Epic Games obtains details of new credit card by contacting user's bank without their permission, also obtains and uses deadname

Alvis · Jun 29, 2022

Basically this user specifically decided NOT to update their credit card on EGS after their current one expired because they claim EGS has already charged them fraudulently before. What Epic did in response was contacting their bank on their own and asking for the details of the new credit card, without their permission. They also obtained their deadname, which they have never given to Epic and which is not in their PayPal, so it must have been through the bank.

Absolute fucking insanity. What the fuck.

Dreams-Visions · Jun 29, 2022

Wtf. Completely unacceptable.

bell wood's jet cola · Jun 29, 2022

This has happened to my expired cards elsewhere and it's surprised me. Not sure it's nefarious or, though. I don't know how they get the info or if the bank automatically sends it to them.

Deleted member 93841 · Jun 29, 2022

"It's just a launcher."

Mars People · Jun 29, 2022

Never used Epic. Never will.

Soap · Jun 29, 2022

I swear I read there is a facility with master card and visa that businesses can opt into where they will auto update the card details. I know MS or Amazon did this to me (I can't remember which). Anyone taking aim at Epic for this should understand it is a facility that already exists and is used.

Corralx · Jun 29, 2022

To me it's bonkers that companies can ask for this data and banks will happily comply.
It's a huge privacy violation.
Epic is not the only one doing it.

Alvis · Jun 29, 2022

bell wood's jet cola said:
This has happened to my expired cards elsewhere and it's surprised me. Not sure it's nefarious or, though. I don't know how they get the info or if the bank automatically sends it to them.

Isn't the whole point of credit cards expiring to prevent anyone from charging you until the end of time without you realising it? So that you have to keep actively giving the new cards if you want that company to keep charging you?

Vilam · Jun 29, 2022

That's not some nefarious Epic thing - it's a totally normal occurrence with credit cards. Epic didn't initiate this process or contact this person's bank and ask for it either; it's all automated.

--R · Jun 29, 2022

Companies do this because credit card companies offer automatic billing updaters, it's been the standard for years and years. And considering how hard is to change personal data on credit cards, my guess is that the deadname is because it's still associated with the credit card, which is a shame because CC companies and banks make it so hard to change stuff.

Deleted member 93841 · Jun 29, 2022

Soap said:
I swear I read there is a facility with master card and visa that businesses can opt into where they will auto update the card details. I know MS or Amazon did this to me (I can't remember which). Anyone taking aim at Epic for this should understand it is a facility that already exists and is used.

Even if it's not Epic only, this is a system that should not exist. It's such a massive security flaw.

Futterish · Jun 29, 2022

I want to preface this by saying that I have a trans child and understand how deadnaming can hurt. I'm sorry you (or they, if you are not the original poster) have gone through this.

I just had a credit card company replace one of my cards due to fraud. In certain cases with secure providers, your company will reach out to the retailer, not the other way around. In fact, the email you received from Epic says that the credit card company reached out to them, pushing the new info. Epic didn't pull it down, it was sent to them automatically.

The fault lies with the credit card company believing it was doing a courtesy for its client and messing it up. I think it's important we put our frustration in the appropriate place.

Dis · Jun 29, 2022

Yeah I have a feeling that this would break some laws depending on where the user is. I'm pretty sure a company just being given personal banking info without direct consent or permission would be a big issue here. Purely speculating as I've never had or heard of it happening but considering these days we have to open our banking apps and verify its use on the app to simply pay for stuff on websites here now, I have to assume it wouldn't be something that would be allowed.

Pretty fucked up, especially as I've had cards expire and not updated them purely because of fuckery with details being stolen and not trusting the company with them again.

Edit: In fact earlier this year I had an alert one of my credit cards paid for something at near midnight. A credit card I rarely used and only had online at a few places in the past. I immediately called the company and had it cancelled and a new card sent to me. That card arrived 3 days later, entirely new credit card number (in the UK credit card numbers don't always change when a replacement is sent after one expires as that's what your account number is, you just get a different expire date and security code on the back).

2 days after that, on a card at that point I'd never even used a single time, I got a fraud alert asking if I tried to buy something. Again I called my company who were so confused how they would have gotten the brand new number considering I hadn't used the card a single time anywhere. They were so confused that they not only sent me another new card, they outright sent it with a new pin number separate in the post like a brand new customer has and it needed to be activated again like a new customer for them. I don't think they'd be open to just handing details over like that to a company based on how confused they were when the first replacement got used again.

Alvis · Jun 29, 2022

--R said:
Companies do this because credit card companies offer automatic billing updaters, it's been the standard for years and years. And considering how hard is to change personal data on credit cards, my guess is that the deadname is because it's still associated with the credit card, which is a shame because CC companies and banks make it so hard to change stuff.

