IT.COM

Horrible Experience with GoDaddy - Potential Security Vulnerability Regarding Storing Payment Info

Spaceship Spaceship
Watch

dbtbandit67

Team USAEstablished Member
Impact
27
Yesterday morning I wanted to do 2 things.
Register two domains, and in spite of the many awful reviews I have heard of their web hosting services, decided to give their $1 per month hosting plan a try.

It was for my own name as I have several published books on Amazon Kindle that sell modestly, and my name plus the title of the book that sold fairly well, but to my surprise, is on several websites illegally being distributed (on web sites which I am guessing probably spreads malware because what incentive do they have to give away a .pdf file for free) which I was not quite sure what my plans were for it for, but it would have been some sort of response to the illegal websites giving away free copies of a novella I worked very hard on and was given away illegally 4,500 times when it was only on sale for $1 and Amazon.com (maybe they should offer domain registration one day, I will suggest it to their customer service team as well as send a tweet or e-mail or letter to their CEO at their corporate office) that came with a special offer of reading it for free if you sign up for a flat monthly service where you can read all self-published books for free.

Ok, order submited. Before I begin, here is one of my pet peeves regarding GoDaddy [their CEO Blake Irving) of many, and this is just the beginning.

1) They are constantly trying to upsell you on products and services you do not want, need, or even give any indication that you wanted to buy, at absurd prices, automatically assuming you want to pay for 1-year's worth of the cross-promoted product that is annoying and irrelevant to you. And this happened many times, from the beginning to end.
2) The products are always set to 1-year commitments by default. To someone that was extremely not paying attention and clicking way too fast or any other sort of error if (if they had 1-click ordering for example, I don't know if they do) a $25 order could have turned into something over $200, had I not been paying attention. That would have not been Blake Irving (CEO of GoDaddy's fault)
3) I do not recall exactly, with completely accuracy, what happened, but included in my order was, and I do not remember the exact wording, but what I think was Microsoft services. I do not remember exactly how it written on the web site but to my recollection, at the time of my purchas for the 3 products I actually wanted, a Microsoft service (which I think was either multiple packages of it; I can't remember it may have just been 1, I will try to confirm this later) as well as possibly another GoDaddy service, possibly something like "professional e-mail" (once again I cannot recall with full accuracy, but something of that nature, I also do not know if they were all Microsoft services or multiple Microsoft and one GoDaddy service was added on to the order, without an additional upfront charge.
4. VERY IMPORTANT - I will have to go through the process of buying another domain to show exactly how it was done and how it was worded, but I was not, VERY CLEARLY, BOLDLY, AND REPEATEDLY MADE AWARE that these were trial services that would come at a charge and eventually auto-renew. Which leads in to my 5th and angriest complaint as a long time paying GoDaddy customer.
5. Those additional products that I was not clearly made aware that I would eventually be billed for, were set to auto renew on the credit card that I had used on file. I WAS ALSO NOT CLEARLY AND REPEATEDLY told that my credit card information would be force-ably saved unto GoDaddy's servers, and I do not have the option to remove this. I was told that this was in their technical TOS.

From my limited experience of contract law, a contract, when disputed in contract, will not necessarily hold up and remain legally binding, if there is a provision that was technically listed, but done so in a way where it is reasonable to believe that the signer of such contract may either misconstrue, or misunderstand, or not clearly and visibly (in a reasonable manner) that he was agreeing to such provision.

I do not want my credit card information stored on GoDaddy's servers, ESP, because of the rampant incidences of cyber crime, identity theft, and server leaks that have been happening lately.

Has GoDaddy ever had their servers compromised where customers personal information of any sort may have been compromised? I do not know the answer to that.

If the answer is yes, I do not know if it is illegal to put the provision of mandated financial and personal information being stored on a server, but it is one that I do not like, one that probably many other longtime GoDaddy paying customers (Blake Irving CEO); my personal opinion is that it is a bad requirement considering current market security conditions, and it is also my personal opinion that requirement should not be forced on me for buying their products or services for any reason I want really, but mostly my own personal security.

