Topic: Beware, MtGox arbitrarily freezing verified accounts - page 2. (Read 40385 times)

Strange things happening at mtgox lately. My account is verified with different withdrawal limits

http://imgur.com/a/FhfF9

Not that I don't believe you, but is there any evidence or proof you can provide of this claim? I suspect, and I think a lot of other people suspect this too, that it's actually an anti-fraud requirement and not an AML requirement. And the difference is very significant.

That's normal MT edited his post afterwards to add this, maybe because he felt like somehow diverting the thread from the actual issue at hand was necessary.

Right now bitcoin.fr hosts an ad-ridden crappy blog with the last post being months old, see for yourself.
We felt that the French public deserved a better introduction to Bitcoin than a placeholder site waiting for the domain value to go up.

And so yes, we wanted bitcoin.fr to redirect to a french version of bitcoin.org.

The full e-mail exchange is here, judge for yourself.

A couple of highlights :


Either way this is way off-topic, if there are any questions about this please make another thread, I'll happily comment there.

We take full responsibility and stand by our actions. It would be nice to see a bit less mudslinging and a bit more responsibility from a commercial company handling my passport scans. (Read: acknowledge a sub-optimal data migration and unfreeze my account after digging in the AML archive for thirty seconds, if necessary reduce the withdrawal limits to those of an unverified account).

I had missed this.
Is this serious, davout? You people from Paymium tried to take over the bitcoin.fr domain by registering a trademark?

Good advice on the preference for p2p.  Person-2-Persons is what I prefer when it can be arranged, and that's probably the way I'll try to liquidate much of my Bitcoin, again if/when I choose to do so.

The photo-ID thing is pretty weird and I don't like it.  Next it will be DNA samples I suspect.  That the US state department was instructing their personal to obtain DNA samples of foreign dignitaries is actually pretty interesting.  A risky move which I suspect would not be undertaken without significant expectation of a specific use for the data.

  http://www.wired.com/dangerroom/2010/11/u-s-chases-foreign-leaders-dna-wikileaks-shows/

But back to Paypal, in spite of their spiel about the government is requiring blah, blah, blah, in the end they let me pass by speaking 13 numbers into a phone.  So it seems to me that Paypal, at least, is going above and beyond the minimum requirements on the part of the US government.  The extra data they are collecting must be of some value I guess, or maybe they are just being proactive.  One wonders exactly what the minimum requirements Mt. Gox needs to meet are and if they are gathering extra data as a target of opportunity.

and she entered it into the same DB you refused to put in in the first place. Only difference is you now comminucated it to some $7/hour slave. Yah, you're definitely better off now  . Mtgox is cancer, paypal is slightly better but still shit. Do everything you can to p2p transfer.

As a person who trusts more funds with you through Instawallet than is normally my nature, I have a keen interest in how you handle the various affairs that you are involved in.  I was hoping for a more detailed response on this one.

Separately, I'm sorry to see the Mt. Gox is fucking with you.  It's not crystal clear if 'not legit' is defined as something which Mt. Gox can use as an excuse to take your money or what, but I am interested on an academic level.  I had already planned on exploring alternates if/when I decide to cash out (of Bitcoin) in a significant way, but this goes some distance toward solidifying my plans.

As a vague aside, I got my issues worked out with Paypal so I'm probably going to go back to using them as usual...the memory of what they did to Wikilieaks becoming dim and easier to palate...  Paypal wanted my SSN card, proof of residence, and a photo ID.  The latter is a no-go since I don't trust them not to sell it to the highest bidder (esp, the NSA) or have if ripped by hackers..and to trust Paypal's security engineering significantly more than Mt. Gox's.  Anyway, as usual, Paypal's site would not let me do what I wanted to do so I called.  The lady took my DOB and SSN over the phone and said that everything is now cool.

Will do next time.

Oh sorry then, I guess my withdraw limits magically went to those of a verified account, see previous screenshot. Or your very own DB if you don't trust me.

This must be some kind of joke. When I trade on your platform I don't find it practical to pay fees, can I skip that ?
We all pay to use mtgox, in exchange we all expect some level of service, part of that would be that when you migrate a system, you migrate the data that goes with it even if it's "not practical".

Fine, I have no problem with that. Just don't lock down my account, give it unverified withdrawal limits if there are documents missing.

Again, my limits say otherwise, and I didn't get notified of anything related to having to submit additional documentation.

Pathetic.

I'm just quoting the most interesting part to be able to find it faster in the future.

