Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Another company used our credit cards details to pay a bill
Options
Comments
-
It was a credit card, not cash. There is no need to doorstep them. You ring the bank card services, get them to issue a charge back and advise them of the fraud. It is upto them how they deal with it. Calling the Gardai is a waste of time and resources as this is what they will do on your behalf.
Door stopping them is asking for the Gardai to get involved, your not a debt collector and the chargeback will put back such money straight into your account.
I know it's a bit easier now with the sepa rules but a couple of years ago I waited 9 months for a charge back against a car hire co who billed me twice. I can only speak for my own suppliers and would have no problem doorstepping them to find out what was going on. I doubt I'd be kidnapped or shot :rolleyes:. After all there could be an explanation for it. Only the OP can know what type of people he's dealing with.0 -
I know it's a bit easier now with the sepa rules but a couple of years ago I waited 9 months for a charge back against a car hire co who billed me twice. I can only speak for my own suppliers and would have no problem doorstepping them to find out what was going on. I doubt I'd be kidnapped or shot :rolleyes:. After all there could be an explanation for it. Only the OP can know what type of people he's dealing with.
it does not matter the explanation, let them explain it to VISA or MC. Nowadays, it could be back in your account before the end of the week. I done it before SEPA and it was no more than a few days. It should not have taken 9 months for you. I would doorstop someone if I knew them personally but other than that, in this case, there is simply no need.
Report to the DPC0 -
It was a credit card, not cash. There is no need to doorstep them. You ring the bank card services, get them to issue a charge back and advise them of the fraud. It is upto them how they deal with it. Calling the Gardai is a waste of time and resources as this is what they will do on your behalf.
Door stopping them is asking for the Gardai to get involved, your not a debt collector and the chargeback will put back such money straight into your account.
The amount of waffle and commercial ignorance on this thread is astounding.
It makes no difference whether or not it was cash or a cc payment. The OP gave his credit card details and his CIF code to somebody else, who, OP alleges, misused it. Handing out those details is a breach of OP’s T & Cs with the bank, so it will be unlikely to do a charge-back. Depending on the relationship, they just ‘might’ look into it.
The OP is not a ‘debt collector’ (which legally means an assignee of a debt or somebody acting on behalf of others to collect debts). He is an individual trying to recover sums due to his company and is fully entitled to do so and doorstep anyone. Furthermore, debt collection is not a regulated activity. However, he has to be aware of the Offenses against the Person Act to ensure he keeps on the right side of the law. The Gardai do not want to know, nothing illegal has been done by doorstepping, it is a commercial matter, not a criminal one.
Get the Gardaí involved and the debtor will tell them that it was (a) a mistake made by a former employee and it is under discussion with the OP or (b) tell them that the OP is talking nonsense and that it was a debt that was due and paid via him, probably adding “who in their right mind would hand out their credit card and CIF details!”. The Gardaí will then say it is a civil matter and be delighted to go away. Telling the DPC is another useless bit of advice, there arguably was no breach of the DP laws as the OP gave his details to another.
Unless the OP has significant proof of the fraud he might also find himself on the receiving end of a writ for defamation and all the costs that goes with it.0 -
Holding on to credit card details with no good reason is a serious breach of data protection. As for defamation? When would they have published the allegation? I'm not even sure if businesses can sue for libel.0
-
TheChizler wrote: »Holding on to credit card details with no good reason is a serious breach of data protection. As for defamation? When would they have published the allegation? I'm not even sure if businesses can sue for libel.
As for defamation, you are not even sure? Then why bother posting?0 -
Advertisement
-
pedroeibar1 wrote: »The amount of waffle and commercial ignorance on this thread is astounding.
It makes no difference whether or not it was cash or a cc payment. The OP gave his credit card details and his CIF code to somebody else, who, OP alleges, misused it. Handing out those details is a breach of OP’s T & Cs with the bank, so it will be unlikely to do a charge-back. Depending on the relationship, they just ‘might’ look into it.The OP is not a ‘debt collector’ (which legally means an assignee of a debt or somebody acting on behalf of others to collect debts). He is an individual trying to recover sums due to his company and is fully entitled to do so and doorstep anyone. Furthermore, debt collection is not a regulated activity. However, he has to be aware of the Offenses against the Person Act to ensure he keeps on the right side of the law. The Gardai do not want to know, nothing illegal has been done by doorstepping, it is a commercial matter, not a criminal one.Get the Gardaí involved and the debtor will tell them that it was (a) a mistake made by a former employee and it is under discussion with the OP or (b) tell them that the OP is talking nonsense and that it was a debt that was due and paid via him, probably adding “who in their right mind would hand out their credit card and CIF details!”. The Gardaí will then say it is a civil matter and be delighted to go away. Telling the DPC is another useless bit of advice, there arguably was no breach of the DP laws as the OP gave his details to another.Uless the OP has significant proof of the fraud he might also find himself on the receiving end of a writ for defamation and all the costs that goes with it.
Also.when you say CIF, do you mean CCV?0 -
pedroeibar1 wrote: »So what part of the Data Protection Code is being breached?
Case StudyMore generally, I consider it to be a sound and proper principle that credit card data obtained for a particular transaction cannot be used subsequently for other transactions without express consent, without violating the 'fair obtaining' rule. The principle of transparency and fairness, which are key tenets of data protection law and practice, apply in this area just as in any other.13.7 Can an organisation retain my credit card / bank account details after I close my account with that organisation?
Section 2(1)(c)(iv) of the Acts provide that "the data shall not be kept for longer than is necessary for that purpose or those purposes [for which it was obtained]". Where the purpose for which the information was obtained has ceased and the personal information is no longer required, the data must be deleted or disposed of in a secure manner. Information should never be kept 'just in case' a use can be found for it in the future.
The Data Protection Acts do not specify a maximum retention period and accordingly it is a matter for the data controller to decide on an appropriate retention policy based on the circumstances and the reason why the information is being retained. We would not generally raise an issue from a data protection perspective with a retention policy that provides for banking information to be retained for a short period following termination of a customer contract in order to deal with any subsequent queries about payments made on the account/closing balances etc. We would not expect that such companies would be required to delete a person's bank details immediately when a person requests the closure of their account.
13.8 Can an organisation re-use my retained credit card information for a subsequent purpose?
Where personal data stored on a credit/debit card is collected for the purpose of a transaction, unless it is clearly stated, it can be assumed that the purpose for its collection ends following a certain period following completion of the payment for a product or service (to allow for follow-up payment related queries).
Where an organisation retains personal data for automatic renewal of a subscription service, we would expect the customer to have agreed in some way to this further processing. Where an organisation can point to an ongoing customer relationship and where it is using payment details in line with the terms and conditions which it outlined at the time the person signed up for the product/service, then the use of the credit card details in an auto-renewal transaction will not likely give rise to a data protection issue.As for defamation, you are not even sure? Then why bother posting?0 -
pedroeibar1 wrote: »The OP gave his credit card details and his CIF code to somebody else, who, OP alleges, misused it.
I'm not sure about the CIF code. I don't see a reference to it in the original post (apologies if I have missed it). Could it be that he just gave the normal information - number/expiry/ccv?pedroeibar1 wrote: »Unless the OP has significant proof of the fraud he might also find himself on the receiving end of a writ for defamation and all the costs that goes with it.
For this new payment, I would assume the third party would most likely confirm that the OP is not a customer. I would doubt they would not want to get involved in credit card fraud.0 -
pedroeibar1 wrote: »The amount of waffle and commercial ignorance on this thread is astounding.
Yes it ispedroeibar1 wrote: »It makes no difference whether or not it was cash or a cc payment. The OP gave his credit card details and his CIF code to somebody else, who, OP alleges, misused it. Handing out those details is a breach of OP’s T & Cs with the bank, so it will be unlikely to do a charge-back. Depending on the relationship, they just ‘might’ look into it.
Not correct, otherwise how would one use the credit card.pedroeibar1 wrote: »The OP is not a ‘debt collector’ (which legally means an assignee of a debt or somebody acting on behalf of others to collect debts). He is an individual trying to recover sums due to his company and is fully entitled to do so and doorstep anyone. Furthermore, debt collection is not a regulated activity. However, he has to be aware of the Offenses against the Person Act to ensure he keeps on the right side of the law. The Gardai do not want to know, nothing illegal has been done by doorstepping, it is a commercial matter, not a criminal one.
The OP did not authorise the third (innocent) party to use the card, it does not matter to the OP whom use the card, just that it was unauthorised.
All the OP should be concerned with is getting the card issue (BoI i gather) to raise a chargeback, it is for them to bother with the Gardaí if they want.
It might be a genuine mistake, but they should never had retained the card details.0 -
So far the bank is refusing to return the money.
!
I cant understand this if you didn't "order" the service then you need to refudiate and the banks will organise a chargeback.
How do you know who used the card? Seems odd that you know this, did someone provide you with evidence of this. If you have this evidence give it to the bank.0 -
Advertisement
-
-
So, in brief, three pages in on this thread and the OP has not been on within an hour of his first post.
We have people who have read the OP and not seen that we are discussing a company credit card, not a personal one. (There is a big difference.)
We have posts from people who have no idea of what is covered by DPL or how the Data Protection Act differentiates between consumers and companies. (There is a big difference.)
We have people who have no idea of the terms and conditions pertaining to the issuance and use of a credit card and who have a sense of entitlement to a ‘chargeback’ due to stupidity. (Banks are not charities and also have responsibilities to the payee.)
We have posts from people who have no idea that a company has legal personality and can sue or be sued in its own right. (It has, and it can.)
We have people who think that accusing a company of fraud and informing several banks and one of its customers is not defamation. (Let’s not get side-tracked on libel and slander.)
We have people who think that a bank is simply going to charge-back a debit on the OP’s company account purely on his say-so. (No it will not.)
We have people who think door-stepping and debt collection is illegal. (No it is not.)
We have people who think the Gardai would be interested in door stepping/debt collection. (No they will not.)
We have people who think that handing out a CFF number is ‘grand’. (There are gobs#ites in every industry who have no idea of security.)
We have people who think the firm that used the card details was wrong to hold them on file. (Yes, probably, but they will claim that they were told to keep them for future payments. Go prove otherwise!)
Lots of keyboard warriors with no idea of debt collection, law or the reality of business life. It’s no wonder so many of the better posters have left this forum. I’m out of this thread, I’ve wasted enough time.0 -
pedroeibar1 wrote: »The amount of waffle and commercial ignorance on this thread is astounding.
It makes no difference whether or not it was cash or a cc payment. The OP gave his credit card details and his CIF code to somebody else, who, OP alleges, misused it. Handing out those details is a breach of OP’s T & Cs with the bank, so it will be unlikely to do a charge-back. Depending on the relationship, they just ‘might’ look into it.
.
Looking at your posts you seem to do nothing but attack people and sit on some imaginary throne believing you know everything
This is a very simple case.
Unless the pin number was used (unlikely) its a "cardholder not present" transaction and its for the company that took the card details to prove that they were correctly applied.
If they cannot show a connection with the cardholder and approval for debt, then the funds are taken from their account along with a fee (€25 in the case of Elavon)
The op should give the company that took the payment one chance to make a refund.
As they have been informed that it was not an honest transaction, they could be also considered to be complicit in the fraud.
So if op wants the funds back, put pressure on their card issuer about unauthorised transaction and the company that took the payment.
Then after getting money back you can decide if you want to pursue it further.0 -
I cant understand this if you didn't "order" the service then you need to refudiate and the banks will organise a chargeback.
How do you know who used the card? Seems odd that you know this, did someone provide you with evidence of this. If you have this evidence give it to the bank.pedroeibar1 wrote: »You really have no idea. That is about consumers, individuals. We are discussing a company debt and credit card.:rolleyes:pedroeibar1 wrote: »We have people who have read the OP and not seen that we are discussing a company credit card, not a personal one. (There is a big difference.)We have posts from people who have no idea of what is covered by DPL or how the Data Protection Act differentiates between consumers and companies. (There is a big difference.)We have people who have no idea of the terms and conditions pertaining to the issuance and use of a credit card and who have a sense of entitlement to a ‘chargeback’ due to stupidity. (Banks are not charities and also have responsibilities to the payee.)We have posts from people who have no idea that a company has legal personality and can sue or be sued in its own right. (It has, and it can.)We have people who think that accusing a company of fraud and informing several banks and one of its customers is not defamation. (Let’s not get side-tracked on libel and slander.)We have people who think that a bank is simply going to charge-back a debit on the OP’s company account purely on his say-so. (No it will not.)We have people who think door-stepping and debt collection is illegal. (No it is not.)We have people who think the Gardai would be interested in door stepping/debt collection. (No they will not.)We have people who think that handing out a CFF number is ‘grand’. (There are gobs#ites in every industry who have no idea of security.)We have people who think the firm that used the card details was wrong to hold them on file. (Yes, probably, but they will claim that they were told to keep them for future payments. Go prove otherwise!)Lots of keyboard warriors with no idea of debt collection, law or the reality of business life. It’s no wonder so many of the better posters have left this forum. I’m out of this thread, I’ve wasted enough time.0 -
Hi OP
You need to move quickly on this, there is a limit of 60 days to submit chargeback applications
Download and complete this form and post to your bank (I'd suggest registered post)
https://www.bankofireland.com/fs/doc/wysiwyg/18-594r-boi-credit-card-transaction-dispute-form-18052012-v2-2.pdf
The onus is then upon the Merchant to prove the transaction is genuine and as its a customer not present transaction they are essentially unable to do so.