I will be notifying the credit card company that they have on file of their policy, and I will also be making phone calls to the Better Business Bureau, my local House Representative, the Senator of my State, to ask them about their opinion of this practice (among the other practices that they do), if it is legal or not, what other agencies they can direct me to for additional help, and to contact Blake Irving CEO of GoDaddy as well as to their 6th largest institutional shareholders (which of today's date January 10, 2017 2:37 AM in Pacific Standard Time, to the information currently listed on http://finance.yahoo.com) under "Top Institutional Holders" is:

Silver Lake Group, L.l.c. 31,811,843 Sep 29, 2016 36.37% 1,098,462,906
Kohlberg Kravis Roberts & Co. L.P. 15,517,400 Sep 29, 2016 17.74% 535,815,806
Technology Crossover Management VII, Ltd. 14,267,080 Sep 29, 2016 16.31% 492,642,258
FMR, LLC 9,094,054 Sep 29, 2016 10.40% 314,017,675
Wellington Management Company, LLP 7,650,131 Sep 29, 2016 8.75% 264,159,015
JP Morgan Chase & Company 7,006,725 Sep 29, 2016 8.01% 241,942,207

as well as their other directors and officers, which again according to Yahoo Finance as of January 10, 2017 2:37 A.M. is:

Insider Roster
Individual or Entity Most Recent Transaction Date Shares Owned as of Transaction Date
ALDRICH STEVEN
Officer

Sale

Sep 9, 2016
1,504

BIENERT PHILIP H.
Officer

Option Exercise

May 16, 2016
1,250

CARROLL JAMES M.
Officer

Option Exercise

Sep 12, 2016
263

GOLDMAN AUGUSTE
Officer

Automatic Sale

Oct 17, 2016
1,586

IRVING BLAKE
Officer

Option Exercise

Oct 11, 2016
1,503

JOSEFSBERG ARNE
Officer

Sale

Jul 14, 2016
84

KELLY NIMA
Officer

Automatic Sale

Oct 10, 2016
24,023

KELPY MATTHEW B.
Officer

Sale

Sep 9, 2016
5,582

MURPHY ELISSA E.
Officer

Option Exercise

Apr 12, 2016
1,250

RAFAEL BETSY
Director

Automatic Sale

Aug 5, 2016
17,238

RECHTERMAN BARBARA J
Officer

Automatic Sale

Oct 19, 2016
50,150

ROBEL CHARLES J
Director

Acquisition (Non Open Market)

Jun 8, 2016
31,723

SHARPLES BRIAN
Director

Acquisition (Non Open Market)

Jun 8, 2016
13,890

WAGNER SCOTT
Officer

Automatic Sale

Oct 19, 2016
1,503

YAM SPECIAL HOLDINGS, INC.
Beneficial Owner (10% or more)

Ownership Statement

Apr 1, 2015
36,058,011

***

Blake Irving can personally be reached on Twitter at: https://twitter.com/Blakei?ref_src=twsrc^google|twcamp^serp|twgr^author

I would also like to remind everyone that NameCheap and HostGator are two alternatives to Godaddy.

Thank you for your time.

P.S. Their customer service department is amazing. I was just upset at this entire experience, and I disagree with the provision of mandated credit card saving, and I hope that Blake Iriving will either read this or I may speak to him, or an officer or director, or another customer service rep, to once again ask for my credit information to be removed from their servers. Thank you.
 
0
•••
The views expressed on this page by users and staff are their own, not those of NamePros.
If you agree with me that credit card information should not be forceably stored on their web site, which many other popular e-commerce sites do not mandate, in addition to their other business practices, please help me make sure that Blake Irving reads this thread. Blake Irving, as well as informing your local House Rep., the BBB, the Senator of your State, and even the currently acting President of the United States Barack Obama of this practice among their their questionable practices.
 
Last edited:
0
•••
I have just been told by one of the most experienced, talented, and successful domainers in the industry that filing a complaint with the Better Business Bureau is the single most effective thing you can do, if you could only do one thing.

- In Regards To Forceably Storing Payment Information
and
Only informing their customers of that policy in their TOS in a seperate page and link (a TOS is very long, the font is small, and GoDaddy gives you the quick option to agree) and not visibly informing customers of that policy on their purchase page.
 
Last edited:
0
•••
I have just been informed (although I am not sure if this is true, or any other accuracies or legalities) that Better Business Bureau complaints can only be filed in the state where the company is headquartered which is Arizona.

If you agree with me and take issue with any of the things I mentioned above, I encourage you to make a dispute. If you have already made a dispute in the past, you may be able to make another one since this is a separate incident.

If you do not reside in Arizona, since you can buy GoDaddy products in any state, I encourage you to inform them anyways, and ask them just to do what they can to store it in their records or inform who they can or ask for what additional resources and other agencies they can direct you to, to help you, if they themselves cannot.
 
0
•••
Also if you are not a citizen of Arizona but have a friend in Arizona who currently has a GoDaddy product (or potentially even ever made a purchase there, if GoDaddy stores payment information when all products and services have been cancelled) you can also inform your friend of that policy, and ask them, if they would like to submit the complaint to the Arizona BBB if thats what they want to do.
 
0
•••
If you had some up your main issue with GD in one sentence what would it be?
 
