Rakuten Is Taking Credit Card Fraud Complaints Very Seriously

For a few months now, customers of Rakuten (formerly Buy.com here in the USA) have complained that large and unauthorized purchases have showed up on their credit cards not long after making purchases on the site. Frustrated consumers have taken to the Web to complain and to demand answers.

Rakuten sent us a statement: here it is in its entirety.

Dear Valued Rakuten Customer:

As one of the world’s leading online retail marketplaces, we are committed to delivering outstanding customer service and retail operations in every respect; ensuring and improving data security is a fundamental aspect of our commitment.

As an Internet retailer, we naturally collect credit card information for many of our sales. As reflected in our privacy policy, we use that information to process the credit card transaction. In doing so, we comply with the requirements of the Payment Card Industry (PCI) Data Security Standard (DSS). On a regular basis, we undergo both internal and external audits and independent security tests to verify the security of credit card information. This includes external Internet scans of our systems to determine the existence of any security vulnerabilities. When we become aware of any problems, we make certain to address them swiftly and take action to solve them.
Recently, we have become aware of customers who have reported experiencing unapproved charges at other sites after using their credit cards at Rakuten.com. We take reports of this nature very seriously and have investigated these reports in great depth. We have conducted our own internal investigation, hired a specialist in credit card processing, and hired a leading third-party technical forensics company. To date, neither we nor our hired experts have been able to identify any breach of our systems that would explain any of these reports. We are nonetheless continuing to investigate the matter and will promptly take steps to rectify any concerns we uncover.
Additionally, we have undertaken efforts to further enhance our security procedures. This includes implementing a “token” method of processing credit cards. Under this method, the credit card information our customers provide is converted into a “token” to be used for that transaction. In addition, we have enhanced many of our security practices concerning the use of credit cards and other sensitive information.
We are committed to maintaining the security of information our customers entrust to us and dedicated to addressing any problems in this area. If you have experienced any problems, please alert us right away so that we can promptly address the issue by contacting the head of customer experience on 877-880-1030 Ext. 2095. Any information you share could also help us to continue improving the security of shopping online.
Bernard Luthi, Chief Marketing & Operating Officer, Rakuten.com