Yeah, I've been trying now for ages to get into 2CheckOut but with no luck at all. They have been having a continuous Distributed Denial of Service attack over the last few days, but they say they were implememting measures to counteract it.

This has been going on for too long now. My customers can't even place an order, which is just plain rediculous. 2CheckOut better pull their act together or I'll be moving to another payment processor, probably PaySystems.

Essex_boy, do you plan to stay with them? Has this effected your business much?

Thanks thats the confirmation I needed - Im not going nuts.

Am I going to stay? All most certainly not. Which is a pity as its so quick to setup.

Yes it has affected my business. No orders zero zilch and we are talking orders minimum per piece price of around $125 starts to add up doesnt it.....

Ill have to check the other payment systems.

I wonder when theyll get it back up and running? Do you know how long its been down for?

Paypal here I come!

Another payment processor, Ginix, just got completely shut down by their banks. Could this be the same thing?

Oh right, where did you hear about ginix? 2Checkout is still doooooooooown

Essex_boy, I know what you mean. We have had nothing, no sales because of this. However, 2CheckOut are now back up, and have posted a measely 5 line newsbite on their sellers login page about the DDoS. It reads as follows:

"Sep 12, 2003 :   We experienced a DDoS attack today that was aprox. 3 times as heavy as the previous attack. We were able to block the attack in about 3 hours.

Our buyers server was able to maintain sales thru most of the attack."

Now, this has been going on for days, how much more do they think their customers can take? They have processed over $84m in sales already this year, out of which they have made a tidy profit. Why can they not invest in their infrastructure and protect themselves, and us, from these attacks?

They also stated that the buyers servers stayed up during the most part of the attack, which is incorrect. I tried to place an order and log into my 2CheckOut account between 4PM and 12:30AM GMT without any success. Perhaps I was unlucky, or 2CheckOut are feeding us false information.

I for one am sickened of this. After suffering months of problems with my previous hosting company, the least I wanted was this to happen. Surely 2CheckOut will place a proper apology on their site. Surely I should have listened to the naysayers who consistently warn of their poor practice.

IMHO they blocked a couple of IP ranges. Including mine. I haven't been able to get through to 2checkout.com for 2 days. This might be true for a lot of other users / customers as well (I've tried connecting to them from various different sites in switzerland and the US without success).

This is a pity.. I wanted to go live next week with 2checkout.

I'm a bit reluctant to switch to another service just yet - they might be the next target of a DDoS. I hope 2checkout learned from this and that this can never happen again (at least to them).

Did anyone succeed in contacting them via phone/fax/email yet?

Its back up now thank god. But what about all the missed business? I dont for a minute accept their bland statement about 'sales not being affected'. I had zero sales throughout this period.

The problem here, and with other firms sites, is that they dont take hacking seriously enough. I suspect their security features were well worn standard practice with no innovation or even the slightest forethought and planning.

Anyone with an ounce of computer savvy could have guessed at just how they were going to attempt to defeat the attack.

Come on 2checkout you ust have grossed a small fortune this year - get your act together.

Ok ill take that last post back.

I can get to the home page but no further - login nothing whats going on?

You could put up with this from 2co, *if* everything else was AOK with their service, but it ain't, it stinks - and their chief spokesperson on their forum is just a mitigated PR disaster with a ton of attitude.
IMO, give 2co a very wide berth till they lift their game.

I still cannot access the site. This is very serious and I will have to evaluate whether I continue with 2checkout in the future.

I have just tried to make a purchase from my own website and that is not working either.

I too cannot log in to the sellers area, even though I have received my daily sales report. It seems to me that this DDoS has left 2CheckOut reeling.

Jimmykav, you're spot on there, this is extremely serious. 2CheckOut have been making *serious* money and obviously have been completely neglecting any sort of security investment. With $84m + processed so far this year I would think they could employ tech savvy engineers to set about the job of securing their servers. Obviously, this has not happened.

