Hacker News new | comments | ask | show | jobs | submit login
My Evil Undead Credit Card (uncrunched.com)
181 points by ryangilbert on Aug 26, 2012 | hide | past | web | favorite | 129 comments



Back in 2000 my wallet, including my Visa check card and other credit cards, was stolen in Paris. I called the bank right away, got cards canceled, had new ones ordered and all that.

I get my checking account statement and see several charges that the thief made before I was able to get the card canceled. My bank cheerfully reversed those and I thought nothing of it.

Four months later, I see a charge on my statement from one of the same merchants as before. I called my bank, and they said that the merchant had authorized my card, but did not proceed to capture the payment until then. I asked why this happened on a canceled card, and was told the authorization happened before the card was reported stolen so they had to honor it. They told me the merchant had six months to capture the payment, and it basically was as if I had written them a check and they sat on it for months.

Clearly the thief had some buddy with a merchant account, and they were trying to see if they could sneak a charge in later without me noticing it.

I asked my bank if there was a way for them to see if there were more of these charges in the pipeline, because I had written some checks and it would be highly inconvenient to me if they bounced. They said they had no way of knowing. The only way to stop these from going through was to close the checking account, which would also mean the checks I've written were going to bounce anyway. So I just had to wait out two more months and hope nothing more happened.

Luckily, that was the only instance.


One of the several reasons Debit cards are much worse and anti-consumer than Credit cards.

People think that because it has a Visa logo and their bank has a limited fraud liability policy that they're safe. That their debit cards have the same consumer protections as credit cards. That's just not the case.

Moreover, if you swipe-and-sign for anything you should be getting rewards or cash-back. Very few debit cards offer rewards, and the ones that do are often less lucrative than those offered on credit cards.


In Switzerland, almost everybody uses debit cards, and you can't use debit cards (Maestro) online. You use credit cards for online payments, but that's about it.

With debit cards, you have to enter a 6-number pin to withdraw cash or pay with them.

I have a hard time seeing how debit cards are worse than credit cards.

There is skimming, but banks reverse fraudulent withdrawals. The protection is the same as with credit cards.

There is an upper monthly limit on your payments / withdrawals with debit cards. You can even lower that limit if you want to.

You can overdraw your account within a certain boundary and with this your debit card is also a poor man's credit card.


> "I have a hard time seeing how debit cards are worse than credit cards."

In the US, debit cards are generally also credit cards. They can be processed exactly like a credit card, without a pin number, without a second glance at the signature usually, and the money comes out of the associated checking account.

So instead of a fraudulent charge just being a line item on a statement until your card issuer can prove that it isn't fraudulent - it represents actual missing money from your checking account, until you can convince the bank that the charges are fraudulent

I had a debit card compromised in one of the regional card processer hackings and had $1500 [1] of my money tied up until the bank reversed the charges and gave it back. They took 12 business days. That was not cool.

[1] Three $500 purchases of flowers, 10 states away from where I live, each 1 hour apart. How does that not look suspicious? I get a phone call from the same bank almost every time I travel after the first time I use my credit card for a nontrivial purchase. They sanity-check that I really am halfway across the country. That is awesome. That also represents their money being protected from fraud. Apparently, when it comes to protecting my money from fraud, they're not so motivated.


I don't know how debit cards work in the US, but I need a PIN to use my debit card, so short of being forced to withdraw money at gunpoint, you won't get any access to my bank account.


In the US you can swipe debit cards as "credit" and you don't have to pin/sign most of the time under $20.


I had a co-worker once who used his debit card at an ATM at a coffee shop nearby our office. Somehow, some genius had installed a mechanism in the ATM to read the stripe and the PIN. So they were able to take that info and create a fake debit card that replicated my co-worker's debit card. The next week, his bank account got cleaned out. He was absolutely broke and went through a few weeks of hell trying to get it all sorted out. Fortunately, the bank was able to help him out. I don't know what happened with the police investigation, but basically none of us used cards at that coffee shop again. The coffee shop was still operational, and I think the police were somehow able to determine that it wasn't the coffee shop at fault (maybe only a single employee or an ATM maintenance guy, not sure).

