[cortesoft]

> Somehow, though, if some 3rd party convinces the bank they're me, and withdraws $1000 from my account, I'm at fault as a victim of "identity fraud" (and am again out $1000, but this time as a result of my bank's incompetence).

This isn't true, though. The bank is the one on the hook.. eventually. The problem, of course, is that you have to get the bank to agree that it wasn't you who made the withdraw..

While it sucks, I am struggling to figure out alternative solutions.

Let's suppose we did the opposite; if you tell the bank that it wasn't you, then they have to prove it was, and in the meantime they give you the money. Sounds great, but this makes fraud about as easy as you can get - open an account, deposit $50,000, then transfer it somewhere else and withdraw it to cash. Then, tell the first bank that it wasn't you that did it. Sure, they will be able to prove it was you eventually.... but according to our new rules, they have to return the money while they figure it out... you withdraw it all and flee.

There would be literally NOTHING the bank could do to prevent this sort of fraud. They could put a million checks in place, but since they would still need to 'prove' it was you when you claim it was fraudulent, and make you whole in the meantime, you could still steal the money during that time. You claim fraud, they put the money back into your account.. and then they show someone (who? an arbiter? the gov?) that they have video evidence of you making the withdraw. While the ruling is happening, you skip town with the money.

It really sucks, and I really can't think of a solution.

[landryraccoon]

All of that argumentation is nice but it doesn’t hold any water.

Credit card companies are by law on the hook for any fraud committed with your credit card. Everything you just wrote applies to credit cards, and yet Visa and Mastercard are doing just fine. They aren’t going bankrupt just because you can file a chargeback whenever you want as a consumer.

There doesn’t seem to be any doubt Banks can handle this, because they already do.

[cortesoft]

Except they AREN'T on the hook for the fraud... the merchants are. They are doing fine because they pass on the costs to the merchants.

Also, when you dispute a charge, they are able to put the money in 'escrow', basically, while they investigate... since they control both sides of the transaction (both merchant and customer), they 'keep' the money while they resolve it. If they find in the card user's favor, they deduct it from the merchant account and credit it back to the card user. Otherwise, they release the hold and the merchant can withdraw the money.

It doesn't feel like your money is being held as a card holder, because the 'money' in this case is credit, and it doesn't effect your bank account while it is being resolved. However, it DOES count against your credit limit while they resolve the issue, so it shows you that the money is still 'frozen' while they resolve it. They aren't allowed to charge interest during the dispute, but if you lose the dispute you will have to pay the interest.

This is the same thing that happens when your bank account is defrauded.. the money is frozen, and you can't withdraw it until the dispute is resolved.

[kerkeslager]

> Also, when you dispute a charge, they are able to put the money in 'escrow', basically, while they investigate... since they control both sides of the transaction (both merchant and customer), they 'keep' the money while they resolve it. If they find in the card user's favor, they deduct it from the merchant account and credit it back to the card user. Otherwise, they release the hold and the merchant can withdraw the money.

> It doesn't feel like your money is being held as a card holder, because the 'money' in this case is credit, and it doesn't effect your bank account while it is being resolved. However, it DOES count against your credit limit while they resolve the issue, so it shows you that the money is still 'frozen' while they resolve it. They aren't allowed to charge interest during the dispute, but if you lose the dispute you will have to pay the interest.

I knew roughly how this worked before, but it didn't occur to me until I read your explanation that this allows the credit card company or bank to invest the money while it's in escrow. So it actually benefits them when fraud happens on your account.

...of course that's a thing. The bankers always win.

[tappio]

Visa and Mastercard are card schemes. They are just moving the money between financial institutions. The issuer (which is the financial institution from where the credit card was applied from) is providing the credit line=they own the money. The scheme ensures that the other parties always gets their money, which is why their business is really dependent on good fraud detection algorithms. The payment schema will just freeze the settlements during the dispute, but if evidence is found that it was fraud, they will lose the money. This of course happens all the time, but it is just a pricing issue. Visa charges license fees from issuer and acquirer, and every transaction costs for the merchant around 0.5-5% depending on the card.

[tappio]

Had to check again, visa and Mastercard actually don't carry the risk in this scenario. It's either the acquirer or issuer. Scheme acts as a judge and decides who's fault it is. However, now that 3d secure is in place, if both issuer and acquirer support it, there are really few frauds. If they don't, the risk is on the one who did not enforce 3d secure.

[cortesoft]

I mean, they can't really 'invest it' since it was their money in the first place. They are loaning it to the credit card holder, who is giving it to the merchant. In this case they just don't loan it out until the case is resolved.

[kerkeslager]

> I mean, they can't really 'invest it' since it was their money in the first place.

By extending someone a line of credit, they are investing some percentage of that line of credit as their money, because they have to have money on hand in case the person decides to use their credit card. They obviously don't have to keep the whole balance of every line of credit they extend on hand, because most people won't max out all their lines of credit. But they do have to keep some percentage. That money is invested, but only pays out money if the person uses their credit card and then rolls over a balance to accrue interest.

But let's say someone uses a credit card, and then someone disputes the charge (these are different people if the charge was fraudulent). The credit card company holds that money in escrow. While it's in escrow, they don't pay it to the merchant, so they still have it, and they don't count it toward their customer's credit limit, so it decreases the amount of money they have to keep on hand. However, they're still charging interest for it in the case that the charge is found to not be fraudulent. So their investment is paying off.

Now where this gets tricky, is now that money is invested, because they're charging interest for it, but they know they won't have to pay out that investment until the fraud investigation completes. So until then, they can invest it again! They always have to keep some money on hand in preparation for a fraud investigation to finish, but there is always some amount of money being tied up in escrow for ongoing fraud investigations, so they can invest that money twice.

[AmericanChopper]

The type of fraud you described (or at least a very close version of it) is already possible, and happens all the time. The way they manage this is that wire fraud is a federal crime, that will land you with a lot more prison time than you might think.

[rwmurrayVT]

Wire fraud has no mandatory minimum and depending on the transaction value the sentencing guidelines are very light. The killer is ID theft which carries 24 month mandatory minimum with no ability to run concurrently with any other charge.

[AmericanChopper]

My point simply being that most of these types of fraud are rather easy to commit, but actually quite hard to get away with, and the consequences can be very severe. I’ve worked with quite a few US financial institutions, and a lot of their fraud investigations end up with arrest warrants.

[jkepler]

Bitcoin and other digital cash systems that are bearer instruments would change this: if the 1st outgoing transaction is valid, one can't then defraud the bank of the same money. On the flip side, if a user falls for a phishing campaign and sends digital cash to a fraudulent 3rd party, that can't be reversed, either.