Well, I guess it might be enough to say you've tried your best using all technology available. MtGox does try to ban anonymous proxies, for example. There's that casino which makes lots of effort in trying to forbid USA players, by blocking IPs of proxies too. But of course, both may eventually let something pass. Even the GFW of China has its holes.

If such restrictions are enough to get MtGox labeled as "cooperative" by IRS/FBI/whatever, then they're good.

It must be tough running a service that everyone wants a piece of. :-)

-p

Found the IRC message in the log, but could have been better by email.

Anyway your account shows no trace of ever being verified. This said if you "verified" using the very old method of sending docs by email to myself, it actually has no effect for two reasons:

• We created the new process because sending documents by email is only secure if all relaying MX servers are trusted and support SSL, and because of the large volume of emails we received. However when creating the new system is was not practical to manually go through all those emails and transfer the data to the secure storage.
• Because of AML requirements, we need an utility bill or any other proof of home address (having received a yubikey is not acceptable).

.
Also should be noted that the old MtGox system did not track users' verification status, causing all verified status to vanish when the switch was done in June 2011. Users were invited to re-verify at that time. If you didn't, then it means your account was not verified, and as such can end needing to be verified if specific conditions are met.

It should also be noted that we are actually required to require AML data from all customers, but allow use of the service anyway as long as we don't see anything that could be suspicious (in case of fraud we end paying if we don't have any aml data). "Suspicious" is defined as anything that has been known to be done by hackers. This includes accessing multiple accounts, using proxies, etc...


Also an extra note:

Paymium, I remember seeing that in my mailbox... Yep, the guys who registered a "bitcoin" trademark in France to steal the bitcoin.fr domain. Hope now they know that no, it's not "legit" to register a trademark for the purpose of taking over a domain name.

09:38 < phungus> damn, fail... https://bitcointalksearch.org/topic/beware-mtgox-arbitrarily-freezing-verified-accounts-105638
09:38 < Title> [ Beware, MtGox arbitrarily freezing verified accounts ]
09:39 <@MagicalTux> phungus: just checked, his account is not verified, and was never verified


Davout, looks like they don't think you are verified.

-p

Last response from the support :

My answer :
 - My account is verified
 - You have a copy of my passport
 - You sent a Yubikey to my home address
 - My account didn't go to an "Unverified" state, it went to "Fully locked". Right now I can not withdraw even a single bitcent.

If you want to somehow unverify my account because the documenation I submitted isn't enough anymore then fine, but take me to "Unverified", not "Locked down".

Additionnaly if there are additional verification requirements since September 2011 you should have notified me in advance, let me decide whether I wanted to comply or take my business elsewhere. But CERTAINLY NOT freeze my account and lock my funds without any kind of police report or accountability.

I do not think it is bad to have stringent AML requirements, it's even necessary. But the way they are implemented in my particular case is not acceptable. I refuse to see my money frozen arbitrarily and instantly.

The minute my account becomes unlocked I will repost my documentation because I'm willing to comply with the AML requirements. What I do not accept is the "locked funds" way of bullying people.

See my withdrawal limits to check that my account was indeed verified :

If multiple accounts access from different IPs, they also can't know whether it's the same individual or not. So detecting account accesses from the same IP seems kind of pointless.

I still think this is pretty boneheaded, but not as boneheaded as what they actually do. There are still many small ISPs whose clients *all* share a single public IP.

Still getting the third party thing down...

It's funny how often the expression "for your own security" is used as a justification for actually screwing you somehow. Even MtGox guys can't avoid using the rhetoric. (nothing personal, MtGox folks... but you could be more direct and frank about stuff, people here would understand )

This has nothing to do with security.
They have to be sure a given individual does not trade more than a small threshold, in order to catch tax evaders. It's not there to protect you or to catch actual criminals.
If multiples accounts access from the same IP, they can't know whether it's the same individual trying to trade more than the threshold, or if they're multiple individuals.

They could, though, sum the amounts transfered by all unverified accounts using the same IP and only block them when the total unverified amount passes the threshold. Verified accounts, as davout's, should not be frozen because an unverified account used the same IP.

Is this for the security of users? Or is it required by any regulations (directly or indirectly)?

If neither is true, Mtgox should consider removing this feature. Just my opinion 

+1
I can see very little justification for keeping this 'security feature'. If somebody was hacking accounts I doubt they would do it from one IP anyway. Unless the real reason for this feature is to prevent users from setting up multiple accounts?