Today I wanted to pay my Panda domestic bin bill and had a similar problems. I ended up paying with Revolut.
Algorithims will decide normally what does and doesn't get flagged for MFA. Whilst the rules will generally be different between banks, the norm would be
should be said no alogrithim is perfect, banks are really trying to minimise risk.
- First transactions with a person/business
- Transactions over a certain amount
- Transactions where a previous transaction was some time ago
- Transactions after you have changed your card
- transactions "not the norm". If for example, the system suddenly saw transactions to a bank in the Caribbean that were not the norm for you.
- transactions where potentially what you are buying could be easily resold.
Merchants already accept part of the risk due to the Chargeback process being very loaded in favour of the cardholder. I've suffered chargebacks in the past where we have clearly shown that the cardholder goods were sent out and received and yet the bank has gone in favour of the Cardholder. That's a loss merchants need to write off and those write offs getting added to the pricing the rest of us pay. Loading more risk on the merchant will only drive prices up further and to me, it's worth pressing a couple of buttons to avoid that.I accept banks minimising risk and I have even worked on algorithms at the company level to examine data to identify risk. i fully see the point of the last two items on your list and this has identified real fraud on my card in the past. However, your list does not say anything about the business of the merchant or where it is. Payments to insurance companies or bin collection operators intrinsically are less risky than many other sorts of transaction. A payment once a year to an insurance company may be more than €100, but it there is nothing unusual about it.
Perhaps part of the solution is for the merchant to take part of the risk and not subject every customer to this authentication when the merchant sees nothing of concern about the transaction. There is no reason for an insurance company to seek bank confirmation for an insurance renewal for the same car with same card at the same address which also has house insurance with the same company and where I have lived for almost 30 years (with the same car insurer all along).
Is a hands off data protection type approach causing unneccessary authentications for customers doing regular stuff?
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?