A 457 Table of Contents 459 1261

The Law Handbook 2024

458 NOTE The law in this chapter is current as at 1 September 2023. Unauthorised transactions and credit disputes Unauthorised transactions Limiting the risk Dealing with unauthorised transaction disputes is complex. Prevention is the key. For example, keep your PINs and passwords secret and make them hard to guess. Avoid using public WIFI as this may mean transactions are less secure. Your chances of obtaining a refund if you are ‘scammed’ making an online purchase will vary depending upon how you pay for that purchase. Your ability to obtain a refund is much better if you pay for the purchase using a Visa card or Mastercard where you are not required to enter a Personal Identification Number ( PIN ) or passcode, but instead enter the card number, expiry date and CVV. The CVV, or customer verification value, is the three numbers on the back of your card. In that situation, you have the right to a ‘chargeback’ of the unauthorised or fraudulent transaction. This is explained further below. Your risk of unauthorised transactions is increased if your personal information held with a financial institution or other company has been hacked. In this case there is a risk of credit being taken out in your name. A short-term solution may be to put a lock or ban on your credit file. This will make it harder for the scammer to use your information to obtain credit in your name. The ban only lasts about three weeks but you can apply to have it extended. What do you do if someone steals your ATM card, hacks your internet banking account, skims your credit card or subjects you to some other form of electronic banking fraud? First, if you suspect your credit or EFTPOS card has been misused, lost or stolen, or the security of your PIN or password has been breached, notify your financial institution immediately. Be aware that delays of even minutes may cost you thousands of dollars. For consumers who do encounter unauthorised transactions, their rights fall under contract law, the ePayments Code (see ‘ePayments Code’, below) and the Mastercard and Visa card Rules. Who is responsible for unauthorised transactions? General principles A financial institution is only allowed to deduct money from your account if you have authorised the transaction. You can authorise a transaction by: • signing a withdrawal slip; or • using a PIN or password; or • providing authorisation over the phone; or • giving someone else authority to access your account. A financial institution does not have a general duty of care to its customers, but it is not entitled to turn a ‘blind eye’ to known facts that indicate a customer is being defrauded or that funds are being misappropriated (see Lipkin Gorman (A Firm) v Karpnale Pty Ltd & Lloyds Bank [1991] 2 AC 548). Financial institutions usually have a term in their contracts stating that you are liable for unauthorised transactions when you contributed to the transaction (e.g. by sharing your PIN with another person). In these disputes, your rights are determined by the ePayments Code. ePayments Code The ePayments Code applies to ATM, EFTPOS and credit transactions, online payments, internet and mobile banking, and BPAY transactions. The code Unauthorised transactions and ePayments Code 5.10 Contributor: David Niven, Legal Consultant

RkJQdWJsaXNoZXIy MTkzMzM0