À La Recherche D'Argent Perdu

This is not actually intended to be a serious set of posts. Factual, yes, but not gloomy. So on the fun side of financial crime, it's worth remembering who actually loses money here. And the answer is... it depends.

At the risk of being a "Graphic Design is my passion" person, have a look at this:

First the bad news. If you are giving away your personal information to a fraudster or scammer, then it's really on you. There are terms and conditions out there which make it clear, but sorry. Don't be afraid to ask, and certainly explain what happened.

Now the middling news. If your data was compromised through no fault of yours, then the bank will return your money and claim it back from the merchant. That's a chargeback. Sad for the merchant, good for you. If the merchant chose to run an old POS machine that can't read chips, then that's a potentially poor strategy.

The good news is that, if the merchant is blameless - they have an up-to-date POS machine or referred the transaction to the bank to validate using 3D Secure, then the bank itself is liable.

What this means from the bank perspective is that every bank has its own strategy and risk profile about what they challenge and how they inconvenience their customers.

What it means to you is - don't just accept fraud! The systems are there to look after you! Also, by telling the bank what happened, they can stop it happening to other people. Be a good citizen! This is especially true for scams. Even if you don't get any money back and you might feel embarrassed or ashamed, you'll be really helping to protect other people. And trust me, the bank staff will have heard worse stories. Fraud folk are generally lovely, if occasionally untrusting.