Payments over the phone/pay at pump

Hi,

Am I correct in saying that neither of these payments can be made?

I understand the pay at pump restriction being derived from a pre paid card, but not being able to use card details over the phone is a new one for me? Is this still the case?

1 Like

Hi @Rexx

Thereā€™s no problem in using your Dozens card for pay at pump transactions. If you have any issues with this please do contact help@dozens.com and weā€™ll be more than happy to look in to this for you.

Yes, Iā€™m afraid itā€™s still the case that we donā€™t currently allow payments over the phone. Phone payments donā€™t have that additional level of security checks like online payments have with 3DS (verification steps) so for the time being, we wonā€™t be allowing these.

Hope that helps! :slight_smile:

I think it mentions not being able to pay at pump on your FAQ just FYI

Interesting about payments over the phone, how come other providers are able to do it?

1 Like

Iā€™ve not tried pay at pump with Dozens, but all fintechs Iā€™ve tried have struggled with this. I suspect there are multiple issues - getting BINs onto pumps in the first place, the fact they want to pre-authorize Ā£99 in many cases (which on a modern account looks like a debit of Ā£99 and may cause you problemsā€¦), additional risk since petrol is valuable and its relatively safe to try a card youā€™ve stolen at a pumpā€¦

When my credit card was cloned (some years ago nowā€¦) almost all the fraudulent changes were done cardholder not present (ie by phone), so I understand why Dozens donā€™t want the cost/hassle. Is pay by phone still a big thing? I feel odd reading my card number out to someoneā€¦ Merchants are being pushed away from this method of payment with higher fees, because of its insecurity.

Maybe an option to turn this on for an hour (so you could turn it on before you did something by phone) could help here? I remember Monzo did/do this for mag-stripe only ATM transactions for when you were abroad in places without chip+pin ATMs.

1 Like

It was making me think, as sometimes you type in the numbers rather than read them - does this make a difference?

Where I work we also take card payments via Barclaycard where the numbers are inputted akin to being over the phone even if the person is present. So I assume these would be rejected too!

1 Like

Hi @Rexx
As @dan_g mentions, this method of payment is not the most secure, so I suspect that the reason. Iā€™ll get some more clarity from other Rob, and get back to you :slight_smile:

Thanks for bringing this to our attention! I can see that this old pay at pump information is still on our FAQā€™s within the app. Weā€™ll get this updated :+1:

You can use your Dozens card for Pay at Pump transactions without any issues. Sometimes the merchant can take an authorisation payment (as @dan_g said) of up to Ā£100.00 as they donā€™t know what the actual charge will be. Once the merchant captures the funds, the correct amount will show in your account usually within a few days (although can take up to 10, but this is very rare).

(apparently: congratulations on solving the pay-at-pump puzzle!).

1 Like

Loving that Rob has now been relegated to other Rob :joy:

More importantly, I never realised that we couldnā€™t use Dozens over the phone. Feels like quite a significant omission if I were ever gonna use it seriouslyā€¦

1 Like

Hopefully thatā€™s a sign that you may never need it :slight_smile:

A merchant really should NOT be asking for card details over the phone in 2021. In the past it may have been the only option, but it is incredibly insecure. We go to great lengths to protect full card numbers, to separate out details such as expiry details and particularly the ā€˜securityā€™ of having the CVV code. It really does not make sense to then read these off over the phone to another person, however much you trust the business they work for.

We chose to restrict this from the very start and I do not see any reason to change this.

As @Rexx points out, there is now an alternative if absolutely necessary (i.e. there isnā€™t an app or other payment portal for a secure payment):

I believe this is called 'DTMF maskingā€™ and, as far as I know, this should be accepted because it is very similar to an e-commerce transaction if implemented correctly. In principle you are completing a form, but using your telephone keypad, but it will depend on the security level of the system they are running. There is a chance that it is treated the same way as a telephone payment, in which case it would be stopped, but that will be down to the configuration of the client terminal.

I admit that this is the limit of my current knowledge on the subject so I have escalated this internally to try and clarify it a bit more and be as definite as possible.

However, in summary, if anyone asks you to read out ā€œthe long number on your cardā€ or your security code over the phone, this is high risk and therefore not something we accept.

1 Like

I must admit Rob, I work for an FCA regulated financial business and we take payments via verbally communicated card details every dayā€¦

There is an online means of paying but we deal with a lot of digitally challenged clients

Another example of when I had to do this personally, was when I got a covid notification whilst my car was in a garage. I had to pay and someone else pick it up, it was the only means of paying beyond giving my card to someone else (they didnā€™t have the tech capacity for anything else I suppose)

thatā€™s interesting - thanks for sharing (Iā€™d be interested to know more at some stage).

Iā€™m not saying that these payments are not possible, but that we considered this as something that goes beyond our risk appetite (for our customers), and something that should be considered as exceptional rather than just a normal activity.

I do understand that it is convenient at this time, but you will agree, I hope, that reading the FULL card details to someone over the phone, who could either purposely or accidentally share these with anyone else, constitutes a risk to your account?

Iā€™m not sure what the wider social answer is, but if more companies took a principled stand, then maybe more secure options would be available, even for the more digitally challenged. If you can read the details, you can type them into your phone. Alternatively, you could send money via an app, or via Open Banking etc.

A great deal of fraud is still a result of people sharing private details like these, so we should at least make the point that this should not be ā€œnormalā€ any more and it should make you more wary.

(we cross posted:)

I do understand, but you say

in theory you could have made a transfer to their account instead. They may not have offered it because ā€œread me your card detailsā€ is more convenient, but certainly more risky for you.

I agree with you. I think the landscape itself is the issue, but a firm can adhere to the Payment Card Industry Data Security Standard by merely training staff to suspend call recordings. I should imagine its a cheaper option, hence it still persists in with some smaller businesses.

A bank transfer is as good as handing over cash, at least Iā€™d have had some chargeback rights on the transaction itself! Risk either way Iā€™d say.

So a use case for the Revolut disposable virtual cards. I donā€™t know what the cost is though and whether it is worth the implementation.

2 Likes

I think you nailed it.

I have to say that Iā€™ve used my card over the phone at least 6 or 7 times in the last 12 months. I would be very pissed off if my card does not work or suddenly stops working over the phone.

Just to give you a few examples of when and what do I use telephone card payments:

  • Placing order over the phone, used twice. First time because a merchantā€™s website wasnā€™t applying a discount correctly, and another time because another merchant doesnā€™t even have an online shopping facility.
  • When the merchantā€™s IT system / online payment system malfunctions, and I still need to make the payment. This happened to me two or three times. One of them was actually a fairly big company, but I believe most of their customers are using either direct debit or prepayment, not many are using card payments, so it didnā€™t make to the news. If an online shop wonā€™t take your shipment or billing address for whatever reason (symbols in the address? new build?), you are often left with no other means of payments other than over the phone.
  • During COVID-19 lockdown, face to face transaction with my card wasnā€™t an option. In fact I was so happy that many merchants would take the card payments over the phone, so I could use my card and enjoy the section 75 or charge back protection. If I had to use bank transfer and the goods did not show up or the seller went bust, I would be in a big trouble.

If you really want to fix the insecure system, please push the regulators to discourage and eventually stop merchants from taking the payment over the phone. Do not block it from the card provider side, because itā€™s still a widely used payment method.

1 Like

Hereā€™s another one, Iā€™ve paid a mortgage arrangement fee over the phone with a bank!