Restil

It's not a "crime" in the criminal sense, and giving your friend authorized user access to your card would be perfectly legitimate in a situation where your friend had physical access to the card, was expected to use it, and had some responsibility toward paying it back. In that situation, your joint utilization of the card would contribute to any reflected affects on both of your credit scores (good and bad). However, in this case, you're the one using all of the credit, but your friend's score reflects an inaccurate representation of his own credit worthiness. This could put him in a bad situation, since banks might be willing to extend him a level of credit he may not have the discipline to properly handle. It can also put you in a bad situation, since as an authorized user, your friend can request a replacement card, and if he's particularly malicious, he could max it out, you would be responsible for the balance, and he wouldn't be legally required to pay it back, since you authorized him to spend the money. Just something to consider. In any event, it has bitten you in your current situation, so you may wish to reconsider this strategy.

hartfordsam

Once this plays out and if it is not resolved to your liking you can file a complaint with the Consumer Financial Protection Bureau, I have filed a couple of complaints against my bank with them and they were very prompt in resolving them. Not sure how good they will be now.

CDO

What the op is doing it's called credit piggypacking and he is getting paid to add au by a broker. It's pretty shady and risky although not sure if illegal at all. I've seen one guy on private ms forum being tAken for 16k but think got most of it back by the broker.

phant0m

How'd you come to the conclusion that I'm getting paid and adding an AU by a broker? It's my childhood friend who I consider family but thanks for making some wild assumptions.

garykung

Hardly the case in the reality. But I am happy that you get lucky.

CDO

No offense but that's what it sounds like

garykung

I would have to say no on this.

Given the benefit of the doubt to OP, AU is never an issue. Sure - the charge could be made by AU. But I would assume that OP has checked with the AU and confirmed that this was not a charged by AU before screaming the charge as fraud.

Per OP's wording, Citi's argument won't work just because the transaction is chip-based. An ABC news report (not Fox) shows such possibility:

tmiw

More accurately, as long as the magstripe still works (either because a merchant isn't chip enabled or because the chip was bypassed), there's still an avenue for in-person fraud.

halamadrid

But from that report the fraud still occurs through a mag stripe transaction or use of the card number online. I believe Citi is telling OP that for this particular transaction the card was present and it went through via the chip, which is why they are denying his claim. I believe OP still hasn't confirmed whether he's still in possession of the original AU card he requested (he only has the replacement that was sent after the fraud took place). It seems like that original AU card was the one used for the transaction. Who actually used it is still not clear as OP hasn't confirmed that he's sure that the original AU never used that card. If he never actually received that card and it was actually stolen, then that's perhaps how the fraudulent transaction happened as the card could've arrived activated.

garykung

If you search "credit card shimmer" at Google, you will know why fraud from chip-based transaction is not impossible.

The key of my post is to discredit Citi's denial of claim based on chip-based transaction. If fraud from chip-based transaction is possible, then there is a genuine possibility that OP has suffered loss from fraud, contrary to Citi's claim.

tmiw

Except the data received from a shimmer is of limited usefulness; it's not like such data can be used to duplicate a working chip. At best they'd be able to create another magstripe card, and even then that'd involve figuring out the CVV on the original card's magstripe (whereas the iCVV from the chip is dynamic and changes with every transaction).

Happy

While this is not a Citicard but a friend's Chase Ink Preferred CHIP card had fraudulent charges on it to the tune of $1800+ between April 20 and 26 while they were traveling in Europe and the card was left at home.

The only transaction my friend has done before leaving home was to pay his estimated tax on Pay1040.com - a site sanctioned by IRS.

1/2 of the charges were online, incl Uber services. The other 1/2 of the charges were In Person, i.e. card present transactions.

Chase rep was very annoyed when my friend reported the fraudulent charges, kept saying it was NOT possible due to it was a CHIP card. Chase is still "investigating" the whole thing while the card is replaced and temporary credits issued. My friend really wants the video tapes being pulled for those "In Person" transactions so to catch the crook(s) but I suspect Chase would not grant him his wish while the investigation is still dragging on.

So obviously a Chip card can still have fraudulent charges with In person transactions, i.e. card present, even the authentic card is in the owner's possession all the time.

I dont know how a Chip card can be cloned and if the system can tell whether it is used as a Chip card or a swipe card. I do know that retailers from Best Buy to Lowes, do have their POS set up as after 3 "Chip Malfunction" failures, the card is processed as a swipe card, and in Lowes' incident, the cashier needed to input the CCV into the system.

Happy

The 3 failures then swipe card seems to be standard procedure in many retailers because the chip cards issued in US seem to fail very frequently.
Both Best Buy and Lowes have same set up. 3 chip malfunctions and then the screen instructed the cashier to swipe the card. Still needed CCV to finish the transaction I believe.

My SPG Biz AU card has been replaced 3 times because of the malfunction chips. AMEX has issued some courtesy points on the inconvenience. But the fact remains, almost all the chip cards I own, has chip malfunction periodically. Some work on 2nd tries but some would not work and eventually cards were swiped. Even the bank's Check Cards have the same issue.

fttc

But wouldn't the POS record the transaction type as chip read or magnetic strip read? I thought they can differentiate that.

tmiw

I almost never have problems with the chip on US-issued cards. Contactless, however, is way more unreliable (and I suspect it's partly due to stores not actually wanting people to use it/not having enough usage to detect any problems, but that's another subject).

Anyway, I suspect that inserting after the transaction's totaled (if you're not already doing that) will reduce the number of failures. Retailers aren't the best at software, unfortunately.

It does, but the front-line customer support people might not necessarily have enough access to be able to see that. They could just be assuming that since the transaction is from Walmart or some other place that has working chip readers, the chip obviously was used.