# Fraudulent Visa transaction - any advice?



## oysterman (26 Apr 2005)

Checked my (AIB) Visa bill last night and there was a transaction located in Vilnius 2 weeks ago for over €300.

Rang Visa and a very efficient woman entered a query on the transaction which they will investigate (she asked me all the daft questions you can imagine about whether the card was out of my sight over the last month etc.) and if it turns out to be genuinely mine I'll have to pay a fee of €3.90 (I think). In the meantime it will be taken off the bill and the resolution will take up to 30 days. Good customer service and I'm very happy.

Afterwards it did occur to me that it was surely surprising that I wasn't offered a new Visa account with different details. After all, somebody has my details and is clearly prepared to use them.

Has anybody else had this experience and were you offered a new account? Should I call them and get them to do so myself? Or have the banks given up on security and the only real protection you can have is to religiously check your statements (I must admit to being semi-delinquent in this regard...)?


----------



## stobear (26 Apr 2005)

I had some unusual transactions on my Visa card some years ago and they sorted it very quickly, but you riase a very good point, I was not offered a new account. Saying that no other unusual transactions occured since.........


----------



## extopia (26 Apr 2005)

I had this problem with my TSB laser card about a year ago - about €1000 worth of transactions. I was refunded the money and I asked the bank should I change the card. They said not to bother. Seeing as how it's the bank that suffers in a case like this (i.e. when you notice such transactions) I was surprised, to say the least. Made me a little suspicious too, I have to say...


----------



## ClubMan (26 Apr 2005)

This happened to me before. I cancelled the card and requested my bank to do a chargeback on the authorised payments. I got a full refund and a new card. In general this would seem to be the most prudent course of action. The terms & conditions of cards may be more restrictive these days and may put more of an onus/excess on the cardholder.


----------



## Decani (26 Apr 2005)

I just happened to be looking at my online account yesterday and noticed €700 in two transactions in Australia. I rang BOI and they stepped through another 4 or 5. In total, there was about €3000 spent (I wouldn't mind but they appeared to be quite keen on Woolworths). BOI had tried to contact me last week but couldn't get through so they had been alerted to some strange goings on. First of all there were a couple of small charges (about 90c/€1) just to make sure the account was active. Then they must have gone ahead and 'burned' a real card with my details and went shopping in Woolies.

They cancelled the card there and then and said I'd have a new one by the end of the week and verified that I'd be refunded the missing €700.


----------



## extopia (26 Apr 2005)

What about the other €2,300? You implied there was €3,000 of dodgy charges in total?

By the way are they charging you for the new card?


----------



## oysterman (26 Apr 2005)

So the answer appears to be that the banks are happy enough to bear the loss and, by deduction, the cost to them of encouraging the cancellation and redesignation of a compromised account outweighs the benefit of nullifying the information that the criminals hold about their customers.

It makes one doubt the sincerity of their campaign against identity fraud.


----------



## ClubMan (26 Apr 2005)

Don't the banks recover some or all of this money from the end merchants so they are not always totally out of pocket?


----------



## Decani (26 Apr 2005)

extopia, I had brought the two _statemented_ transactions to their attention and they said that a correction would appear in my next statement. He then went through the other transactions, one by one, ensuring that they too were dodgy. I'm assuming all transactions that I didn't genuinely make would be refunded.


----------



## Crunchie (26 Apr 2005)

I had fraudulent internet use of my Tesco Visa Card last year. The bank spotted it before it was debited to my account. They rang to check if the transaction was mine and when they knew it wasn't immediately issued new cards/account number.

Tesco Visa tend to phone from time to time to check transactions they see as unusual so full marks to them.


----------



## oysterman (26 Apr 2005)

Guess John Rusnak would never have got away with it if he'd worked for Tesco.....

Clubman's probably hit the nail on the head - if the banks aren't bearing the cost of the fraud (because the retailers are liable) they simply couldn't be bothered bearing the cost of anti-fraud measures over and above the standard product upgrades like chip and pin.

Individualised security measures generate complexity for the banks so they will try to avoid them and walk the tight line between customer distrust of credit cards and the massive profits they generate through minimising expensive cash handling, the margin they skim off the retailers and the grotesque interest rates they lure their customers into paying by ensuring they automatically "grant" limit increases to ensure an ongoing negative balance.


----------



## ClubMan (26 Apr 2005)

oysterman said:
			
		

> Clubman's probably hit the nail on the head - if the banks aren't bearing the cost of the fraud (because the retailers are liable) they simply couldn't be bothered bearing the cost of anti-fraud measures over and above the standard product upgrades like chip and pin.



I don't think that I hit that particular nail on the head to be honest...


----------



## DrMoriarty (26 Apr 2005)

It's not too far off the proverbial head of some-or-other nail, though...!

