Summary version: I bought the Mac version of Minecraft via credit card. This led to my card being put on a fraud hold, and the company that handled the charge asking me to provide personal and private information via email. Ergo, my recommendation: do not use a credit card to purchase Minecraft.
Updated on Sept 5: Skip to the end to see Skrill’s response to my refusal to provide identity theft documents.
Detailed version: Recently, my daughter started playing Minecraft with a friend of hers. At first, the iOS version was all she wanted to use, and she played that for quite a while. But then her friend upgraded to the desktop version, and after some discussion with her and figuring out how she could help pay for it, we agreed to buy the Mac version.
So I went to the Minecraft site, and followed the steps to pay by credit card. When you do so, your payment is handled by a company named Skrill (previously Moneybookers). Googling on either of these will provide some interesting tidbits, such as default opting-in customers to casino partners and their blocking the WikiLeaks donation site. I only wish I had Googled before I purchased. In my defense, it’s only noted in a small line at the bottom of the payment screen:
If I had gone my homework ahead of time, I would’ve switched to PayPal, but I didn’t.
I paid for Minecraft on a Sunday afternoon; that evening, for the first time ever (and we’ve had the card for over 10 years), our credit card was declined. I was at the grocery store, and had to pull out our emergency card, just to get the groceries home (I no longer carry a checkbook). After I got home, I called the credit card company, and was informed that the charge was denied due to “fraud protection.” The phone rep then went through the day’s charges, making sure all were valid (they were).
It didn’t dawn on me until today, after I did my Googling, that it was probably the Moneybookers transaction that triggered the fraud flag. (In the past, we’ve traveled extensively with the card, often in multiple states in one day, sometimes in multiple countries in one day, and never had it rejected.) But the fraud hold isn’t the worst part of the experience. The email I just got from Skrill/Moneybookers is; here’s what they sent:
Dear Rob Griffiths,
After a security check we need you to verify your recent payment by providing the following:
– A full colour copy of a valid, official identification document; such as your international passport (double page), national identity card or drivers licence (front and back). This is required in order for us to verify your identity.
– A copy of a paper utility bill (Gas Bill/Electricity Bill) or bank statement issued in the last three months clearly displaying your name and address. This is required in order for us to verify your address.
The required documents/information should be sent via email to firstname.lastname@example.org.
Please accept our apologies for any possible inconvenience, however Skrill (Moneybookers) must adhere to strict security standards which are there to protect your payment privacy. Please be aware that you will not be able to process further payments via Skrill (Moneybookers) until you comply with this request.
We thank you in advance for your cooperation in this matter.
Skrill (Moneybookers) Security
I provided all the required information online at time of purchase (name, billing address, CCV, etc.), so this request is really strange.
At first, I thought it was phishing spam, but all the links in the body (and in the footer, not shown here) went to the Skrill site, as did the Reply-To address. So it’s clearly a legitimate email…but the items they request are not something I’d just hand out to verify a $27 purchase! Basically, they’re asking me to email (email!) a scan of some of the most sensitive documents I have, including one that reveals my social security number. Sorry, but that’s not going to happen. In addition, I don’t believe the credit card laws allow them to ask for these documents, even if I were to (ha!) provide them.
I’ve replied with incredulity at their brazen request, and it will be interesting to see what happens next—what are they going to do, undo the charge on my card? That’d actually be fine by me, even if it means buying Minecraft again. Lesson learned, if given the chance to do it again, I’ll definitely be using PayPal and not Skrill/Moneybookers. Sheez.
Sept 5 Update:
I received the following response from Skrill:
Dear Mr. Griffiths,
Thank you for your email.
In order to fully verify your recent payment to Mojang (Minecraft) we would need the requested copies. Until provided your account with us would remain locked for further payments. We also would like to inform you that payment in question has been fully refunded.
Please do not hesitate to contact us again if you have any further questions.
Skrill (Moneybookers) Security
Obviously, I have no intention of providing copies, so it looks like I’ll get the chance to buy Minecraft again, but this time, I’ll use PayPal.
Skrill had a chance here to do things properly, and they really blew it. As @UnOrigMoniker pointed out, I could black out the truly confidential bits, and send the forms with just what they need to see. And if Skrill had provided clear directions along those lines, I probably would have cooperated—I have no problem proving my identity, but I have big problems sending unedited documents that would make identity theft a piece of cake. But in two communications with Skrill, they never mentioned sending them just the bits they needed to see; they blankly requested the documents in their entirety.
Oh well, it all worked out in the end: It looks like I’ll be paying again, but using a method that doesn’t involve Skrill in any way.