Visa Accidentally Charges People $23 Quadrillion

from the yes,-that's-a-real-number dept

Thu, Jul 16th 2009 9:40am — Mike Masnick

I saw a couple of days ago on Consumerist that a teen had apparently discovered a debit of $23,148,855,308,184,500.00 on her debit card for a purchase at the local drug store. That's $23 quadrillion -- or 2,000 times the national debt. CNN is now reporting that a bunch of folks were hit with this charge (the identical number). Most are also dealing with insufficient funds charges. Visa, not surprisingly, is apologetic, promising to sort things out and agreeing to get rid of any excess charges due to this. However, it does make you wonder... shouldn't Visa's debit cards have some sort of "reality check" included?

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: charges, debit card
Companies: visa

46 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

TheStupidOne, 16 Jul 2009 @ 9:59am

The plan
was to charge a few people that amount in hopes that one person wouldn't notice the charge and actually pay it. They just forgot that there isn't that much real money in the world.
[ link to this | view in chronology ]
C.T., 16 Jul 2009 @ 10:08am

Reminds me of when I got my cell phone statement and it indicated I owed ~$45,000 for the month. Apparently Sprint is notorious for sending out incorrect statements. Good thing I didn't have that bill set to auto-deduct from my checking account.
[ link to this | view in chronology ]
Dark Helmet (profile), 16 Jul 2009 @ 10:08am

Easy Fix
Seems like there should be a fairly easy to write threshhold script in place to avoid this kind of thing.
[ link to this | view in chronology ]
- Anonymous Coward, 16 Jul 2009 @ 11:30am
  
  Re: Easy Fix
  Are you iluvator? You seem a lot like him, same kinda thinking.
  [ link to this | view in chronology ]
  - Anonymous Coward, 16 Jul 2009 @ 11:31am
    
    Re: Re: Easy Fix
    err, iluvatar *
    [ link to this | view in chronology ]
    - Dark Helmet (profile), 16 Jul 2009 @ 2:49pm
      
      Re: Re: Re: Easy Fix
      I am not. Is he also an evil supergenius?
      [ link to this | view in chronology ]
      - Anonymous Coward, 16 Jul 2009 @ 8:16pm
        
        Re: Re: Re: Re: Easy Fix
        On forums.christianity.com he has an icon somewhat similar to yours and he argues kinda like you (with the whole thing about Wal Mart and using the word "starve" because we had a discussion and Wal Mart was mentioned in the discussionand he used that very same word in a context similar to the context used here about the unions).
        [ link to this | view in chronology ]
        
        nasch (profile), 17 Jul 2009 @ 7:15am
        
        Re: Re: Re: Re: Re: Easy Fix
        Does he play at landgrab.net too?
        [ link to this | view in chronology ]
        
        Dark Helmet (profile), 17 Jul 2009 @ 10:26am
        
        Re: Re: Re: Re: Re: Easy Fix
        Different person. I can assure, for all of the varied and weird places I visit on the internet, a Christian forum ain't gonna be one of them.
        [ link to this | view in chronology ]
DrPiper, 16 Jul 2009 @ 10:22am

How about setting a database field size limit to the amount due field.
[ link to this | view in chronology ]
Shawn (profile), 16 Jul 2009 @ 10:25am

or I dunno not allowing any charge over a billion or so go through to the issuing bank?
[ link to this | view in chronology ]
Ilfar, 16 Jul 2009 @ 10:27am

On the flip side...
Well on the other side of the equation, you have to admire them for building their system to handle values well beyond what anyone would ever expect them to handle. Now that's future-proofing! ;)
[ link to this | view in chronology ]
- Brian (profile), 16 Jul 2009 @ 10:34am
  
  Re: On the flip side...
  Wait until inflation gives us a massive reality smack down. The future isn't as far away as you think ;)
  [ link to this | view in chronology ]
  - ChrisB (profile), 16 Jul 2009 @ 11:28am
    
    Re: Re: On the flip side...
    Given the amount of money that was destroyed when the housing bubble burst, that could be a long time. Deflation is more likely. Look at Japan, who are coming up their second "lost decade".
    [ link to this | view in chronology ]
- SumDumGuy, 16 Jul 2009 @ 1:56pm
  
