The Incredible Tale of the PCI DSS SAQ

I still remember the time that a woman at my credit card company called me up to confirm that I actually wanted to purchase $600 worth of sneakers. I didn't! Some companies will apparently look at what you've spent in the past to try and verify that future orders are legitimate, which is both kind of scary and kind of nice of them.

The earlier hacking was a completely separate issue, fortunately. In this case, none of our security measures have been compromised; we're dealing with the results of other company's poor storage of credit card data, for the most part. I'd love to be able to report this stuff to credit card companies or some kind of federal agency, but if it's just a couple thousand dollars I doubt they'd want to spend much time on it, especially when the orders are being placed from overseas.

This is the Bay Area version of Papers, Please.

Can the player process enough orders to buy enough liquor for yourself and your friends...

@rorie said:

So you're actually stopping crime BEFORE it can start? You're a superhero!

Good read.

Speaking of the store, are you able to say why the Ryan Davis memorial shirt was taken down?

Wait, you mean you do things other than looking up pictures of puppies ot taking pictures of them yourself?

Why would you do that?

@rorie nice to have an update!

... though I wish you'd stream more Dark Souls :D

@the_nubster: Inside baseball would be the phrase.

When Rorie got to the end and mentioned that game, I had exactly these sentiments. I really want to see something like this come out now...

I never really thought you were slacking but it's nice to hear about your workday. Still, I agree with some of the other comments, it's a shame we don't get to see more of your writings around here.

Hm. Who knew reading about someone else's battle against online fraud would be interesting...but there it is. Keep up the good fight, Rorie.

@the_laughing_man said:

Like Jay and Silent Bob style? "Did you place an order for 16 giant bomb hoodies with this credit card? Order declined biatch!"

@rorie The more I think about this, the more I am convinced this is an act of guerilla warfare by GameBomb.ru

They are testing the defences. Soon the assault will begin.

Yes.....And I am sure @rorie can even send us a giant book like in the movie.

@rorie If only we could get, "Quick Look: 'Is This Order Fraudulent Or Not' Game"! But then someone would watch it and figure out how to break your system.

yay Giantbomb is a test site for Credit Card Fraud I think that's a sign you've made it

@rorie No Nigerians? I used to get crazy orders from so-called englishmen currently living in america wanting to buy my "item" to sell in a new japanese merchandise store opening up in Nigeria. Hilarious to read them day after, even moreso when I didn't sell items but provided a service to restore bricked consoles.

Boss of Bosses was a gamespot thing but you could still post a video where you tear through a hard game just to show them kids how it's done. That was amazing.

Giantbomb should get some new shirts and bring back the wizard shirt.

It would also be great if the shirts were better quality. :p My first bomb shirts from few years back were much better quality than the most recent one I got.

Just saying.

Oh man, this totally explains why that dude gave me a key wrapped in a China Don't Care shirt.

I mean *cough* what

@rorie Wow that is very interesting as everyone else on here has said, and also you do write very well. Also please thank @patrickklepek for putting this in the Worth Reading which is where I saw it, as I don't generally have/take the time to look at stuff in the forums very often at all.

Dude. Not cool. I told you not to talk about that. Our mutual friends will be paying you a visit tonight.

I suppose the upside of Rorie looking at all orders and using a fine tooth comb is the fact that after awhile the thieves learn to not test stolen cards on GB...it is a waste of time and leads to their operation being on radar one step earlier than with another retailer who scrutinizes less.

It probably is true. I know that there are people in Japan who offer a deputy service where you can commission them to buy goods from local shops and websites who don't deal with overseas orders. I haven't used a deputy service myself, but it's something I've considered doing.

Don't rule out employees at restaurants/shops that make a quick snapshot of your cc

@rorie Oh man, as soon as you mentioned PCI DSS compliance, and flowcharts, I just started laughing my ass off. I've been working on some authentication process stuff for my company, and it's been a royal shitshow. The first cut of everything I built (to spec, which was handed down to me, and I assumed had been verified for compliance) had to be completely thrown out. Once I went back to the drawing board, I took it upon myself to make sure what we're building is really compliant, and it's painful, to say the least...

Definitely need more posts like this from Matt & the rest to see some of the behind the scenes of Giant Bomb until Matt has some free time to get in on the bombcasts. After dealing with all the stuff you put in this post about the crazy store events Matt, you definitely deserve all the puppy attention. (can't recall where the photo is from but too cute to not pass along)

We really appreciate your work Rorie!

Bah no Pugs in the OP

RORIE GIMME THAT MASKKKK BOYYYY

PLEASE

my dog needs it

@nach0sanchez: Please stop with the spam. This topic is over 5 years old. One reply was probably too much, over and over is disruptive.