I think this is why a lot of debit cards have chips nowadays. The chips are harder to counterfeit (I think). But I think we still have to grandfather all the old debit cards without chips. :(


Interesting information (with pictures) about ATM skimmers here: http://m.krebsonsecurity.com/tag/atm-skimmer/

Doesn't take a genius, just some capital and a willingness to break the law and risk getting caught.


Wow, I thought everybody had heard of ATM card skinners by now. Be very careful at any ATM you use, don't think you are safe because you avoid that cafe's. And cover your hand when you enter a pin.


That was in 2010, hadn't heard of them back then. Not sure if they were actually common back then, although I'm sure they're certainly more common now. Yes, careful, careful. :(


Unless they're using the card online, when they only need my address (which isn't the hardest information to uncover).


In canada, if i want to use my debit card online i have to log in to my online banking after i make the purchase to confirm the transaction.


I usually have to do the Verified by Visa stuff too, but my understanding is that it's almost entirely optional for a merchant to require the extra information. Payment can still be made even without a CVV.

And even if verified by visa were compulsory, it would still be possible to create a Direct Debit payment using the account details, which are frequently written on the card, and the address.


(American) I experienced something like this the first time in my life yesterday when buying Skype credit. After entering my info at Skype, I was redirected to a "Verified by Visa"[0] page that made me type in my bank credentials.

I wish this sort of thing was universal.

[0]: https://usa.visa.com/personal/security/vbv/index.jsp


Here's a scenario:

I'm in a dodgy internet cafe with a key logger somewhere in Thailand.

I need to book a flight and the airline insists on my "Verified By Visa" credentials.

Who do you think my bank blames (even though they state that they won't) when somebody goes on a shopping spree with not only my CC # and my security code, but also my VbV password?

As another poster mentioned: It's offloading the risk to the card holder.

Something like a token, or two factor authentication would be a lot better.


Verified by Visa has a pretty bad design flaw: the recommended implementation uses an iframe to load the page that prompts for your password, so it's not obvious if that iframe is legitimate or a phishing attack.


Also, VbV unloads a lot of the security burden to the consumer: http://news.ycombinator.com/item?id=1909862


Verified by Visa (AKA '3D Secure') is a huge pain, and in all bank implementations that I've used in the UK it's trivial to reset the password.

My current account is with LloydsTSB and they now don't bother asking for your 3D Secure credentials and just go straight to the 'accepted' callback, because it pissed off so many of their customers.


At least in Sweden, most debit cards now require Verified By Visa/MasterCard SecureCode for online purchases, which means the theif would need either my bank RSA fob or a password.


The things you say only apply to the U.S.; in most of Europe, debit cards are significantly more secure. And since debit cards are the most common payment method, the sort of crazy behavior that was described in the linked article is actually pretty much non-existent.


It's similar in Australia, but Visa and MasterCard debit cards are rapidly becoming far more common (mostly due to the fact that you can use them online, I guess).

Between the fact that those cards can be used without a pin (or even without a signature for purchases under $100), and regular EFTPOS debit cards with a pin can be hijacked by skimmers if you're not careful, I think the best solution is to keep as small an amount of money in those accounts as you can. I rarely have more than $250 in any of my card accessible accounts unless I'm making a large purchase (although annoyingly this isn't much of an option when travelling since you can't rely on having an Internet connection to shift funds).


Depends on the issuing bank. My credit union offers the same fraud liability protection on their debit cards as credit cards. That said, with debit cards your money is (temporarily) gone until you notice and complain. Depending on the amount, this could cause problems with your balance.


Here's your test -- because I used to believe that, too.

Call their fraud line -- not the tellers, the real deal. Say that suppose you ordered a laptop on eBay. You paid using your debit card. You received a package, signed for it via UPS, but when you opened the package, it was an old, obsolete, broken laptop. Can they reverse the charge?

