Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

They have my Debit Card Information !!!

  • 28-09-2010 10:10am
    #1
    Registered Users, Registered Users 2 Posts: 30


    Hi,

    Wondering if anyone has any view on this.

    I made a donation a short time ago to a charity based in cork. I gave the donation over the phone and everything seemed fine. I made the payment with my lazer card and the girl took my details. This morning I got a call from the organisation to say that my payments had been declined because the girl wrote my details down wrong.

    I said I though that the girl was putting my card through the machine when i called the first time. I was told that the girl on the phone takes the details and writes them down with my details and files them away. Then the payment is made at later date. I asked how long my debit card details are kept on file and she said - "oh a few years" I asked where they are kept and she said in a filing cabinet in the office!

    This seems totally unacceptable to me. I told her to destroy all my details as I was unhappy with my details being kept on file.

    I have looked on the data protection website and i can't really find information on whether this is all above board or not... its seems totally crazy to me.

    It was probably naive of me to think my card details were being processed on the spot but Ive worked in businesses that have taken card details over the phone and we always processed the payment when the customer was on the other end. We never kept details on file!!

    Does anyone think i'm over-reacting?

    Thanks


Comments

  • Moderators, Technology & Internet Moderators, Regional South East Moderators Posts: 28,536 Mod ✭✭✭✭Cabaal


    They must save your payment information in a secure protected fashion, they must also remove the details if you request them to do so.


  • Closed Accounts Posts: 16,713 ✭✭✭✭jor el


    Does anyone think i'm over-reacting?

    A little, yes. Even if your details were processed immediately, the merchant copy of the receipt would show your full card number anyway. These receipts are normally stored in an office in most businesses, often in a filing cabinet.

    Just because your card details are written down somewhere, doesn't mean you're at any risk.

    Data Protection just makes sure that they don't keep irrelevant or non-pertinent data on you. A credit or debit card number is pertinent data when you're dealing with payments. They can't destroy it either, as they would be required to keep such information for the purposes of auditing, and their accounts in general.

    You should understand how credit and debit card transactions work, especially card-holder not present transactions, before taking this any further. There is no issue here.


  • Registered Users, Registered Users 2 Posts: 30 William NoMates


    jor el wrote: »

    You should understand how credit and debit card transactions work, especially card-holder not present transactions, before taking this any further. There is no issue here.



    Thanks, any idea where I would go to understand how these transactions work?
    This process seems very open to fraud.


  • Closed Accounts Posts: 16,713 ✭✭✭✭jor el


    Thanks, any idea where I would go to understand how these transactions work?
    This process seems very open to fraud.

    Financial Regulator, banks, wikipedia, Google, etc. There's tons of info out there, just that you need to sort through it all.

    Fraud happens all the time, that's a fact of the way it works, but you are covered for fraudulent use of your card (except if they have your PIN, then it's on you). If it didn't work like this, then it would be impossible to buy anything online or over the phone.


  • Registered Users, Registered Users 2 Posts: 537 ✭✭✭vard


    when I worked in dominos a few years back we were told to just write down card details on a little bit of paper. Very often my fellow workers would not properly dispose of them afterwards,.or would just throw them in the bin without ripping them up.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 10,262 ✭✭✭✭Joey the lips


    No i dont think your overreacting and i think this is an issue that should be dealt with by the law....

    There should be an expiry time on details for example 24 hours...The receipt is proof the transaction went through...


  • Registered Users, Registered Users 2 Posts: 271 ✭✭AvaKinder


    Most major shops keep the merchant copy of receipts for a number of years. These contain your full cc/dc number and the expiry date. Obviously they don't include your pin or name. They can also look up the information via their computer records of transaction.

    This protects the customer when they claim something went through twice/they didn't get cashback etc. They also protect the shop in case of a certain sale seemingly going through but in fact not.


  • Registered Users, Registered Users 2 Posts: 30 William NoMates


    AvaKinder wrote: »
    Most major shops keep the merchant copy of receipts for a number of years. These contain your full cc/dc number and the expiry date. Obviously they don't include your pin or name. They can also look up the information via their computer records of transaction.

    This protects the customer when they claim something went through twice/they didn't get cashback etc. They also protect the shop in case of a certain sale seemingly going through but in fact not.

    Thanks I had no idea this went on, I have to say i'm pretty surprised... I really have to do a little reading on it but it seems to me a very lax system... I wonder what the Germans are doing!! - i'm pretty they would't put up with this :eek:

    W


  • Registered Users, Registered Users 2 Posts: 271 ✭✭AvaKinder


    I dunno, in my years of work I've had access to literally thousands of cc numbers. Never bothered trying to steal, it's not worth my job:)

    And any cases I've seen of staff members scamming have been figured out very quickly and all put right and reported to the garda.