1
•••
On Twitter, here are all of the relevant people you can contact, to inform, if you have a problem with GoDaddy's current policy of storing payment information if you buy a product or service, without giving you the ability to remove it from their web site.

Twitter.com
@Blakei
@dougducey
@MayorStanton
@SenJohnMcCain
@JeffFlake
@BarackObama
@realDonaldTrump
@MarkWarner
@RepRatcliffe

And don't forget to use the hash tags #identitytheft #serverhack #serverbreach #cybercrime #cybersecurity #godaddy #blakeirving
 
Last edited:
0
•••
If you had some up your main issue with GD in one sentence what would it be?

I want them to remove my saved credit card information (which they will not allow me to do myself as a general policy on an order from any product) from any database of theirs, whatsoever.
 
Last edited:
0
•••
I'm a little confused. I just removed my credit card information from GoDaddy myself.

Account Settings > Payment Methods > Select Credit Card and hit Delete Payment Method.

2.png


Works like a charm!
 
Last edited:
0
•••
If your issue is resolved, might I suggest you ask an moderator to change the title and close this thread.

Good luck.
 
1
•••
Yes, it is true that you can delete credit card information, BUT not if they are tied to produccts that are set to auto renew.

I am about to find out right now if you can delete none of your products are set to auto-renew. I just turned mine off

If the problem still exists, I have compiled a simpler and more effective list of people and agencies to contact to complain to. We'll find out very soon.
 
0
•••
didn't read it all.

did you buy something accidentally?
did you ask for a refund?
did you turn off autorenew?
did you remove your CC info?
 
0
•••
Ok, I turned both domains off auto renew and I still cannot delete my last credit card I used on file.

I will give this another couple of hours and then provide more information for people to contact who do not want their credit card information forceably stored on GoDaddy.
 
0
•••
Anyone who isn't sure about their registrar should go to google.com/domains or porkbun.com
 
0
•••
Ok, I turned both domains off auto renew and I still cannot delete my last credit card I used on file.

I will give this another couple of hours and then provide more information for people to contact who do not want their credit card information forceably stored on GoDaddy.

This works for me when I tried. I recommend contacting support again if you are having trouble.

You said there was no mechanism to allow deletion of credit card information, and I proved that there is. In fact all my credit cards have been deleted as a test. Looks to me like you're finding any excuse to complain about them. GoDaddy has a number of faults, but this whole storing of payment information without a mechanism of self deletion isn't one of them.
 
Last edited:
0
•••
Sometimes if a company insists you have a payment method on file this avoidance technique works:

Add Paypal as a payment method.

Remove credit card, leaving Paypal as your method.

That Paypal is a recurring payments agreement and you can go to your Paypal account and disable it, then they cannot just autorenew a service and charge you. Works well - I have done that 2 or 3 places - and I don't think they even know you have disabled it.
 
3
•••
This works for me when I tried. I recommend contacting support again if you are having trouble.

You said there was no mechanism to allow deletion of credit card information, and I proved that there is. In fact all my credit cards have been deleted as a test. Looks to me like you're finding any excuse to complain about them. GoDaddy has a number of faults, but this whole storing of payment information without a mechanism of self deletion isn't one of them.

Looks to be that you are rushing to make rude accusations. I did not appreciate that. I am kindly asking you not to do that again. I just turned off auto-renew on both my domains and was still not unable to remove all of my CC information on the site. And I will prove it.

https://drive.google.com/file/d/0Byhk_kLZUkLJOVJvOGNqLVFFZ3M/view?usp=sharing

So there is my evidence that I was not able to delete credit card information in spite of all my domains not being under auto-renew. But I didn't have to prove myself to you. I will go a step further and show you how wreckless and disrespectful you were, with whatever it was you were of accusing me, and post this site, their TOS that their technical support team e-mailed to me, and I will specifically highlight the section where it says storage of at least one payment method is required.

I provided evidence that I was not able to do so. If you were a man, you would provide evidence, with the accurate times, that all of your domains have auto-renew off and under the billings page, there is no credit card listed there whatsoever

And since you made some baseless accusation of me, I will make a possible one of you that you are either a GoDaddy insider, contractor they pay out to encourage people to defend them and buy domains, or your just quick to rudely rush to accusatons, where other members in this forum were actually being helpful, and you were being arrogant with you (look what I can do, easy) although you actually do not have photographic proof that there isn't a single payment method on your settings page.

I am politely asking you not to be rude to me, when this is something that genuinely makes me upset, and you acted condescending. Shame on you. Acting like this in the New Year too. I showed my proof, now show yours. Cause it seems to me you may possibly be a GoDaddy insider just defending them. Or you just don't know what your talking about. Or your just confused. Because you do not have a screenshot of (which I will examine to see if there were any possible alterations made) that you do not have a single pament method on fie, and I will make you look even more un-intelligent by posting their TOS and highlighting their provision.

