]

It is astonishing that they ban people for reversing funds when their network is so susceptible to hacking.

Actually the network isn't really all that susceptible to being hacked as it was only compromised once but I assume your referring to all the recent ddos attacks

 

[Ginger Whale]

You are responsible. They didn't do anything to cause your account to be compromised.

Come on people. You can't just be all willy billy with your security and then expect Sony to have your back on shot like that

Fair enough. Defiantly wouldn't describe my security as "willy billy" but whatever.
The thing I do find odd though is why can't they remove the perchesed items from my account and refund me the money?

 

[gruenel]

Fair enough. Defiantly wouldn't describe my security as "willy billy" but whatever.
The thing I do find odd though is why can't they remove the perchesed items from my account and refund me the money?

Because that would probably be abused to hell and back. It's why we can't have nice things.

 

[TheChillyAcademic]

He has to chalk up $450 or get banned. How is this even a thing?

I would loose my fucking shit if I was in that position, absolutely fucking ridiculous.

 

[publicpwnerer]

Sony has hands down the worst customer service I've ever come across. It's abysmal.

Agreed. How much contempt for your own consumers must you have to create / enforce awful policies like these. You'd think after the hacking scandal we would have two-step authentication by now.

Doubly moronic as they're trying to build a digital future / infrastructure.

 

[IISANDERII]

I just took my credit card off. So that settles that, but the 6month deactivation thing scares me.

 

[Yoshi]

Yes.
By law, Sony is required to inform users if there is a legitimate hack.
If your credentials get phished, then the onus for the security of that information was on you.

And if the password was brute forced?

 

[KoruptData]

I enter my CC info every time I make a purchase and turn around and delete the card. Pain in the ass but piece of mind.

 

[stn]

Their customer service is garbage in general. I had a really bad experience after I bought PSN cards that wouldn't work.

 

[Maybesew]

It's a non-benevolent dictatorship. As someone that has already had an account banned and had to start over, I wouldn't even tweet this story to playstation in fear of retribution.

 

[GeNoMe]

It seems that I have a couple of PS3 systems listed as active.
I only have one obviously....how can I determine which one is the one that i'm actually using right now?

i'd like to remove the other two.

 

[silvermember]

So the victim deserves to have their account banned if they are stolen from? It's their fault? Right.

At any rate, I follow all of the above. No way will ever leave my info on PSN or LIVE.

Why should the vendor suffer for the actions of someone's own negligance. If Sony was hacked and his account stolen then it is entirely sony's fault. However it seems the person probably had a weak and terrible password which makes it entirely the victim's fault.

I hate saying this but personal responsibility is key if you decide to leave your cc information online.

Their customer service is garbage in general. I had a really bad experience after I bought PSN cards that wouldn't work.

So you bought fake PSN cards and expect them to be nice about it?

 

[p3tran]

I dont put my CC in my playstation, because I am aware of these things.
If sony is ok with that, why should I not be?

 

[Big_Al]

And if the password was brute forced?

No you see that can't happen, it IS the customers fault afterall. Sony never fuck up and it's the customers problem. /s

They are all bad in their own way but Sony seem to be consistently fucking dreadful with their customer service.

 

[firelogic]

Yeah, Sony really needs to implement 2-factor at some point.

They don't have two-factor for logging in, but you can enable a password for purchases. If you don't enter the password, it won't proceed with the transaction.

Edit: NVM. It's not a different password, it's just your PSN password.

 

[gruenel]

It seems that I have a couple of PS3 systems listed as active.
I only have one obviously....how can I determine which one is the one that i'm actually using right now?

i'd like to remove the other two.

Just deactivate all of them and then reactivate the system you own.

And make sure to change your password before all that.

 

[GeNoMe]

Just deactivate all of them and then reactivate the system you own.

And make sure to change your password before all that.

Thanks for the heads up! So the 6 month waiting periode doesn't apply to reactivating your console?

 

[Harmen]

Wow, hope they do something about it. Looks ridiculous indeed.

Yes it sucks, but at this point I find it hard to sympathize with a very avoidable situation like this after numerous examples of it occurring. Sony has their stated policy, it is not their job to secure your poor security practices and eat the bill as well.

NOW if it was leaked due to their service security being hacked, whole different story. I would wager though that the majority of these issues are not related to direct Sony hacks.

1. Don't use the same password on any sites, doesn't matter how good it is if you use it every place else and one site flaw gives up multiple sites access.

2. Don't store CC info in any online store.

3. Don't share your account info. with anyone.

4. Use a real password 12+, upper, lower, symbols, numbers etc.

5. Require your password to make purchases.

Yet this is also true. Some people take terrible care of their online security.

