[Bank CC] NAB security is on the case!

[AVC]

Just received a call from NAB card security about the 4 BA air ticket purchases we made last night to confirm their authenticity.

Good to see those billions in profit are going somewhere.

They also put a note on file for our travel dates so they don't go ringing me when I pay for my bar bill in Thailand.

 

[Mal]

I curious....

Which BA portal did you use?
What (local) time did you make the transaction?
Do you usually travel much using that credit card?

At a quick guess, I suggest the following would trigger fraud controls:

- Australian portal (but might be charged elsewhere)
- Purchased between 11pm and 6am (local time).
- Don't purchase tickets on BA, or other airlines regularly using that card.

Could be completely wrong, but I am still curious.

 

[TheInsider]

And here is me purchasing items from all over the world and no phone call what so ever!

 

[Mal]

And here is me purchasing items from all over the world and no phone call what so ever!

Yeah, I am the same. Out of MANY suspicious transactions around the world, the only times (from memory) I've been pinged are:
- Paypal transaction for a UK company.
- Opodo purchase which failed so I used Expedia.
- Purchasing something online which didn't handle my CCV number and kept rejecting the transaction.
- Withdrawing cash in Hobart several days in a row.
- Bpaying to a company.
- Oh, and I can't forget "Our atm got skimmed a few days after you used it, you need a new pin in case we didn't detect it quick enough".

There might be more, but I have trained my credit card companies to stay away

 

[burrco]

And here is me purchasing items from all over the world and no phone call what so ever!

Ditto. The only time I've been called was when I linked my credit card to a US Itunes account.

 

[AVC]

Which BA portal did you use?

Webjet portal actually. Although I could log into BA straight after and manage my booking.

What (local) time did you make the transaction??

About 10pm local (SYD). So it took them over 12 hours to call me.

Do you usually travel much using that credit card?

On this account, yes, but this would have been the first on line travel transaction since our new cards arrived.

And here is me purchasing items from all over the world and no phone call what so ever!

We've had a few calls, when OS, basically minutes after making a major purchase. I would assume if they have been notified that you are travelling (and where) they wouldn't bother you though.

 

[Must...Fly!]

I couldn't even purchase a fare from EK on my 28 degrees card last month without having it temporarily suspended! Had to pay with my debit card and swallow the exchange rate

 

[harvyk]

I curious....

Which BA portal did you use?
What (local) time did you make the transaction?
Do you usually travel much using that credit card?

At a quick guess, I suggest the following would trigger fraud controls:

- Australian portal (but might be charged elsewhere)
- Purchased between 11pm and 6am (local time).
- Don't purchase tickets on BA, or other airlines regularly using that card.

Could be completely wrong, but I am still curious.

It doesn't even need to be something that is completely unusual for the person. It could be that they have detected a higher than normal amount of suspicious bookings for Thailand for example and they are double checking to confirm the authenticity of the purchase prior to approving the payment. It could be the amount that was spent, it could have even been a completely random check.

 

[blackcat20]

We've had a few calls, when OS, basically minutes after making a major purchase. I would assume if they have been notified that you are travelling (and where) they wouldn't bother you though.

I got a call from Westpac when I was in NYC (2am local time!) even though they knew where I was and when I would be there. The only thing I can think that might have triggered the call was a transaction that was processed in AUD instead of USD... They only queried two purchases.

 

[JohnPhelan]

I have had a few of these alerts from Amex, and it always seems to be the same situation - I am making multiple internet purchases from sites in different countries.

As an example, last night - in the space of about 30 minutes - I purchased from sites in Australia, the US and the UK. After I made the UK purchase - literally about 20 seconds after - I got an alert SMS from Amex saying there were possibly fraudulent transactions being made and I needed to call the call centre to verify.

So, at least with Amex, it seems to be when there are multiple transactions from different countries in the same sort of time frame. But I am impressed with their efficiency - I presume the alert is sent automatically when the system sees a pattern of transactions which meets the criteria they have set.

 

[simongr]

Just tried to buy a car part online in the US and have it shipped via myus.com and the transaction got pinged so I now need to phone Amex and get a 6 digit reference and redo the transaction. The overseas price for the part was $50 - Jeep in Oz were quoting $1400...

 

[ozmille]

I did get a call when booked three tickets on AF, the call came the next day and they blocked my card at the same time, took two weeks to get the block off the card. This was on a bank issued VISA

 

[dajop]

I have a few times booked some flights (ex-SIN) on EK for same day travel (about 6 hours prior to departure), paid for with Citibank Visa. Within perhaps 90 seconds of hitting the confirm button I had a call from Citibank verifying that I had intended to purchase the tickets. By the time I made the third such transaction I had my phone in the hand waiting for the call.

 

[Awesom Andy]

I never receive any calls from any banks, no matter what I do with my card. However, I now use my SIN-based cards a lot more, which comes with verification features where a PIN is sent to my phone via SMS, and I enter that PIN on the website to proceed.

 

[yo yo ma]

Good to see those billions in profit are going somewhere.

I like that the profits are going somewhere too - to the shareholders

 

[ckck]

I received a phone call from my bank last night just a few minutes after joining Expert Flyer. I have been phoned before but usually it was for large transactions e.g. paying college fees.

ckck

 

[addyoni]

Yikes, seems like there's a 'No-Buy List' like the DHS 'No-Fly List'.

Just like NF List you can't really ever get off it, and aren't told if you're even on it 'til it's too late, and they don't really tell you why you're on it. It's all about 'security ma'am!'.

Security sucks balls.

I understand there is lots of fraud, but freezing legit cards isn't really the best or smartest way to do it. They need to be innovative. But it's one of those things, it's where the money is.

Anyone seen that new 'Man In The Browser' hacker attack? It's amazing. Just when I thought the banks had a few months, maybe even a year breathing space before the black hat hackers catch up by using those virtual keyboards and only entering parts of the User ID and PW. So banks (in the UK so far) have issued palm sized keypads to slide CC into and get a unique one time number code to enter into browser. Anyhow the hackers will probably figure out a work around for that too, they're constantly thinking, and are pretty darn smart (being isolated outcasts and all. Perhaps people ought to embrace them more and think twice before ridiculing or bullying those that are different, OK back On Topic).

In the end, humans are pretty naive and gullible, they trust authority too much. [Only as strong as the weakest link remember]. So banks are doin' it all wrong I think, it's all reactive. Social engineering relies on these things. Hackers will probably just use that more after more security has been beefed up. They'll probably put 'Call Now' links to chat to the 'bank' on their faked phishing shopping sites and have the calls redirected to them :mrgreen: and still make off with the money.

I was shocked when I went to register my new PW on Amex that they don't like symbols! Can you believe it! Just one symbol like $ (fittingly) or } can boost the strength of the PW by double! Crazy. Oh well, I guess Amex don't get hit with as much fraud, or just take the 0.1% loss as the cost of doing business. No point really spending more then 0.09% to fight it. Just let it go and keep the savings.

 

[ReLoad]

Westpac Everyday Rewards card was pinged after I bought some UPP's from AA.com

The card got locked on a weekend and had to wait until the Monday before customer service was open to get it unlocked.

 

[serfty]

Purchased two USD502 tickets from AA one after the other last week and was called by HSBC Mastercard within 20 minutes of the second transaction.