credit card fraud
 

I'm not sure where to put this so feel free to move or delete it should you see fit.

As an Aussie I get tired of paying over the mark for gear and happily hop on the net to purchase. I'm careful and haven't had a problem - yet.

I just made a purchase from a major U.S. supplier. this is my 3rd purchase and they insisted that I send a copy of my credit card before they would deal with me. I wasn't happy about this but since they are one of the Biggest suppliers, I didn't think there would be a problem.

My latest purchase has been declined twice by my bank and I'm told that a number of 'overseas' suppliers are keeping card details and these are being accessed and used illegally. The bank said around 500,000 transactions have been declined for that reason. They are not covering fraudulent transactions where credit card details have been given to a 3rd party.

I now have to arrange bank transfer and I'll be sticking to that from now on.

While it may be an Australian only problem, I thought it was worth warning people to take a little extra care.

It seems to be an increasing practice to ask for a copy of the credit card but that has to be held somewhere and it doesn't matter if that's a computer file or a filing cabinet - it's accessible to the wrong people.

these are urban legent that banks like to push because they got a real problem with internet and credit card.
Legally, there is no legal purchase with credit card without you having signed the receipt. So basically ALL transaction with credit card on internet are null.
The consequence is that if there is a problem, the scammer get the money, you put a claim against the payement and the bank MUST refund you.
If they refuse, you have to ask them the proof (signed receipt) that you do the purchase.
They loose money and they do not like that.
For the fact that sending your information can be stolen, this is totally wrong.
The only info needed is your credit card number (public data that everyone can see each time you get your CC out of your pocket) and you signature.
Your addresse, license number , passport copy, address are all informations that can help shop to identify you and make sure you are the owner of the CC, so they can prevent problems, but all these information can be usually grabbed from a simple phone directory and have no legal value for payement.

After all you go into a pizzeria, and pay with your CC.
Now the waiter knows all the info. your name, credit card info (number, exp. date, and extra code (on the back). He even get a copy of your signature.
A simple search in a phone directory and he got your address and phone number. that is more than usually any shop require to accept your credit card.
That is why some shop require a copy of an official document (license driver/passport). If you are really who you claim, they think you should be able to show it.

But again, from the legal point of view, the only thing that is valid in case of problem is your signature on the CC receipt.

urban legend or not - the bank is refusing to allow my transaction to go through. It's a blanket ban on overseas transactions - now that I say it - it sounds crazy. The company I'm dealing with has a great reputation, I've said that the purchase is genuine and the bank is still refusing to proceed with the transaction.

This is a very real problem for vendors like Videoguys as well. We try to process international orders in a timely fashion. Unfortunately we do run into issues that cause delays or even declines in purchases.

Here are a few things you can do:

1) Make sure the bill to and ship to address are the same

2) Contact your credit card company. Make sure they know you make overseas purchases and from what stores. If possible, see if you can get a seperate card to use just for these transactions.

3) In the USA when we process you're card, electronic systems automatically check if you are you. It's not perfect, but it cuts down on fraud dramatically. Because most overseas credit card banks do not allow us to get electronic address verification these orders are harder to process. Check to see that your bank will confirm this information when asked. You may need to supply something in writing to them.

As a result of these problems we now accept payments from overseas customers via wire transfer. While it adds a cost to you (typically $10-25) it makes the whole process go faster.

Gary

Hi..................
 

I'm familiar with this scenario.

I too was going to use my credit card to buy from a similar (identicle?) US retailer of repute. Then I read the small print about sending a photocopy of the credit card itself for "verification".

I pondered this for some time, then rang the credit card company here in NZ.

The basic question was:

"Am I operating the card outside it's terms of use by sending off this information?"

The answer, in between appoplectic fits from all concerned at the CC company was, "Oooooh Yes".

The bottom line is this:

The retailer is doing this on international transactions (only some mind, certain countries ie. Canada etc are exempt, many others they will not accept CC orders from, period - I personally believe, but cannot prove, that this is because said countries have passed legislation making it illegal to ask for such "information") to try and prevent fraud.

All well and good. It does, however, lead to the question:

No matter how respected the retailer, can they really guarantee the honesty of their staff & systems to the point where they can assure you (or I, or the CC company) that these details cannot be used illegally?

The answer, of course, is NO.

Anyone on the planet who provides a photocopy of both sides of their CC to ANYONE, is using their card outside it's "Terms of Use". The CC company can, and will, refuse to honour any and all transactions subsequent to this action being taken (if they know about it) for any amount, no matter how incurred.

They can cancel your card, blacklist you and generally make your life a complete misery.

That the retailer concerned is well aware of this is only too certain. That it singles out customers only in certain countries is regretable. That it declines CC transactions from certain countries entirely is sad. That it knowingly asks certain international customers to break their explicit "Terms of Use" is worse than obscene.

To give the retailer concerned it's due, they are only trying to prevent international CC fraud as best they can, tho' I'm having a hard time figuring out quite how asking for this information actually does that.

Interestingly, I've just done a quick check of the retailers web site (come on, we all know who's being talked about here) and cannot find the rather interesting list of countries they will not accept CC orders from. Guess you've got to go shopping first.

Whatever, untill the situation changes, it's bank transfers or nothing, which at $50 a throw really is a complete pain in the proverbial.

Giroud, Internet CC transactions DO NOT use a signature. Period.

Carefully reading the "Terms of Use" that come with your CC will highlight all sorts of scary stuff.


CS

You make some great points.

The reason we ask for the copy of the credit card is that it weeds out 90% of fraud. Unfortunately it also costs us business. Some customers will not do it. Others will only reluctantly.

I am not sure if faxing over a copy of a card violates terms of use, but I can certainly understand that a Bank would tell you it does. I would also expect that any fraudulent sales occurring as a result of giving this info would be a big problem for you.

I am 100% confident in the integrity of my staff. We are a small family owned business.

Please keep in mind. Every time you go to a restaurant and hand a waiter your card they walk off with it and you have no idea what they are doing with it. I've had my credit card number stolen by what the police called "dumpster diving". We've also seen reports of cashiers using their cell phones to take pictures of credit cards and then selling them. Credit Card fraud adds up to huge amounts of money.

Our international policy is for fraud prevention. it exists for no other reason. I wish we didn't have to do it. If the international banking and credit card companies would provide address verification we would not have to take such extreme measures.

Gary

the answer of the bank is pretty stupid.
The card, what is written on, is public. Anybody can see it and to use it, most of time you are providing the info written on it (you know to pressure print they make with this nice device ?).
and the first thing you give when you purchase something is the name, number, expiration date, and CC code. So what ?
So it is totally stupid to say that a photocopy of your card is breaking anything. Change your CC provider.
Yes internet do not use signature and that is the BIG problem of the banks.
Cc have been created before internet, and you were supposed to be identified by the cashier because 1) you got the card 2) you can prove who you are with another official document (passport, driver license) and 3) (this is the only important one because it can be used legally) you sign the receipt.

So with internet , they have a big problem. You cannot sign the receipt anymore (well... you could if the seller send you the receipt, you sign it and return, but that would take ages) .They cannot block the use of CC for payement over internet because it is a huge business. On the other hand, using the card that way is totally unsafe for them. Because there is nothing that prevent you to refuse to pay something purchased that way.
Well you can say it is not you who made the purchase, then they will ask the seller where he sends the good. If the seller can proove it is to your address, then you will have to pay. If it is a different address, they probably will refund you and advise the seller that he should not accept to send goods to different address than the one on the card (but too late, the seller already got the money, so the bank is the big looser). if the seller does that too often, they will probably reject all request from that seller, that is why usually sellers are a bit finnicky about a sending stuff at the same address that the one linked to the card. They want to keep in business.
If your bank refuse to let you use your card that way, well, it is very wise, because they won't loose money... but they will loose customers.