But then I find it hard to speak well of credit card/credit agencies, as a 'breed'...


----------



## ClubMan (26 Apr 2005)

Has everybody on _AAM _taken to speaking in riddles since the move from _ezBoard _to _vBulletin _or something? Or is it just me finding it difficult to interpret many posts these days...?


----------



## extopia (26 Apr 2005)

Looks clear enough to me, Clubman. Perhaps it's you? Perhaps it's not always necessary to spell out every possible interpretation of every post?


----------



## ClubMan (26 Apr 2005)

Probably me so. Perhaps time to take a break and concentrate on those admin tasks as I promised last week ...


----------



## cuchulainn (2 May 2005)

after I closed aam on friday last i check my mbna credit card online, to discover that there was an unposted transaction for €1 outstanding  which after reading the above posts sort of had me worried  as everyone knows you cant use a credit card for very small amounts. checked with mbna and turns out paypal was the offender after i have given them my new card details.  dont know if they actually intend to debit the account or just 'testing ' it


----------



## extopia (2 May 2005)

Yes paypal does this, and as far as I know they tell you about it when you sign up (at least they told me, but it was several years ago). Usually it's a small deposit to your account which you get to keep (at least it used to be), so nothing wrong with that!


----------



## Unregistered (2 May 2005)

hiya,

i work for a leading credit card firm in england and have worked in the Chargeback dept for many years now.

when a customer disputes a transaction the first thing to do is get a dispute form out to the customer, when that arrives back it gives the bank the authority to request a copy of the sales voucher(visa regs state the merchant has up to 60 days to provide), when this is received if it turns out to be fraud i.e someone elses details then the bank have the right to return the charge back to that merchants bank and credit the a/c accordingly.

it would be then that the bank block the card and issue replacement with new details.  however, if a customer disputes numerous  transactions or its an already known fraudulent merchant then the card is blocked immediately.  i really think this is down to the individual organisation.  

if the transaction is from a counterfeit card then the bank used to take the loss but with chip & pin its different.  the liability is on the merchants side, if a card is a "chip & pin" and the merchant accepts it as a signature then if it turns out to be fraud the merchant looses.  but the customer will not stand the loss unless they have given their pin number to a 3rd party or allowed access to it by writing it down(even when disguised as a phone no etc)

now i hope this clarifies things a bit.

sinead

xx


----------



## extopia (3 May 2005)

>>but the customer will not stand the loss unless they have given their pin number to a 3rd party or allowed access to it by writing it down(even when disguised as a phone no etc)

How on earth does the bank determine this? By asking the customer?


----------



## oysterman (16 May 2005)

Well, folks, it's happened again.

Have been checking my visa account through AIB's online service every few days since the Vilnius fraudulent transaction on April 15 (€313 to a company called Aviaekspresas).

Tonight found €330 approx. to the same company a few days ago and a further fraud of €160 approx. to Aer Lingus - both were internet transactions.

Rang AIB and they agreed to do what I think a number of us believed to be the only prudent thing in the first place a month ago, namely cancel the account.

But what astonishes me is the systems failure here. They were already "investigating" the previous fraud and, while this "investigation" was under way they allowed a transaction via the internet with the same company as the original fraud (for almost exactly the same amount of money). This simply boggles the mind. Do they really have no way of putting a block (at least until authorisation is given by the cardholder) on a transaction identical in all material aspects to one which they have been informed within the last month to be fraudulent?

My name is oysterman and I'm proud to be an AIB customer.


----------



## extopia (17 May 2005)

Given that aviaekspresas is a travel agent and the person is most likely buying airline tickets, it should be reasonably easy to track him or her down, you would think.


----------



## tonka (17 May 2005)

Im sure the 'person' is back to Dublin from Vilnius already and should be easy to track down


----------



## Vanilla (17 May 2005)

Strange that they didnt cancel the card in the first place- I recently had fraudulent transactions on my AIB Visa - the first I heard of it was when they rang me to check whether certain purchases were made by me- about 10 different purchases of software for about €40 each and a few other assorted items totalling about €1300 or so. When I confirmed the purchases were not made by me, they immediately cancelled my card and sent a new card and PIN.


----------



## sherib (18 May 2005)

Wondering if your c.c. was copied at a retail outlet or online? Asking this because if the former, we'd all need to be checking on a regular basis.

If the latter, that's easily solved by using Transactonline (AIB). I started using it a while ago and it's great. You have to phone AIB's IT dept. and they set it up. The O Card generates a dummy cc number with every purchase so there's no worry any more about fraud - I hope!


----------



## oysterman (19 May 2005)

Sherib,

Thanks for that - I'll give it a go....


----------



## RainyDay (31 Oct 2006)

I finally got round to checking my August  statements for NIB Visa over the weekend and I noted what appears to be a double-posting of a transaction - same date/amount/merchant.

In the good old days, you could simply dispute it and seek a copy of the signature for both transactions. In the 'new improved' world of Chip & Pin, what information can the bank provide if I do dispute these transactions? Can they provide the time of the transactions? Or the detail of the products?

Cheers - RainyDay


----------



## ClubMan (31 Oct 2006)

Do they not still just do a chargeback on disputed transactions to find the authorisation (signature or, these days, some sort of chip&pin/swipe log)?


----------



## Amygdala (31 Oct 2006)

Each transaction should have a time index to the nearest minute printed on it. So if there is two transctions of equal amount occuring in the same minute then this should prove duplication.


----------



## ClubMan (31 Oct 2006)

Is that all that they can check? Does each transaction not have some other sort of identifying checksum/token or something like that


----------



## Amygdala (31 Oct 2006)

I am sure that there is some unique number genereted with each transaction but I do not know the term and where one would find this. Hypothetically if the error lies with the shop and the card was swiped twice for what ever reason then two unique numbers would be generated. So perhaps the time line may be more important.


----------



## RainyDay (31 Oct 2006)

Amygdala said:


> I am sure that there is some unique number genereted with each transaction but I do not know the term and where one would find this. Hypothetically if the error lies with the shop and the card was swiped twice for what ever reason then two unique numbers would be generated. So perhaps the time line may be more important.



But if they swiped twice, my missus would have had to enter the PIN twice for 2 valid transactions to be logged - right?


----------



## Amygdala (1 Nov 2006)

During my college years I worked as a waiter and barman (in the pre-chip&pin era) and witnessed on several occasions the following scenario....Inexperienced floor staff swipes a cc for €13.60 instead of €136.00. This goes unnoticed until receipts are balanced at the end of the night. At which point the manager can access that same transaction and amend it to the correct amount.
As far as I understand, once a cc is used in a shop that transaction can be amend at any point for the remainder of the trading day.


----------



## z107 (1 Nov 2006)

> I'll have to pay a fee of €3.90 (I think)


On top of the fee the merchants also pay to the bank.



> So the answer appears to be that the banks are happy enough to bear the loss and, by deduction, the cost to them of encouraging the cancellation and redesignation of a compromised account outweighs the benefit of nullifying the information that the criminals hold about their customers.



I'd like to correct this. The merchant bears the loss, not the bank! The banks have no risk, they just collect their high commission.

As a merchant, we've had a few chargebacks, and we always are the ones that foot the bill. Sometimes fraudsters use our credit card processing system just to check a card works. They don't even want the stuff they are buying. No come back for us.

We've even had people forget that they ordered stuff. They then cancel the order, and we're left to prove that the customer did in fact legitimately order the goods (as well as a load of transaction costs)


----------



## liteweight (15 Nov 2006)

I just checked my MBNA account online and 667 euro was paid to a firm through Paypal. We did not make any purchases and were in Spain at the time of the transaction. Rang MBNA and was told the department won't be open until tomorrow morning. OH insisted they cancel the card. He checked Paypal records and there is no record of this transaction on our account???


----------



## extopia (16 Nov 2006)

Well if your credit card has been registered to another paypal account your cc company should have a trail, as  a cc can't be registered without a test transaction going through first.

Maybe your OH bought you a secret Christmas present?


----------



## liteweight (16 Nov 2006)

extopia said:


> Well if your credit card has been registered to another paypal account your cc company should have a trail, as  a cc can't be registered without a test transaction going through first.
> 
> Maybe your OH bought you a secret Christmas present?



I wish!  No we both spotted it. We don't really understand how Paypal could accept the cc no. when it's already registered as ours? MBNA says we're not liable if we didn't make the transaction. It's strange though because the statement says it was paid to Skate World, which, when we looked it up, sells hockey and figure skating equipment.


----------



## extopia (16 Nov 2006)

Cancel or replace the card right away if you didn't make this transaction, unless the cc company can tell you the mistake was at their end.


----------



## liteweight (16 Nov 2006)

Yes we cancelled the card. The cc company said there was no need to do so, particularly as we hadn't spoken to the department who deals with this kind of thing (not open until morning). Mr. LW insisted. We only checked the balance  online because we'd been away and wanted to see what the damage was. Normally we wouldn't have known about it until the end of the month. God knows how much more would have been spent on it by then. We have a limit of approx 15K!!


----------



## liteweight (17 Nov 2006)

Well Paypal agreed that it was a fraudulent transaction. MBNA have to do their own investigation before they'll take the amount off our card. I was surprised to learn that they would not tell us anything about the transaction, not even which country it originated in. It would have been handy to know as when we get our new cards, we might still be dealing with the same companies/hotels.


----------

