Using A Security Breach As An Upsell Opportunity?
from the shameful dept
Danny Sullivan has a blog post blasting Citibank for how it handled a security breach, requiring him to get a new credit card. Apparently a vendor where Sullivan had used the card had a breach, meaning Citibank sent him a new card. But did they tell him which vendor it was so that Sullivan could avoid doing business with them in the future? Of course not. But much more insulting is that when he went to activate the new card, Citibank tried to upsell him on a credit check offering. As Sullivan notes, shouldn't Citibank be offering that to him for free? It's probably cheaper than having to send out thousands of new cards every time a vendor screws up. Of course, when Sullivan points that out to the person on the phone, the person at the other end says "we're just the activation department, you'd have to talk to customer service for that." Of course, if they're just the activation department, why are they doing sales as well? I'm sure the big banks will claim that these sorts of sales processes work in that enough people are suckered into these high margin upsell offerings, but wouldn't it be nice to have a bank that actually treated customers well?
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: security breach, upsell
Companies: citibank
Reader Comments
Subscribe: RSS
View by: Time | Thread
at least they didn't give him a problem with getting a new card
until identity theft is deemed as just another way to steal from a bank or moneylending institution, they won't offer free credit watches and what not. when the problem falls squarely on their shoulders and they have to deal with the fallout instead of the customer, then they'll start being proactive about it.
[ link to this | view in chronology ]
Re: at least they didn't give him a problem with getting a new card
[ link to this | view in chronology ]
Re: at least they didn't give him a problem with getting a new card
the banks never see any fallout from credit card fraud. that's why banks don't care.
fraudulent purchases fall on the vendor, not the credit card company.
[ link to this | view in chronology ]
Problem with this though, is they can then communicate this information to other credit card companies which can "score" your spending patterns as well.
Remember, it's not YOU that gets a 3% skim off of every credit card purchase, it's the credit card company, and when you're talking about what could conceivably be 90% of the US GDP, it isn't exactly chump change. Yet they somehow believe that their business risk should be mitigated to you, the customer via giving up privacy, and selling your information for ads and mailers.
[ link to this | view in chronology ]
Reminds me of a quote
Ben Franklin
[ link to this | view in chronology ]
Re: Reminds me of a quote
"Any society that would give up a little liberty to gain a little security will deserve neither and lose both."
Which is very fitting in today's environment.
[ link to this | view in chronology ]
Re: Re: Reminds me of a quote
it's
They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety.
Ben Franklin.
[ link to this | view in chronology ]
and if you talk to customer service they will say, "were just customer service, you'd have to talk to the activation department for that."
[ link to this | view in chronology ]
Banks are not banks anymore
[ link to this | view in chronology ]
Running out of Banks
Banks just don't care, in two cases things that have annoyed me haven't even registered as a problem on the bank's end - When an ENTIRE EFTPOS network is down for nine hours on a Saturday night/Sunday morning, I expect staff at the local branch to at least be aware of it by the following Tuesday...
[ link to this | view in chronology ]
Sigg Cares
A little while back I bought a fancy new cap for a Sigg water bottle (http://mysigg.com/) through their website. Months pass, I'm happy with my cap and have completely forgotten I even had gone to the site to get it. Out of the blue I get a completely new water bottle (with cap) in the mail along with a letter explaining their e-commerce provider (Network Solutions) had been breached.
They say in the letter transunion should have contacted me (I'm not sure they have). Regardless though, kudo's for 1) notifying me and telling me who done wrong and 2) throwing in a free water bottle to keep my hydrated while my credit is abused by those trickster russian hackers and 3) not trying to sell me anything in the process.
[ link to this | view in chronology ]
A Solution to Credit Card Problems that Works...
Back in the 70's I cut up my two credit cards after both card companies pissed me off with obvious "rip'em and gouge'em" penalty fee schemes designed to extract even more money over and above the regular monthly payment (which I generally triple paid). I think the biggest balance I ever had on the two cards combined was somewhere around $400. I don't think I was too popular with either company because I didn't charge enough on either card to suit them. The only concession I make towards cards now is using a Debit Only card so I don't have to carry cash.
I haven't had a card since then, and have never missed them, mostly because I've pretty much run my life on the principle that if I haven't got the money I don't have any need to buy it. Take half the money you'd spend using a card and put it into a retirement fund instead, it's amazing how fat it can get when you do that.
Life is much nicer when you're never in debt.
It's a solution that many people obviously don't believe in.
[ link to this | view in chronology ]
Re: A Solution to Credit Card Problems that Works...
[ link to this | view in chronology ]
Re: A Solution to Credit Card Problems that Works...
Believe it or not, ppl follow what the government shows them. Our government has racked up an impossible debt, so that is what the people do, charge their life away. It's so sad. Btw, i agree with you. I made some bad credit mistakes in my early 20's, something i am still tring to recover from almost 10 years later. I have since ditched the credit lines, and live by the same principle, "If i don't have the money for, i will find a way to do without"
Of course, there is one good way to use credit cards. If one can be responsible enough (going way out on a limb, i know) to only charge on the card what they have in the bank, and then pay the full balance of the card every month, but then why not just get a debit card.
[ link to this | view in chronology ]
Re: Re: A Solution to Credit Card Problems that Works...
Because in a security breach, like others here describe, if you use a debit card the criminal has immediate access to all the cash in your checking account.
I use a credit card exactly as you describe, precisely because there is a 30-day buffer between criminal activity and my money.
[ link to this | view in chronology ]
Re: Re: Re: A Solution to Credit Card Problems that Works...
Unfortunately, people in either of the situations you mention are also the same people who the credit card companies aggressively court, knowing they're quite likely to over-charge a credit card. Good Lord, my own son started receiving credit card solicitations the day he turned 18, and this was a kid still in school with basically no disposable income at all.
Over my 21 years in the USCG I was constantly counseling kids to save money and avoid expensive contracts on a young mans fancy, usually way too expensive upscale cars, motorcycles, or stereo systems. I was lucky if 1 in 10 paid attention and bought what they could afford, and do without if they couldn't. Most were in constant debt because they were more interested in buying 'right now' instead of budgeting towards a future purchase with cash in hand. Instant gratification instead of common sense!
I guess for most folks, especially young ones, it's hard to think about that 'down the road' age of 65 (67 these days I guess). It does require some will power.
I was lucky as a kid in that one of my Dad's constant mantras was financial responsibility, and putting away each month to prepare for retirement. Fortunately for me, I was smart enough to follow his advice.
[ link to this | view in chronology ]
Re: A Solution to Credit Card Problems that Works...
[ link to this | view in chronology ]
Re: A Solution to Credit Card Problems that Works...
Also sad to say that I was trolling these forums to see if I could find out who is responsible for the latest breach as Citi just replaced my card again for a suspected breach. The second time in two years.
I can't get mad at Citi. THey are doing the right thing. The peoblems are usually the clearing houses like Heartland, and sometimes the merchants. If Citi themselves ever had a breach, they would have bigger problems than replacing credit cards.
[ link to this | view in chronology ]
Topical rant
Today I went to supermarket, got right through checkout and new card failed. It was all I was actually carrying. A bit embarrassing. They agreed to hold my groceries for 45 mins (in cold storage, helpfully).
I was due elsewhere and while there I called credit card co. Apparently activation had NOT worked. So they did it there and then. "Your card is now ready to use, sir".
Back to supermarket. Got my groceries from storage. payment refused again. Called credit card co. They said it was now definitely not them,perhaps supermarket had some sort of block. Supermarket said "oh, yeah, we probably do, need to reset that". So they tried that a few times. Still nothing. Ran to a nearby ATM, tried to get cash (yes, on a credit card, I know, but I REALLY wanted groceries). That didn't work either. Well THAT can't be the supermarket's fault.
Said sorry and headed home without groceries.
Called card company again.
Apparently there is a fault on my card (deep in one of their IT systems) meaning it won't work right with some retailers (but they can't tell me which retailers), and it might take up to 24 (or maybe 48) hrs to resolve and "didn't the last guy you spoke to tell you this already" !? WTF !!
This level of IT incompetence makes me wonder if the "fraudulent transactions" that let to my card being cancelled at the beginning of this story were actually a crossed wire deep in the bowels of their IT system.
Because one of the retailers who was fleeced told me that the fraudster got through "3d security" including "Verified by Visa". How exactly a bogus website could capture my "Verified by Visa" details (other than by spoofing the Verified by Visa screen itself ?) I don't know.
I'm not sure I believe any of what they tell me any more.
[ link to this | view in chronology ]
Citibank processes for stolen ID
"But did they tell him which vendor it was so that Sullivan could avoid doing business with them in the future?"
You're kidding, right? There was a breach - you want Citibank to be judge, jury, prosecutor and defense attorney in deciding who (if anyone) was responsible?
And based on that, they impact or destroy a business?
Maybe in Nazi Germany.
[ link to this | view in chronology ]
Banks dont care about customers
Thanks Chase!
[ link to this | view in chronology ]
[ link to this | view in chronology ]