The other thing, which is disconcerting, is the blatant negligence on the behalf of 2CheckOut towards their customers. We haven't even been sent an email informing us of the situation, what we are to expect and how they will resolve this problem. This all started 4 /5 das ago, and still they have not directly contacted their selling customers.

I don't really know what to do. 2CheckOut have worked for me so far, but this has changed everything. I think there are 2 possible answers:

1. Implement a shopping cart with the ability to pay via several processors, 2CheckOut, PayPal, PaySystems etc etc. This means that the customer gets a choice and will safe-guard against future problems like the current one with 2CO. If they go down again, or any other processor, the customer can still place an order.

2. Dump 2CO and go with another company altogether, probably PaySystems.

Let's just hope that this crap from 2CheckOut continues no longer. If not, those of us who use their "services" may have to seriously re-evaluate our circumstance.

Well, I was logged an hour ago, and I can't again now.

I just dumped Paysystems a month ago after suffering through a disaster of a communication problem with them and their non-existant customer service.

It's time to open a real merchant account with all the paperwork and set-up that entails.

Having trouble accessing the login page again.
They are loading but are very very slow...

yeah.. can confirm that.

However, meanwhile I've also read a lot of bad stories about paysystems. Apparently they are spamming and calling 2checkout customers trying to persuade them to move to paysystems.com

Some customers said that the rates they promiss changed soon after signing up (from 3% to 5.5% and USD 1.5 per sale).

If you're with 2co, you can read more in their forums.

any other experiences?

I've been with ccnow for years and never had problems, however they only allow tangible goods which is no longer an option for me.

Yes, Andrew23, I guess what PaySystems did was spam, because it was unsolicited e-mailing, but I would think that most of us would agree that there are degrees of spam.
Personally, I do not quite compare the spam that I get from someone that has purchased the 100 million e-mail addresses on a CD, to a targetted e-mail to me by PaySystems because they did a search and found that I was a 2CO client - and actually, right now I can tell you that I would be VERY receptive to overtures from PaySystems *_*

This whole thing with 2CO is becoming quite annoying. I think I will open a PaySystems account and operate it alongside my existing 2CO and Paypal accounts to protect myself from future complications.

Do you think that a customer would be scared away from choosing between 3 separate processors, or does choice help?

Thanks for your comments! Maybe we can come out of this problem better off :)

I don't think I've ever seen a site that offered three payment ways, often one + PayPal though.

PayPal is such an easy thing to set up - just a breeze.

This whole business really makes one want to get together with some knowledgeable people and set up a really decent payments provider - after all, we all know what *not* to do!

Yeah, I know 3 choices might sound a lot, but surely there can be no problem with DDoS attacks perpetrated against 3 separate companies simultaneously? I hope not anyway :)

I got the idea from CDBaby, they have more than 3 options available. The customer can choose to pay with credit card with a standard merchant account setup, or with PayPal, Yahoo Pay Direct and soon with Anypay. Customers can also phone or fax in their orders. Do you think that is too much complication? Too likely to scare away customers and defeat the whole purpose?

Than again, CDBaby are the largest online *indie* music retailer behind Amazon, so they must be doing something right? Well, they don't use 2CheckOut anyway!

I offer(ed!) 4 payment systems on my site 2Co, paypal and cheque payment and escrow.

Never receive escrow payments as no one takes this option ever, rarely do I receive a cheque, most payments come from 2CO unless its a big one then paypal comes in.

I dont think its confusing for a customer as long as you clearly label the options correctly.

I wonder how youd start your own payment system....

4 ways to pay, that's fairly conclusive. I like using 2CO because I just add the product to the backend and use the static HTML to add the product to the cart. I've paid $49 to start up or whatever it is, I might as well keep them on.

But in light of all this hassle over the last week or so, I think I'll follow your example Essex_boy and offer multiple choices which are well set out and easy to use.

