Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Business taking payment from card details on file without express permission

  • 09-05-2018 12:12pm
    #1
    Registered Users, Registered Users 2 Posts: 23,686 ✭✭✭✭


    I occasionally deal with an online business re office equipment and printing.
    I place an order and they call looking for card payment. Fair enough.

    Today I was awaiting call and I now find payment taken from my card without any input from me.

    Can they do this?
    Should they be storing the 3 digit security code for my card?

    Ive no issue with the amount taken etc but I didn't think this was allowable.


Comments

  • Closed Accounts Posts: 1,806 ✭✭✭i71jskz5xu42pb


    mickdw wrote: »
    Should they be storing the 3 digit security code for my card?
    They 100% should not be storing the 3 digit security code.
    But there's no indication that they are storing the 3 digit security code, they don't need that number to process a payment against the card.

    As for taking the payment without authorisation I'm not as sure. They presumably stored the card details from last time (did they get your permission?), your order might be taken as an implicit authorisation to debit the card, are there T&C on the web site that reference this.


  • Closed Accounts Posts: 3,378 ✭✭✭CeilingFly


    You don't need the 3 digit security code. A merchant can accept a "does not match" response or put it as a cardholder present transaction.

    In any case, unless you have entered the pin it is the merchant that must prove the transaction is valid.

    I would ask the supplier to destroy card details and not to take payment unless authorised expressly. Under gdpr, they cannot hold this information without permission and must be able to show that permission


  • Registered Users, Registered Users 2 Posts: 23,686 ✭✭✭✭mickdw


    What is the purpose of the 3 digit code if its not needed for distance payments such as this?


  • Closed Accounts Posts: 3,378 ✭✭✭CeilingFly


    mickdw wrote: »
    What is the purpose of the 3 digit code if its not needed for distance payments such as this?

    If you don't know the customer it gives a little extra security that they are holding the card.

    As the onus is on the merchant to ensure the person is the cardholder, the cvv # is there primarily to protect the merchant as unless the pin is entered the merchant has to prove it was a valid transaction in any dispute.


Advertisement