Don't waste time stressing about it, just submit your claim and get that ball rolling first. I would also personally like to see you report this to the gardai. If they have done it to you its entirely likely that many other peoples cards have been stolen from, and they may not notice it in time etc
I would be of the opinion that they should be dealt with and made to stop this behaviour.
Good luck with it.0 -
BandaraThe onus is then upon the Merchant to prove the transaction is genuine
Are you sure about that. It was the other way around with me.0 -
emeldc wrote:Are you sure about that. It was the other way around with me.
How can you prove transactions that you didn't make?0 -
pedroeibar1 wrote: »So, in brief, three pages in on this thread and the OP has not been on within an hour of his first post.
We have people who have read the OP and not seen that we are discussing a company credit card, not a personal one. (There is a big difference.)
We have posts from people who have no idea of what is covered by DPL or how the Data Protection Act differentiates between consumers and companies. (There is a big difference.)
We have people who have no idea of the terms and conditions pertaining to the issuance and use of a credit card and who have a sense of entitlement to a ‘chargeback’ due to stupidity. (Banks are not charities and also have responsibilities to the payee.)
We have posts from people who have no idea that a company has legal personality and can sue or be sued in its own right. (It has, and it can.)
We have people who think that accusing a company of fraud and informing several banks and one of its customers is not defamation. (Let’s not get side-tracked on libel and slander.)
We have people who think that a bank is simply going to charge-back a debit on the OP’s company account purely on his say-so. (No it will not.)
We have people who think door-stepping and debt collection is illegal. (No it is not.)
We have people who think the Gardai would be interested in door stepping/debt collection. (No they will not.)
We have people who think that handing out a CFF number is ‘grand’. (There are gobs#ites in every industry who have no idea of security.)
We have people who think the firm that used the card details was wrong to hold them on file. (Yes, probably, but they will claim that they were told to keep them for future payments. Go prove otherwise!)
Lots of keyboard warriors with no idea of debt collection, law or the reality of business life. It’s no wonder so many of the better posters have left this forum. I’m out of this thread, I’ve wasted enough time.
The acronym you are looking for to describe the three digit number is a CVV.
You don't understand the concept of defamation I'm afraid. One core factor is that the accusation has to be false to qualify. A second one is that the accusation must have been widely heard - hardly likely in this case.
Don't believe anyone said doorstepping was illegal. Probably because it is very unlikely that anyone would think calling to a place of business to speak with someone is illegal. So illegal - no. Stupid, yes (especially as a first step).
So just two things you got wrong - people in glass houses!!
Cramcycle's advice seems sound, but this thread goes to show you should talk to your bank, solicitors, the Guards (if required) and whoever else and use a forum only as a sounding board.0 -
If your card has been compromised and you know it is being misused you need do contact your bank's fraud department ASAP.
Actually, to fail to do so may risk you being told by the bank you're being negligent - you should always notify them immediately 24/7 if you suspect your card has been compromised.
Once your card is blocked you need to work with your bank to sort this out and get the Gardai involved if it is fraud.
Unauthorised use of a customers credit card is fraud and theft. It needs urgent investigation if they're handling cards as you might not be the only victim.
It could be a rogue employee or a computer hack too so, don't publicly name any company - just deal with the bank and make a complaint to the Gardai.0 -
Hi OP
You need to move quickly on this, there is a limit of 60 days to submit chargeback applications
Download and complete this form and post to your bank (I'd suggest registered post)
https://www.bankofireland.com/fs/doc/wysiwyg/18-594r-boi-credit-card-transaction-dispute-form-18052012-v2-2.pdf
The onus is then upon the Merchant to prove the transaction is genuine and as its a customer not present transaction they are essentially unable to do so.
