David Brent
Mouseketeer
- Joined
- Jan 28, 2009
- Messages
- 339
Such a ridiculous request, no matter how reputable the company is. Next, UCT will ask you to snap you with your credit card info. You can choose to use any filter to your liking.
UCT "flagged for security"
- Thread starter babyruth
- Start date
AngiTN
DIS Legend
- Joined
- Mar 7, 2011
- Messages
- 28,154
Yes
This has come up every so often, for years. I'm bad at searching but someone who is good at it could find it I'm sure
Thankfully, it happens very rarely and has not damaged their business.
And if they were going to have a breach it would be reported so fast it's not funny.
While I think their request is odd and they need something better to fix purchases that get flagged, the way they do it does work and they have been safe with the info.
Jupiter&Wolfe
Disney is for Gwown Ups
- Joined
- Feb 13, 2009
- Messages
- 797
Yes I looked it up afterward. Pretty much the same as what most have been saying. They ask for the picture, someone is(understandably) uncomfortable with the request, and it ends with them calling the company and either not having to submit a picture or ultimately deciding they felt comfortable enough to send it.
Like I said, I have NO DOUBTS this company is honest and tries to do right by its customers. The great reviews speak for themselves and I almost felt comfortable buying from them.
But how do you know they have been safe with the info? They could TELL you they are being safe with the info, and they say that because they themselves genuinely believe they have been safe with the info. But if they are not technologically competent enough to know exactly what it means to be safe with my info, then I don't trust them. Not because they're TRYING to be dishonest. They just don't know any better. That's what a completely archaic practice like this tells me about this company.
And it only takes ONE security breach. And it just takes moments, and some random dude or group of dudes irreversibly has EVERY customer's info to do with as he pleases. This has been PROVEN in major hacks that made international news in recent years. Google major hacks such as Ashley Madison, Sony, and Target. Millions of dollars stolen within days or hours. Many people's reputations permanently destroyed(whether they deserved it or not
).I'm not touching this company now that I know some of their procedures! But that is my personal opinion, No judgment on others!
IrishNYC
DIS Veteran
- Joined
- Nov 19, 2014
- Messages
- 2,814
This is how I feel. They have glowing reviews, but I feel like I'm more tech savvy than they are when it comes to security.Yes I looked it up afterward. Pretty much the same as what most have been saying. They ask for the picture, someone is(understandably) uncomfortable with the request, and it ends with them calling the company and either not having to submit a picture or ultimately deciding they felt comfortable enough to send it.
Like I said, I have NO DOUBTS this company is honest and tries to do right by its customers. The great reviews speak for themselves and I almost felt comfortable buying from them.
But how do you know they have been safe with the info? They could TELL you they are being safe with the info, and they say that because they themselves genuinely believe they have been safe with the info. But if they are not technologically competent enough to know exactly what it means to be safe with my info, then I don't trust them. Not because they're TRYING to be dishonest. They just don't know any better. That's what a completely archaic practice like this tells me about this company.
And it only takes ONE security breach. And it just takes moments, and some random dude or group of dudes irreversibly has EVERY customer's info to do with as he pleases. This has been PROVEN in major hacks that made international news in recent years. Google major hacks such as Ashley Madison, Sony, and Target. Millions of dollars stolen within days or hours. Many people's reputations permanently destroyed(whether they deserved it or not
I'm not touching this company now that I know some of their procedures! But that is my personal opinion, No judgment on others!
As for the bolded part, while those have been huge security breeches, with a few exceptions, those breeches have been along the lines of hackers exposing a weakness, but not doing anything with the info. Its the kind of lazy security UCT is using that does lead to financial damages. One rogue thief gets a handful of these pictures, some insecure credit card info, enough other info, and next thing you know he's printed off fake credit cards, runs out and buys gift cards, and spends those before they can be traced.
When I worked in ecommerce our clients entered cc info and our company never even saw that info unless there was some kind of refund issued, because the charges were processed off-site through the credit card service. That sort of system limits actual access to the information that can be pieced together to create theft.
Jupiter&Wolfe
Disney is for Gwown Ups
- Joined
- Feb 13, 2009
- Messages
- 797
Good to know! Sounds like you may know a little bit more about that stuff then you do - like I said, I make no claims to be tech savvy!
Though I was under the understanding that the major retailer hacks like Target and Home Depot did result in a lot of money being stolen. But like you said, it's about poor security. I think if major companies like these can have weaknesses exposed, a small company like this is probably pretty vulnerable, right?
How much money could one possibly be saving to make it worthwhile to go along with such a stupid demand? I would not do business with this company for any reason. OP- were you able to get your refund? I hope you called your cc company and disputed the charge. Good luck! Let us know what happens!
UnderCoverTourist
Mouseketeer
- Joined
- Jun 24, 2003
- Messages
- 156
Hi All,
So we understand the concerns and would like to shed some light onto this subject. E-Tickets are not the same as ordering physical items that are delivered to your home*.
