Doing same...

:1orglaugh:1orglaugh

lol, this makes so much since in a nutshell! :1orglaugh

not even 50 posts, not a drama :(

Interesting issue. :2 cents:

If somebody added the username through the CCBill script, and that person not being a CCBill employee, it would ALSO show up in the logfile.

You guys act like anyone will care. So many people have been outed for doing some incredibly horrible shit.. and they are still thriving today and doing better than ever. My advice... do what you feel you need to do for your own business.. but a simple fact of the adult industry is that crusading for a cause, almost never yields tangible results, the apologies, admissions, or gets the answers you're looking for.

IBill did it and got away with it :)

CCBill are a whole different kettle of fish and I like the script kiddy theory.

Hoping for a good answer from CCBill today.

No problem, I will contact you.

Let me offer an explanation on how our user management works, hopefully this will help.
When a customer signs up to a site that is using the CCBill user management system upon submitting the form an 'add' command is sent through our script on your server with the customers username and an encrypted password. This is just simply a reservation to make sure the password media is available for the add, they are not given access at this time. Once the 'add' is successful and the signup has processed an 'update' is sent with the valid password and the customer is granted access. Once it is time for the customer to be removed from the password file a 'remove' is sent.

There are a few reasons why you will see an 'add' but no 'update'. If a customer is declined you may see an 'add' but no 'update' and/or if you are processing telephone payments or direct pay payments and the customer does not complete the transaction you will not see an 'update' but you should see an 'add' and a 'remove'.


We have looked at the log files you posted and we have identified 2 incomplete telephone transactions and 4 other credit card declines that 'updates' were never sent on. That being said, it does not appear that 'removes' were ever sent on them either which means we most likely have a problem running this command with your account so that is something we will certainly want to take a look at.

I will be contacting you now to discuss further.

If anyone else would like me to investigate an issue with their account I would be happy to do so just hit me up.

What were/are the jpost error issues all about?

That answer is INSUFFICIENT, since I actually spoke to a tech and he checked those usernames and subscription numbers and they are signed up for a completely different account, they never even joined my site, the other username wasn't even in your entire database, over the years I asked many times to have this looked at and couldnt get any help or info what so ever, furthermore when I gave usernames that needed to be researched and investigated you told me that info cannot be divulged. By a sheer stroke of luck the tech that answered late at night was able to pin down these usernames and gave me the info that you have repeatedly denied me. I am extremely upset and that this was ignored for so mahy years and still feel like I am losing tons of subscriptions this answer is totally bogus since it doesnt explain how they entered my database to begin with, FURTHERMORE i keep every denial email and there is no record of a denial ever sent for these subscription numbers.

Let me clarify Pauls post a bit, the reason we post a password first is because if we approved a transaction/took funds before we could be certain the sites content would be delivered, the chargebacks would put us out of business. We will try to send the password multiple times, but can't continue to post to broken systems

I dont know how that refers to me ???

CCbill seems like a stand-up processor, but what really stinks about this industry is there is ZERO accountability. You have to basically put all your trust into processors and program owners. No one is going to audit them for fraud, and by law they're not obligated to indulge anything they don't want to.

Actually, I'm sure Visa and Mastercard would disagree with you.

glad to see it all worked out. ccbill rocks.

I am not sure I understand. I will contact you off the board and show you where in the CCBill admin reports you can look up users who are added to your database and why.

i mispoke, i meant username rather than password, sorry about that

Good advice.

A few years ago we noticed more "paid" user accounts than we could account for, and it turned out to to be a hacker. Someone was posting fake purchase data to our post-back script that had the same format as CCBill's, but were coming from the wrong location.

What we did was first lock it down so that it would only allow messages from verified CCBill servers. We then took a couple of extra steps to make sure each new purchase and each cancel was correct, and to validate the format of the data received. This solved our problem.

AVSTgp: In my opinion posting on a forum about this kind of thing is a mistake. If you weren't getting good support from a CCBill tech, you should have escalated it to your sales rep, or contacted Corvette by ICQ. Corvette and Paul have always been great at solving any problem or answering any question we had. No need for public "drama".

Good luck!

i have known the CCBill guys for some time and the direction this thread is going is that it seems that avstgp thinks that the guys at ccbill are intentionally billing users for access, inserting a u/ps in the system for them, and not crediting them.

if that was the case, remember it would be very easy to get caught. if a member has any questions about the site, they would email the site owner, who would notice they could not find a subscription and complain on the boards, others would confirm it and ccbill would lose most of their business just like that

so just out of self-preservation, it makes sense to me that this is an honest mistake, i cant see it any other way. their morals aside, why risk losing tens of millions in order to gain a few (highly risky) dollars?

good reminder to keep an eye on your password file and audit it every so often, things have a way of building up in there

shitty thread title, there can be lots of reasons for your problem, but why jump on ccbill all the sudden?

I am sure they would like to keep this off the board AVSTGP, but I would request that you keep it on the board. Some of us take your issue personally and also want to be reassured that an acceptable explanation has been provided for such a large discrepancy in your login/passwords and credited joins!

What were/are the recent jpost error issues all about?

Really, Visa and Mastercard are going to go audit processors to see if program owners and affiliates are getting all sales accounted for? :1orglaugh :1orglaugh

Following ghost on this one.

SwirlsGirl, let me ask you a straight up question

do you think that ccbill would be stupid enough to risk adding members to your site, billing them and keep the money? the same ccbill that was smart enough to be basically the last/biggest processor standing out of 25 processors that started in adult ten years ago

they survided visa/bush administration and a ton of other things, but they are going to be taken out by a gfy thread where they are being accused of stealing from webmasters

honestly

swirlygirl can't even get her gfy sig button to work, how do you expect her to know wtf is going on?

as far as avstgp, i'm assuming he isn't even running any password trading software. (based on his avoidance of this question)

if he was he would have realised that all those userpass's are on password trading boards

This aint my first rodeo.

Kind of weird, i often see you post statements that are almost like the one above. Bugs the shit out of me. You also did it in the DirtyD thread. You want to make rules, make a own forum!

I am not avoiding anything, I don't see your approach as trying to be helpful, you seem to be attacking me, I appreciate your input, but I dont respond to attacks, I also dont know why there has to be this automatic blind blanket, defense of CCBill, theres obviouslly something fishy going on of that we are all 100% sure, whos fault this is has still not been determined, this could possible be a hacker just as much as an employee of ccbill or even an ex employee of ccbill, if they do get to the bottom of this the chance of them admitting fault is 0% the chance there is a 8 year member discrepancy that changes every month is 100%, ccbill will never admit any wrong for they would have to go back and pay or audit the last eight years. So once we get to the bottom of this and they give me exact info on the 200 members that have been off between paid users and users that have access this will not die, if I have to get a lawyer to audit their files I will! I am sure my lawyer larry walters would love some more info on this. I want an exact accountability for every one of the 200 transactions that are suspicious!
Nobody has contacted me yet and, I will not accept a database error as a sufficient answer. as far as password trading usernames, these usernames are 6 DAYS OLD! i very much highly doubt they have been added and traded with in the last 6 days and, even if they are why is there no record of those transactions at all, the transaction numbers are there but there is no record on my side and in some cases ccbills side, so with all due resepect BV stay the hell out of this!

dude, hes not attacking you. when you work in technology for years, you realize that shit/problems/mistakes happen all the time, major or minor

all you can do is antisipate them and try to prevent them, we audit our password files every 6 months matter of fact because years ago we saw 600 extra members and it freaked us out

its not always a conspiracy theory where ccbill is trying to steal your money, have you considered its an honest mistake?

the big question is, have you found out those members are being billed? or are they just added to the pw file? have any logged in at any point or are they just adds

I have sent you an email with screen shots of where these 6 users exist in our system under your account. As I explained in my previous post two were telephone transactions that were not completed and the other four were declines. These were done under your account and are viewable in the CCBill admin reports. I am not sure why you did not receive the emails on the declines but they do exist in the reports that you have access to.

I apologize that the techs you spoke with did not investigate the issue as they should have, however if you would like to send me any or all of the 200 transactions that you are suspicious of I would be happy to look into them for you.

First thing you need to do is drop the password file!

Get on a Database system instead. This will also end your corrupt password files from happening and save you downtime.

Need help with this hit me up we can consult you on this and many of other changes that will secure your system and increase profits!

stay out of it? hahaha
attacking you? hahaha
dude, you came here and attacked ccbill
they try to help and ask for information, and you get cocky with them
you don't think passwords can be added in past 6 days?

GET YOUR HEAD OUT OF YOUR ASS AND TAKE MY ADVICE!!!!

CCBILL IS NOT FUCKING YOU!

and lock down your CGI, get proxypass installed ASAP, and scan your drive :2 cents:

those of us who run businesses understand the common sense in not running to the boards and "suspecting" fraud from the people you do business with.
I'm sure its fun for you to watch this play out but the only thing I see this has done is expose the thread starter.

Well Jcsike, its like this... you ask me if I think ccbill is stupid enough to skim sales, I don't suggest that that makes them stupid.

Since I have been in this business...

I have caught yahoo red handed engaged in click fraud,

I have caught my own bank red handed engaged in overdraft fraud,

I have caught auto repair shops engaged in pure fraud,(actually hubby caught them)

I have been a victim of mortgage fraud twice in the past 6 years,

Not to mention the fraud that we are all exposed to on the nightly news,but thats another topic for another day...

I could go on about many other processing companies that have been caught in some fraud, just look at the verotel fiasco last year..

Look at the paymonde fiasco before that,

look at the ibill fiasco before that,

I have been personally effected by all of them, and when I see another webmaster in distress I can relate and feel compelled to give the webmaster the benefit of the doubt.

I am under no illusions about how the word really works, I had a processing account terminated years ago early in the game because I came to the boards and outed the processor for promising to pay for over 2 months and never paying.

within 3 hours of making the post, my access to my stats was locked out, and my account was terminated! So there are risks involved when you courageously call out a company on the boards.

Having said all of that, I go back to my other question that no one has tried to answer and that is not would ccbill skim joins, but is it in fact possible?

You should be able to ask that question without being slanderous. Asking that question to me is a critical valid question. I don't think by asking if its possible to be skimmed means you are accusing them of scamming.

its not possible to effectively skim joins without a big chance of getting caught.

the procesor is in-between the consumer and the webmaster. they would have to bill the consumer, give them access to the webmasters members section, not pay the $$$ to the webmaster AND try to prevent the consumer from comunicating to the webmaster about anything (to avoid raising the webmasters suspicouns), no to mention hope the webmaster doesnt check his password file, which 70%+ of webmasters know to do

and if they dont do it right and a webmaster posts on the boards, everyone knows about the plan and their business is kaput

so in my eyes its a stupid question. if they were doing this i would pull my processing from them not because they are dishonest, but because they are stupid LOL

Those of us in business also understand when you get an answer that does not seem rational or square with you gut instincts then it is prudent to bring it to the boards.

Chances are some one else might be experiencing the same thing.

I guess if they don't like you bringing it to the board they would rather you poll your fellow webmasters by way of telekinesis...

Word

http://www2.picturepush.com/photo/a/...5-finished.jpg