TIL that in America credit cards expire for no reason then (I'm 100% sure this is not the case in the EU, or at least in Spain, which is why I was not familiar with this terrible practice)

BarcaTheGreat · Jun 29, 2022

Vilam said:
That's not some nefarious Epic thing - it's a totally normal occurrence with credit cards.

This is my understanding as well, as far as credit card stuff goes.

Madjoki · Jun 29, 2022

Don't save credit card details anywhere, folks.

Anyways, still this shouldn't happen unless you specifically opt-in.

MJForum Poster · Jun 29, 2022

--R said:
Companies do this because credit card companies offer automatic billing updaters, it's been the standard for years and years. And considering how hard is to change personal data on credit cards, my guess is that the deadname is because it's still associated with the credit card, which is a shame because CC companies and banks make it so hard to change stuff.

Yeah this has happened to me with other sites. Many people see it as a convenience as they often dread having to update a credit card everywhere. But it should probably be something you opt into either at the service level or with your bank.

gothmog · Jun 29, 2022

Credit card companies have updater services now where vendors that provide subscriptions can query when a card has expired. They will receive updated card information. I imagine it was in an updated term of service for the card.

Tendo · Jun 29, 2022

This isn't the shocking headline it sounds like. This is pretty standard practice for awhile now.

LilScooby77 · Jun 29, 2022

Uh fuck off epic.

Soap · Jun 29, 2022

Dis said:
Yeah I have a feeling that this would break some laws depending on where the user is. I'm pretty sure a company just being given personal banking info without direct consent or permission would be a big issue here. Purely speculating as I've never had or heard of it happening but considering these days we have to open our banking apps and verify its use on the app to simply pay for stuff on websites here now, I have to assume it wouldn't be something that would be allowed.

Pretty fucked up, especially as I've had cards expire and not updated them purely because of fuckery with details being stolen and not trusting the company with them again.

Doubt it does. This happened to me in the U.K. while we were still in the EU.

ZeroX · Jun 29, 2022

Vilam said:
That's not some nefarious Epic thing - it's a totally normal occurrence with credit cards. Epic didn't initiate this process or contact this person's bank and ask for it either; it's all automated.

Pretty much was just going to say this.

The person in question should talk to their bank, not Epic.

Alvis · Jun 29, 2022

Soap said:
Doubt it does. This happened to me in the U.K. while we were still in the EU.

This sounds super weird to me. No company has ever done this to me in Spain. Not even Amazon, I once had a preorder fail because I forgot to update my card after it expired, and it expired before the game in question launched. I had to manually add it, then change the payment method in the failed order so they try again. Manually. By my own volition. Like it should be.

Soap · Jun 29, 2022

Alvis said:
This sounds super weird to me. No company has ever done this to me in Spain. Not even Amazon, I once had an order fail because I forgot to update my card after it expired. I had to manually add it, then change the payment method in the failed order so they try again. Manually. By my own volition. Like it should be.

I believe when I looked it up it was about recurring subscriptions. So if you were subbed to prime, for example, they can charge the new card. If, however, it is a separate purchase they cannot.

pswii60 · Jun 29, 2022

Vilam said:
That's not some nefarious Epic thing - it's a totally normal occurrence with credit cards. Epic didn't initiate this process or contact this person's bank and ask for it either; it's all automated.

This. Otherwise when your card expires and gets replaced you could end up with an awful lot of declined payments from subscription services and the likes.

NeoRaider · Jun 29, 2022

Actually the credit card company updated them. But of course Epic is the bad guy here as usual... lol.

Dis · Jun 29, 2022

Soap said:
Doubt it does. This happened to me in the U.K. while we were still in the EU.

I'm in the UK and have never heard or had it happen a single time. No company has ever been able to get updated details of my cards without me outright doing it myself. I've gotten emails asking me to do it but none have ever done so. It seems like something that they may do and get away with but isn't actually something they should at all be doing and if it was more widespread (again not a single person I've ever known has had it happen) then I'd imagine it would be something that would be looked into at the very least because people would be pretty pissed about it overall.

Windu · Jun 29, 2022

Sounds like this person should be blaming their bank and not Epic.

ghostcrew · Jun 29, 2022

This appears to be misplaced rage pointed at a storefront rather than the bank that supplies this service. Understandable if this is the first time they've ever noticed this phenomenon.

This is a typical credit card thing that can be opted out of by contacting your bank. Seeing as this is more of a general banking thing than anything related specifically to video games, this thread is now locked.

Here's Why Everyone Already Has Your New Credit Card Expiration Date

You just got a new credit card in the mail, in the nick of time before your old one expires. Does that mean you need to rush to update your bajillion

lifehacker.com

Epic Games obtains details of new credit card by contacting user's bank without their permission, also obtains and uses deadname

Saw the truth behind the copied door

User-requested account closure

Comics Council 2020

Saw the truth behind the copied door

Being sued right now, please help me find a lawyer

User-requested account closure

Half of F-Squared

Saw the truth behind the copied door

Saw the truth behind the copied door

The Shrouded Ghost