Welcome to WebmasterWorld Guest from 22.214.171.124
Forum Moderators: buckworks
I am a customer of the Payflow Pro payment gateway. Originally I was a user of the Payflow Link gateway since 2002, but then in 2009 I upgraded to Payflow Pro, as I saw the Payflow Link gateway was very insecure and is too easy to exploit.
Then last month [Dec 2010] I received over 21,000 fraudulent transactions through may Payflow Pro account. Someone was using my merchant account to test if credit cards were valid.
I spent days and days trying to communicate with people at PayPal, and they all denied there was any problem.
Finally I got to testing my Payflow Pro login ID with the old Payflow Link gateway (using a simple html "form" with my login ID). Surprisingly I was taken to a Payflow Link page to enter my credit card details, and at the top was my old business logo which I hadn't used in two years, and which was still being saved in the PayPal database even though I wasn't a customer of Payflow Link.
...Response Eric F 01/07/2011 09:50 AM
In regards to this issue there was no security exploit, the issue is that when your account was upgraded from Payflow Link to Payflow Pro, there was bug which allowed your account to still process as Payflow Link and as stated we have since fixed this bug to not allow this to happen again.
Thank you for your patience.
Merchant Technical Services
PayPal, an eBay Company
directly to my merchant account at my payment processorwhy I ask.