Controversion over the possibility of a charge-back procedure after credit card fraud
According to the credit card issuers, requests for reimbursement in the form of so-called chargeback procedures based on the rules of the card networks are not possible if the card charge was authorized with 2-factor authentication. According to the bank, this was the case here. It claimed that the client had expressly confirmed both transactions in the bank’s app, where both the amount and the merchant were visible. The client vehemently denied this.
In such cases, the card issuers refer the defrauded clients directly to the merchant in order to clarify the situation. This is usually difficult because clients have had no previous contact with the merchant. The contact took place between the retailer and the fraudsters, who paid for goods or services using the fraudulently acquireddata from the client’s card. After exchanging letters with the bank, the client contacted the crypto exchange directly. With the help of a cyber expert, she actually managed to get them to return the amounts charged to her card.
Since the crypto exchange did not know the client either and since only her misused credit card was involved in the transaction, it only wanted to repay the money to the client via this channel and demanded that the card-issuing bank initiate a chargeback procedure. The client informed the bank accordingly and contacted the Ombudsman before the bank had replied to her last letters.
It was actually premature to contact the Ombudsman. The client should have waited for the bank’s response. However, in view of the bank’s stance on the matter, as evident from the preceding communication, and the presumed urgency, the Ombudsman decided to contact the bank immediately in order to avoid an unnecessary blockade and asked it to review its position and respond to the client.
The bank finally initiated a cargeback procedure and later informed the Ombudsman that it had been successful. The money was credited back to the client’s card.