Sunday, 17 June 2012

Banking Vigilence Fail: Unblocking A Card With Only A Surname

Photography by Andres Rueda, CC-BY

Every year I go travelling, and every year my bank suspends my credit card due to "suspicious behaviour". Luckily, it's easy to get the stops removed... too easy, in fact.

Today, when calling the bank to confirm that I had purchased a US phone service, I was asked only a single piece of identifying information, and that was my surname.  The bank's representative revealed—without my prompting—the last four digits of my credit card, and the full details of the transaction that was considered suspicious.

The thing is, if you're the one making fraudulent transactions on a card, then you probably already know the cardholder's surname, and you definitely know some recent suspicious transactions.