Feedback Loophole/Exploit/Bug in Depositing Methods

Skoco

Newbie member
Joined
Jul 3, 2020
Location
Germany
Hey guys & girls ☺

I didn't find right section where should i post this, so i will here. If its in wrong section please relocate it

So i have found this "Exploit" regarding Depositing in Online Casino's.
Basically you are credited amount to account but your money is still in the bank.
I have opened thread on Askgamblers but it seems like they are protecting Casino's.
I will post the link of the thread, it contains evidence and all.

**snip**


My question is:
Since i found out about this, I'm i in right to ask for Reward?
 
Last edited by a moderator:

dunover

Unofficial T&C's Editor
Staff member
webmeister
PABnonaccred
PABnononaccred
CAG
mm3
Joined
May 22, 2012
Location
the bus shelter, opposite GCHQ Benhall
Actually, they're just advising you of the right thing to do. Please don't attempt to start portal wars, and do not post external links. Read the rules, thanks.
 

geordiecolin

Meister Member
PABnononaccred
CAG
mm4
Joined
Jun 5, 2015
Location
Near Newcastle
Hey guys & girls ☺

I didn't find right section where should i post this, so i will here. If its in wrong section please relocate it

So i have found this "Exploit" regarding Depositing in Online Casino's.
Basically you are credited amount to account but your money is still in the bank.
I have opened thread on Askgamblers but it seems like they are protecting Casino's.
I will post the link of the thread, it contains evidence and all.

**snip**


My question is:
Since i found out about this, I'm i in right to ask for Reward?
You win the award for promoting the relationship between casinos and their punters. With a special award for the relationship between sites that promote a relationship between casino users and casinos and their reps online.
Well done you
 

Bloatgoat

Senior Member
webby
Joined
Nov 29, 2017
Location
Somewhere
Basically you are credited amount to account but your money is still in the bank.

Credit card payments? Forget it. The amount is being hold and finally taken off your account. Even if your bank shows like you have 100$ left or so. The 100$ is actually deducted. There's no casino in the world that has a exploit like this.
 

Skoco

Newbie member
Joined
Jul 3, 2020
Location
Germany
Credit card payments? Forget it. The amount is being hold and finally taken off your account. Even if your bank shows like you have 100$ left or so. The 100$ is actually deducted. There's no casino in the world that has a exploit like this.
Sent you a PM with link to the thread.
 

Bloatgoat

Senior Member
webby
Joined
Nov 29, 2017
Location
Somewhere
I got the PM. My opinion on this:

It's an exploit that would be found out sooner or later. It would be fraudulent and if your withdrawling big amounts you pretty much gotta go through the verification proces. They would have your ID by then and simply file to the police if they catch you.

Thing is it's not hidden. I build websites for clients with Payment API's and all that. Every transaction is simply being logged. I do tell the client that even if the websites says payment confirmed, to login to the payment backend and confirm the number. If there it's green it means it's green. If it's red the payment simply did'nt work out. The casino is obviously sleeping and not paying attention to those methods.

The one who build that did'nt do the testing as well; and i suspect that the same template is being used on different casino's online as well, thats why you can find that little exploit here and there. This will be hammered down sooner or later. Trust me.
 

Skoco

Newbie member
Joined
Jul 3, 2020
Location
Germany
I got the PM. My opinion on this:

It's an exploit that would be found out sooner or later. It would be fraudulent and if your withdrawling big amounts you pretty much gotta go through the verification proces. They would have your ID by then and simply file to the police if they catch you.

Thing is it's not hidden. I build websites for clients with Payment API's and all that. Every transaction is simply being logged. I do tell the client that even if the websites says payment confirmed, to login to the payment backend and confirm the number. If there it's green it means it's green. If it's red the payment simply did'nt work out. The casino is obviously sleeping and not paying attention to those methods.

The one who build that did'nt do the testing as well; and i suspect that the same template is being used on different casino's online as well, thats why you can find that little exploit here and there. This will be hammered down sooner or later. Trust me.
So you work with few licensed Companies that create and build online casino websites for theirs clients?
 

Bloatgoat

Senior Member
webby
Joined
Nov 29, 2017
Location
Somewhere
No sir,

I just implement payment gateways. And i have to tell you that everything is logged. From failed payments to succes ones. So a casino not noting this is simply sleeping. I mean, go ahead, do the fraude, they will have your details sooner or later for the police.
 

Skoco

Newbie member
Joined
Jul 3, 2020
Location
Germany
No sir,

I just implement payment gateways. And i have to tell you that everything is logged. From failed payments to succes ones. So a casino not noting this is simply sleeping. I mean, go ahead, do the fraude, they will have your details sooner or later for the police.
Do you work for Payment service provider?
Or just add Ad ons like those paypal buttons?
 

Bloatgoat

Senior Member
webby
Joined
Nov 29, 2017
Location
Somewhere
Lol, paypal buttons. No man. I implement payment sollutions like credit card and local payment methods to several websites that require it. Hell i even did a credit based system. Point being is: the one who build in that thing into that casino, did'nt test this properly, and because of that, you got a mini-exploit related to payment on several websites now. Very faulty shit to be honest. The one doing that should be fired in the first place. You test before putting things live.
 

Skoco

Newbie member
Joined
Jul 3, 2020
Location
Germany
Lol, paypal buttons. No man. I implement payment sollutions like credit card and local payment methods to several websites that require it. Hell i even did a credit based system. Point being is: the one who build in that thing into that casino, did'nt test this properly, and because of that, you got a mini-exploit related to payment on several websites now. Very faulty shit to be honest.
Aha alright.
But i can't wrap my head around it.
How could multi million dollars payment providers be a sleep or make a fault like that?

It wasn't tested through some shitty payment provider
 

Bloatgoat

Senior Member
webby
Joined
Nov 29, 2017
Location
Somewhere
Well someone has bin sleeping, thats a fact. If you do your work (and test) properly, these things dont happen. Thats all i have to say about it.

I used to hack as well, way before i had my business. It suprised me back then how many insecure servers where up back in the days.
 

Bloatgoat

Senior Member
webby
Joined
Nov 29, 2017
Location
Somewhere
But there's nothing wrong if properly integrated. It's at the backend of the casino. Not the actual payment provider.
 

Bloatgoat

Senior Member
webby
Joined
Nov 29, 2017
Location
Somewhere
Yes,

But the casino either outsourced it to the cheapest people as possible, or the party responsible doing the integration did'nt pay attention let alone test it properly.
 

Harry_BKK

Dormant account
Joined
Dec 18, 2014
Location
Balcony
Credit card payments? Forget it. The amount is being hold and finally taken off your account. Even if your bank shows like you have 100$ left or so. The 100$ is actually deducted. There's no casino in the world that has a exploit like this.

It actually was a loophole a lone time ago at German banks. It worked though mostly with non-bank cards only, e.g. branded cards like Lufthansa etc.

Much of the banking system for all remote payments worked at the time on a "Lastschrift" - basis. Meaning it would check that credit is available and 1-3 days later it would take the amount. There was no instant reservation made for the debited amount and in the meantime, you could use your available credit multiple times. For some reason, there was a delay between the transaction and the actual reservation being activated. I know it because I did it. :D

But to my knowledge, that loophole has been closed more than a decade ago and any transaction is now instantly reserved. I left Germany in 2008, hence, I haven't had a non-bank credit card for a long time and don't really know what the status is.
 
Last edited:
Top