Dwolla & Phishing

Discussion in 'Snapshot/Zune' started by PhyloGenesis, Jul 12, 2015.

  1. Hey @Matt,

    I was looking at supporting the servers and playing on Zune but I don't have any BitCoins so I tried the other option, Dwolla. I tried using it, but got stuck when they asked for my bank website account credentials.

    While they don't seem like some shady Chinese fraud ring or anything, what they are doing IS phishing technically and all our users should be wary of using it. I wanted to report this to you since you may not be aware, they may have recently started doing this, etc.

    "Phishing - The activity of defrauding an online account holder of financial information by posing as a legitimate company."
    They definitely seem like a legitimate company but are requesting financial information that should NEVER be given out and that users of the bank websites actually have to agree to not give out when creating an account.

    As for me, I've wanted to get hold of some Bitcoins anyway, so I'll see if I can get that sorted and donate that way. However, regarding that, you state that to get on Zune you have to donate $20 or $5/mon. If I'm using Bitcoins, what are the numbers, considering how much Bitcoins fluctuate in value. Also, is it automated or do you just see the donations and update the whitelist?

    Thank you!

  2. Matt

    Matt Owner

    I completely understand your hesitation here. For what it's worth, they aren't phishing. They aren't posing as your bank or trying to defraud you. They are asking your permission to use your bank login credentials in order to do an instant verification. The alternative is they have to initiate 2 micro-deposits via ACH and have you confirm those amounts, which can take several days. (More here: http://techcrunch.com/2014/06/18/dw...g-your-bank-account-and-become-a-dwolla-user/)

    I'm actually a big proponent of Dwolla outside of using them for donations here. They are a start-up that is building one of the only real alternatives to credit card networks and the antiquated ACH network. So I try to promote them where I can. (same with Bitcoin, but that's even more of an uphill battle than Dwolla)

    On the "Support the server" page I use the Coinbase widget which automatically determines the bitcoin amount based on current exchange rates. So that's probably the easiest way to get the amount. Otherwise, using the Coindesk Price Index is a good bet http://www.coindesk.com/price/

    The process is currently manual (since the old Player Portal died). But I'll try to get you whitelisted as soon as possible.
  3. I'm glad you've thought it through but I guess we'll have to agree to disagree here.

    "What’s especially clever here, however, is that many users won’t even need to provide their routing or account numbers to make this initial payment. Instead, thanks to how this process now works, the company is able to verify bank information in a way that’s similar to something like Mint.com – where you just authenticate your banking credentials to get going." - TechCrunch

    Far from being clever, this is about the worst thing you could do, which is why nobody else does it and the banks aren't pushing this process and still use stuff like ACH. Anyway, that's my position and you've made yours clear. Unless you would like to debate I'll leave it at that and thank you for the quick response and BitCoin option. I would love a PayPal option though. I don't mean any offense so if you'd like to respond without further debate that's fine too.

    Also, thank you but don't whitelist me yet because I haven't donated; I need to get BitCoins first (or do 'cause that'd be sweet).

    What is and what happened to the old Player Portal? Do you need volunteers to fix stuff like that?
  4. MissMijo

    MissMijo Supporter

    Why is the paypal option not available anymore, Matt?
  5. Matt

    Matt Owner

    Portal was a homegrown web app for managing donations. The 1.8 update with UUIDs broke most of it, though. I would definitely welcome any contributions to a rewrite if anyone is a Go or Javascript dev.

    Portal kept track of all the accounting as well. So I don't have a good way to stay on top of new donations and expiring old accounts at the moment. You can still make manual payments to "[email protected]". But I really want to get a more automated system in place before I make it easier for people to do.
  6. Sweet! Sent!