We came home after a relaxing week-long visit to England to find that my direct debit to our gym was bounced by my Wells Fargo credit card. I logged on to my account on the bank's website to find that someone in Atlanta, GA, had been "using" my credit card to rack up about $7,000 in charges, all within a couple of hours on the day we flew out of Denver. I was at 38,000 ft when the fraud occurred. The charges had triggered the automated fraud system, and Wells Fargo put a hold on the card. From which, of course, automatic debit transactions started failing including the one for the gym.
(The story so far is bittersweet: every time I try to use my Wells Fargo credit card outside the US, it's automatically refused and the card is put on hold. I have to remember to phone them before I travel to tell them that I'll be using it outside the country so that this doesn't happen. I'd forgotten to do that this particular trip.)
I phoned up a very nice lady in the fraud department at Wells Fargo, sorted out which charges were fraudulent, and she then cancelled the card completely. They'll be sending me a new card in a few days with a new account number and transfer all the valid charges to it. I am grateful that I didn't get the third degree about who had access to my credit card, and was it possible that someone could have used it without my knowledge? (I kid you not, but this happened with US Bank when I saw fraudulent charges on that last year.)
Anyway, this isn't particularly about that. It's about what went wrong. I'm guessing that these charges were made with a fraudulent physical card, the magnetic stripe on mine had been copied and then transferred. I'm assuming "physical" since most if not all online stores require the CVV (that 3-digit number printed on the back) and mine has worn away and is illegible (I keep my cards in my wallet in the back pocket and, let's just say, it's a hostile environment...). I don't use this card for online purchases at all. So, someone duped the card and eventually used it in an orgy of purchases until it was locked out.
The interesting thing for me is that I'd just been to England where all credit cards are smart cards with those little chips embedded in them. The same for Europe as a whole, for that matter. It's not easy to dupe such a card, not only for that particular reason but for the additional one that when you pay for things, say a meal in a restaurant, you have the card in sight at all times. The waiter will come to the table with a wireless card reader that will debit your card there and then: you put the card in the device, chip first to allow the machine to validate the chip, and then type the PIN, and the transaction goes through.
Why this technology is not available in the US, I have no idea. Certainly, the credit cards are more expensive to produce and program (and the merchants' readers would all have to be changed too), but compared to losses due to physical fraud I'd have though it would be worthwhile. Of course, this does nothing to alleviate online credit card fraud where no physical card is present.
The other thought I have is that, despite considering myself to be a careful credit card user, I've now been defrauded on two separate occasions within the past 13 months. (The last time was using a duped card too, in a gas station to get fuel.) Am I unusual? If not, then no wonder credit card interest rates are so high — the banks have to pay for the frauds from using unsecure systems.
Now playing:
Pet Shop Boys - This used to be the future
(from etc.)
Loading links to posts on similar topics...
5 Responses
#1 Davy Landman said...
11-Jun-09 12:27 AMYou'd be surprised, but in the Netherlands our debit cards have the same problem. The last few years the skimming victims have increased a lot. We've got the technology on our bank passes, but the retailers are reluctant to switch and the company behind the transfers is afraid to change too much because their current infrastructure isn't stable at all.
So if such a small (but technologically developed) country has problems making the switch, imagine what a big country such as the US would have?
#2 richard morris said...
11-Jun-09 11:07 AMMany cards have chips in Australia and have for over a decade. We have 5 national banks here, which makes it easier to implement than in the US market - but a part of the reason is that the US has been behind in consumer technically for over a decade in areas like this and cell phones, HDTV, internet, etc.
The day I bought my TiVo in the US, I found out my Amex was canceled for a fraud profile breach ... turns out someone had swiped the carbon and bought 5 pairs of Nikes and several gold chains with it ... but the cool thing was they caught it before I did, on what turned out to be the second fraudulent transaction, were able to figure out themselves all the fraudulent transactions (which I never saw) and hand delivered a new card to me downtown the next business day. Very impressive.
#3 Phillip Blanton said...
11-Jun-09 4:08 PMNow I consider myself very lucky as I don't think I have ever been defrauded. My credit cards haven't been compromised. I will watch them more closely now.
#4 Van Swofford said...
12-Jun-09 7:59 AMMy wife got hit with the gas pump thing, and they had made a dupe card within an hour and used it for electronics at Best Buy and groceries. These guys are fast! I wish we had the smart cards here in the US. I try to use cash whenever the card would be out of my sight, but a gas pump, gee, you're swiping the darn thing yourself....
#5 AMcGuinn said...
13-Jun-09 6:20 AMChip and PIN has been followed by a large increase in card fraud in the UK, possibly because it multiplies the opportunities to obtain somebody's PIN, since it is now exposed every time you use the card, instead of only in the relatively controlled environment of an ATM.
Leave a response
Note: some MarkDown is allowed, but HTML is not. Expand to show what's available.
_emphasis_**strong**[text](url)`IEnumerable`* an item1. an item> Now is the time...Preview of response