We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
business credit card fraud
Comments
-
To determine who is at fault you have to work out how the fraud occured.
You can't blame network downtime for an incorrect result, as if the payment network is down you will recieve a message stating as much, not a 'matched' result.
For a matched result to be received the card must have been both live (not lost, blocked or reported stolen) and the AVS and CV2 results must have passed.
AVS links the numerics of the input address to the numerics of the card registered address, so there are ways to fraudulently pass this part of the check; e.g. if the card is registered to 1 High Street, AB2 3CD and the address given is 1 Park Lane, EF2 3GH that would give a 'matched' result from the AVS system.
CV2 simply means that the 3 numbers on the back of the card are correct, indicating that the individual is in possession of the card in question.
Were the goods delivered to the given address and signed for by the given individual?0 -
I'm aware of a similar situation, with a fully kosher authentication, and the bank later reversing the trandaction as fraudulent. The difficulty being there was no legal redress due to the Merchant user agreement for 'Customer Not Present' transactions.
The card number had indeed been valid, but the account had been hijacked, and the address was not of the original cardholder, but one recently updated by the fraudster. This resulted in the correct authentication taking place, but just because this has happened does not protect the seller, as the sale is not final when there is fraud. When this is identified, everything rolls back like a pass-the-parcel game until the music stops. The seller is expected to have insurance to protect himself from this, and providing there has been no hint of the seller being complicit, this would be paid out.
The rules are very different for customer present and customer not present, with the latter leaving the seller at risk of a reversal if fraud has taken place, this would mean taking it to court may simply extend the agony and expense, as the seller will be held to be bound by the Merchant Agreement, where the risk will be passed to him, and him alone.0 -
To determine who is at fault you have to work out how the fraud occured.
You can't blame network downtime for an incorrect result, as if the payment network is down you will recieve a message stating as much, not a 'matched' result.
For a matched result to be received the card must have been both live (not lost, blocked or reported stolen) and the AVS and CV2 results must have passed.
I disagree - and I have explained why above. When a network goes down unexpectedly or goes slow causing authorisation requests to time-out - this doesn't always just shut down the entire authorisation network from responding to merchants as that loses the network a lot of money in failed transactions.
Certain networks have "business continuity" safe gaurds in place so that they are able continue to send back approval responses to transactions during downtime to enable merchant and customer transactions to carry on. However this can result in some transactions being authorised that ordinarly wouldn't be. And not just address verification failures but also approvals for transactions credit cards that are overdue or overlimit etc. And that is accepted by the network provider as a risk.
Besides, again you are apparently ignoring the fact that it seems the OP actually has had an admission from Barclays that they sent a positive verification back even though it was incorrect.
However it happened, if he has the admission in black and white then the liability for his losses are clear cut.
The chances of getting a coincidental match between a fraudulant delivery address and the customers genuine billing address are small. Even though I understand it is possible if the house number and the numerics in each address's post code happen to be the same by chance. And besides, if Barclays want to step up and prove that is what happened, let them. But I believe they would have probably said that already, had that been the case.
Buzby - even if the rules in the merchant agreements differ between card not present and customer present transactions, I still believe that a judge could very easily rule that an incorrect response to an authorisation request makes them liable. If the Bank clearly acted as the "weak link" in the chain and that can be demonstrated (or has been admitted) then the OP has a case. A company cannot wave around an agreement that effectively enables them to act negligently and accept no re-course or liability - and expect that to be enforceable in a court. There are many examples of courts effectively ruling that a business contract clause or agreement can be ignored as unfair or unenforceable in cases where a company has not acted reasonably in its roles or duties.
I say make a small claim. At the very least he may be able to encourage Barclays to settle with a larger "gesture of goodwill" just by raising a claim against them0 -
Hello, and thanks for all the replies.
It is a very confusing situation, having dealt with this for months on end, it still confuses me, so how you folks can make head or tail of it, I dont know!
One thing worth mentioning in relation to Barclays/Streamline, which I may of phrased wrongly.
They accept they issued an authorisation code (Barclays), however, they cannot deny or confirm what details were put in the card machine (Streamline) - due to data protection. They have told us they cannot keep records of inputted postcodes/housenumbers, as this could potentially open the door to fraud, which, sounds believable.
So as far as there concerned, we MAY of entered the real card holders details in. We obviously didnt - but in theory, we could of enetred the correct details in, and then delivered to a different address. Or, although EXTREMELY unlikely, human error on inputting the "fake" cardholders details matched the real cardholders details.
This is where the issue of blaim acceptance comes in.
Whilst they accept they issued a code, they do not accept the code they issued was a match to an incorrect address. If that makes sense.
We aren't fraudsters, and as soon as it became apparent this transaction was fraudlulent, we were in contact with the police.
So (as far as we are concerened) the "real" card holders details were not entered - we dont even know them.
We cant rule out human error, as mistakes do happen, but the odds of making an error on inputting a postcode and housenumber, which just so happens to match those of the "real" cardholder, are hugely remote.
As for the questions about the goods etc. They were delivered to the address (we believed/inputted on terminal) of the cardholder. Signed for by a man who came out of the house, moved his car etc.
The police investigation found out:
The man who owns the house had been approached by a builder, who was doing some work locally, but had nowhere to unload some slates. If he could take delivery of them, hold them for a few hours, and then they would be collected. He was offered £200 for doing this.
This is what he admitted, anyway.
The slates were dropped on his driveway, and (confirmed by neighbours) an hour or two later were removed via a flat bed lorry with hiab.
The man whos house it was was arrested/questioned, and despite hiding in his wardrobe(?!) when they police came, there was very little he could be charged with, and certainly no chance of us getting any money back off him.
Worth mentioning aswell, during the police investigation, it became apparent another supplier, similar to ourselves, from another part of the country, also delivered materials to the same address, paid with a different card, which was also fraudulent. They didnt do the postcode/house number check as we did on the visa machine.
I may be reading a bit too much into this with Barclays, but... it seems very strange. At first they were literally trying to fob us off, now they know we wre not going to just "roll over" they are actually being quite helpfull. The last phonecall, which was to make the offer of goodwill, came from a lady who appears to be quite high up on the heirarchy, and "came in on her day off to phone us". We've done hundreds of these transactions, and if the data doesnt match, it doesnt match. It (seems to be) that simple.
If barclays admitted a flaw in there system - which to me is the only answer as to why/how this has happened, could they not potnetially open themselves up for thousands of claims where fraudulent transactions have resulted in the supplier losing out.
I may need to put my tinfoil hat on for the above, but food for thought.
Either way, we are certainly not going to let this go, and if small claims seems the way to go, thats what we will do.
Thanks for all the advice so far, will keep you posted.My drinking club has a rugby problem0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.3K Banking & Borrowing
- 253.6K Reduce Debt & Boost Income
- 454.3K Spending & Discounts
- 245.3K Work, Benefits & Business
- 601.1K Mortgages, Homes & Bills
- 177.5K Life & Family
- 259.2K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards