O2

I'm really not sure why people are reacting like this.
Just call 2302 from your handset and ask them to complete the age verification form on your behalf.
It's free and the restrictions will be lifted in a maximum of 48 hours.
I've just done it and it took less than two minutes.

I'm really not sure why people are reacting like this. Just call 2302 from your handset and ask them to complete the age verification form on your behalf. It's free and the restrictions will be lifted in a maximum of 48 hours. I've just done it and it took less than two minutes.

Incorrect, just called them and they specifically refute this
" only do this over the telephone via credit card, or instore with the same "

Do you really thing O2 would allow your details to be insecurely passed from pillow to post and still be allowed to do business?

Erm...yes! They already have!
Usage/data tracking issue aside, they are expecting their users to enter their credit card details into an unsecured form on a domain that has no relation whatsoever to O2. It is astounding that O2 have done this. Where is the PCI-DSS compliance to protect online consumer transactions? Do they even know how to protect us in this regard because by expecting us to use this form to remove the restriction they have shown they either don't care about our security or have no idea how to protect our security.
I am a web developer and I would never expect anyone using any of my sites to enter their credit card details into a form that was unsecured on a domain that the user wasn't expecting.

What if they unwittingly subscribe to premium rate services charging you £5.00 per message and running up a nice phone bill?

What if my unencrypted credit card data was intercepted in wireless transmission or across the Internet and fraudsters ran up a nice credit card bill? Or does that not concern you?
How a company the size of O2 can get this so wrong is outrageous!
It is no wonder that a lot of people who have encountered this issue and posted here, had the first reaction that the site they were accessing had been hacked. This has been so poorly implemented that it looks like a phishing attack. In fact I've seen more convincing phishing attacks than this supposed 'offical' O2 procedure!
Doesn't anybody at O2 have a clue about online security? I assume O2 just told Bango to get on with it and implement the system, but judging by Bango's online presence and their inability to secure a simple transaction form, I wouldn't trust them to secure the newspaper I read yesterday let alone my online data. And then O2 expects me to believe that Bango will not share the data they are collecting about me because O2 says so?
It is an outrage that a company the size of O2 can think this is a sensible way of going about this. I don't think anybody resents O2 for trying to protect minors, but when they screw up the implmentation of that protection in such a massive way, they have to expect a backlash.
They could have:
- Issued a warning about this implementation by post, text or on their website explaining why it was necessary and to give users a heads up rather than the rude awakening we all got.
- Implemented this fully into their own website/domain, using an O2 SSL cert to remove any doubt as to the authenticity of the online transaction form and removing any reference to bingobangobongo.
- Ensured all online age protection removal tools (on O2 site, over automated phone) worked right from the start
- Not expect people to part with money to prove their age. That just made the whole procedure sound like an instant con. Potentially offer it as one way to do it online via the handset but offer plenty of alternative methods not involving cash transactions or going to the O2 store.
- Allowed people to remove age protection over the phone (202) right from the start
- Checked BingoBangoBongo's work before comitting live and inflicting their shoddy work on O2's customers.
- Ensured that the wording of any holding pages/info pages emphasised that this would be a ONE OFF procedure rather than a reapeated procedure that would cost a pound each time a user wanted to visit an affected website. Otherwise this comes across as no more than charging unfairly for free content to make a buck.
- Ensured that websites that were flagged as adult content, really contained adult content otherwise when put in the context of the previous point, it comes across as though O2 can charge a pound for access to any website no matter what the content and we have to pay extra despite already paying for online access.
- Walked before they ran! Prove O2 can protect customer's online presence properly before trying to holler from the hills that you are trying to protect our kids! If you can't do the basics how do you expect us to trust you on the other stuff?
O2, you have completely shot yourself in the foot with this one!

If you need assistance/consultancy regarding online practice, O2, you can contact me by my registered email address! I have a decent hourly rate!

Just got off the phone with Customer Services, waited no more than 30 seconds to speak with someone but he did sound like he didn't want to be there!
Asked to have age verification lifted from the internet and he said fine no problem, gonna need a few details which turned out to be my date of birth (which they already have) and whether I have an alternative phone number (????) which I said I didn't.
Done. I gather from this post that this may take 48 hrs to come into effect, I was not furnished with this information on the phone as the support guy seemed to be trying to get rid of me!
O2 it's not you it's me. Ok it is you!
I will now be looking at other mobile operators, as this is just not on. O2, thanks for the last ten years, but I think I need to find a company who treats their customers a little better than this!

they have shown they either don't care about our security or have no idea how to protect our security.

Not the first time.
viewtopic.php?p=316322

Hello everyone.
As a result of implementing the Age Verification process to more customers recently, this thread has been resurrected. Having read through your most recent posts, I've noticed that some of the questions posed were answered by me back in December. I'd therefore refer you all, in the first instance, to the following posts:
http://forum.o2.co.uk/viewtopic.php?p=332669#p332669
http://forum.o2.co.uk/viewtopic.php?p=335861#p335861
Of particular importance and therefore worth reiteration here, are concerns over security. We're confident that Bango's payment processing IS secure (see forum posts linked above for more info). We've seen reports to the contrary and double-checked this today, with no nasty surprises. breakz - if you still feel that we've missed something, please PM me with more details and we'll happily look into your concerns.
We've also just added a post to our Blog with further FAQs, which you can see HERE
Any more questions that these don't answer, please post them here and I'll do my best to get answers for you.
Thanks, as always.
Chris

they have shown they either don't care about our security or have no idea how to protect our security. Not the first time. viewtopic.php?p=316322

Any information supplied to ACS:Law was done so as the result of a court order. How ACS:Law subsequently stored and used that data was out of O2's control. This doesn't demonstrate a failure on our part to safeguard our customers' information.
Thanks
Chris

Any information supplied to ACS:Law was done so as the result of a court order.

I know but O2 did not challenge the application for the court order which they were entitled to do.
Like many other ISPs (except VirginMedia) they "rolled over" and supplied data which ACS:Law were not entitled to.
Judge Birss in his decision made that quite clear.
http://www.bailii.org/ew/cases/EWPCC/2011/6.html

26. That the true nature of Media CAT's right (as pleaded in the Particulars of Claim) raised a question mark over their ability to be a claimant at all in a copyright case, would be obvious to any intellectual property lawyer. It was raised in paragraph 19(i) of Media CAT v A. The judgment also made the point that on any view the claimant did not appear to have the right to sue without joining the copyright owner under s102 of the 1988 Act. The precise terms of s102 will be addressed below.