My credit card companies will. They will immediately grant me back the additional credit. Some banks have 24h policies to get you back your cash that's in dispute, but I'm positive that debit card protection does not extend this far. If yours miraculously does, tell all you friends to buy shares in the credit union. But I will be surprised.

(Yes I know you could probably dispute via eBay, not the point of course.)

Even with credit cards, if you accidentally pay a fraudelent charge before reporting it, you lose many rights. When the money is already out of your account, you are hopelessly at their mercy.

Edit:

Not to mention, I also get 2% cashback, the bank doubles the manufacturers warranty on items I purchase with the card, rental car insurance coverage, etc. And aside from the cashback, those are pretty normal CC perks. And things like car rental-- some rental companies will actually do a credit check (!!) if you try to use a debit card to secure a car rental.


With credit cards, your money is also (temporarily) gone until you notice and complain: you have less credit available. This can be an equally big problem.


This makes sense somewhat - if you could get out of a contract with a merchant, simply by canceling your credit card, then why bother to uphold your obligations (multiple payments, length of relationship) etc... Just get whatever benefits you want, then cancel the card and wave goodbye to the merchant. That would be _particularly_ problematic on a multiple-payment scenario.

The net-net is _never_ give your credit card to anyone who suggests they will charge you, unless you have full control over that relationship.

It's the key reason why I subscribe to all my magazines and newspapers (key exception being the WSJ) through iTunes - single place to control subscriptions - with the added bonus that I get reminded every month that there will be a renewal coming up.

I also negotiated with my Gym to allow me to pay the full year up front + initiation fee to avoid having to give them my credit card - It was amazing how difficult it was for me to convince them to allow me to give them $410 up front for a $30/month gym membership. They really make a lot of money off of people who don't want to come into the gym and cancel, or forget to do so on their "Annual" anniversary when they get signed up for another year.

Most of us are in our early 20s when we discover the downsides of recurring credit card charges - I'm surprised that someone as savvy as Arrington is discovering that he can't just cancel his account to end those recurring charges - I thought it was something that students usually do and discover doesn't work. I certainly did when I was a student.


No, if you have purchases on your agreement prior to cancellation, it's obvious that you are beholden to these purchases. These are within contractual guidelines and sensible.

If a merchant tries to charge my card, and finds that they cannot, they can end their relationship with me, and if, for some reason, cannot reconcile outstanding costs through traditional means, can utilize collections agencies or any other means they wish to obtain their due.

This is not only nonsensical, but legally questionable at best, and I'm very surprised this is the first I've seen anyone bring a point against it.


My gym offers a membership - $30/month with credit card and a one year term, no initiation fee, or $50/month, $75 initiation fee on a month-by-month basis. When I sign up for the one year membership, I put my signature on a contract, indicating that I will oblige by all the conditions.

Should I be allowed to sign up for the one year term, and then cancel my credit card after a couple months?

Whenever you enter a contract, there are conditions that must be fulfilled to cancel that contract. Simply saying "I didn't read those conditions" or "I don't want the product anymore" is not a sufficient condition to terminate the contract. And thinking that you can get out of it by "canceling the credit card" is naive in my opinion.


Should I be allowed to sign up for the one year term, and then cancel my credit card after a couple months?

Yes, you should. Because it's not the credit card companies responsibility to worry about what outstanding contracts you may or may not still have ongoing.

It would be up to the merchant to pursue legal action if your attempt to defraud the contract was substantial enough for them to care. If this was an ongoing problem for them, they would have to debate if their "deal" is really valued by their consumers and worth continuing to offer.

But, it's not Visa's problem to worry about these things.


Absolutely.

When a civil contract is broken the appropriate response is a trial in a court of law. Businesses are quite familiar with the debt collection process. A judge and possibly a jury are needed to resolve these types of disputes fairly.

Under no circumstances should a merchant be permitted to forcefully take funds from another person, outside the purview of the law.


yes, you should.

Your contract is between yourself and your gym, the bank should have no part in either enforcing or stopping its fulfilment unless it is asked to by the courts.


