‘Sorry you lost the money’: Couple loses thousands of euro of wedding savings in Revolut ‘ordeal’

[Dr Strangelove]

you are far more likely to be victim to a scam via Revolut in spite of that functionality,

So a product with more security features is more vulnerable‍?

far less likely to get your money back.

All providers in the EU are under the same legal obligations with regard to reimbursement in case of fraud. Maybe some provider might go beyond that but I haven’t seen evidence of this.

 

[elcato]

You can set monthly spending limits on each Revolut card. If you usually only spend €1,000 a month then you set it to that and you can later increase it if need be. That way you can have as much as you want in your account but scammers can never take more than the remaining limit.

....Or do as Brendan and others suggested, never have more than €200 in it in the first place and if you do move it to a vault. Mind you, we're all screwed if someone can manage to get all the details needed to download the app on their own phone and login as you. I have an OTC to my current account funding it so hopefully they could add money.

 

[Lightning]

@Bobby123 - It would obviously be really interesting to get to the route cause of your issue. Have you had your device analysed for malware?

 

[murphaph1]

Was the old phone completely wiped of data before it was handed over to the person in the Apple shop? I tend to wipe my phones and destroy them myself when they are life expired, just to be on the safe side. They usually end up with a cracked screen and pretty beaten up so are worthless by the time I choose to replace them. I buy €200 Android phones every 2/3 years though, not iPhones that cost ten times that or whatever they cost these days. I don't "need" to sell my phones on to recoup anything.

 

[Gordon Gekko]

Apple stuff is expensive, but I never hear about iPhones being hacked.

 

[gnf_ireland]

@Bobby123 Firstly I am delighted you got your money back. At least that is one less thing to worry about here

Interesting in your comments they said that Revolut said it was either Apple Pay or Google Pay - sounds like they either didnt know or didnt want to tell. I would have assumed this was straight forward for a bank to tell from the transaction - although probably unlikely that your normal call centre agents would have access to this detail.

I am still confused as to how the card was added to either Google Pay or Apple Pay without the second level of authorisation [app or SMS notification]. Having the standard credit card details is not enough to add most cards now - you need to approve on an app or get a code by SMS.

The other concern I would have is if this is card is added to Apple Pay or Google Pay somewhere, and the device has been authenticated, then it is possible for other transactions to be made if someone still has access to the device. Once authenticated, all you need is the passcode of the device to make transactions. I would immediately delete the card and get a new one reissued if you need one.

 

[gnf_ireland]

Lots of discussion on whether Revolut is less safe than a traditional Irish bank. The same applies to all Fintech's [N26, Monese, Bung or whatever]

Personally, I believe the Fintech's give you more control on how you can manage your card, whether it being security features via the app [limits, ability to freeze cards etc], as well as most offer pockets/vaults to store excess funds so they cannot be accessed as well as virtual disposable cards for one off transactions. I also find that they almost universally require MFA for online transactions, whereas Irish banks were very slow to introduce this. They also support real time visibility of transactions, including failed transactions - something I have never seen from an Irish bank.

The biggest problem with all modern banking is the fact its (a) immediately accessible on your device and (b) electronic. This means that you need to be ultra secure and there are more points that can go wrong. The more parties involved in a transaction chain, the more likely they will all try and blame each other for it.

So I do not hold the position that Irish banks are safer than Fintech's. Absolutely the opposite. However, in the event something going wrong, you can walk into a branch and try talk to someone to get it resolved - not sure how successful you would be, but you might be put in touch with someone who can help. That's probably the main difference if we are all honest....

 

[Firefly]

Maybe not applicable in this scenario but I use App Lock on my phone for lots of apps like banking, email, WhatsApp, Text messages, phone settings etc. Your phone might be robbed when it's unlocked. Perhaps your banking apps have MFA but someone could do a lot of non-financial damage with access to your email & communications apps. Granted, it's a little slower opening my apps as I need to press my finger-print but I think it's worth it.

 

[gnf_ireland]

@Firefly this is what I mean I guess with the security conscious aspects of owning a phone. There are lots of apps you can use to increase security and they can become like Fort Knox at times.
I remember reading a story at one stage that Apple would not unlock a terror suspects device - this is how serious they take device security and encryption.
https://www.inc.com/jason-aten/appl...-terrorists-iphone-heres-why-it-shouldnt.html
I think we all should be thinking the same way about them

 

[Persius]

I use Revolut, mainly as a back-up solution and also for when travelling outside of the Eurozone. But I generally only keep €200 or so in it.

I think there are two ways that Revolut can be "less secure" (either in terms of fraudulent transactions or in terms of getting money back) than the "traditional banks".

Firstly, the Revolut card is a debit card (as I understand it). So if a scammer can use it to make a purchase, the money's gone immediately, and you have to fight to get it back.

Secondly, many/most people using Revolut put their card on Apple/Google pay. As I understand it, it just takes a single authorization in Revolut to put that card into any Apple/Google pay app. After that, the scammer can use the card as much as they want without any additional verification.

In contrast, with a traditional credit card, the money isn't gone immediately, Once you get the bill, you can dispute the transaction. And, if you stick with using the plastic card, it is easy to find out whether the transaction was via chip-and-pin, contactless, mag stripe or cardholder not present. If it was chip-and-pin, then extremely unlikely to be fraudulent. If anything else, you can dispute it and stand a very high chance of getting your money back.

Over the years, I've spotted 3 fraudulent charges made to my credit cards - BOI Mastercard and corporate AMEX. In all cases, a simple phone call was enough to get the charges cancelled.

 

[Dr Strangelove]

@Persius

Disputing a fraudulent transaction is the same for a debit or credit card, whether you use Apple/Google Pay or not. Lots of cards can be added to Apple/Google Pay, not just a Revolut one. You always approach The card issuer, not Apple/Google Pay which are just pass-through wallets.

Personally I’m far more relaxed using my card via Apple Pay with facial ID than a piece of physical plastic that I could lose on the street and anyone can then enter a shop and use to tap for purchases up to €50.

 

[murphaph1]

Exactly. I keep trying to tell my wife that. I can't use my Google wallet unless my phone is unlocked. My credit card is unlocked for contactless payments all the time. I'm now leaving more and more cards at home and just using my phone. I've also taken to freezing my cards once I get home and only unfreezing the ones I intend using before leaving the house.

 

[arbitron]

Another useful security measure with Revolut is the single-use virtual card. They can be used for online purchases (or over the phone) and then you can immediately replace it with a new, single-use virtual card. The merchant who took the payment cannot charge you again on that card as it has expired instantly but you can still get a refund. If someone steals/intercepts the details they won't work. Really handy.

 

[Brendan Burgess]

Would someone like to write a Key Post on the following

Steps you can take to keep your credit and debit cards secure

 

[smndly]

Would someone like to write a Key Post on the following

Steps you can take to keep your credit and debit cards secure

I find the trend of moving all the digits on the physical cards to the back a massive backward step.

The whole point the CVV was on the back and the long number was on the front was to reduce risk of fraud. Now someone just needs to get a lucky photo of one side of your debit card and can fleece your account

 

[Fortune]

I find the trend of moving all the digits on the physical cards to the back a massive backward step.

The whole point the CVV was on the back and the long number was on the front was to reduce risk of fraud. Now someone just needs to get a lucky photo of one side of your debit card and can fleece your account

I have a couple of cards without the CVV on them (they're on the app and are variable). I have another card with no numbers whatsoever on it.

 

[coolwap]

I have another card with no numbers whatsoever on it.

This is the way.
Mine doesn't have a number at all and CVV is fake. Actual CVV is available in the app and changes every hour.

After moving to Ireland, I was shocked that lots of services ask for your full card details over the phone or email instead of generating payment link. And most annoyingly for unknown reasons Revolut disposable card does not work in such cases.