  Re: On the flip side...
  At Visa, we are fully prepared for decades of hyper-inflation...
  [ link to this | view in chronology ]
btr1701 (profile), 16 Jul 2009 @ 10:29am

Sad
What’s really disturbing about this is that a number that large is only 2000 times the national debt.
[ link to this | view in chronology ]
- interval, 16 Jul 2009 @ 10:57am
  
  Re: Sad
  AGREED.
  [ link to this | view in chronology ]
RedSpdr (profile), 16 Jul 2009 @ 10:30am

LOLZ
Nah man, is just that some one found the debit card Dr. Evil used in Austin Powers.....XD
[ link to this | view in chronology ]
Anonymous Coward, 16 Jul 2009 @ 10:31am

CC companies can garnish wages and take you to court and stop you from buying a house under the right circumstances. But when they make a mistake (a pretty fucking big mistake at that excuse the french) they just have to apologize and take what they over charged away, I feel that they should be responsible for added compensation whether its additional monies, or a $20 gas card, something to try and prevent future mistakes like this from happening. Plus its good business...oh wait they don't need a good business model cause everyone needs them I forgot
[ link to this | view in chronology ]
Gyroc, 16 Jul 2009 @ 10:31am

CC companies can garnish wages and take you to court and stop you from buying a house under the right circumstances. But when they make a mistake (a pretty fucking big mistake at that excuse the french) they just have to apologize and take what they over charged away, I feel that they should be responsible for added compensation whether its additional monies, or a $20 gas card, something to try and prevent future mistakes like this from happening. Plus its good business...oh wait they don't need a good business model cause everyone needs them I forgot.
[ link to this | view in chronology ]
Anonymous Coward, 16 Jul 2009 @ 10:35am

Someone accidentally bought Europe on their credit card.
[ link to this | view in chronology ]
- spdr (profile), 16 Jul 2009 @ 10:38am
  
  Re:
  lol that's awesome!
  [ link to this | view in chronology ]
reality sinks in, 16 Jul 2009 @ 10:45am

Looks more like someone entered the credit card number in the Charge amount field.

Imagine the interest charges for one month @ 12%
[ link to this | view in chronology ]
pegr, 16 Jul 2009 @ 10:47am

Obviously a data conversion error...
The processor submits the batch to Visa, let's say. The file spec says "pad the digits on the left with nulls", but the programmer pads it with spaces. Null in hex is "00", but a space in hex is "20". Now a five dollar transaction, instead of this: "000000000000500" now looks like: "202020202020500"... Whoopsie!

(Yes, I know I didn't convert the $5 to hex, it's just an example...)
[ link to this | view in chronology ]
- Anonymous Coward, 16 Jul 2009 @ 11:31am
  
  Re: Obviously a data conversion error...
  http://stackoverflow.com/questions/1133581/is-23-148-855-308-184-500-a-magic-number-or-sheer-chance
  [ link to this | view in chronology ]
  - Xanthir, FCD (profile), 17 Jul 2009 @ 7:42am
    
    Re: Re: Obviously a data conversion error...
    http://stackoverflow.com/questions/1133581/is-23-148-855-308-184-500-a-magic-number-or-sheer-chance
    
    A comment there brings up an excellent point. All of the charges we're seeing are the *same* value, 0x2020202020201250. After you remove the padding spaces that were put there you're left with 0x1250, which is 4688 in decimal. Since these amounts are always sent in cents, that corresponds to a $46.88 charge. There's no way that all of the customers I've seen (and the 13k supposedly affected, if we assume that they all have the same amount as well) purchased the exact same value of items. One guy bought a pack of cigs and incurred the charge, which is simply impossible to reach $46.88 with.
    
    This is pretty clearly not *just* a padding issue. There's a genuine bug behind this, or perhaps a hack attempt. This does sort of smell like a buffer overflow exploit...
    [ link to this | view in chronology ]
- Anonymous Coward, 16 Jul 2009 @ 1:11pm
  
  Re: Obviously a data conversion error...
  I think you nailed it. Time to fire the software QA folks and get some that know what they are doing. Software Engineers makes these kinds of mistakes all the time, testing should find them. This one should have been really obvious. Did they test thier code before putting into production? And, how did that transaction get approved by the bank? Some system, nice work Visa.
  [ link to this | view in chronology ]
  - Anonymous Coward, 16 Jul 2009 @ 5:48pm
    
    Re: Re: Obviously a data conversion error...
    Time to fire the software QA folks and get some that know what they are doing. Software Engineers makes these kinds of mistakes all the time, testing should find them. This one should have been really obvious.
    
