Thursday, September 23, 2010

Credit Card Skimming and Card Issuers Behaving Badly

This past June I attended the CALI Conference, hosted by Rutgers University - Cambden. I stayed in the Philadelphia area for about ten days, since my sister lives there. I have a credit card that I often use for business and did on this particular trip. Not having used the card, which is currently in a locked box in Florida, since that trip, there should be no new charges. Yet, on August 20, 2010 two new charges appeared on my card from convenience stores located well outside of the Philadelphia area. Moreover, the record indicated that the user presented my card for the transactions, which I later learned were made at gas pumps with no receipt or documentation. As the card is here with me in Florida, I know I did not present it in Pennsylvania and that someone replicated my card.

Counterfeiters can replicate your credit card by "skimming" the data information from the card's magnetic strip during an ordinary transaction. (See Visa, Credit Card Fraud). They then use the information to make replica cards and engage in fraudulent transactions. The skimming behavior is just one way that fraud occurs. Of course, TILA 133(a)(1)(B) (Regulation Z 226.12(b)(1))limits the cardholder's liability for unauthorized charges to a maximum of $50 and network rules typically protect the cardholder (me) from liability. See Visa's Zero Liability Policy.

I notified the card issuer, Household Bank, of the unauthorized transactions right away. Within 24 hours, one of the vendors, Wawa, reversed the charge. The other merchant, Turkey Hill gas did not and within 24 hours I received the following email from the card issuer:


This charge represents an automated gas terminal charge. At the time of the
transaction, your credit card was not reported lost or stolen, and this type of
transaction required that your card be present.

In addition, your Account history indicates that this charge is consistent with your spending pattern. For these reasons, we consider this charge to be valid. Although we are unable to assist you, you may pursue this matter further with the merchant.

Note that because the transaction was electronic, we are unable to
provide a receipt.

Unfortunately, we have no recourse to pursue your dispute. Although we are unable to credit your Account, you may still pursue this matter further with the merchant.

If you require additional information, please reply to this message or call us at 1-503-293-4037 and one of our Customer Service Representatives will be glad to help you. To ensure a quick response, please refer to the following reference number: XXXXXXXXX.

For your records, you will receive a separate confirmation letter via
the U.S. Mail.

Sincerely,


Customer Service Department

Knowing I did not authorize the charge, I called the issuer to dispute this denial and to request a new card number. You see, issuers bear the loss generally under network rules in "face-to-face" transactions for unauthorized charges as long as the merchant follows the requisite procedures (often signature and authorization for the transaction). My suspicion is that the issuer would bear the loss in this case, so they wanted to force it back on the consumer. When I called, they told me initially there was nothing they could do, the "documentation" showed that I was in PA and made the charge. I reminded them their own letter said that there was no receipt and the back peddling began. Now, they admitted they were still waiting on a response from the merchant. They had no documentation. They would "reopen" the investigation right away. In addition to talking to them on the phone, I should also respond to the email confirming the conversation.

This type of issuer behavior really gets me going! They knew they did not investigate the transaction, but sent a denial right away of the claim I did not authorize the transaction. The "game" here is to send the denials on fraud claims knowing that only some consumers will pick up the phone and complain. Moreover, when I responded to their email as invited, it turned out to be a "no reply" email address. Since the issuer provides no fax number, I submitted yet another message through their online system. Surely this will take my time in following up on a $25 transaction, but I cannot give a pass to a card issuer attempting to avoid its responsibility under TILA and the Visa network rules regarding fraud. And some wonder why we need a Consumer Financial Protection Bureau . . .


- JSM

3 comments:

Administrator said...

Hi,


First of all I must confess that I've become jealous of your site after seeing it for the first time.

Actually I was going through your site, promptly dazzled by its design and witnessed many a great posts on bankruptcy. Especially, The Roller Coaster Ride of Bankruptcy.

I have some quality financial websites on debt, budgeting and bankruptcy with good PR, and very less OBL to maintain its quality and It'd be a great experience for our readers if we combine our sites by following :

Article Exchange
Link exchange
Banner exchange

It would be great to work with you, to build a bridge between two legitimate & reputable site would be beneficial for the visitors, as well as for us.

I maintain following quality websites and blogs:

http://www.monsterhols.com
http://www.fileyourbankruptcy.org/
http://www.weredefine.com/
http://www.savedude.com/
http://darngoodblogging.com/

Looking forward to your positive reply. Have a nice day!


--
Thanks & Regard

Adam Levitin said...

Jennifer, your issuer is full of sh*t. Transactions at automated gas pumps are considered "Card Not Present" and the merchant should be eating the loss on unauthorized transactions. Given that there is no signed receipt, there is no proof of authorization whatsoever. You should be getting a refund. (The issuer is certainly able to put the charge back to the merchant.)

Only potential catch I see: you say that you use the card for business transactions only, however. Is it is a consumer or a business card? If the later, you don't have the legal protections of TILA. I can't recall if the zero liability network policy applies to business cards (probably not).

Amzer said...

Hello,

After reading your blog, I wanted to ask you, have you ever run into a situation where you (or anyone else) has made a purchase at a store and when checking your bank records a second purchase appeared which was made at the same store only minutes before, however, you did not make this purchase? And during this time, the card was constantly in your posession? I'll check back to see if anyone has answered this question.