Blog article
See all stories »

Should Amazon be slapped on the wrist?

A French friend of mine recently boasted about his "ultra-secure" credit card issued by his local bank - that card required SMS-based authorization of every transaction. There is nothing secure about SMS-based systems (SMS forwarding attacks were first reported six years ago), but that's not the point.

I got my iPad out and in less than two minutes bought a book from Amazon (their shopping flow, especially checkout procedures, are world-class) - using that "ultra-secure" card, of course. A minute later, an email from Amazon confirmed that my order was being prepared for dispatch (the book was shipped within few hours).

It's not only my friend who should be upset with Amazon - apparently, the largest e-tailer in the world ignores the card rules on a frequent basis. Should anyone care?

If you are a consumer and your card was used fraudulently at Amazon who turned a blind eye to security checks, you should - eventually - get your money back. But not before you made several calls to your bank (with the obligatory long "muzak" sessions) and some form-filling. If you value your time (and you should), the cost of the time you'd wasted on solving the problem that you didn't create in the first place is far from zero. Let's put a value on that unproductive time, say £50.

If you are a bank, you'll get - eventually - the money back from Amazon via chargeback. But not before your customer service personnel wasted their expensive time on dealing with your upset customer. Say, another £50.

If you are Amazon, you care neither about the upset owner of the card which you accepted without due security checks, nor about the chargeback claim from the bank that issued that card - you make more money if you let every customer to pay quickly and easily, so the current fraud level does not bother you (at all).

If you are a fraudster who bought a DVD with stolen card details, you are enjoying yourself (and cannot wait to buy another DVD, with another stolen card).

My question is: if Amazon was slapped on the wrist by being made liable for those indirect costs and losses (say, £100 per incident), would that change their attitude towards card checks? Class action lawsuit anyone?


Comments: (2)

A Finextra member
A Finextra member 11 July, 2012, 22:13Be the first to give this comment the thumbs up 0 likes

What about the banks themselves too, especially in the the CC loving USA.  Buy something under $25 at a POS with a swipe of a magstripe and its yours - no signature, no pin, no checks at all.  Its terrifying if you ever think your card could have been skimmed - checking statements and trying to identify obscure transactions months after your US visit.  The banks are prepared to waive the fraud in return for the purchase convenience factor - who needs tap and go NFC or chip and pin with that thinking.   Just let the consumer sweat it out and suffer the post-transaction inconvenience.

A Finextra member
A Finextra member 11 July, 2012, 22:19Be the first to give this comment the thumbs up 0 likes

Great comment! As per Leonard Cohen's song - "Democracy [EMV] is coming to the USA!"

Member since




More from member

This post is from a series of posts in the group:

Innovation in Financial Services

A discussion of trends in innovation management within financial institutions, and the key processes, technology and cultural shifts driving innovation.

See all

Now hiring