Tag Archives: opt-out

Seeing red over autorenewals

This is going to be a very angry post, so be warned.

Some time ago I posted about being caught out by an autorenewal from a pet supply site [online]. Well, it seems that the latest money making scam is to make a lot of online purchases ‘subscriptions’. Then, those subscriptions are set to autorenew…BY DEFAULT. You are forced to opt-in whether you want to or not, and the information is often hidden way down in the fine-fine-fine print.

The reason I’m frothing at the mouth today is because I’ve been stung, again.

Until November, 2021, I was using BitDefender Antivirus. I thought I’d bought a standalone product the same as I’d done for many years. I thought I’d paid for a one year licence, and that if I wanted updates after that, I would have to buy the product again after it expired.

Nope. Apparently BitDefender is now a subscription ‘service’ that’s set to renew automatically. To renew manually, you have to consciously opt-out.

Despite being a literate computer/internet user, I had no idea I’d ‘agreed’ to an autorenewal, and I had absolute not idea the product I’d bought was being administered by a company called 2Checkout. In fact, I switched to Kaspersky Anti Virus about a month before the BitDefender licence was due to expire… -hollow laughter-

When I demanded a refund I was offered sweeteners I did not want. I’m still waiting for a full refund.

Then today I thought I’d do a post on how renewals should be done. I thought I’d take some screenshots of how Kaspersky does it. Imagine my horror when I discovered that Kaspersky is now doing exactly the same thing. But at least it’s being more upfront about it….

The link circled in red above says ‘Subscription 321 days remaining’. Clicking on the link took me to:

Ah hah! Manage subscription. Just what I wanted…

Or not. Hmm… what the heck does ‘Initialize your credentials’ mean?

I tried using the id and password I had for kaspersky.com but it didn’t work. What followed was a LOT of frustration as I tried to work out how to cancel my autorenewal. In the end I found this:

When I clicked on the blue ‘How to disable license auto-renewal for Kaspersky solutions for home’ I was taken to this screen:

What the? Where did I buy it? Why, I bought it from Kaspersky…didn’t I?

The following is a close-up:

Dear god…had I kept the confirmation email??? Panic!

I did find the confirmation email, and this is what the ‘bottom’ looks like:

To get to the bottom, I had to scroll quite a long way down, way past the point you see when you open an email normally. Apparently, a company called Nexway handled my purchase. News to me:

Excuse me? Method of payment??? What the bloody fuck? How can buying something online with a credit card constitute an acceptance of autorenewal????? But, of course, it’s all there in black and white at the bottom of a very long email where NO ONE ever looks….

By this stage I have to tell you that I was getting very anxious, but at least there was a ‘hassle free cancellation’ link to use…

<<cue screaming and rending of hair>>

The ‘hassle free’ link took me to a page that seemed to require a login…but the only login I had did not work. That left me searching for technical support from Kaspersky… This is what I wrote in the online contact form that took forever to find:

I still have almost a year to go before my Kaspersky Anti Virus autorenews, and I may choose to stay with Kaspersky, but I will not be forced into doing so.

More importantly, I will not allow my credit card details to remain with a company I know nothing about [Nexway]. Those credit card details are an open door to my bank account, and I have no idea whether Nexway will be the next global company to be hacked. Fear of hacking is one reason I’m so very careful with direct debits.

Oh? You didn’t realise that autorenewals were direct debits? They are, but direct debits require a formal acceptance. Funny how a name can change things…

And just for the record, I am very familiar with the subscription model and the concept of autorenewal:

  • I have a domain name with Godaddy, and I choose to autorenew every year. Despite that, Godaddy sends me an email notification well ahead of time. It does not send the notification and take my money on the same day, the way the company out-sourced by BitDefender did. Yup, 2Checkout, another company I know nothing about has my credit card details.
  • Elder Scrolls Online has a subscription option that I use once or twice a year. It autorenews as well, but cancelling the subscription is so easy you could do it in your sleep:

After clicking ‘Manage Membership’ I get:

And that’s it. Easy. Maybe it has to be easy because by and large, gamers are very computer savvy. If Elder Scrolls Online tried to make it hard for gamers to cancel their subscriptions, they’d lose gamers by the thousands. Plus gamers are a very vocal lot.

Getting back to anti virus autorenewals, I have no idea yet how Kaspersky handles notifications when a subscription is getting close to autorenewal. I hope they do it better than BitDefender, but given how much time I’ve already wasted trying to opt-OUT of this bloody autorenewal, I’m not feeling very sanguine.

Autorenewals can be very convenient. They can also be a very expensive trap. As for this new thing of making customers accept autorenewal by default – without any formal acceptance! – and then forcing them to jump through hoops to opt-out, that is just a fraud.

Let me repeat that. Autorenewal by default, often without the customer being aware of it should not be legal. Why companies are allowed to get away with it I do not know.

Why is no one complaining?

Why are consumer rights groups not jumping up and down like me?