*"Why do we do this? Unlike airlines, hotels or attractions, we can't verify your identity and/or payment details in person before providing your tickets or reservation. We work hard to responsibly and securely protect our customers and our company from fraud. Thank you from the Frog Family."
We deliver millions of tickets per year both via regular shipping (mail) and email. A relatively small number of transactions are flagged using scores of metrics (using our past experience with millions of $ of fraud and attempted fraud). Due to other companies security breaches over the past few years we have seen a massive uptick in attempted fraud on E-Tickets due to massive amount of stolen credit card numbers out there.
We do receive the credit card at time of order. For your protection we do not store the credit card number. We are also not asking for the full credit card number simply the last 4 digits. Upon releasing the order we delete the image. So it is not stored beyond releasing the order, it is just the last 4 digits.
Now of course we recognize this may not to be to everyones taste and we do have a regular mail option which when shipped to the billing address is almost never flagged!
Yes we want to avoid millions of dollars of fraud but it does truly protect you too. We have received dozens of messages of thanks from customers whose cards were not successfully used for fraud. The less lucrative the fraud is, the less attempts are made.
This has been very effective in reducing the successful fraud (which is costing millions of $ of losses within Theme Park E-Tickets alone) but if you are uncomfortable with the small risk of being flagged and still like our service please consider choosing the Mail to your home option. Right now, we are working with the credit card companies to add other layers of protection and adjust our fraud metric system to reduce the number of flags by 80% of an already limited number of people flagged. This issue is very unique to 'Theme Park E-Ticket' fraudulent attempts.
So in conclusion, we are not asking for your full card number, just the last 4 digits, we delete the image upon order release, the image is uploaded through our secure website. If you are still uncomfortable please consider choosing to have your tickets mailed to the address that matches the billing address for your card.
The flagged orders must meet many indicators of potential fraud, the number is low. The photo does help for many reasons and we do have the mail option.
We have reduced our fraud to 1/42th of the successful fraud of our competitors. It costs us more money to deliver tickets by mail, but if it gives more peace of mind then we are happy to do so! We all win if we stop this rampant fraud. If the fraudster placing the order is successful, they are willing to pay more for stolen credit cards (to the original thief). If they are willing to pay more to the original thief, it is more of an incentive for them and others to steal even more cards as they get paid more!
It does cost cardholders time to clear up fraudulent orders and many people work for or own retail businesses that are victims of fraud. The cost of fraud is passed onto us as consumers in the form of higher prices, time to clear up issues and a 'it takes a village' to not reward people who attempt to cheat and steal rather than working!
We hope this insight helps and we can deliver via mail too.
Thank You
Undercover Tourist
So we understand the concerns and would like to shed some light onto this subject. E-Tickets are not the same as ordering physical items that are delivered to your home*.
*"Why do we do this? Unlike airlines, hotels or attractions, we can't verify your identity and/or payment details in person before providing your tickets or reservation. We work hard to responsibly and securely protect our customers and our company from fraud. Thank you from the Frog Family."
We deliver millions of tickets per year both via regular shipping (mail) and email. A relatively small number of transactions are flagged using scores of metrics (using our past experience with millions of $ of fraud and attempted fraud). Due to other companies security breaches over the past few years we have seen a massive uptick in attempted fraud on E-Tickets due to massive amount of stolen credit card numbers out there.
We do receive the credit card at time of order. For your protection we do not store the credit card number. We are also not asking for the full credit card number simply the last 4 digits. Upon releasing the order we delete the image. So it is not stored beyond releasing the order, it is just the last 4 digits.
Now of course we recognize this may not to be to everyones taste and we do have a regular mail option which when shipped to the billing address is almost never flagged!
Yes we want to avoid millions of dollars of fraud but it does truly protect you too. We have received dozens of messages of thanks from customers whose cards were not successfully used for fraud. The less lucrative the fraud is, the less attempts are made.
This has been very effective in reducing the successful fraud (which is costing millions of $ of losses within Theme Park E-Tickets alone) but if you are uncomfortable with the small risk of being flagged and still like our service please consider choosing the Mail to your home option. Right now, we are working with the credit card companies to add other layers of protection and adjust our fraud metric system to reduce the number of flags by 80% of an already limited number of people flagged. This issue is very unique to 'Theme Park E-Ticket' fraudulent attempts.
So in conclusion, we are not asking for your full card number, just the last 4 digits, we delete the image upon order release, the image is uploaded through our secure website. If you are still uncomfortable please consider choosing to have your tickets mailed to the address that matches the billing address for your card.
The flagged orders must meet many indicators of potential fraud, the number is low. The photo does help for many reasons and we do have the mail option.
We have reduced our fraud to 1/42th of the successful fraud of our competitors. It costs us more money to deliver tickets by mail, but if it gives more peace of mind then we are happy to do so! We all win if we stop this rampant fraud. If the fraudster placing the order is successful, they are willing to pay more for stolen credit cards (to the original thief). If they are willing to pay more to the original thief, it is more of an incentive for them and others to steal even more cards as they get paid more!
