Why I won't buy with Google Checkout
Disclaimer: The below post is my personal experience/opinion and not the official position of Hostasaurus, Inc. My personal opinion of Google Checkout will not influence the Hostasaurus, Inc support policy of assisting hosting customers with implementing this module in their MIVA Merchant store should they want to offer this gateway. etc etc :-)
I set up a Google account a few months ago to do some Gmail testing. The Gmail email address is fairly unique, not something that a spammer would randomly guess, and the password was a secure mix of letters and numbers, also not something that would be randomly guessed. I've used this email address in no public forums, it's only been BCC'd on some test messages I sent from another email account.
Two weeks ago I logged into the Gmail account to check on a test message and had an email from Google that my Google Checkout account had been suspended due to my opening accounts under multiple email addresses. Since I've never used my Google Checkout account, I was very surprised to see that someone else's name and address, and credit card number, were now associated with my Google account. No orders were listed in my order history, thankfully.
I contacted Google and asked them about the account suspension, and asked how someone else was able to get their info on my account, via their Google Checkout Fraud report. I got a form response back asking for the information I'd already sent via their form, which I sent a second time.
Their reply:
That's great they determined that the same thing I did when I sent the original request! I replied that I didn't want to change my account, and I'd like my account re-instated. I also asked again how someone was able to get their information on my account without my password.
I got another form response:
I replied again, and asked them to please educate me on how a third-party was able to get their information on my account without my account password. Google's response was a three page form email on the definition of identity theft, and how to protect myself from it, which includes gems like not sending credit cards via email, opening unknown file attachments, and keeping my computer software up to date.
I gave up at that point. My opinion at this stage is that A: Google has no idea how someone else got their info on my account and B: doesn't care to spend any more time on what is obviously a security issue with their system. If I had a valid credit card on my account, would this person have been able to place orders with it to another address? If they had placed orders via my account, it would have been with my email address and personal info tied to the original Google account.
I'm posting this here as a caution to Google Checkout users, since online merchants end up taking the hit for fraud. If Google's response had shown any interest into investigating the fraud, I'd feel differently about their service, but, as someone who works with online merchants daily, sending me a form letter on online identity theft is NOT an acceptable response for a fraud inquiry by someone aspiring to be a legitimate online payment processor.
Jen
I set up a Google account a few months ago to do some Gmail testing. The Gmail email address is fairly unique, not something that a spammer would randomly guess, and the password was a secure mix of letters and numbers, also not something that would be randomly guessed. I've used this email address in no public forums, it's only been BCC'd on some test messages I sent from another email account.
Two weeks ago I logged into the Gmail account to check on a test message and had an email from Google that my Google Checkout account had been suspended due to my opening accounts under multiple email addresses. Since I've never used my Google Checkout account, I was very surprised to see that someone else's name and address, and credit card number, were now associated with my Google account. No orders were listed in my order history, thankfully.
I contacted Google and asked them about the account suspension, and asked how someone else was able to get their info on my account, via their Google Checkout Fraud report. I got a form response back asking for the information I'd already sent via their form, which I sent a second time.
Their reply:
After a review of your account, we determined that a Google Checkout account was created using your email address [email protected]. For your protection, we immediately suspended the account to prevent any unauthorized access. You will not be held responsible for any charges you did not initiate. We recommend that you create a new account and password using an alternative email address. To create a new account, visit https://www.google.com/accounts.
I got another form response:
Thank you for your email. I understand that you do not wish to change your email address for your Google Checkout account.
Unfortunately, we will not be able to grant you access to a Google Checkout account using your email address [email protected]. If you would like to make purchases with Google Checkout in the future, you will need to create an account using a new email address. I sincerely apologize for this inconvenience.
Unfortunately, we will not be able to grant you access to a Google Checkout account using your email address [email protected]. If you would like to make purchases with Google Checkout in the future, you will need to create an account using a new email address. I sincerely apologize for this inconvenience.
I gave up at that point. My opinion at this stage is that A: Google has no idea how someone else got their info on my account and B: doesn't care to spend any more time on what is obviously a security issue with their system. If I had a valid credit card on my account, would this person have been able to place orders with it to another address? If they had placed orders via my account, it would have been with my email address and personal info tied to the original Google account.
I'm posting this here as a caution to Google Checkout users, since online merchants end up taking the hit for fraud. If Google's response had shown any interest into investigating the fraud, I'd feel differently about their service, but, as someone who works with online merchants daily, sending me a form letter on online identity theft is NOT an acceptable response for a fraud inquiry by someone aspiring to be a legitimate online payment processor.
Jen
Comment