 

[njean777]

This is why I buy psn cards only now.

 

[Lockjaw333]

Just deactivate all of them and then reactivate the system you own.

And make sure to change your password before all that.

I also have my old PS3 system still showing as active, that was traded in years ago.

I tried to deactivate, and it tells me I need to go so on the system XMB, haha.

 

[Yoshi]

No you see that can't happen, it IS the customers fault afterall. Sony never fuck up and it's the customers problem. /s

They are all bad in their own way but Sony seem to be consistently fucking dreadful with their customer service.

I think if the password is bruteforced it's not Sony's fault, nor (necessarily) the customer's, however, it's Sony's fault that the credit card info is usable so easily. They could just demand entering the credit card info explicitly on each device you want to use the card on, otherwise, the credit card is blocked. Just check the mac address of the device before deciding if the credit card can be used. This is if they feel the need to obtain the player's money through automatic resubscriptions, otherwise they could just store the credit card info solely on the device, which would even be safer (and not require double authentification).

 

[GeNoMe]

I also have my old PS3 system still showing as active, that was traded in years ago.

I tried to deactivate, and it tells me I need to go so on the system XMB, haha.

Same here....
How is this even possible? Guess I'm gonna have to get in touch with customer support.

 

[Tigress]

So I should have to Amazon and purchase prepaid credit cards to get online PSN content? Come on now.

Credit cards should be able to be used for one off purchases instead of auto filing it and Sony shouldn't have this weird policy about charge backs.

I agree but the reality is until Sony shapes the fuck up if you want to buy stuff from PSN this is really the only safe way of doing so.

 

[Zukuu]

I don't get why anyone would ever store pay information on any account, anywhere. That is why paypal is such a good option to do online payments. Basically an automated 2 step verification.

 

[djplaeskool]

I think if the password is bruteforced it's not Sony's fault, nor (necessarily) the customer's, however, it's Sony's fault that the credit card info is usable so easily.

This is what kills me.
The only additional security being entering your password again is insufficient.
Also, I hope people's passwords are complex enough where a brute-force attack is unfeasible.

 

[gruenel]

Thanks for the heads up! So the 6 month waiting periode doesn't apply to reactivating your console?

You can activate systems as often as you like, the 6 month limit is only for deactivating everything.

 

[ironcreed]

Why should the vendor suffer for the actions of someone's own negligance. If Sony was hacked and his account stolen then it is entirely sony's fault. However it seems the person probably had a weak and terrible password which makes it entirely the victim's fault.

It's negligence to be stolen from? Perhaps the victim thought they were being secure enough with their password and figured since they were dealing with a giant like Sony, they would be safe.

I mean, first they get robbed and then get all of their purchases (potentially hundreds to thousands of dollars worth) and account banned as a result of trying to dispute it? That is getting fucked from both ends and is straight bullshit any way you slice it or dice it.

Imagine someone breaking into your house and stealing all of your expensive items. You call the police and when they arrive, they proceed to tell you that it's your fault because your home was not secure enough. Further, let's say you had these items insured and then the insurance company tells you the same and then cancels your policy. Oh well, guess it's the victims fault.

With that, I am out on this topic.

Good day.

 

[StoOgE]

Sony is a major corporation that takes IT security very very seriously and expects it's customers to do the same. Pull yourself up by your bootstraps!

 

[xrnzaaas]

I only rely on PSN scratch cards, don't have any credit cards tied to the account.

 

[Shanlei91]

Sony is a major corporation that takes IT security very very seriously and expects it's customers to do the same. Pull yourself up by your bootstraps!

 

[TheMasterGoblin]

This happened to a relative of mine a while back (for over $800). Since he was not going to suffer the financial hit just to keep his PSN account, he had to instead get his account banned.

While I understand Sony's position, it really is ridiculous. They control the platform, so they could reverse all charges and remove that content from the account and/or non-authorized devices.

Banning an account (in effect losing everything) because the credit card is filing fraud charges is a bit extreme, especially on the first instance. It would be one thing if it was the second time that the account got compromised.

 

[Gbraga]

I'm sorry for the people who lost money because of this, and I do think they should offer two-step confirmation, but I don't see how it's on Sony to refund you. The account activation thing sure is shitty and they should find a way to get around that, but if someone stole your account, what does Sony has to do with that?

Unless of course Sony is hacked and they get the information from them, then yes, it's on them to make it right.

If someone steals my account, I'll be screwed locked out of it for 6 months, but I won't lose a dollar, my card isn't linked.

 

[ohlawd]

this isn't really that hard, to be honest

Always delete your info on Sony systems. sometimes I forget tho. that's gonna bite my ass eventually. I don't bother deleting my card info for my other systems.