We have always lived in a buyer beware world, but when the corporates keep changing the goal posts to hoodwink us out of our money, that skirts right on the edge of the criminal. If you have subscriptions, check them now, otherwise you could find yourself out of pocket.

Whatever you do, do not chalk any losses up to experience. We are Davids in a world full of Goliaths. Get angry. Fight back, if not for yourself, then do it for all those people who are more vulnerable than you…the elderly, young kids, teens who never read the small print…

The abuse we ignore is the abuse we condone.

Meeks


RFID technology – aka Tap and Go, Paypass etc – and preventable fraud

RFID technology allows a chip on your credit/debit card to wirelessly communicate with a payment device at the supermarket, petrol station, McDonalds etc, and make a payment without you having to enter a PIN.

The point of this technology is supposed to be two-fold: on the one hand it’s supposed to fix security problems with cards that rely on a signature – because too many retailers don’t actually check the signature. RFID is also meant to make paying for smallish items more convenient for consumers – just wave the card in the air and hey presto, all done.

cat burglar picBy smallish transactions, we’re talking about items up to $100. The idea here is that if your RFID card is stolen, there will be a limit on how much the thief can get away with. Unfortunately, there is no limit on how many times you [or the thief] can use the RFID card in a day.

So what are the ramifications? Well, let’s say your card is stolen in the morning and it has $500 on it. You realise it is stolen at lunch time when you try to pay for your sandwich. You ring the bank, but between breakfast and lunch, the thief has used your stolen card 5 times for a total of… you guessed it, $500.00.

Now the banks say they have algorithms in place to alert them to unusual transactions, and maybe they do, but it will still be up to you to go through the hassle of proving that you did not make any of those transactions. In the meantime, you’ve lost $500. If that was all you had for food etc for that week then you’re in trouble because your money will not be refunded straight away..

Now to be honest, you will have the same hassles any time your card is stolen, that’s just how modern life goes. But what if you don’t know your card has been stolen, because it’s still sitting right there in your wallet?

This is where things get sticky. The credit card companies say it’s not possible to steal your card information without stealing the actual card. The banks, [who have no say in what tech. goes on credit/debit cards] say the same thing, and people like me who don’t believe the assurances are labeled as wackos, dinosaurs or conspiracy theorists.

But seeing is believing. In this first video you will see  how easy, and cheap, it is to steal card and account information. The truly scary part, however, is how easy it is to then clone that information.

The next video shows one of the presenters of the well-known Mythbusters TV show talking about how a proposed segment on RFID technology was gagged by the legal representatives of all the major players – i.e. Mastercard, Visa, etc.

If these two videos have made you concerned, you can find lots more information out on the net, some for, some against the technology, but one thing is consistent throughout – you can’t opt out of it.

I suspect the manufacturers did not put an opt out function on the RFID card technology because:

1) it would cost more to produce, or

2) they were worried too many people would opt out.

Either way, the banks have no say in the matter. If they want to offer their customers credit card facilities, they have to take what the credit card companies give them, and that is RFID technology..

This means no amount of complaints to the banks will do a speck of good. I know because I spent almost two, very frustrating hours on the phone to the Bendigo Bank yesterday. I was trying to work out what was going on, and why I couldn’t just say no. Then I tried to complain. Then I realised that even the Bendigo Bank didn’t give a shit because there was nothing they could do about it. I was told to get an ordinary cashcard if I was so worried.

Apparently these cashcards are debits cards issued by the banks themselves. They can be used at supermarkets, ATMs and all EFTPOS terminals, but they CANNOT be used for, say, online transactions. So if you buy stuff on Ebay you can’t use your cashcard. The same thing applies to PayPal. 😦

By this point I was grinding my teeth and yelling at the customer service representative. Think small, grey-haired terrier biting at the ankles of a giant. Yup.

But I would not be writing this post if I did not have a solution, of sorts.

Solution 1

Get a cashcard for all normal, local transactions and keep it in your wallet. Take all the money out of the RFID card and keep the card in a safe place at home. When you need to use it for an online transaction, transfer some money into the card via internet banking.

Doable? Yes. Convenient? Hah

Solution 2

Use your MyKi card to disrupt the RFID card. I found this info. on the internet and haven’t had a chance to try it out yet, but apparently whatever is on the MyKi card messes with the RFID on the credit/debit cards. I’ve also read that you can buy a wallet that stops the wireless transmission. Or you can wrap your card in tin foil. Oh wait, maybe it’s your head that’s meant to be wrapped in tin foil.

-cough-

If the MyKi solution works, you won’t have to worry about being scanned, and scammed, while you travel to work on a crowded train/tram/bus, or wait in line at a supermarket or airport. Of course you will still be a bit exposed when you actually take the card out to use it [via swipe or tap] but at least it would be safer.

The Daughter and I intend to order cashcards on Monday because we can’t afford to lose any money, period. We will also trial the MyKi card solution, and I’ll update you on the results.

In the meantime, if you love the convenience of Tap and Go then at least please be cautious enough not to keep too much money on the card at any one time. It’s just not worth the risk.

Meeks


%d bloggers like this: