Online Puchase Security Glitch

I recently made two online purchases whilst protected by F-Secure Banking Security.

 

The first purchase was with a debit card and the transaction was referred to Verified by Visa and the second was with a credit card and was referred to the equivalent Natwest Mastercard verification site. In both instances a screen eventually appeared stating that the transaction was unsuccessful and had not been authorised, I should therefore try again later or call the merchant by telephone.

 

Notwithstanding these notifications, both transactions had actually been accepted and instantly processed with the money  taken from my bank account.

 

Does anyone know why this might have happened, whether F-Secure should indeed protect against this occurance and what settings I might amend to prevent it ever happening again? 

Comments

  • Simon
    Simon Posts: 2,667 Superuser
    I've never seen that notification. Do you know if it was generated by F-Secure? Perhaps next time you make an online purchase, would it be possible to replicate the notification, and post it here as a screenshot, without revealing any personal or sensetive data?
  • Simon
    Simon Posts: 2,667 Superuser
    Oh, and don't click any links within the notification, just in case it's some sort of malware.
  • Mariol
    Mariol Posts: 3 New Member

    I've had similar validation problems on other sites. As far as I can understand, they were dependent on the browser and the validation frame being inside another frame and control of events due to this. In my case, changing browser from Firefox to IE for the operation helped.

  • Pablo
    Pablo Posts: 8

    Thanks Simon. I will try to capture the screen next time, albeit I am now nervous about making any online purchases. The two transactions were reimbursed by the merchant without too much quibble, however I may not be so lucky next time. I have also requested my bank investigates, however they are not usually proactive.

    Also, I have on your advice already added extra Malware protection but intend to telephone all transactions to the merchant in future and avoid making on-line purchases. This is most regrettable but better safe than sorry.

  • Simon
    Simon Posts: 2,667 Superuser
    It's difficult to say what the screens were without seeing one, but I can understand your reluctance to try to replicate the issue. One thing I'm slightly confused about - did you not intend to make the online purchases, as your bank(s) have refunded you?

    Unless anyone else has any other ideas, I think perhaps the next thing I would suggest is to send in a support request to F-Secure, attaching an FSDIAG, and hopefully they may be able to see what went on.
  • Pablo
    Pablo Posts: 8

    Yes, I intended to make the purchases, however because I received a message on both occasions, which clearly stated the transaction had been refused and aborted, I then made either a second attempt using another card or telephoned the merchant to complete a telephone transaction. This meant that I had unknowingly duplicated the transaction because the first attempy had been successful, even though I had been advised to the contrary. Hence the reimbursements which were put through as credits by the merchants, independently of my bank.

     

    The reason for contacting the bank is because I am unsure whether it is their Verified by Visa system which is the cause of the problem or F-Secure or another component within the system.

     

    I have already sent F-Secure the diagnostic file - whilst they can identify the transactions they are unable to identify the cause of the problem. Their response has been to add both vendor sites to their white list of approved sites.

     

    However this is rather like bolting the stable door after the horse has bolted and adds no reassurance that the same problem will not re-occur when making a future purchase on another "Secure" site.

     

    Currently the situation is at stalemate - hence my reticence about giving it another shot at on-line purchases.

     

    Anyway, many thanks still for your guidance. 

  • Simon
    Simon Posts: 2,667 Superuser
    Unfortunately, without details of the notification, it's difficult to know how to proceed. Have you done full scans with FS and Malwarebytes?
  • NikK
    NikK Posts: 903 Forum Champion

    @Pablo wrote:

    I have already sent F-Secure the diagnostic file - whilst they can identify the transactions they are unable to identify the cause of the problem. Their response has been to add both vendor sites to their white list of approved sites.


     

    Did they mean to whitelist so it affects all F-Secure customers, or that you should add these sites as allowed ones?

    The only strange thing regardless of what the answer is to that, is that I think these sites should already be whitelisted. I mean NatWest is a large bank. BTW, they have an Internet Guarantee for NatWest Secure.

     

    Without a screenshot of the messages you received it's hard to say if it was caused by Banking Protection perhaps blocking the connections to some web site needed to verify the transactions as successful.

    Also it could be a browser related problem as Mariol suggested.

     

    Even though I can't see anything suspicious about this, you could give these multi-engine scanners a try to feel safer:

    • http://www.herdprotect.com  Scans with 68 Anti-Malware Engines (only scans, doesn't remove found threats)
      Note that scanning with 68 engines increases the risk of false-positives although herdProtect claims it can rule them out. So low detection rates like 1/68 or 2/68 are most likely false positives.
    • http://www.surfright.nl/en/hitmanpro  Behavioural scan + scans unknown files with 5 different Anti-Virus programs
      If malware is found you'll receive a free 30-day license to unlock the remove threat functionality

    Both these scanners only take a few minutes as they only scan running processes and programs that has autostart abilities. Of the two I recommend Hitman Pro the most. It has a lower risk of false positives and can remove threats if any are found.

  • Pablo
    Pablo Posts: 8

    Yes, both have been used to make full scans and nothing has shown up.

  • Pablo
    Pablo Posts: 8

    Thanks for the info

  • Pablo
    Pablo Posts: 8

    FS stated they would add the two sites to their generic whits list. for all customers and also advised me to clear the two sites from my onboard internet cache.

    However, as you rightly sate - Natwest and Barclays are major players so the source of the problem must lie elsewhere.

    I will try the HitmanPro as recommended.

    Thanks

  • max232
    max232 Posts: 1

    I have experienced similar problems, in my case after hitting the submit button to complete the verified by visa checkout.

     

    In my case the banking protection complains about a link to facebook, blocks it which then stalls the completion of verified by visa screen.

     

    On two occasions the transaction has gone through with no confirmation. On another occasion it did not.

     

    A strange thing is if I turn off the browser banking protection the transaction goes straight through without any mention of facebook.

     

    It appears the either the banking site I am using or verified by visa are allowing some form of facebook interaction while processing these transactions.

This discussion has been closed.
Pricing & Product Info