I thought that securesuite.co.uk was a phishing attempt, but it seems be a legitimate outsourced provider of the so-called “3D secure protocols” known as Verified by Visa and MasterCard Securecode for card issuers. So far I have identified AIB (IE), and Royal Bank of Scotland (UK), and MBNA (IE) as users.
However I must be frank and say securesuite.co.uk has all the hallmarks of a phishing scam, I’ll make the phishing keywords bold in case you wish to skim over this section. Lets say you are presented with the screen, you are asked for your password when first presented with the popup which is a window with no address bar, not knowing your password - because this is your first time using the added layer of security - you’ll click forgot password, or register, you are then asked for your credit limit, CV2. To be sure you view the page info of the popup and see its securesite.co.uk, and not mybank.com, not even mycreditcardbrand.com, so you visit http://www.securesuite.co.uk, but there is no response, and at https://www.securesuite.co.uk there is a blank page. You perform a WHOIS query and see
Checking server [whois.nic.uk]
Domain name:
securesuite.co.ukRegistrant:
cyotaRegistrant type:
UnknownRegistrant’s address:
8 west 38th street
new york
ny
10018
USRegistrar:
Register.com Inc [Tag = REGISTER-DOT-COM]
URL: http://www.register.comRelevant dates:
Registered on: 09-Jun-2002
Renewal date: 09-Jun-2008
Last updated: 09-Apr-2006Registration status:
Registered until renewal date.Name servers:
ns0.eu.dedicatedserver.com
ns1.eu.dedicatedserver.com
Who are “cyota”? this looks like a scam. You call your bank but the functionaries on the line have never heard of securesite.co.uk, they know about Verified by Visa, and MasterCard securecode, but don’t know how they work. So you visit mybank.com, or in my case aib.ie, but of course their site is down again displaying an error message, you visit mastercard.com or visa.com, but naturally they can’t have something as simple as a list of authorised providers of the system.
Well I took the risk, in the interests of journalism, and buying a new harddrive from komplett.ie!
and I can confirm that securesuite.co.uk is legitimate. But hey thats just what I say , ultimately is is up to each person whether or not they trust the system, would you?
Banks should really learn to put everything on their own single domain, eg bankofexample.com. Yet I see that Bank of Ireland still use boimail.com for their email, and bankofireland.ie for their website.
*securesuite.co.uk is not to be confused with securesite.co.uk which is a shared SSL site operated by a company called Redstation, and looks quite nice, indeed in the Ambrand Dot Com office we enjoy listening to the most excellent and truly fresh beats user that one user has uploaded to his space on securesite.co.uk.
Thanks for the article. I also agree that this site appears to be a classic ‘phishing’ site. Even after reading your article, I’m not sure that I want to proceed with this. It asks just too many detailed/personal questions, and the only reference to my bank is the name shoved into the top left corner.. not even the corporate logo… I’ll try and find out more info first.
hi
the site popped up for me after using the card and i started to fill details before realising this seemed a little strange, emailed c/c company to see if they know who they are
Hi Joe,
Did you ever get a reply from you C/C company?
Are they legit or scammers/phishers?
Yes that’s just great isn’t it! Just when the problem of phishing is starting to enter the public consciousness, and people are finally starting to understand that they need to look very carefully and be suspicious before entering their credit card number …and along comes this hairbrained scheme to entirely undermine the point.
I just got to the securesuite website and it looked suspicious so I clicked ‘No thanks’.
It redirected me back to my purchase which seemed to have been completed successfully… I’ll get back to you
It seems to have moved on. I tried to make a purchase on-line today. I was confronted with this pop-up. In the past I have done the No Thanks bit, but this time the choice was Accept or, Accept. I called my bank. With the staggering arrogance that banks adopt it seems that a MERCHANT can opt to INSIST that you sign up and provide a password. That then commits you to using the scheme at other shopping sites on the internet. Once you have signed up you HAVE to remember that password.
[this line of comment removed by editor]
It’s ridiculous. I should provide all my card details to an unknown website? The banks have really mucked this one up. Imagine the phone call to the bank if you get ripped off:
“Well, I was buying something on the internet, and then this little box popped up, from someone I don’t know, asking for all my details. So I put them in.”