I have had no problems at all with 2CO today at least, but then again Tuesday 16th is a pay day. I just hope that nothing goes wrong between now and then! Come to think of it, it is strange that the hackers would choose to attack when they are not releasing funds to their sellers accounts. Would they not have caused more trouble then?

Hopefully this blows by and won't be repeated, but after reading all the negative comments round the web I'm kinda prepping myself for another spell of downtime.

During the whole 2CO downtime mess-about I was searching for other third party payment processors. I came across a company on Google who offered payment processor software for startups. I didn't click through or anything, looked way above my head. I'm searching again and will post again if I find anything.

Imagine setting up a processor for WW members, designed by everyday business-people for everyday business-people. What would you all want / require / need? What would you do differently? Design your own credit card processing company right here! :)

Setting up your own? There's a *lot* involved. I've been with a few for more than 5 years and read the trials and tribulations of their poor IT people.
The backend systems need to be very robust, well thought out, well programmed, flexible, AND easy for the end users as well. MOST providers have many on-going troubles as us poor users can attest to. Now of course most are struggling with all the new VAT implications.
Still, if you could get it more than half right, the rewards would be enormous....

Hm yes your cc processing firm, nice idea and I wouldnt mind a go at it. Butttt I can see all the problems your going to have to be very well organised.

I bet if you looked at CO2 closly youd see that their 5.5% deductons appear to be a great chunk and very profitable however on closer inspection I bet the company is not as profitable as you would think.

Just my impression.

Still your own processing firm.... Make you think.

Any one?

It would be an awful lot of work to set up, and would also require a substantial intitial outlay. Because of this it would only be able to happen through a consortium of knowledgeable people, who then split any profits equally.

There would also be geographic problems, what bank would be used? How would people collaborate? Who would assume command?

However, 2CO appeared out of nowhere, as did PayPal, PaySystems and the rest. It took somebody with initiative to design and implement their ideas. The same thing can still happen.

It would be a lot of work though, and I wouldn't even have the slightest idea where to start.

BTW, I'm experiencing problems logging into my 2CO account, and have been now for the last few hours. Anybody else suffering slow logins?

I still cant login, not even slowly. This is starting to test my patience.

The daily sales reports or now coming through - no mention of ANY problems.

Essex_boy, I also got my Daily Sales Report as per usual, and also no mention of any prolems.

I was able to log in an hour or so ago, about 11:30 AM GMT but the whole admin area was totally messed up, menus dowm the side instead of along the top! Page display was all messed up.

I also got logged in roughly half an hour ago at about 12:00AM GMT. Because today is the 16th and is a pay day, I naturally went to the Payments section, menus worked this time :) But when I got there it eventually showed me my total orders awaiting processing, but the table of previous transactions below was non-existant. It only showed the column headings and said that there had been no recorded transactions.

I really do hope that they don't mess up today. Please please pull your act together 2CheckOut and get this situation under your control as soon as possible. Is there a procedure or number we can call if things go wrong

Edit: Previous transactions now displaying at 12:53 GMT

2co still having problems. When you login their main admin page has HTML all over the place. Huge gaps and the menu options appear out of place as you move over each section heading.

Still having major problems with 2CO. Can't login at all now, and it has been this way for hours. Has anybody had all their awaiting sales processed successfully today, considering this is the 16th?

I can't even get in to my account to check up!

Looks like PaySystems just went down too. Real problems lately. Ginix is out of business, 2CheckOut flaky, and Paysystems not so hot either.

FYI, 2checkout has a support forum at <http://www.2checkout.com/login.htm [2checkout.com]>. You might some more help there.

This makes me glad I'm using a remote shopping cart sevice, so I can switch merchant process fairly easily without many modifications on my main site. I don't have a backup, but I see I do now. I feel for all of you that have lost sales.

I suppose the same advice not being overally dependent on Google for traffic applies here with being dependent on only one merchant processor.