If a thief steals your credit card, will your bank refund you?

By Emma Lunn

If your bank card gets stolen or cloned or your online financial account hacked into, you might reasonably expect any losses to be covered by your bank.

However, if the bank thinks you've been careless with your card, you might be out of luck - or at least required to argue your innocence.

Refund refusals
The Financial Services Authority (FSA) has set out clear rules stating that banks can refuse to refund customers only in certain circumstances -- namely, if it can prove the customer authorised the transaction. But its rules also state that use of a customer's password, card or PIN conclusively isn't enough to prove authorisation. In other words, a bank can't simply blame you if your PIN or password is used by a thief. stolen-credit-card

However, there have been a raft of recent examples in the press in which a bank has done just that; the customers claims he has taken all the necessary precautions, but has still been victimized -- and the banks initially refuse a refund.

An April 2012 episode of BBC Watchdog highlighted several cases. The first was a Barclays customer who found his bank cards had been used by thieves to buy car tax discs from the Driver and Vehicle Licensing Agency (DVLA) website for vehicles he didn't own.

Barclays, according to the BBC report, insisted he was liable because he had used the same card with the DVLA himself -- to buy a tax disc for his own car. However, Barclays later refunded the money.

The program also highlighted the plight of a NatWest customer who had £18,000 stolen when a fraudster contacted the bank, changed the address on the account and asked for a new card and PIN to be sent. Money was then removed from the account electronically as well as via purchases and cash withdrawals.

Even though the customer was out of the country at the time of the purchases and cash withdrawals took place, NatWest refused a refund, saying that because his card and PIN were used, the customer was liable. The bank later refunded the customer in full.

The banks' side of the story
All banks have similar terms and conditions that require customers to keep their account details private. This includes not sharing your PIN with anyone else or even writing it down. The purpose of these rules is to prevent a consumer from, for example, sharing his PIN with a friend for a one-time purchase and then crying "fraud" to the bank when that friend then drains the account. It also prevents consumers from writing down their PINs and keeping them in their wallets -- where they can easily be stolen along with their cards.

If a fraudster gets a hold of a card and that card's PIN, that's a signal to the bank that the customer was irresponsible -- and in violation of the cardholder contract. And that's why banks may turn down customers' requests for refunds even if they deny the card has ever left their person.

"Every claim is looked at on a case-by-case basis, but if we have clear evidence that security measures haven't been followed then we would most likely not refund," explains Jonathan Akerman, senior media relations manager at Santander. "However, if we have clear evidence that a customer has followed the required security measures, but money has been taken from an account or purchases made on a card by someone who isn't the named card holder then we would most likely refund."

It's a similar story at Lloyds Banking Group.

"Our customers can be confident that they will be fully reimbursed as long as they have taken reasonable measures to keep their card and security details safe and have not allowed anyone else to have access to their account details or PIN," says Lloyds spokeswoman Gillian Slater.

Your responsibilities
If your money's been stolen, the last thing you need is a fight with your bank. Although it may give you the benefit of the doubt eventually, if your PIN was used, it might launch an investigation to make sure you didn't share it.

So keep your PIN a secret - and make it hard to guess, too. Fraudsters have a pretty good chance of guessing a PIN after stealing a bank card, especially if it's in a wallet or bag containing other personal information. Researchers at Cambridge University found that 23% of people use a significant date as their PIN with a third of these using their own birthday. Other guessable PINs include sequential numbers such as "1234" and numbers in a pattern on a bank keypad such as "1379" (the four corners).

See related: How to protect yourself from charity fraud; UK targeted by bank-robbing malware

Published: 13 June 2012