It does cost cardholders time to clear up fraudulent orders and many people work for or own retail businesses that are victims of fraud. The cost of fraud is passed onto us as consumers in the form of higher prices, time to clear up issues and a 'it takes a village' to not reward people who attempt to cheat and steal rather than working!
We hope this insight helps and we can deliver via mail too.
Thank You
Undercover Tourist
Last edited:
adisneyaunt
DIS Veteran
- Joined
- May 17, 2014
- Messages
- 1,541
Thx UCT for posting the rationale behind the request for pix.
Makes sense ... not sure I'd Not have tix mailed tho... seems like an easier transaction overall.
Makes sense ... not sure I'd Not have tix mailed tho... seems like an easier transaction overall.
Maistre Gracey
DIS Legend
- Joined
- Apr 23, 2002
- Messages
- 11,535
It's weird. It doesn't protect the card holder. The card holder is not responsible for fraudulent charges.
There were reports of you not accepting a picture of the card. You want the persons pic also. I find that creepy.
MG
mckennarose
DIS Veteran
- Joined
- May 22, 2015
- Messages
- 2,230
Cadaverous Pallor
Mouseketeer
- Joined
- Jan 8, 2016
- Messages
- 84
I would call them over the phone.
If they refused to take my credit card over the phone and demanded a selfie, I'd take my business elsewhere.
As rational as the post by UCT, it's still weird.
If they refused to take my credit card over the phone and demanded a selfie, I'd take my business elsewhere.
As rational as the post by UCT, it's still weird.
perditax
DIS Veteran
- Joined
- Jan 8, 2015
- Messages
- 1,977
Maybe less willing to provide a picture of their own face when they know they're committing a crime?
I work in a fraud-heavy industry (online gaming) and we have similar procedures.
wilkeliza
DIS Legend
- Joined
- Feb 1, 2013
- Messages
- 14,109
Nothing says they have to use their own face. As someone posted earlier photoshop it pretty easy for something like this. A photo holding a card doesn't do much for security.
perditax
DIS Veteran
- Joined
- Jan 8, 2015
- Messages
- 1,977
The people doing serious credit card fraud have lots of numbers to burn through. They don't have time to bother with constructing a fake credit card photo and doing a convincing photoshop job. They just move on to the next number.
wilkeliza
DIS Legend
- Joined
- Feb 1, 2013
- Messages
- 14,109
I also can't imagine serious cc fraud will do a non-refundable 120 purchases either. Even if they are running the card to check it the amount isn't going to be that high.
A State Of Autumn
Mouseketeer
- Joined
- Apr 3, 2015
- Messages
- 163
I got skimmed in Europe last year for thousands of dollars of train tickets in countries we didn't travel to. Honestly if a company asked me to do this I would happily send them a selfie of myself and my card. They then have some proof should the transaction be disputed and I know that they're protecting me by doing so.
I understand it's an odd request but as I learnt last year tickets are a very popular thing for criminals to purchase, they're not physical so generally won't be repossessed and they can be used before the person even knows there is something wrong with their card or accounts.
I understand it's an odd request but as I learnt last year tickets are a very popular thing for criminals to purchase, they're not physical so generally won't be repossessed and they can be used before the person even knows there is something wrong with their card or accounts.
anorman
Greetings from The Great White North
- Joined
- May 31, 2009
- Messages
- 1,384
I thought it was weird but having dealt with this company several times in the past I sent the selfie as requested but the card was partially obscuring my face and was of such bad quality it couldn't possibly have been used for anything other than this. I did speak to a representative of UT prior to sending this and they explained the security concerns.
Within two weeks I received my park tickets in the mail delivered to my home address. I have had no issues with the credit card I used. I would happily use UT again in the future.
Within two weeks I received my park tickets in the mail delivered to my home address. I have had no issues with the credit card I used. I would happily use UT again in the future.
babyruth
for the first time in forever
- Joined
- Jan 24, 2008
- Messages
- 768
BS because I was having the Disney tickets mailed. Nobody, not one single person over email chat or phone mentioned the mail order which is probably because I was already having them mailed! Additionally, according to the person I spoke to it was ONE TINY INDICATOR of the internet address I was using coming from RI instead of MA not "many indicators of potential fraud." So no this excuse does not help.
-
Make Candy Apple Olafs for your 'Frozen the Musical' Showing
-
All The New INSIDE OUT Merch For 10th Anniversary
-
El Artista: A Spanish Haunting Coming to Halloween Horror Nights
-
Is Walt Disney World Focusing Too Heavily on the Magic Kingdom?
-
New Disney Springs Shaken & Stirred Cocktail Class Dates
-
Looking for Ways to Experience 'Elio' at Disney Parks? We've Got Some + NEW Merch!
-
Why is There a Giant Dinosaur at Disney's Hollywood Studios?
Save Up to 30% on Rooms at Walt Disney World!
Save up to 30% on rooms at select Disney Resorts Collection hotels when you stay 5 consecutive nights or longer in late summer and early fall. Plus, enjoy other savings for shorter stays.This offer is valid for stays most nights from August 1 to October 11, 2025.
CLICK HERE