There is a general perception that initiating a chargeback is a way of getting out of a credit card related charge for any reason, when in reality it's an opportunity for the merchant to prove to the bank that they provided a product/service to you.

I know someone that used to fight chargebacks as part of their job. If you'd been using that service to send pics of your junk to people and then became despondent when it turned out that women don't find unsolicited crotch photos an appropriate pick-up line, you can be sure those pics would get faxed over to your bank as part of the package to show you'd been using the site.


>The net-net is _never_ give your credit card to anyone who suggests they will charge you, unless you have full control over that relationship.

huh. most people don't feel this way. I have setup my company to require action from the customer if they want to pay me; all the feedback I've gotten from this has been negative. People care more about the convenience of recurring payments than they care about security.

I use paypal, which doesn't really support pull billing; I send the customer a bill, and they pay it or they don't. Upon request, I setup paypal recurring payments, which seems to be fairly popular.

I do this in part 'cause I feel that pull billing (e.g. "charge 'em and hope they forgot to cancel") is a little scummy, but mostly because my billing system is a mess, and this way, the worst thing that could happen is that I end up asking people for more money than I should; no money is automatically moved, protecting me from that particular embarrassment.


Paypal recurring payments are much easier to cancel than credit card recurring payments.


yes. In fact, when they were first rolled out, it was difficult for me to cancel them for the customer. (this has been fixed; the recurring payments functionality is pretty good now. But it was crap when it came out.) but I have far more customers asking for some kind of recurring payments that /refuse/ the paypal recurring payments than customers that take the paypal recurring payments. Hell, I have more customers that have their bank send me a paper check every month than I have on paypal recurring payments.

The feedback I get is that if I offered recurring credit card payments, most of my customers would be using them; rather than the, say, one percent that uses paypal recurring payments and five percent that uses their bank to send me a check automatically.


That doesn't "get you out" of the contract any more than paying with a bad check would. You still owe them what you owe them, regardless of how current your credit card details are.


If a recurring charge comes with a contractual obligation, then it should be up to the merchant to collect when billing information ceases to be valid.


That's why I use a one time use credit card number with these things. If I want to stop the charges I just click "close number" and they are blocked.

http://en.wikipedia.org/wiki/Controlled_Payment_Number


Doesn't everyone know this? You can't enter into a contract with someone and then just pull the payment instrument out from under them. Even if they stopped charging your credit card, they could still sue you for the amount you owe them.

You have to cancel your gym membership if you don't want it anymore. Send them a registered letter and CC the state's Attorney General office if they won't cancel the account for you.

Edit: Wow, I just realized this is Arrington's blog. Isn't he a lawyer? How can he not know this stuff?


"Sending a registered letter" sounds like a "getting ready to sue" legal last resort. You don't have to do things like that to cancel subscriptions with most any other business.

Unfortunately that's actually the only way to cancel membership in writing at most major gym chains in the US. They all outsource membership billing to the same company, ABC Financial. ABC has their customers (the gyms) require member cancellations be sent by certified mail. Any cancellation request by phone or mail that isn't sent certified is simply thrown out. If you cancel your credit card, they'll just send you immediately to their collections agency.

This is how they guarantee "more revenue from more members than with anyone else". It's such a scummy business.

http://www.abcfinancial.com/

A Google search for "ABC Financial scam" (in quotes, exact phrase) has over 13,000 results.


I've had five gym memberships in my life. Every one of them allowed me to cancel the membership by coming into the gym and canceling it. In every case, that method, "Come into the gym and cancel" was written write on the contract.

If you are willing to negotiate with the owner/manager, they might even allow you to pay the full year up front - because that's basically the same thing (this was my argument) as signing up for a 1 year membership, and then canceling it the very same day - you are still responsible for the full 12 months, but it would end after one year because you had "cancelled" it.

Can you name a gym that won't let you cancel your membership by coming into the gym and doing so?


