- Credit Card
- Real Estate
I have a question about a transaction that “happened” to me a few days ago.
I was buying flight tickets on a page that had a Mastercard SecureCode sign next to credit card fields – mytrip.com
After I entered my details I was taken to the authentication page by Swedbank where I saw a different amount (+47€ CC fees).
Then I canceled the authentication process by clicking “cancel”. That means I don’t want to buy the tickets and therefore do not authorize this payment.
A few minutes later I received the tickets on my email and I realized that the transaction went through. The amount of 911.50€ was booked from my bank account
When I contacted the merchant they told me that if the SecureCode authentication fails they use another gateway to (secretly) finalize the payment. The second gateway is not using SecureCode authentication.
I find this illegal as in the MasterCard SecureCode rules there is a note that if a website has SecureCode enabled, you can’t get billed unless you authenticate yourself.
The vendor claims that this is how they work and it’s my fault. As the airline is not going to refund the tickets to them, they are not going to refund to me.
Another issue is that they claim that this whole process was, in theory, a single transaction, that they have two gateways running simultaneously and if one (with the SecureCode enabled) fails they’re automatically using another one (with no SecureCode authentication needed).
To me, it sounds more like two transactions and in this case the second one was not authorized by me and is therefore a misusage of my credit card details or even a fraud.
The total amount of 911.50€ has already been removed from my account.
The payment was made using a Mastercard debit card.
From Bank’s T&C related to Mastercard SecureCode:
… If you are unable to provide your SecureCode or hint response, or if the
authentication through MasterCard SecureCode otherwise fails, the merchant may not accept
your credit card in payment for that transaction.