  • Registered Users, Registered Users 2 Posts: 2,821 ✭✭✭Xcellor


    I remember when i worked for a multinational company it was common place to sticky note credit card details. I had a collection of about 50 of them when I left the company.

    Ahhh the good old call centre days :D


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 7,806 ✭✭✭GerardKeating


    jor el wrote: »
    A little, yes. Even if your details were processed immediately, the merchant copy of the receipt would show your full card number anyway. These receipts are normally stored in an office in most businesses, often in a filing cabinet.

    Not for much longer, the card schemes are changing the rules and merchant copies will only print the last 4 digits of the pan, many POS machines have already implemented this, (and many have not).


  • Closed Accounts Posts: 1,383 ✭✭✭91011


    Thanks, any idea where I would go to understand how these transactions work?
    This process seems very open to fraud.

    Every financial transaction is open to fraud, but it is now the Retailer that must prove the sale was genuine if the pin number is not used.
    No i dont think your overreacting and i think this is an issue that should be dealt with by the law....

    There should be an expiry time on details for example 24 hours...The receipt is proof the transaction went through...

    All retailers must keep credit card recipts for 12months. They also are obliged to keep the info in a safe place. (we use a grade 4 safe). Online / cardholder not present merchasnt must be PCI compliant. - All of this is covered under merchant agreements which are legal documents.
    I wonder what the Germans are doing!! - i'm pretty they would't put up with this :eek:
    W

    The EXACT same system applies in Germany.


  • Registered Users, Registered Users 2 Posts: 6,052 ✭✭✭trellheim


    91101 got in first and is spot-on. However safes are expensive and receipts mount up quickly.


  • Closed Accounts Posts: 23,862 ✭✭✭✭January


    jor el wrote: »
    A little, yes. Even if your details were processed immediately, the merchant copy of the receipt would show your full card number anyway. These receipts are normally stored in an office in most businesses, often in a filing cabinet.

    Just because your card details are written down somewhere, doesn't mean you're at any risk.

    Data Protection just makes sure that they don't keep irrelevant or non-pertinent data on you. A credit or debit card number is pertinent data when you're dealing with payments. They can't destroy it either, as they would be required to keep such information for the purposes of auditing, and their accounts in general.

    You should understand how credit and debit card transactions work, especially card-holder not present transactions, before taking this any further. There is no issue here.

    When I worked in a call centre we were NOT allowed to write down any credit card/debit card details, all details had to be entered into the payment system immediately, it went straight into an encrypted computer file.


  • Closed Accounts Posts: 16,713 ✭✭✭✭jor el


    When I worked in a call centre we were NOT allowed to write down any credit card/debit card details, all details had to be entered into the payment system immediately, it went straight into an encrypted computer file.

    It should be done that way, but small businesses would not have the capability of doing it. Even large businesses may not, either by choice or some other reason.

    A card number by itself isn't worth a whole lot. You need the account holder's name and address. The expiry date, and CVV2 number are also good to have, if you're looking to make fraudulent purchases. If all this information is written down and stored in an insecure way, then that is open to fraud. Most of this can be found on your statement though, and is sent through the post totally unsecured.


  • Registered Users, Registered Users 2 Posts: 959 ✭✭✭maringo


    Hi, if you're worried why dont you just get a new card - this would make the other details inoperable like when you lose your card and get another one


  • Registered Users, Registered Users 2 Posts: 692 ✭✭✭gleep


    jor el wrote: »
    A little, yes. Even if your details were processed immediately, the merchant copy of the receipt would show your full card number anyway. These receipts are normally stored in an office in most businesses, often in a filing cabinet.

    Just because your card details are written down somewhere, doesn't mean you're at any risk.

    Data Protection just makes sure that they don't keep irrelevant or non-pertinent data on you. A credit or debit card number is pertinent data when you're dealing with payments. They can't destroy it either, as they would be required to keep such information for the purposes of auditing, and their accounts in general.

    You should understand how credit and debit card transactions work, especially card-holder not present transactions, before taking this any further. There is no issue here.

    You're kidding, right?

    If I have someones full card details I can take them for everything they have, fact. Christ on a bike! And if you did give your details over the phone and were ripped off, the bank would say "tough luck, you should have taken better care of your details".


Advertisement