Continuous Payment Authority

We haven't yet fallen for any "automatic renewals", but it's all too easy to miss the opt-out when taking out an insurance policy or membership of some sort.

If I were to write to my credit-card provider saying that under no circumstances were they to accept a CPA on my card without checking with me first, would they be obliged to comply?

Reply to
Reentrant
Loading thread data ...

I don't think so. You give the authority to the business from whom you're buying your insurance or subscription, etc. - just as you give authority to a shop to debit your card when you make an individual purchase.

Reply to
Roger Mills

But if you tell the credit card company that you do not give them permission to accept such an arrangement on your behalf, they can`t force you to pay such payments in the future?

Reply to
Simon Finnigan

I agree with you that's the way it should be, but I think you'll find the credit card companies take the view that its entirely a matter between you and the merchant involved.

Its about time the industry tightened up its procedures in this area to ensure that customers have better control of their money.

Chris

Reply to
Chris Blunt

I don't think it works like that - any more than you can tell them not to pay for any purchases you make at (say) Tesco. If the transaction is valid by the 'normal' rules, they will honour it.

Reply to
Roger Mills

But if I`ve already told them to refuse any and all transactions from Tesco, then they are ignoring that instruction if they accept a transaction at Tesco. They have it in writing that I dn`t want such a transaciton authorised, would the entry of a PIN by sufficient to justify allowing the transaction to take place? And what if I then disputed the transaction - "I said not to allow it, I refuse to pay for it"?

Reply to
Simon Finnigan

I doubt whether they would accept any such instruction from you. If you read all the small print in T&Cs (which I admit I haven't done with this particular thing in mind) you'll probably find something which says that they'll pay out - and pass the charge on to you - for a PIN-authorise transaction regardless of any pre-condition which you try to impose (unless you've notified them that the card has been lost or stolen and, even then, I'm not sure what happens if the correct PIN - which only you could have known - has been used).

Reply to
Roger Mills

"Roger Mills" wrote

Perhaps, if you have *never* used the PIN previously.

But as soon as you enter it into a terminal anywhere, there is the possibility that the terminal was dodgy & stored/transmitted your PIN to a fraudster... [Or you were simply 'shoulder-surfed']

So once used, it's not "only you" who "could have known"!

Reply to
Tim

Using your logic it could be known by somebody who looked over you shoulder when you opened the envelope, so there's no need to have used it.

tim

Reply to
tim.....

That would be tricky because:

1) What do you mean by 'Tesco'? I have no idea how Tesco's payment infrastructure works, but I imagine there are many merchant systems that might request card payments - eg tills, petrol pumps, callcentre, Tesco insurance, Tesco mobile etc etc. Would the CC company have the ability to block all of these? If there was some kind of pattern match on the payee string, would it match "TSCO MOB 07123456789" and not "SPORTESCOM SA"? 2) If the transaction happens offline, the card company can't decline it as you've already walked off with the goods before they hear about it. Even if it raised a chargeback, you still have the goods and there's no means to pay for them another way. Offline transactions are mostly chip-and-PIN, but what about hotel booking where you leave your card details in case you don't turn up?

It might be possible to arrange this for online-only transactions from a specific payment terminal, but someone who need to develop and pay for the infrastructure to do it. Though perhaps the infrastructure already exists for blocking fraud?

Theo

Reply to
Theo Markettos

"tim....." wrote

Would you open the envelope with someone looking over your shoulder, or in a crowded location?

Reply to
Tim

And arguements like these are why I have a chip&signature card :-)

Reply to
Simon Finnigan

"Simon Finnigan" wrote

The fraudster then doesn't even need to shoulder-surf the PIN, they just look on the back of the card for the signature they need to give ... ! :-(

Reply to
Tim

In message , Simon Finnigan writes

Signatures are always ignored by shop/checkout staff.

My last few years at work were spent seconded to another location several miles away. My line manager used to fill in my time sheets to avoid the fuss of travelling backwards and forwards just for red tape.

He could do a perfect copy of my sig, and became very jealous of it, saying that it was more stylish than his own, which he then spent some time developing. ;-)

Signature security is no security unless they develop some way of machine reading it.

Reply to
Gordon H

In which case the bank can`t make the claim that I must have told someone my pin, giving them a nice easy get-out clause if I try and dispute a transaction. It`s up to the bank to prove I made the transaction, not up to me to prove I didn`t.

Reply to
Simon Finnigan

"Simon Finnigan" wrote

OK, but they could claim that you gave your card to someone else and told them to just copy the signature from the back.

"Simon Finnigan" wrote

Do you think that's any different between C&Pin and C&Sig? If so, what makes you think it's different?

Reply to
Tim

But the other person doesn`t NEED me to tell them to copy the signature, they can work that out for themselves. If the perosn using the card knows the pin number for it, then they are inposession of information that should have been kept secret. You can see my signature, it isn`t secret. Only I should know my PIN, which means it isn`t common knowledge like my signature.

They have claimed in the past that the PIN must be secret, if it is known by someone else then the card holder must have told this person the pin. Therefore it`s negligence, and the cardholder is liable for the transactions on the card. With a C&S card there is NO secret information for me to have told anyone. Therefore, as long as I notify my bank as soon as I become aware that my card has been compromised (cloned, stolen etc) then I am not negligent, as long as I have taken reasonable care of the card - kept it in my wallet with me would be reasonable care.

Reply to
Simon Finnigan

They check them a lot more carefully now that signature cards are very rare.

Reply to
Jonathan Bryce

"Simon Finnigan" wrote

Yep, just like the other person doesn't NEED you to tell them the PIN - they could shoulder-surf it, or use a dodgy terminal and get your PIN from that...

"Simon Finnigan" wrote

How does that affect whether a transaction was fraudulent, or whether you were involved with it?

"Simon Finnigan" wrote

That wouldn't mean that they were negligent. They might have only 'told' the other person the PIN *inadvertently*, by entering the PIN into a dodgy terminal (not known to them to be dodgy - eg the ones in some Shell stations a while ago) during a supposed valid transaction.

"Simon Finnigan" wrote

Wrong - see above. Someone else knowing your PIN does *not* imply negligence on your part.

"Simon Finnigan" wrote

Again, what relevance do you think the lack of, or existence of, "secret info" has, to whether or not you were negligent or complicit in the fraud?

"Simon Finnigan" wrote

Similarly with C&P....

Reply to
Tim

Quite often they`re checked by two members of staff, as the person on the till hasn`t had good enough training to know about these cards.

Reply to
Simon Finnigan

BeanSmart website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.