That is the problem of most sytems today. They mix IDENTIFICATION and AUTHENTICATION (who you are and what you are allowed to do).
The CC card IDENTIFY you (with numbers, names) but you AUTHENTIFY by signing the receipt.
IDENTIFICATION can be stolen or forged. AUTHENTICATION (your willingness to sign a document) should be your protection.
Most of today's systems are not made that way unfortunately.

Er, Gary............
 

Hate to say this old son, but THEY DO!

We have an interesting situation here in NZ where, due to not unusually blinding stupidity on the part of "someone", the mail Postcodes have been changed.

All well and good, except.......Half the databases in the country have the old postcode, half the new.

I bought something from Music123 last year (a Zoom H4, as it happens) and came unstuck on this very point. The postcode I supplied (new) did not match the postcode on the CC companies database (old).

(Just to be clear, this was a card issued and run in NZ being used to make a purchase from a USA company)

The transaction came to a grinding halt for well over a week till the ensuing mess could be sorted.

Seeing as your best safeguard against fraud is to ensure any goods purchased with a CC are delivered to the address registered against that card, I do not see how you conduct business without access to that information.

Certainly Music123 has access to this information, as do most of the other retailers I've dealt with both here and in the USA.

I think you need to ask some serious questions of someone.


CS

I'm sure within NZ (and within any other country) you can get address verification. My problem is that we can't get foreign address verification here in the states for our international customers.

Add int he postal switch you are going through and it's no wonder sales are delayed.

In time I'm sure technology will work this out. it may just be that our systems here in the states don;t talk to your systems the right way. results in unavailable codes, which may really be a "we haven't figured out how to do it yet" problems.

Gary

Er, Gary.............
 

The point of my previous post was just that.

Address verification of some international customers is MOST CERTAINLY available to companies in the USA.

[I'm going to qualify that: To countries whose banking/ data protection laws allow the transfer/ access to such information. I have no doubt there are some banking regimes which DO NOT allow such cross border data transfer, which perhaps explains some companies refusal to accept CC transactions from said countries]

That is how I got hung up with Music123 (a USA company).

I will say it again, I think you need to have a chat to someone at your end.


CS

that is why most of serious seller ask for a photocopy of the card.
1) it prooves you got the card (but it does not prooves you are the one you pretend to be)
2)the customer service number is written on it and a simple phone call will give the answer.

Unfortunately, the fact that your card is signed by you has no value.
The card is an ID and the signature is a sample.
If somebody steal your card, he steals your identity, not your authentication.
if he tries to sign any document imitating your signature, he is making a false authentication. Legally this is a lot heavier than a simple identification theft.

If you got problems with your CC, just use paypal. Almost everybody today accept Paypal. and it is faster ans safer than CC.

A photocopy of a card only proves you have a photocopy of the card, the photocopy could be stolen.
Paypal has all the same drawbacks to a seller as a credit card, and if the seller used a credit card to make the paypal payment, all the same drawbacks apply to the merchant. (stolen paypal accounts, funds taken from stolen bank accounts, credit cards, etc).

I'd love to ... but

"We will accept PayPal for US, Canada & UK customers only, for customers of all other countries please select another payment method."

I can see no reason why this would be unacceptable (unless Paypal are charging the retailer a fee)

when we are able to get electronic address verification we use it.

I wish there was a simple solution to prevent fraud and allow us to maximize our international business. It frustrates me as the vendor as much as it does you as the customer.

Gary

Our credit card processor DOES NOT have overseas CC address verification so we only accept CC from the US. Canada is also out as our processor only has verification for US addresses.

We accept PayPal from verified overseas customers and so far haven't been burned but I'm sure if you look deep enough in those terms of service there is a way for PayPal to award the customer on any dispute or fraud.

It's shame really since the US dollar is tanking and we get a lot of cranked off potential overseas customers who want to buy with their CC.