I had an incident with my credit card a couple of weeks ago (May 3, precisely). And it underlies the frustration that customers can have with incompletely thought through data algortitms.
I travel quite a bit and keep an unlocked cell phone with me. When I get a new cell phone, I usually buy it outright and arrange my contract after. I had selected the delectable HTC1 for purchase and as the store attendant swiped my card and punched in the authorization code, the card was declined. He was instructed to ask me to contact TD Canada Trust Visa – my credit card company – immediately. The attendant was kind enough to let me use the store phone. When I spoke to the credit card customer service representative (CSR), I was informed that my card had been compromised. Specifically, a merchant had their swipe unit compromised and TD Canada Trust Visa had cancelled all the credit cards that were used at that merchant during this specific period of time.
This is a good example of how credit card companies are using information to detect potential compromises of their product on behalf of their customers. This is a very good thing – it mitigated the risk of intrusion of my privacy and financial information.
However… as soon as the card was compromised, there should have been an indicator within the system to contact me directly to explain what had happened and that my credit card needed to be replaced.
There is another wrinkle to this (and likely the subject of a future post). Unfortunately, credit card companies call on toll free numbers. Given the high propensity of telemarketing calls I receive trying to sell me insurance products, long distance calling to India and furnace/duct cleaning (and we have radiators, not ducts, in our home and have repeatedly told them that), I do not respond to toll free numbers. This is now what we refer to as a first world problem. (Suggestion: Banks/Credit card companies may want to consider texts as a form of contact.)
With no credit card, I had to use a personal card to cover the cell phone transaction. I seem quite comfortable with the thought that the credit card company was looking out for me and that they would be able to replace my card quickly. However, I was also cognizant that this was my business credit card, I had a number of direct withdrawals that I had sanctioned on a monthly basis – this included my accounting software, my internet, PayPal and business telephony, my IT service provider and my cell phone provider among other things. The credit card CSR informed me that the direct withdrawals would be automatically transferred to the new card. However, this was not necessarily the case. I did decide to give TD Canada Trust Visa the benefit of the doubt. The card was duly available within two days and within that time I had received a notice of declined payment from one of my direct debit withdrawals.
There is also one other piece of information that is critical to this in terms of assessing what the point of this post is. My credit card was due to expire in June 2012. Next month to be precise. For those of you who have direct withdrawals, a change of a card is generally a pain in the ass. You have to contact all of the companies that have a direct transaction with your card to inform them that you are changing the card – may it be number or expiry date – to ensure that they have the latest information on file so as you don’t suffer with a penalty of non-payment.
The card was duly available within two days as promised. However, when I picked up the card at my local TD branch (May 5), I noticed that the new card was only valid for one month – its expiry date was still June 2012.
After being informed that the direct withdrawal transactions would be automatically transferred to the new card, I asked the counter clerk at my local branch to verify this with their supervisor. Information came back – as I expected – that I had to contact all the companies myself to do this. This angered me to no end. I then asked to speak to the Manager to explain to him what the problem was. He was very patient and accommodating as I explained to him that in issuing a one month card, they have caused a great deal of aggravation to me – I had to contact all of my direct withdrawals not only once on the change in card but twice on the new expiry date (on my own time and at my own expense). Further, if I missed any payments, I would be incurring additional expenses. He, like the TD Canada Trust Visa customer service representative, assured me that they would automatically be transferred and I explained to him that this is not the case and TD Canada Trust does not do this. I insisted that he follow up and confirm this.
I left the bank quite frustrated because I had undertaken a great deal of due diligence on my part to follow through with all of the companies that have direct withdrawals with my company, only to have to now contact them a second time. Upon returning home, I received a call from the Manager stating that I was correct and that I had to contact the companies twice to inform them of the changes to the credit card.
So, what is the point of this post?
This is a great example of where a traditional institution is becoming progressive and better at fraud detection and establishing algorithms for detection to the benefit of their customers. As I said before, this is another good thing.
Also, banks and corporations have encouraged customers to have direct withdrawals with their credit card on a monthly basis so as not to miss any transactions. This also is a good thing, and very convenient.
However, when you implement a system of fraud detection connected with a system of direct withdrawals, you need to think through the system completely to the point of what can inevitably happen to the card user. Banks in detecting fraud also need to detect the direct withdrawals attached to card and implement a system to transfer these over to the new card for the convenience of the customer. In this particular case, an old school institution – namely TD Canada Trust – did not think through the algorithm method carefully enough.
If you have a system where fraud detection is connected to a system of convenience, then the system of convenience needs to take equal footing with the fraud detection.
To date I have now spent almost a day cleaning up this mess and will most probably spend another day and a half on this. As I pay TD Canada Trust a hefty sum to have a corporate credit card, they enjoy all the upside of maintaining an asymmetrical algorithm. I, on the other hand, am stuck with the hassle of having to go and clean up the fallout of their due diligence, much to my aggravation and frustration and the fact that this time could be better spent on business development. I wish I could charge them for the time that they have stolen from me to help them understand how problems with the algorithm.
A handy article on this topic: The algorithm method: Programming our lives away; by Ira Basen.