OnePlus ceases credit card payments amid fraud reports

January 17, 2018 | 10:31

Tags: #breach #credit-card #data-breach #financial #fraud #insecurity #security

Companies: #oneplus

Smartphone maker OnePlus has disabled credit card payments following reports of its customers falling foul of card theft after picking up the company's products, while placing the blame firmly on its payment processor.

Known for its range of high-end smartphones - and also for naughty benchmark fiddling and pre-installed back door - OnePlus has been forced to address reports from its users of credit card fraud seemingly relating to purchases made on the compan's web store. 'Over the weekend, members of the OnePlus community reported cases of unknown credit card transactions occurring on their credit cards post purchase from We immediately began to investigate as a matter of urgency,' the company explained in an initial statement. 'The reports have come from some customers who made credit card payments directly on (without involving a third party such as PayPal). We are investigating each report.​'

Since the initial reports came in, OnePlus has issued a further update suggesting that something is indeed very awry: 'This is a serious issue and we are investigating around the clock,' the company told customers via its forum. 'As a precaution, we are temporarily disabling credit card payments at PayPal is still available, and we are exploring alternative secure payment options with our service providers.'

Although OnePlus isn't dodging responsibility for the fraudulent charges, the company has clarified that it doesn't hold payment details personally - putting the blame firmly on its payment processing partner instead. 'Your card info is never processed or saved on our website - it is sent directly to our PCI-DSS-compliant payment processing partner over an encrypted connection, and processed on their secure servers.​ If you checked the "save this card for future transactions" while making a payment, all this means is that our payment processing partner encrypted and securely stored your card info and sent us a few digits, plus a "token" - a string of symbols that represents your card. This token is stored in our system, but it's impossible for us to decrypt it and access your card info. Next time you make a payment at, this token will be recognised by our payment processing partner, who then fetches your original card info from their secure vault and uses it for payment processing.'

Anyone who has purchased products directly through with their credit or debit card is advised to check their bank statements closely, and if any fraud is suspected to contact their bank to initiate a chargeback.

Discuss this in the forums
YouTube logo
MSI MPG Velox 100R Chassis Review

October 14 2021 | 15:04