OnePlus Investigating Rise In Credit Card Fraud Complaints From WebStore

OnePlus is one of the leading mobile manufactures based out of Shenzen, China. The company launched in late 2013 and quickly became one of the top brands in the global mobile gaming market with its flagship OnePlus phone. OnePlus has had to deal with an increase in the number of credit card fraud complains that originated from its webstore customers.

During the holiday season, the OnePlus webstore saw a large number of transactions take place from around the world. A number of customers who purchased from the webstore later discovered that unauthorized credit card transactions had taken place. The one common thread found in these complaints was that all of them had carried out a transaction at the OnPlus webstore.

OnePlus

These customers have taken to popular social media platforms to voice their concerns and raise their complaints. A number of them have also posted at the OnePlus support forum and their cries for help has gained the attention of OnePlus. The company did not confirm or deny if their webstore was breached but did announce that they will launch an investigation into the matter.

When OnePlus initially launched its webstore in 2014, the company relied on the e-commerce software from Magento which was suspected of being vulnerable to cyber-attacks. OnePlus has since upgraded its webstore software and uses custom code to ensure that security and safety protocols are well maintained. The company also claims that it does not store its customer’s credit card information.

Fidus, an infosec firm has conducted security audits in the past of the OnePlus software and has stated that OnePlus does not run its transactions through an iFrame but processes all transactions themselves.

In a statement, Fidus said

All payment details entered, albeit briefly, flow through the OnePlus website and can be intercepted by an attacker. Whilst the payment details are sent off to a third-party provider upon form submission, there is a window in which malicious code is able to siphon credit card details before the data is encrypted

Credit card fraud has always been a concern for online websites and payment processors. This is one of the reasons why cryptocurrencies have generated a lot of publicity in recent times because they allow individuals to maintain their personal and financial data and offer better security measures to both the e-commerce website and also the end customer.

---