Right…
[this line of comment removed by editor]
I got one after booking the eurostar, with no option to return to the eurostar page for confimation, seemed REALLY dodgy to me. they tell me endless notices about how to look out for phishing on my online banking and then flash this up at me and expect me to send off all my details, what are they thinking, it looks identical to the things they are trying to protect me from!
securesuite.co.uk rang all my phishing alarm bells when I encountered it trying to book a Brussels Airlines ticket today. I investigated, because I really wanted the ticket, and after finding this very page, decided it was probably genuine but didn’t want to risk it. (Amazingly the airline has a phone number where I got the ticket at the same price!) An hour later I needed an advance train ticket. First Great Western also use securesuite.co.uk - I also really needed that ticket so bit the bullet and gave my damn date of birth to the annoying “3D Secure” window.
The whois info is now weirder and more suspicious than that quoted above. Look at the “Registrant’s address” field. It’s a suburb of Tel Aviv, Israel! And what on earth is the “ny” doing there?
Upon further investigation, Cyota appears to be an Israeli security firm, headed by one Amir Orad, and bought by RSA Security in 2005.
http://findarticles.com/p/articles/mi_m0EIN/is_2003_April_8/ai_99748350
http://www.rsa.com/press_release.aspx?id=6316
http://www.crime-research.org/news/12.05.2005/1228/
http://www.highbeam.com/doc/1G1-158592380.html
Here’s the whois info:
Domain name:
securesuite.co.uk
Registrant:
cyota
Registrant type:
Unknown
Registrant’s address:
7 Shenkar Street
Herzelia
ny
46733
IL
Registrar:
Register.com Inc [Tag = REGISTER-DOT-COM]
URL: http://www.register.com
Relevant dates:
Registered on: 09-Jun-2002
Renewal date: 09-Jun-2008
Last updated: 09-Apr-2006
Registration status:
Registered until renewal date.
Name servers:
ns0.eu.dedicatedserver.com
ns1.eu.dedicatedserver.com
WHOIS lookup made at 20:00:30 28-Dec-2007
Thanks for the information. I just ran into this site for the first time when buying something from a site that I’ve used before but is known for having very low prices (to the extent that a lot of people ask whether or not they’re legit), and it definitely had me suspicious.
It’s ridiculous that they tell us to look out for off-site addresses and ignore the logos, and by those criteria this site looks like a textbook phishing scam. It doesn’t even look professional; just a web form asking for your card details with your bank logo stuck on there and an unknown URL. If the banks are trying to prevent fraud they’ve really dropped the ball there.
I use Abbey, incidentally.
I just come across this on ebuyer…
This annoying thing came up insisting I enter card details. Obviously IT IS A SCAM, as it asks for details to continue when the transaction is already complete (I later checked my account to confirm this) , why else would it do that?
I just closed the window and got rid of it.
Just used Komplett and got the securesuite.co.uk redirect
I just click Activate Later and was back in Komplett and amount was paided so where was no need to enter any details
I agree it has phishing all over it even if vaild
Just encountered this playing online poker - my bank is Alliance & Leicester, although from what I read above it’s the merchant rather than the bank? I had a similar reaction - although no “forgot password” bit, it asked me for a password from the get-go. I was a little drunk so, while thinking it all looked a little fishy, I went ahead with it. Of course, since I got it popping up from within an application it seemed less suspicious.
I just tried to pay a Thameswater bill with a natwest card and got the same thing. I can’t see how all these different banks would use something so dodgy - probably a scam.
Just got the same booking a flight through Airasia.com with my Nationwide card. Although it looked pretty dodgy I went ahead, mainly due to the links posted here pointing to the legitamacy of this RSA Security/Cyota company, also the amount of detail (terms and conditions and privicy policy popups), and the site was presented in the same window so I could see the address and the padlock indicating some pretty heavy incription. Also the flight was CHEEEEEEAP and there was no ‘opt out’ button (a little annoyed at this).
Got an email from securesuite’s domain pretty much immediately after with a nice little welcome message and a few links to their own website and also Nationwide’s
http://www.nationwide.co.uk/vbv/default.htm - nationwide’s website also links back to securesuite when hovering over the register button so I doubt very much that this is a scam.
I do agree that forcing people to use it or suffer not being able to buy cheap stuff is a shitty way of going about it though. Add that to the cloud of phish that lingers over it and you’ve got to wonder what the so-called information fraud protection professionals are going to come up with next.
http://www.rsa.com/node.aspx?id=3017 Their top priority goal of ensuring companies can “Inspire user confidence” seems to have failed here.
All,
Interesting to note all the comments above, that clearly show some concerns among users who want to pay online, and unfortuntaly to realise at the same time that whilst the first comment is almost a year old, the issue of miscommunication has not been addressed in the meantime…
Securesuite is indeed a product from Cyota, which was bought 3 years ago by RSA Security (now part of EMC). It is actually an authentication service compliant with the 3D-Secure specification, and offering both the VbV (Verified by Visa) and SecureCode (MasterCard) implementations of this specification.
To be more explicit, 3D-Secure is an additional authentication layer introduced by card issuers, allowing the merchants to ask for an additional authn token to the card issuer before accepting a payment online.
3DS is made of an authentication protocol (that is then to be supported by the card authorisation networks) and offers an architecture for authn mechanisms, which are decoupled from the transport protocol itself. Authn implementations can range from passwords (most commonly deployed right now) to one-time passcodes or CAP tokens (those authn applications being present on most of the debit/credit cards those days).
So, Securesuite is a (commercially viable) service/product used by many card issuers (i.e. banks) which decided to outsource their 3D-Secure authentication. It is not a scam attempt at all.
Hope this helps in some way - my 2 cents only here…
I came across this when processing payment for a council tax bill, which i access via my councils website. This is the first time it has popped up in the payment process so i didnt enter my details. I am also with Abbey.
Even if it is legitimate, it looks like phishing & I really dislike this.
Rather belatedly decided to Google securesuite after hours on the phone to the Indian subcontinent. Found all your comments most instructive. I had second thoughts after giving my card details to securesuite in a final bid to try and get my train ticket purchase with First Great Western to go through. So the people in India checked out Securesuite, assured me that it was undoubtedly a scam and promptly cancelled my connect card! Seems the right hand doesn’t know… Anyway, I take a pretty dim view of a company that stops you making your transaction unless you fill in some uncheckable form. The scary thing is that while Great Western was sulking about the Connect card, I bashed in my French credit card details which were immediately accepted … only to discover that the site then accepted the Connect card as well. Presumably this means that I paid twice! So much for First Great Western …Vive la SNCF!
Just spent about 40mins booking a load of train tickets for my company to get to this verified by visa shite, and then an error, and of course lost all my booking data so I get to start again.
Is there anyway to opt out of this ?
Ihave just had the Secure Suite authentication thingy pop up. What I would like to know is can I de-register or is it too late now?
Here in the USA, I got the popup, did enough to get the purchase, and then got an email from the same securesuite location. But when I forwarded that to Chase bank, they said it’s a phishing trick.
BUT, when I go on VISA.COM and search for “Verified by Visa” I get a legitimate link and an invite to enroll. WTF?
I got the popup and spoke to two people at my bank - one said it was a scam the other said it was legitimate and there was a phone number to contact securesuite on 0870 010 4542 (in the UK). Just sounds too dodgy to me!
Hi, i ran into this secure suite thing a minute ago whilst making an online order and stupidly entered my details into it, before realising that it looked very strange and not legitimate. What can i do to protect myself if this is a phishing scam as im now quite worried and dont want my account emptied?
Verified by Visa and securesuite are not the same thing. Verified by Visa is genuine, I am able to link to it from my banks own website.
I have just had a search and found this
http://www.nationwide.co.uk/vbv/Shopping_with_Verified_by_Visa.htm
A link from Nationwide’s website, click ‘view our demo’ and it leads directly to securesuite.co.uk
Whilst shopping though, I did choose not to fill this in, and found this through a search as I thought it did look very much like a phishing scam. I think it would be better if it was advertised, in a similar way to how they brought ‘chip and pin’ in a few years back, so everybody has the awareness of it.
Whatever you do don’t take my word for it! Whereas I can assure you what I’ve said is true, many people can be conned by someone also claiming to be true. Check out the links in this thread and do your own research, that is how we can collectively beat phishing.
Hi
I just found this Securesuite as I got an email from the Halifax about my account and don’t have one. Followed the link as it looks authentic - very dodgy - shall email the Halifax
Cx
Banks that decide to offer cardholders registration during shopping - which to some of us may look like phishing, as personal data is requested - have to communicate to their cardholders multiple times about the program under rules by Visa and MasterCard.
But people being people - and if your are anything like me - it is likely that the nice flyer the bank produced and put into your card statement went unread into the bin.
So if you are not sure, consider opting-out on the first occasion you see this and then ask your bank about the 3-D Secure scheme.
But remember, the person you might be talking to might not have had the training yet and does not know about the program
A couple of further things - pop-up windows are disallowed by the schemes now, so the window is likely to be in the merchants webpage and the merchants are encouraged to put additional messaging in the check-out process to inform the cardholder that an authentication or registration might be required.
At the end of the day, the 3-D Secure scheme is also protecting your interests, as it protects your card being used fraudulently and helps you avoid to go through a tedious chargeback process after fraud has been committed on your card. Who ever had to go through this knows what I mean.
If in doubt about registration, you can always use the Visa site directly to register your card prior to a purchase:
https://verified.visa.com/aam/src/app/ve.aam?partner=vdc&resize=no
Please note that this will redirect you to the registration site that your bank uses, so this might be again a .arcot.com or .securesuite.co.uk site.
Similar capabilities exist on the MasterCard site:
http://www.mastercard.com/us/personal/en/cardholderservices/securecode/index.html
Links:
http://www.visaeurope.com/pressandmedia/factsheets/verifiedbyvisa.jsp
http://usa.visa.com/personal/security/visa_security_program/vbv/verified_by_visa_faq.html
I just had this pop up with www.gamestation.co.uk. Ive been using gamestation for ages since its an online branch of a brick and morter store it seemed more trustworth but then this thing popped up and as like everyone else my scam alarm went into overdrive. I cant find much information about them.
When the box first popped up I checked them out and found nothing but luckely there was an option to keep going without signing up so I choose then then I got a basic white page (with securesuite.co.uk in the address bar) with basic black text saying there was a problem with your transation please try again, or words to those effect. I went back to the gamestation website and tried again with a vain hope it wouldent pop up, it did but this time there was two options with one for accepting it and one for disregarding just one big option saying sign up to continue with transaction.
My bank (Bank of Scotland) dosent mention this anywhere and Securesuite.co.uk is blank to this is deeply suspicous. I checked my recent orders list to see if like some other commenters the transation went through but it hadent.
Just as a slight additional, Gamestation has always been trust worthy before but now there Checkout procedure is split between multiple address (though it has the same design/layout). You start at gamestation.co.uk then go some website called https://orderpage.ic3.com.
This is frighting, right now buying from an Ebay seller with no prior reviews seems safer.
On the recomendation of another commenter I looked on the official Visa website and it tells me about there Verified with Visa program (conveniently linked I might add) and it gave me a list of countries and then a list of banks they are linked with appeared; My bank appeared to I clicked the link and it gave me a webpage on my official banks website (though I couldent find this earlier when I searched, not after hours of clicking and searching through there garbage site) and it gave me a link to enrol a visa card. Up popped a securesuite.co.uk webpage for me to use. Im slightly more sure its trust worthy but my god have all banks gone mad? Im sending a complain in tommorow morning.
Came upon this service while shopping on newegg.com as well. Didn’t realize how suspicious it was at the time but after getting the confirmation email for my subscription for the “verified by visa” service sent to my Spam box, I checked it out.
https://www.securesuite.net/chase/docs/faq.jsp
It looks REALLY suspicous.
I’ve done a lot of research and none of it’s been very conclusive except for this thread and even now I’m not completely convinced - but it does seem to be legit, so you can add CHASE bank to that list banks using the securesuite service.
The REGISTER button on this official Chase page
http://www.chase.com/ccp/index.jsp?pg_name=ccpmapp/cms/explore/page/verified_by_visa#weblinks
links to the obscure securesuite.net page. I can’t believe they outsourced something as sensitive as this to some no-name service who obviously aren’t trying very hard to gain consumer trust.
PS - It seems the securesuite.net site is certified by VeriSign as well. The certificate also points to Cyota.