Saturday, 10 March 2018

Card fraud - a case description


I read the story from the Internet. I’m not able to verify its authenticity but it reads genuine. I share this story here and I hope you can provide your insights. I’m puzzled with the Bank_C Debit card.
An American traveller had a holiday in Europe and her purse was stolen. I record the card related events here. I have my personal remarks with [BL: …]

02 Oct 2015

 Italy, her purse was stolen, including the following:
  1. AMEX Card
  2. Bank_A Credit Card
  3. Bank_A Debit Card
  4. Bank_B Blank Cheques

She reported to AMEX and Bank_A for the card loss immediately.
[BL: I assume in 2015, US was using plastic cards only. No EMV cards yet. Update: I went US in 2016 and I found they "dip" a chip card and sign the receipts. A chip card did not verify cardholder's PIN offline.] 

07 Oct 2015

She got back to US and checked all her cards.
For AMEX, everything was fine. No fraudulent transaction. [BL: I think it is because AMEX is always online. This is why, in Europe, many small vendors do not take AMEX cards.]
Then she checked Bank_A. Ouch, two days of her reporting the stealing (04 Oct 2015), there had been 16 transactions on the Bank_A Debit Card, eight for small amount purchasing and the other eight for Euro-to-US dollar exchanging.
She called Bank_A and inquired why the stolen card after reporting to the bank was still in use. Bank_A had no idea and only confirmed that cardholder was not responsible for the fraudulent use.
[BL: I guess the small amount transactions were offline, so Bank_A was not able to know it. The vendor of the card being used might not have their black list updated yet.]

09 Oct 2015

After three days, she found her invalid Bank_A Debit Card was still in transaction. She drove to Bank_A in person to check. As usual, Bank_A still had no idea what was going on. She was advised to close the account and open another one.

11 Oct 2015

After another two days, she found that the Bank_A Debit Card was still in use. In addition, the stolen Bank_A Credit Card was being fraudulently used as well – three small amount transactions. She called Bank_A again, and, of course, Bank_A had no idea.

14 Oct 2015

The Bank_A cards fraudulent transactions eventually stopped. But, the story went on.

13 Nov 2016

She found her Bank_C [BL: another bank] Debit Card had been fraudulently used since 22 Oct 2015 - three to four small amount transactions a day. But, as she claimed, Bank_C Debit Card had never left US!

She had three screen-shots online. I upload them here for reference.






















at No comments:
Subscribe to: Comments (Atom)

Post Quantum Cryptography

The consensus appears that quantum computers will be built, and RSA and ECC will be broken by  Shor's algorithm  at some point. Although...