The week before last I noticed an unexpected amount of about R6,000 reserved on my Nedbank Visa debit card (the kind when an auth has been placed on the card). The next day (a Friday) a saw the amount come through with the reference "The Playaz". I immediately called my bank manager to report it as a fraudulent transaction. He reported it to the Nedbank fraud division and apparently that was all I could do about it.
On the following Monday morning I called the fraud division and spoke to some one asking them for more information. They told me that it was not a "card not present" (Internet) transaction as I had expected. They also told me that it was impossible for some one to forge my card (implying it was impossible for some one to do that transaction without being in possession of my card).
About an hour later I got a call from Nedbank credit card fraud asking me if I had authorised a transaction of over R8k to Builders Warehouse as well as some other larger transactions. My answer was "no". They asked me what about one to "Playaz" and again the answer was no. I told them I had in fact already reported that as fraudulent (it seems they had been unaware of my fraud report and some how these transactions had been independantly flagged as suspicious by their system). They immediately canceled my card.
About 18 months ago I was involved in a similar incident where my card was used fraudulently to buy an air ticket from British Airways (this time it was over the Internet). I reported it to my bank and to British Airways as soon as it appeared on my statement (thanks to Internet banking). Surprisingly British Airways wanted nothing to do with it and said I had to deal with my bank only. If I were them I would have wanted to find out what ticket was bought using my card and to cancel the ticket if at all possible. I found that really odd I must say.
As it turns out this time round it was a bit different, what appears to have happened is my card was probably skimmed when I used it at a local restaurant and then turned into a fake card and used by the fraudster until the card was blocked. With "card not present" transactions the merchant takes the knock (hence my surprise in BA not wanting to do anything about it) but I wonder what happens in my latest case. Surely the merchant can't be held responsible?
In both cases I have fairly strong suspicions where my card was compromised (one online and one offline) but no concrete proof. In any case, both times I must say I was impressed with the service I received from Nedbank with all the fraudulent transactions being reversed within a matter of days.
So from my personal experience, using credit cards is somewhat risky both online and offline but this problem of this type of fraud is really more an issue for the merchants / banks / Visa / Mastercard etc. and not the consumer, who is fairly well protected.
With online transactions, it really is in the favour of merchants (the receiver of the money) to accept EFT over credit cards and not so much for the consumer. In fact as a consumer I would rather pay by credit card as I then have some recourse (I can get the transaction reversed if I don't receive the goods or the goods are materially different to what was described) whereas if were to pay by EFT I can't reverse that transaction. As an added bonus accepting EFT as a merchant is not only safer (no charge backs) but it is also significantly cheaper. The only down side is it is a hassle to reconcile (and when transferring between different banks there is a delay) but that may change soon - watch this space :-)