Insights for credit card issuers and credit card holders
Credit card holders must ensure that they protect the security of their card, which includes their card number and PIN. If a credit card holder believes that the security of their card has been compromised, they should contact their credit card issuer immediately.
Credit card issuers should take a pragmatic approach to considering whether the credit card holder has adequately protected their card number and PIN. In some circumstances, it may not be possible for the numbers to be fully protected, or it may be impractical to expect the credit card holder not to go through with the transaction.
What happened?
In December 2024, while overseas, Clementine visited a store to purchase medicine because she felt unwell. She inserted her credit card into the EFTPOS terminal, entered her PIN number, and then fainted. Clementine was rushed to hospital and discharged four days later.
After Clementine returned home, she noticed that her credit card was missing, and, on logging into her online account, saw several fraudulent transactions totalling $8,500. Clementine cancelled her card and reported the fraudulent transactions to the credit card issuer. Clementine asked the credit card issuer to reimburse her for the transactions, but the credit card issuer declined.
Clementine complained to FSCL.
What were the parties’ views?
Clementine’s view
Clementine’s view was that she should be reimbursed for the transactions because they were fraudulent.
Clementine explained that there was a huge clear shield between her and the cashier, and the EFTPOS machine was attached to the desk on the other side of the shield. The only option she had was to extend her arm, key in her PIN, and then remove her card. She had reported the fraudulent transactions to local police, who said that the cashier had confessed to making a note of Clemetine’s PIN, keeping her card after she had fainted, and making the transactions. Clementine thought it unlikely that the cashier would reimburse her.
The credit card issuer’s view
The credit card issuer declined Clementine’s request to be reimbursed because Clementine had breached the account terms and conditions by not protecting her PIN.
The credit card issuer referred to their terms and conditions that said that the cardholder must ensure that no one can see them enter their PIN at a terminal, and that they should make sure their card is returned by the merchant after they have made a purchase.
What was FSCL’s view?
We agreed with the credit card issuer that, on a strict interpretation of the terms and conditions, Clementine was required to ensure that no one, including the cashier, could see her enter her PIN when she made her purchase and was required to ensure that her card was returned to her.
However, our view was that Clementine’s situation was unique. We suggested that it would be fair for the credit card issuer to take into account Clementine’s particular circumstances, including that:
- the EFTPOS machine was stuck to the desk behind a plastic shield limiting Clementine’s ability to protect her PIN
- Clementine was unwell, was purchasing medicine, and had passed out at the counter before being able to take her card back from the EFTPOS machine.
- The cashier’s actions were opportunistic.
The credit card issuer agreed with our suggestion that they should reduce the debt by $2,000 and offered this to Clementine as a resolution.
How was the complaint resolved?
Clementine asked the credit card issuer if they were willing to meet her halfway by writing off $4,250 of the disputed transaction and not charging fees and interest on the remaining amount while she paid it off.
The credit card issuer agreed to Clementine’s suggested resolution, and we closed our file.
