Hacker News new | past | comments | ask | show | jobs | submit login

Probably because there would be a way to exploit such a policy. You’re a normal, honest person, so you think “Why wouldn’t the bank believe me? I would only claim I lost my money through fraud if it were true.”

But the bank also has to deal with dishonest people who might make fraudulent claims about being defrauded.




You're focusing on compensation to victim (and that becoming a new fraud mechanism). Instead, try focusing on what the banks could do to decrease the actual crime. Some examples:

US banking is notoriously sloppy about allowing withdrawals with just knowledge of routing number and bank account number, while every check written contains both numbers -- in Europe, the bank account number can only be used to transfer money to the account (and checks practically don't exist).

One day out of the blue, some hundreds of dollars were transferred out of my American bank account, seeming to claim purchases in a city several hours away. I didn't authorize such transactions. They were direct debits of my account, not credit card charges. A few days later, my money was returned. How was that possible? Why did the bank agree to transfer money out of my account?

All the way back in the 90s, my European bank gave me a one-time codebook, to be used in addition to username and password to authenticate online transfers. Whenever I was close to running out of codes, they gave me a new codebook. Managing to steal my password wouldn't have let an attacker easily empty my account.

My European bank in a small city, that I had been a customer of for decades, and whose employee that I was interacting with being a family friend, verified my passport before discussing a loan.


Yes, the situation in Europe is much better, even more so after the introduction of PSD2 which requires strong customer authentication and is specifically designed to avoid (or at least minimize..) identity fraud.


This doesn't justify putting all the responsibility on the innocent person whose money got stolen by fraud. The fraudster didn't get money from the innocent person. They got it from the bank. That should make it the bank's problem.

If the bank is concerned about fraudulent claims about being defrauded, that's just another case of them needing to improve their fraud detection process.


This is also why credit card companies refuse to work with porn - there are an immense number of people who charge back porn purchases almost immediately.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: