We'd like to remind Forumites to please avoid political debate on the Forum. This is to keep it a safe and useful space for MoneySaving discussions. Threads that are - or become - political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

Addition Security using Credit Cards

Mastercard & Visa Secure Code extra Security


Both Mastercard & Visa operate a Secure Code procedure that is designed to give customers extra security when making purchases on the Internet. This procedure causes a request for selected digits to be entered from your Secure Code password to confirm that it is you that is making the purchase. It can be a little annoying to do this but it means that the chance of your card details being used fraudulently, are greatly reduced.


When a “fraud transaction” is detected by a customer, it can be daunting to try to convince your card provider that it is a fraud and you are not responsible in any way. If you can’t convince them that it is a fraud, you have to stand the cost – if you do convince them, then the card provider stands the cost.


However, it seems that the Merchants (the web site) decide whether to use the Secure Code procedure or not i.e. they can turn it on or off probably because it requires a modification to their web site. This seems a bit odd to me. If a fraud is committed with the Secure Code turned off, then either the customer or, more likely, the card provider stands the cost – NOT the merchant! We are told that fraud is still costing Customers/Card providers many millions of pound a year, yet this valuable additional security for both customers and Card providers is being bypassed by merchants who don’t seem to have anything to lose by a fraud.


I would like to see the Secure Code procedure applied to ALL Internet sales transaction for my “peace of mind” and would suggest that Merchants should be pressed to use it. A way this could be done is, if the transaction had not been verified by use of the “secure code”, then the card providers should request that the Merchant refund the card provider with the amount involved. All frauds are investigated fully by the card providers and this should not be difficult to implement.


Any thoughts?
«1

Comments

  • [Deleted User]
    [Deleted User] Posts: 35,242 Forumite
    Part of the Furniture 10,000 Posts Photogenic Name Dropper
    It can be expensive for merchants to use the system - for many, it's simply not worth it.
  • grumbler
    grumbler Posts: 58,629 Forumite
    Part of the Furniture 10,000 Posts Name Dropper Photogenic
    dawnraider wrote: »
    ... If a fraud is committed with the Secure Code turned off, then either the customer or, more likely, the card provider stands the cost – NOT the merchant!.
    No, it's the merchant actually.

    >> Visa, Mastercard & Amex Chargeback Protection for debit card purchases
    (typically for MSE the title is wrong: in fact it works for both debit and credit cards)
  • zerog
    zerog Posts: 2,478 Forumite
    Secure code is not secure at all. As long as you know the cardholder's DOB and address, you can easily reset the code. This is what I do every time I am forced to use it, as I can't remember the code.
  • SnowTiger
    SnowTiger Posts: 4,461 Forumite
    Part of the Furniture 1,000 Posts Name Dropper Photogenic
    dawnraider wrote: »
    When a “fraud transaction” is detected by a customer, it can be daunting to try to convince your card provider that it is a fraud and you are not responsible in any way. If you can’t convince them that it is a fraud, you have to stand the cost – if you do convince them, then the card provider stands the cost.

    [...]

    Any thoughts?

    Where did you get your incorrect information from?

    From experience, getting a refund for an unauthorised transaction when VbV/Secure Code or PIN hasn't been used is trivial. Well, as credit card billing is in arrears, it's not really even a refund.

    And, as far as I'm aware, it's the retailer who loses out.
  • Scarpacci
    Scarpacci Posts: 1,017 Forumite
    On top of the cost of implementation, there's also the loss of sales that any extra step in checkout always brings. Quite a few people will abort the checkout when they reach the VbV/SecureCode page for a variety of reasons: unable to remember the information, concerns over a page asking for more information about their credit card, etc. For some merchants it may seem more prudent to just accept losses on fraud that occurs.
    This is everybody's fault but mine.
  • meer53
    meer53 Posts: 10,217 Forumite
    Tenth Anniversary 10,000 Posts Combo Breaker
    There's lots of fraud where VBV and Securecode are used too. It doesn't prevent fraud.

    Don't think anything will change for "your peace of mind" !!
  • dawnraider
    dawnraider Posts: 14 Forumite
    The key issue with Secure Code is that it is the Credit Card provider that has to pay for a fraud NOT the Merchant - yet the Merchant is the one that can opt out. They may opt out for a variety of reasons but this opens the door for Fraudster and they don't pay the consequences!
    The point about a card holder being able to easily sort out a fraud transaction may be true for the more experienced user but there are many who are less experienced who would find it quite "scary" and would put them off ever using the internet again!
  • grumbler
    grumbler Posts: 58,629 Forumite
    Part of the Furniture 10,000 Posts Name Dropper Photogenic
    edited 24 April 2013 at 1:26PM
    dawnraider wrote: »
    The key issue with Secure Code is that it is the Credit Card provider that has to pay for a fraud NOT the Merchant
    You can stubbornly repeat this again and again, but this will not make this statement true.

    Don't know about if Secure Code was used, but if it wasn't then the merchant that opted out takes the hit, not Mastercard.
  • meer53
    meer53 Posts: 10,217 Forumite
    Tenth Anniversary 10,000 Posts Combo Breaker
    grumbler wrote: »
    You can stubbornly repeat this again and again, but this will not make this statement true.

    Don't know about if Secure Code was used, but if it wasn't then the merchant takes the hit, not Mastercard.

    I think what Dawnraider is trying to say is that where Securecode or VBV is used, the liability is shifted away from the merchant and back to the card issuer.

    You are correct Grumbler in saying that if it isn't used, the merchant takes the hit.
  • dawnraider
    dawnraider Posts: 14 Forumite
    My card is Barclaycard and they have said they have to pickup the fraud regardless of the Merchant implementing Secure code or not. I would appreciate a definitive response from someone to confirm that this is the case or not.
    My suggestion was that the Merchant should pay for the fraud if they didn’t implement secure code – this would make them, at least, consider using Secure Code.
This discussion has been closed.
Meet your Ambassadors

Categories

  • All Categories
  • 347.9K Banking & Borrowing
  • 252K Reduce Debt & Boost Income
  • 452.2K Spending & Discounts
  • 240.3K Work, Benefits & Business
  • 616.5K Mortgages, Homes & Bills
  • 175.4K Life & Family
  • 253.6K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16K Discuss & Feedback
  • 15.1K Coronavirus Support Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.