    But..but..but.. better people cost more!
    [ link to this | view in chronology ]
- Techflaws.org, 17 Jul 2009 @ 3:58am
  
  http://it.slashdot.org/article.pl?sid=09/07/15/2050215
  So much for reality check.
  [ link to this | view in chronology ]
Hidden Force, 16 Jul 2009 @ 10:53am

(*Dr. Evil voice*) $23 Quadrillion Dollars
I tried to calculate how much this charge is compared to all the money in the world. Although it's difficult to find an estimate of the total amount of money in the world, the CIA Factbook says that the estimated Gross World Product is $62.25 trillion (in USD). Therefore this charge is a "mere" 371.869 times larger than the entire GWP.
[ link to this | view in chronology ]
Haywood, 16 Jul 2009 @ 11:01am

Now they can fund national health
The taxes on that one transaction should fund it for years.
[ link to this | view in chronology ]
kevjohn (profile), 16 Jul 2009 @ 11:02am

Not Visa's fault!
It's the consumers' fault for not having that much in their accounts to cover the $23 quad. If they did that then they wouldn't have to worry about the overdraft fees. Pay up, losers.
[ link to this | view in chronology ]
Hosermage (profile), 16 Jul 2009 @ 11:10am

What they didn't tell you in the story was that the minimum monthly payment for all that was $10.00. We hope you'll pay the 20% interest next month.
[ link to this | view in chronology ]
Anonymous Coward, 16 Jul 2009 @ 11:12am

I asked the same question...
About 3 years ago my debit card was charged $9,910. It turned out to be a mistake from a company that was supposed to charge me $99.10. I was hit with overage charges and it took over a week to resolve with the banks and company involved.

A few weeks after that incident, I used a credit card (not debit) to buy gas about 50 miles from my house. I immediately received a call from the credit card company alerting me to unusual behavior.

After that, I asked the same question: Why don't debit cards have the same 'check' protection that credit cards have?
[ link to this | view in chronology ]
Grey Ferret, 16 Jul 2009 @ 11:44am

Remeber Y2K anyone?
Let's limit the field size of the Year to only 2 digits. Made sense at the time. After all, the year 2000 was only imagined in Sci-Fi, not reality.

Basically the same situation here if you impose a modern day limit on a system that could end up being used well into the future.
[ link to this | view in chronology ]
- btr1701 (profile), 16 Jul 2009 @ 12:33pm
  
  Re: Remember Y2K anyone?
  > Basically the same situation here if you impose
  > a modern day limit on a system that could end
  > up being used well into the future.
  
  You don't have to limit the amount of characters allowed in the field, just put in a simple line of code that blocks any transaction over a certain amount. If that needs to be changed in the future, it would be a simple thing to go back in and eliminate that line of code and free up the block.
  [ link to this | view in chronology ]
Danny (profile), 16 Jul 2009 @ 1:22pm

where I thought this story was going
I expected the punch line to the story to be...

"So the Visa representative asked the customer to simply pay the $23 quadrillion and it would be credited back to her account next month."
[ link to this | view in chronology ]
- Anonymous Coward, 16 Jul 2009 @ 5:52pm
  
  Re: where I thought this story was going
  Actually, I've read some other accounts of people's experiences with this and some of them report that they've had to go round and round arguing with Visa reps (who insisted it was a legitimate charge) to get this charge taken off their accounts.
  [ link to this | view in chronology ]
Anonymous Coward, 16 Jul 2009 @ 1:30pm

This is clearly a violation of the Patriot Act and Bank Secrecy Act...
A company can only collect $10,000 per transaction. Visa should know better!
[ link to this | view in chronology ]
anymouse (profile), 16 Jul 2009 @ 2:15pm

Are we following the money? Where's the rest of the story?
I'm willing to accept that this 'could' just be a mistake, but has anyone looked closer at where the money is going? I'm not talking about the 23 quadrillion x however many customers were charged, but how much money VISA earned on the 'float' that would be involved in transactions of this size. My guess is that the interest earned by 'someone' on these funds over an hour or two would be more than most US families are likely to see in income in an entire year (including both spouses salaries and all their kids part time jobs).

The term 'Gaming the system' comes to mind, and I have a feeling that 'someone' 'somewhere' knew exactly what they were doing when they caused this to happen. And yes, my tinfoil hat may be a little tight today (with the recession and all).
[ link to this | view in chronology ]
Anonymous Coward, 16 Jul 2009 @ 3:28pm

Reactionary much?
Wow, you all are ridiculous. I would think that this site, which routinely calls out politicians and businessmen for grandstanding and demanding changes based on issues that, truly, are not that significant, would not stoop to this level.

The error is obvious from the amount charged - the processor padded the amount with spaces instead of zeros, which when converted from hex resulted in an extraordinarily large number. As exciting as it may be to bluster about how many Libraries of Congresses or World GDPs the amount was, it's a simple data error. No one embezzled trillions of dollars of interest, no one was ever at risk of losing their home, and no we don't need a law requiring all credit card processing code to be kludged up with arbitrary limits that "we can just change later!"
[ link to this | view in chronology ]
- Anonymous Coward, 16 Jul 2009 @ 7:38pm
  
  Re: Reactionary much?
  The error is obvious from the amount charged - the processor padded the amount with spaces instead of zeros, which when converted from hex resulted in an extraordinarily large number.
  
  Hmm, I wonder if *I* could get away with that. Cash a check for, say, $10000 on an account with only twenty bucks in it and when it bounced say "That '10000' was in binary!", i.e. really only $16? No, I suspect my butt would wind up in jail.
  [ link to this | view in chronology ]
- btr1701 (profile), 16 Jul 2009 @ 11:27pm
  
  Re: Reactionary much?
  > it's a simple data error... we don't need a law requiring all
  > credit card processing code to be kludged up with arbitrary
  > limits that "we can just change later!"
  
  We don't need a law-- and no ever suggested we need one. But it would seem prudent, especially when people suffer time and expense dealing with the fees and charges that typically come with these "simple data errors".
  
  If the companies' reps weren't so mindless and robotic and had the ability to use common sense in situations like this, rather than giving customers the run-around over something so obviously erroneous, then technical remedies wouldn't be necessary.
  
  As that is not the case, they are.
  [ link to this | view in chronology ]
  - Xanthir, FCD (profile), 17 Jul 2009 @ 7:34am
    
    Re: Re: Reactionary much?
    If the companies' reps weren't so mindless and robotic and had the ability to use common sense in situations like this, rather than giving customers the run-around over something so obviously erroneous, then technical remedies wouldn't be necessary.
    
    That'd be the issue. Visa should have had technological safeguards against charges this high in the first place, and then reps should have been sufficiently trained that they can decide by themselves that a multi-quadrillion dollar charge is obviously wrong.
    [ link to this | view in chronology ]
Anonymous Coward, 16 Jul 2009 @ 7:10pm

Not just Visa, but Bank of America for this gaff. The same BofA who decided, without asking, to do a merge of accounts that looked similar binding my card in Pennsylvania to my estranged spouse's in California so I could not access the information about it online, but he could.
Their system was so well done that we couldn't unentangle my account from his after the merge, and after countless contacts with customer service which included several expensive long distance conference calls, I had to abandon 24 years of perfect credit history on that card and apply for a new one. So now I have a canceled card on my record, a lower charge limit, and a new card, all lowering my credit rating.
Good thing I could trust my spouse. How horrible would it have been for all that data to be made available to someone who might have been an unscrupulous enemy?
[ link to this | view in chronology ]
John85851 (profile), 17 Jul 2009 @ 12:33pm

Apologies?
How come VISA and the banks just give a curt apology and act as if we're talking about wanting a $10 service charge? This is a *quadrillion* dollars! Does any banker anywhere really seriously think anyone can charge this much? And if so, who in the world has that kind of a credit line? I don't think Oprah or Bill Gates could spend that kind of money... okay, maybe if they bought the entire planet, but who would they buy it from? ;)

Seriously, though, why isn't there more of an apology from the banks? Did someone get fired? Did the entire accounting department get fired? Did the bank give anything back to the people who were charged this amount, like maybe free premium-level services for a few years?
[ link to this | view in chronology ]