There is a major power imbalance between credit card companies and merchants, says an Auckland retailer that has had to absorb thousands in losses from a fraudulent transaction.
The retailer wants to know why shops are carrying the losses when they are hit by credit card fraud and not the companies whose cards are being used for the dodgy transactions.
Earlier this month, a customer used a Visa card to spend about $3000 on gift vouchers and goods at Cactus Outdoor, a clothing and outdoor equipment shop in Ponsonby.
CCTV seen by Checkpoint shows the man apparently tapping a credit card on the eftpos machine and entering a pin number, with the transaction then going through.
But a few days after the sale, the card holder's bank BNZ contacted the store saying it was a "card not present transaction" and the $3000 spend was not initiated or authorised by the cardholder, so it took the money back out of the shop's banks account.
Cactus Outdoor managing director Ben Kepes told Checkpoint that retailers had no option but to accept credit cards.
"And they do so in good faith, and the credit card companies claim to have a secure, reliable platform, and when something goes wrong, they accept no culpability. They pass it on to the retailers who lose out, so I think the credit card companies that provide this platform have some liability when it comes to fraudulent use.
"Visa is a company that last year made $30 billion profit and since this happened, we have been contacted by huge numbers of retailers around New Zealand that have had the same situation, so I think you've got a power imbalance here and the important thing is the equity and the balance of power."
In a statement, BNZ said it sympathised with the retailer and while banks facilitated card payments, the underlying card schemes and their rules are operated by companies like Visa and Mastercard.
BNZ said the footage shared by the merchant showed the fraudster using sleight of hand to appear to insert a card into the terminal, but technical records showed no card was ever inserted.
"Instead, the fraudster performed a manual override - a feature that allows businesses to accept credit card payments over the phone without requiring a PIN - known as a card not present transaction, functionality which merchants can choose to disable. Transaction records confirm these findings.
"In this incident, the fraudster openly read a stolen card number written on his hand while manually typing it into the terminal, in view of both staff and security cameras.
"The legitimate cardholder has reported this transaction as unauthorised, initiating a chargeback. Under the merchant agreement, merchants are financially liable for chargebacks if disputes are resolved in the cardholder's favour."
Kepes said there was a physical card present during the transaction.
"Whether or not he inserted it or swiped it or tapped it or whatever, he physically had a card there. We accept credit cards in good faith under the pretense from the credit card companies that they provide a secure platform."
He said insurance did not cover the loss for the retailer, but there was a bigger issue at stake.
"But it's not about us, I think the current banking inquiry to look at the behaviour of banks going on in New Zealand and we're calling on that inquiry to be expanded so that these credit card companies - which are frankly far more predatory than the banks themselves - actually have to answer some of the questions around how they behave.
"They have a captive market and they accept no culpability from that."