I spoke to them. They told me. Im smarter than you. I do my research. I make actual money. So don't even think about stepping up to me again until you can respond to me as intelligently as I post. Which I don't think you'd be able to.
 
Last edited:
0
•••
This works for me when I tried. I recommend contacting support again if you are having trouble.

You said there was no mechanism to allow deletion of credit card information, and I proved that there is. In fact all my credit cards have been deleted as a test. Looks to me like you're finding any excuse to complain about them. GoDaddy has a number of faults, but this whole storing of payment information without a mechanism of self deletion isn't one of them.

No, you are incorrect. You did not prove that there is. You did not prove that there is, until you provide a screenshot under your account setttings where payment information is stored, and there isn't a single payment there.

And believe me, I will check to make sure that screenshot wasn't modified.

I was also disprove you even further by posting their TOS tomorrow highlighting the policy proving me correct and you incorrect, unintelligent, and a possible GoDaddy insider defending them to boost their sales.
 
Last edited:
0
•••
This works for me when I tried. I recommend contacting support again if you are having trouble.

You said there was no mechanism to allow deletion of credit card information, and I proved that there is. In fact all my credit cards have been deleted as a test. Looks to me like you're finding any excuse to complain about them. GoDaddy has a number of faults, but this whole storing of payment information without a mechanism of self deletion isn't one of them.

Everyone else in this post was trying to be helpful. Everyone except you. You were either just trying to put me down, or attempt to prove that you were correct, which you still technically did not do until you provide an unaltered screenshot that under payment information listing, there isn't a single card there.

Which won't matter anyways, since I will post an e-mail from one of their tech supporter members re-iterating the policy as well as their TOS highlighting it.

I know you don't like to work hard before making your statements, but why don't you try calling them yourselves and asking.

I'd offer you their tech support number but I think you should a little more work before trying to discredit my claim on something I have worked hours on, while you quickly snapped together a few stupid screenshots (which actually did not technically prove your point) then insult me.

Everyone else in this thread is actually trying to help.

If your here to insult me, I am kindly asking you not to participate.

Since you love posting screenshots so much, why don't you post screenshots of your domaining profits last year.

Something tells me you won't. So go away.
 
0
•••
Op, don't take this wrong way.... I agree that they should not be storing payment details and not allowing you to remove the card details is ludicrous to say the least.

What I'm confused about is why does anyone still use credit card details if Paypal is an option.... I never use my credit card online... If I'm forced to make a purchase from a company that doesn't use Paypal payments then 90% I won't buy from them... However there are some cases when u simply just need to have the product or service and there is a valid reason why won't use Paypal. Then I would use a virtual credit card.... it just too risky to use your main credit card details these days... ..
 
0
•••
1
•••
I am unsubscribing from this thread. Helpfully posting factual info about Paypal resulted in an unsolicited PM telling me I am dumb and various other unflattering points.

I don't recommend replying here unless you really think you need to.
 
3
•••
If you dislike GoDaddy so much, why don't you cancel your product completely, ask for a refund and then request your account to be closed. Failing that there is a GoDaddy manager on this forum @Joe Styler who usually sorts out problems for people who would be a much better choice than trying to contact the president of the United States about your issue who I'm sure is a little busy with running the country.

On Twitter, here are all of the relevant people you can contact, to inform, if you have a problem with GoDaddy's current policy of storing payment information if you buy a product or service, without giving you the ability to remove it from their web site.

Twitter.com
@Blakei
@dougducey
@MayorStanton
@SenJohnMcCain
@JeffFlake
@BarackObama
@realDonaldTrump
@MarkWarner
@RepRatcliffe

And don't forget to use the hash tags #identitytheft #serverhack #serverbreach #cybercrime #cybersecurity #godaddy #blakeirving


Every so often you get crazies coming out of the woodwork.. :wacky:
 
0
•••
This is a pretty long read :) if you want to remove a credit card it is pretty easy to do. You can contact our billing support for free and they can walk you through it. No need to try contacting the president elect or senators. I dont think that will work out as good for you as simply asking support to help out.
It is true if you have a product set to renew on the payment method you cannot remove it. This is pretty simply logic, you are telling us that you want to have something renew, and that you don't want to have any way for us to do that at the same time. If you want it to renew on another card / Paypal etc just go switch the billing info so it renews on another payment method, and when there is nothing left that you are saying you want to renew with that card you can remove it because there is no longer any conflict.
 
2
•••
0
•••
Back