Ballys Fitness, Blast Fitness, Anytime Fitness and Gold's Gym according to just a few of the 90 reports on RipoffReport. I didn't just pull names out of titles, I read the reports and these are people that said they went to their gym to cancel, but kept getting billed by ABC.

http://www.ripoffreport.com/directory/ABC-financial.aspx


I didn't read all of them, but the first, "Golds" caught my attention:

== SNIP ==

"I am currently on the phone (and have been for an hour) with ABC Financial, the company that handles billing for Large Gym chains Golds Gym, Lifequest Fitness (I'm sure there are others).

I've been trying to cancel my membership. I've been put on hold 4 times." == SNIP ==

I've never had a gym membership that, by default, could be canceled via letter/fax/phone call. They all say the same thing, "Come in to the gym in person, and cancel the membership."

Most of them also have a clause saying that you are renewed for a year if you don't cancel on your anniversary.

I always add a half dozen riders (and have the manager sign it) that says things like "If I get a job or move more than 25 miles away from the gym, I can send in a letter stating that, and cancel via registered mail." - Gym managers are usually reasonable, and will let you do that. Take 15 to 20 minutes to negotiate your Gym contract - you do realize it's a contract, right?

In 90% of these cases, people just aren't demonstrating personal responsibility for the contracts they've entered.

I'll say it again - never, ever, ever enter a recurring contract (or something that might _be_ a recurring contract) with your credit card, unless you have 100% control over the cancelation and terms.


My experience with Gold's Gym is you call the number (for ABC Financial) and they tell you to mail a letter to them. They were very friendly, no hold time, but couldn't (wouldn't?) cancel over the phone. I got the phone number from trying to cancel in person at the gym. The people working the desk didn't appear to be getting paid enough to care too much (on the bright side, they didn't try to sell my anything I didn't want when I signed up. They told me $30 a month, take it or leave it).

Overall, I had to mail a letter and pay for an extra month's membership (and a stamp), but it wasn't that bad. Supposedly my contract required 60 days notice, I didn't care enough to check. People get burned up about these things, I figure there's more important things in life than $30 for a gym membership I didn't use.


>If you are willing to negotiate with the owner/manager, they might even allow you to pay the full year up front - because that's basically the same thing (this was my argument)

One difference is that with a credit card on file the company can bill you for damages, or allow you to purchase accessories after hours by signing a form.


At the gym where I'm a member, there were two separate forms to fill out: one for membership payment, one for incidental payment. Membership could be up front, automatic credit card payment, and so on. Incidental payment was optional, and could only be a credit card.


For gyms, you can go to Costco and buy a 2-year 24 Hour Fitness all-Sports club membership for $320, prepaid, too.


This is very good value

(well, it's probably because most people will go 1 month and then quit)


I've yet to see a gym actually go to collecrions. They'll send angry letters threatening things for a few months, and then give up. Don't ask how I know this :)


Might want to check your local rules on stale debt before you pop the champagne. They typically have a couple of years.

Once they figure out that you aren't going to pay with out a fight, they'd be nuts not to sell your debt -- something is better than nothing.


Well, they will sell your debt for, I dunno, 20%? Maybe more, maybe less

The buyer will make more angry letters, maybe signed by an attorney, try to negotiate, etc and then maybe go to court


You skipped "ruin your credit"


Maybe you haven't, but it happens all the time. Years ago when I was cleaning-up some credit mess I made when I was still in school I spent a lot of time learning on Creditboards.com and that was a very common collection people would seek help with.

Creditboards is a fantastic resource and I cleaned up several small (and one large) collection item from my reports far earlier than the 7.5 years the FCRA lets negative info stay on a report.


Yes, this is shady. That's why you involve the Attorney General.


I disagree strongly with this. Merchants can (and often do) change the terms of monthly payments, ignore legitimate requests for account cancellations, or even incur monthly charges for things that the cardholder was led to believe was a one-time charge.

Cancelling the card has been the cardholder's tactical weapon against that nonsense. It's still a hassle for the cardholder, so I'm left wondering how much of an actual problem it is that people are canceling entire credit card accounts just to wiggle out of a contract.

