Having had my Visa Debit card blocked twice in as many weeks, I'm beginning to question if our current "Plastic" cards are fit for purpose. A somewhat long story follows with a question at the end:
About 2 weeks ago, Skinny decided not to honour my perfectly valid Visa card. I contacted my bank to find out why my card was being rejected. They let me know that some businesses won't take payment on cards that are approaching expiry and Skinny, apparently, won't take payment if the card expires in the following month. The card was due to expire in 8 weeks!
I find it ridiculous to reject payments that far from expiry! What would you do if you only had access to one credit card?
I switched cards on the account and in the process the Skinny interface initiated three transactions in quick succession, of which two should not have occurred. Another long story, but it took four hours (yes 4) to sort that out. These transactions triggered my bank to block the newly registered card and warned me via text message. Thankfully, a quick reply text was all that was needed to unblock the card.
My new card arrived a week or two later (they sent it out early) - all good once I used it to make a local purchase via EFTPOS. (This card had the same card number but different CVV)
A little over a week later, I receive a text message from my bank:
We've blocked your Visa Debit Card due to some suspicious transactions to Google YouTube Super. If this was you, please reply AUTHORISED. If not, please give us a call on #### or pop into your local branch
These were not my transactions, so a call was made. Apparently, the card number was/had been used on multiple (21) relatively small transactions in Australia. The bank's only option was to cancel the card and re-issue me a new one. How these transactions were being validated without the CVV (unless they had 'cracked' it), I don't know. These were Google transactions, so I would expect them to have been validated?
Luckily, I was due to travel to town - a little over two hours round trip! So I went into my closest branch and received a new card (with a new card number this time). Another EFTPOS transaction at a local shop and it's good to go again.
I've no doubt there are others who have had similar experiences?
I can't remember the last time I used cash, though I always carry some. For me, a cashless society mostly works.
The discussion I had with my bank suggests that these type of blocks, due to unauthorised transactions, are on the rise significantly.
So what is the future of "money"? How can transactions be made without inconvenience, but still be secure and safe from unauthorised access?
Really just a topic starter and I felt I needed to tell the story.
I think Two-Factor Authentication is already part of the solution i.e. there are some transactions I do now that require a code sent by text as part of the transaction, but it can't be the full solution yet. Why, because there are still plenty of people who don't have mobile phones (many in other parts of the world). In its current form it's certainly not convenient for day to day purchases etc.
Skinny is good value, not considering leaving them, but the expiry thing is crap. I've not experienced it with anyone else (oh, their online chat system sucks too, especially if you get kicked off and have to start the process all over again).
I was with Robobank a while back and they had a little dongle (Digipass) that generated access/security codes, i.e. 2FA, on all transactions. It was f'ing awful to use and was the reason I left.
What was wrong with it?
I should confess that there were other reasons I left as well e.g. lowing interest rates, poor communications. Also note that with the account I had at the time, there were not "Plastic" cards that came with the account - this was an online only transaction account.
The Digipass dongle felt like it was designed for a child, very small with small buttons, which had very poor tacktile response, leading to lots of missed numbers and having to go back and re-enter. Having to dig it out every time you wanted to move money between accounts or out of accounts. Entering codes for EVERY transaction. Secure yes, convenient no.
There in lies the problem - the balance between security and convenience I guess?
I've envisioned a device that just displays the name of the merchant and the transaction amount, and all you have to do is push “yes” or “no”.
What you're describing seems like a…not very good way to realize that vision.