The Straits Times reported on 21 February 2021 that being careless with your credit cards could end up in a nightmare scenario of losing up to a few hundred thousand dollars.

The more serious cases usually end up at the Financial Industry Disputes Resolution Centre (FIDReC) because the banks refuse to bear the losses caused by card holders who have delayed in reporting.

FIDReC shared three case studies that ended up with credit card owners suffering losses.

The first involved a woman who received a $10,000 bill incurred on a mobile wallet linked to her credit card. She claimed she never set up the digital credit card and refused to pay the bank. At the initial mediation, the bank offered to absorb $2,000 of her loss but she rejected the offer and chose to go for adjudication. At the hearing, the bank showed the records of the woman setting up the digital credit card including that a one-time password (OTP) was sent by SMS to her phone and keyed in. The woman later revealed that she had receved an email that directed her to a website that looked like the bank's site and she had provided her credit card details to "update" her account. The woman admitted that she thought that was "odd" but complied anyway. The bank confirmed that the email and the website were fake. The Adjudicator dismissed the woman's claims because she was careless on two instances: (1) by providing her card details even when she found the request unusual; and (2) she ignored the SMS message from the bank informing her that her card had been linked to the mobile wallet.

The second involved a man who lost his credit card while shopping at a night market overseas. He only discovered the losss a few hours later but did not report it then. He waited until he was back in Singapore to make the report. But in the meantime, someone had used the card to make purchases of $1,000. The man refused to pay and the case went to FIDReC. At mediation, the man claimed that he had not activated his card for overseas use and thought that it could not be used abroad. That was why he reported the loss only when he was back in Singapore. The bank noted that this was the first time the man had lost his card and that the amount was not large. Both parties agreed to share the loss equally.

The third case was a lady who dropped her credit card at a funfair. She received SMSes from her bank for the transactions that someone else made using her card, but did not pay attention at the time. It was only a week later that she read the messages carefully and informed the bank. Even though she had delayed in reporting, she refused to pay and her case went to FIDReC. She told FIDReC at mediation that she had not received any OTP when the card was used to buy things online. But the bank pointed out that not all online purchases will require users to key in OTPs. In the end both parties agreed to share the loss equally. 

The report summarised what all account and cardholders should know:

  • Banks and other authorities will never ask for personal details by email. Don't click links or open attachments from suspicious emails.
  • Don't share your OTP with anyone.
  • Never ignore SMSes from your bank that tell you about transactions. If you did not make those tranasactions, call the bank immediately.
  • If you lose a card, report the loss to your bank quickly.
  • You can request an SMS service from your bank if any purchase is made on your card. Many online sites do not require OTPs before purchases are made.

Read the full story here.