Hi,
Am I correct in saying that neither of these payments can be made?
I understand the pay at pump restriction being derived from a pre paid card, but not being able to use card details over the phone is a new one for me? Is this still the case?
Hi,
Am I correct in saying that neither of these payments can be made?
I understand the pay at pump restriction being derived from a pre paid card, but not being able to use card details over the phone is a new one for me? Is this still the case?
Hi @Rexx
Thereās no problem in using your Dozens card for pay at pump transactions. If you have any issues with this please do contact help@dozens.com and weāll be more than happy to look in to this for you.
Yes, Iām afraid itās still the case that we donāt currently allow payments over the phone. Phone payments donāt have that additional level of security checks like online payments have with 3DS (verification steps) so for the time being, we wonāt be allowing these.
Hope that helps!
I think it mentions not being able to pay at pump on your FAQ just FYI
Interesting about payments over the phone, how come other providers are able to do it?
Iāve not tried pay at pump with Dozens, but all fintechs Iāve tried have struggled with this. I suspect there are multiple issues - getting BINs onto pumps in the first place, the fact they want to pre-authorize Ā£99 in many cases (which on a modern account looks like a debit of Ā£99 and may cause you problemsā¦), additional risk since petrol is valuable and its relatively safe to try a card youāve stolen at a pumpā¦
When my credit card was cloned (some years ago nowā¦) almost all the fraudulent changes were done cardholder not present (ie by phone), so I understand why Dozens donāt want the cost/hassle. Is pay by phone still a big thing? I feel odd reading my card number out to someoneā¦ Merchants are being pushed away from this method of payment with higher fees, because of its insecurity.
Maybe an option to turn this on for an hour (so you could turn it on before you did something by phone) could help here? I remember Monzo did/do this for mag-stripe only ATM transactions for when you were abroad in places without chip+pin ATMs.
It was making me think, as sometimes you type in the numbers rather than read them - does this make a difference?
Where I work we also take card payments via Barclaycard where the numbers are inputted akin to being over the phone even if the person is present. So I assume these would be rejected too!
Hi @Rexx
As @dan_g mentions, this method of payment is not the most secure, so I suspect that the reason. Iāll get some more clarity from other Rob, and get back to you
Thanks for bringing this to our attention! I can see that this old pay at pump information is still on our FAQās within the app. Weāll get this updated
You can use your Dozens card for Pay at Pump transactions without any issues. Sometimes the merchant can take an authorisation payment (as @dan_g said) of up to Ā£100.00 as they donāt know what the actual charge will be. Once the merchant captures the funds, the correct amount will show in your account usually within a few days (although can take up to 10, but this is very rare).
(apparently: congratulations on solving the pay-at-pump puzzle!).
Loving that Rob has now been relegated to other Rob
More importantly, I never realised that we couldnāt use Dozens over the phone. Feels like quite a significant omission if I were ever gonna use it seriouslyā¦
Hopefully thatās a sign that you may never need it
A merchant really should NOT be asking for card details over the phone in 2021. In the past it may have been the only option, but it is incredibly insecure. We go to great lengths to protect full card numbers, to separate out details such as expiry details and particularly the āsecurityā of having the CVV code. It really does not make sense to then read these off over the phone to another person, however much you trust the business they work for.
We chose to restrict this from the very start and I do not see any reason to change this.
As @Rexx points out, there is now an alternative if absolutely necessary (i.e. there isnāt an app or other payment portal for a secure payment):
I believe this is called 'DTMF maskingā and, as far as I know, this should be accepted because it is very similar to an e-commerce transaction if implemented correctly. In principle you are completing a form, but using your telephone keypad, but it will depend on the security level of the system they are running. There is a chance that it is treated the same way as a telephone payment, in which case it would be stopped, but that will be down to the configuration of the client terminal.
I admit that this is the limit of my current knowledge on the subject so I have escalated this internally to try and clarify it a bit more and be as definite as possible.
However, in summary, if anyone asks you to read out āthe long number on your cardā or your security code over the phone, this is high risk and therefore not something we accept.
I must admit Rob, I work for an FCA regulated financial business and we take payments via verbally communicated card details every dayā¦
There is an online means of paying but we deal with a lot of digitally challenged clients
Another example of when I had to do this personally, was when I got a covid notification whilst my car was in a garage. I had to pay and someone else pick it up, it was the only means of paying beyond giving my card to someone else (they didnāt have the tech capacity for anything else I suppose)
thatās interesting - thanks for sharing (Iād be interested to know more at some stage).
Iām not saying that these payments are not possible, but that we considered this as something that goes beyond our risk appetite (for our customers), and something that should be considered as exceptional rather than just a normal activity.
I do understand that it is convenient at this time, but you will agree, I hope, that reading the FULL card details to someone over the phone, who could either purposely or accidentally share these with anyone else, constitutes a risk to your account?
Iām not sure what the wider social answer is, but if more companies took a principled stand, then maybe more secure options would be available, even for the more digitally challenged. If you can read the details, you can type them into your phone. Alternatively, you could send money via an app, or via Open Banking etc.
A great deal of fraud is still a result of people sharing private details like these, so we should at least make the point that this should not be ānormalā any more and it should make you more wary.
(we cross posted:)
I do understand, but you say
in theory you could have made a transfer to their account instead. They may not have offered it because āread me your card detailsā is more convenient, but certainly more risky for you.
I agree with you. I think the landscape itself is the issue, but a firm can adhere to the Payment Card Industry Data Security Standard by merely training staff to suspend call recordings. I should imagine its a cheaper option, hence it still persists in with some smaller businesses.
A bank transfer is as good as handing over cash, at least Iād have had some chargeback rights on the transaction itself! Risk either way Iād say.
So a use case for the Revolut disposable virtual cards. I donāt know what the cost is though and whether it is worth the implementation.
I think you nailed it.
I have to say that Iāve used my card over the phone at least 6 or 7 times in the last 12 months. I would be very pissed off if my card does not work or suddenly stops working over the phone.
Just to give you a few examples of when and what do I use telephone card payments:
If you really want to fix the insecure system, please push the regulators to discourage and eventually stop merchants from taking the payment over the phone. Do not block it from the card provider side, because itās still a widely used payment method.
Hereās another one, Iāve paid a mortgage arrangement fee over the phone with a bank!