Bank Systems & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


02:30 PM
Connect Directly

Fraud Hits Too Close to Home for One BS&T Staffer

When a routine inquiry reveals a flagged credit card account, an editor finds herself at the center of her own story.

I am one of the statistics on data breaches. I found this out by chance on Oct. 30 when I phoned my card issuer with a routine inquiry. One week earlier, someone attempted to charge about $500 on my credit card at a hotel and Citi refused the transaction.

How did my card details come into a thief's hands? Search me. "You'll never know, and Citi will never inform you if they find out what happened," said one call center rep, whose honesty, at least, I appreciated.

The customer service rep with which I initially spoke, however, did not share with me that Citi had flagged my account for fraud and only let me in on the denied charge after I insisted on knowing why she kept asking me did I charge this, did I charge that? As a relatively new Citi customer I initially indulged the possibility that Citi was super security-conscious.

It was strange to think of someone using -- or attempting to use -- the credit card that was in my hand. I can only speculate on how someone might have come to possess my account numbers. My hunch is that no database was hacked; rather, someone handling my card while I was traveling likely noted relevant details. Still it might help me protect myself better in the future to know more.

Somewhat similarly, the first time my partner knew his J.P. Morgan Chase credit card had been flagged for suspicious activity was when it was inconveniently denied this summer -- without any warning. In fact the "suspicious" transactions were all his legitimate charges.

I asked Citi why it didn't tell me my account had been flagged or share details of the fraud attempt. In an ironic twist, Citi sent me several e-mails pressing me to provide them with details from my end in a customer satisfaction survey. It asked whether I was happy with how the fraud was handled and would I continue using Citi or recommend it to other prospective customers.

Citi spokeswoman Jeanette Volpi said she could not discuss my specific situation and provided a company statement that said: "For security reasons, we do not discuss details of potential compromises." The statement continued, "When we become aware of a potential compromise, we take steps -- above and beyond the prevention and detection actions we normally apply to our more than 150 million cardmember accounts. ... [W]e reissue ... cards to customers whom we believe may be subject to increased risk."

Actually the supervisor who promised to revoke the card failed to do so, which I found out when phoning back about misinformation the call center gave me on the original, routine inquiry! That could have exposed me to further fraud. Yet such human error still sits better with me than a policy that places me at a disadvantage.

Register for Bank Systems & Technology Newsletters
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.