Don't waste time stressing about it, just submit your claim and get that ball rolling first. I would also personally like to see you report this to the gardai. If they have done it to you its entirely likely that many other peoples cards have been stolen from, and they may not notice it in time etc
I would be of the opinion that they should be dealt with and made to stop this behaviour.
Good luck with it.
At long last, some practical advice and recommendation as to how to arrange a chargeback.0 -
Advertisement
-
pedroeibar1 wrote: »Was it to pay a debt incurred by you? Did they have your permission? If not, place a stop on the card right now. They must have been cash desperate to do that, so doorstep them and tell them unless you have cash immediately you are (a) going to the Fraud Squad and (b) inform the IAPI. Do not take a cheque or promises - even volunteer to go to the bank with them. I'd also break all links with them.
Doorstepping runs the risk of complications and things getting out of hand. Placing a stop on the card (and getting a new one) would be a sensible action to take. Writing to the issuer of the card and/or the bank would also be required as part of the process of getting the money refunded. Two simple steps really.0 -
pedroeibar1 wrote: »
It makes no difference whether or not it was cash or a cc payment. The OP gave his credit card details and his CIF code to somebody else, who, OP alleges, misused it. Handing out those details is a breach of OP’s T & Cs with the bank,
what?0 -
what?
Surely you know that you are not allowed to provide credit card details over the phone when you are buying something or paying for a service ...........
I am not entirely sure what the alternative is, so therefore I break the Terms and Conditions of my debit card use several times per week ...........:p:p:p:p
I suppose I better have another good look at those terms and conditions0 -
Can i jump on this thread with a question, seeing as it kind of relates.
You know when your giving someone your cc details for whatever reason, and then they ask you for the three digits at the back? Are you meant to give the 3 digits?0 -
jimmycrackcorm wrote: »How can you prove transactions that you didn't make?
In my case there was an original transaction and then a duplicate unauthorized transaction 6 months later (car hire). Luckily I could produce the paperwork for the first transaction but it was only when I threatened the bank with the European small claims court that someone actually read the file and made the refund (9 months on). And no fraudsters were harmed or prosecuted in the making of this post :rolleyes:.0 -
Can i jump on this thread with a question, seeing as it kind of relates.
You know when your giving someone your cc details for whatever reason, and then they ask you for the three digits at the back? Are you meant to give the 3 digits?
The seller can't process the transaction without it.0 -
Can i jump on this thread with a question, seeing as it kind of relates.
You know when your giving someone your cc details for whatever reason, and then they ask you for the three digits at the back? Are you meant to give the 3 digits?
As mentioned above, they can't complete the transaction with those details, otherwise they wouldn't need them.
It's about using your own judgement really - there's a difference between John from Customer Support in Meteor asking for them, and Tony down the pool hall*.
*Not casting any aspersions on Tony down the pool hall.0 -
Digital_Guy wrote: »As mentioned above, they can't complete the transaction with those details, otherwise they wouldn't need them.
It's about using your own judgement really - there's a difference between John from Customer Support in Meteor asking for them, and Tony down the pool hall*.
*Not casting any aspersions on Tony down the pool hall.
I was just about to jump to Tony's defence !0 -
Can i jump on this thread with a question, seeing as it kind of relates.
You know when your giving someone your cc details for whatever reason, and then they ask you for the three digits at the back? Are you meant to give the 3 digits?
Like the reply above, yes you must give the Card security code (Each card scheme uses different acronyms for it CVV/CVV2/CVC2) to the merchant to process "Card not present" transactions. The code is to verify you are in possession of the card. PCI-DSS mandates that the card security code is never written down / recorded / stored and most payment gateways / virtual terminals / e-pos devices will not store them but only use them for verification.0 -
Advertisement
-
Digital_Guy wrote: »As mentioned above, they can't complete the transaction with those details, otherwise they wouldn't need them.
It's about using your own judgement really - there's a difference between John from Customer Support in Meteor asking for them, and Tony down the pool hall*.
*Not casting any aspersions on Tony down the pool hall.
These days I wouldn't trust anyone with CC details. There is a lot of fraud going on and they are getting away with it there usually isn't a investigation for small amounts.
Don't even hand your card to a cashier in case they skim it quickly before entering it into the terminal.0
Advertisement