And, in the case that people do that, the merchants have recourse through either collections or court. If enough such charges go to collections, the cardholder loses the ability to open new accounts.

If people are no longer able to cancel their credit cards as an item of last resort, then the merchants are left with all the leverage. Arrington's natural response to that -- as I suspect will be most other peoples' -- will be to stop using their credit card.

I don't think we want that to happen.


Merchants can (and often do) change the terms of monthly payments, ignore legitimate requests for account cancellations, or even incur monthly charges for things that the cardholder was led to believe was a one-time charge.

That's what the dispute process is for. Sign an affidavit saying the merchant violated their contract with you, and the charge goes away.


I have absolutely no reason to trust credit companies as the unbiased vanguard of consumer protection. Signing an affidavit merely begins a process where the charge might go away, and I would expect that the process will get slower while ending up in the customer's favor less often.


You've obviously never accepted credit cards as a merchant. The process is heavily in the customer's favor.

It is incredibly hard to win as a merchant in any kind of dispute. The burden of proof is on the merchant not the customer.

The merchant pays a fee regardless of the outcome, and if you end up with more than 1% chargebacks your account is cancelled. The net effect is that any merchant who is doing this on a regular basis won't be accepting credit cards for long.

Additionally, the system is so far in the customer's favor that it's causing a fairly large fraud problem for merchants. It's bad enough that my small business won't accept credit cards for very large purchases unless the customer has a history with us.


Agree. Been a merchant in a few businesses dating back pre-net.

You need documented signed proof, in general and without that the charge is not only backed out but you get hit with a $25 or so charge back fee. And yes to many chargebacks say goodbye to the account.

We spot fraudulent charges and proactively issue a void before the consumer finds out, lest we get hit with the charge back fee as well.


> You've obviously never accepted credit cards as a merchant. The process is heavily in the customer's favor.

A company I used to work for had, some years back, made its way onto MATCH (merchant blacklist) for one of the four major credit card companies. Why? It accepted a legitimate (!) payment from a customer who was at the time under 'investigation' by the credit card company for fraud. (Obviously, this was not known to my company at the time that they accepted the payment).

Apparently, we even showed the credit card company that we had provided the appropriate services in exchange for the payment, so there could be no allegation of us helping them 'embezzle' the money. No luck - we were placed on the blacklist for seven years (give or take).

The punchline: that same credit card company had no problems issuing us a credit card in the company's name - not just once, but three times since we were placed on the blacklist.


That's only an issue if you care if your account is canceled. Plenty of 'merchants' are simply there to funnel stolen credit card information and turn it into cash.


Except that consumers almost always win such disputes and they are really not very burdensome. So bitching about this process is really just bitching.


First of all, the charge does not simply go away because you sign an affidavit... there is a little bit more process than that -- you may need to invest a couple of hours into it. At the end of that the charge will, in almost all cases, be reversed.

But that only makes ONE charge go away. The merchant can then submit another. And another. Every. Single. Month. Think of it as a DOS attack. Closing the card SHOULD (but apparently doesn't?) prevent that.


Based on my admittedly limited sample size of 1, that never actually works.


You can't enter into a contract with someone and then just pull the payment instrument out from under them.

Isn't that a different argument though? I had my wallet stolen at the end of February and would be outraged if charges from any of those cards suddenly went through my bank account.

I agree that one shouldn't just walk away from one's commitments, but isn't that what the small claims courts are, in theory at least, meant to enforce?


I absolutely should be able to deny them access to my credit card, unless the courts specify otherwise.

WTH is the bank doiing, enforcing the terms of a contract I have with a third party? since when is that the job of the bank?

Yes, the third party can sue me. Thats fine, but I must be able to maintain control over my own bank account.


I'm willing to be that somewhere in your cardholder agreement you give the bank the right to pay recurring charges on your behalf--as if you gave them the ability to act as your agent. An ability that apparently according to recent legislation you can't rescind merely by cancelling your card.


I think you misunderstood him. It's just as likely that the gym is trying to screw the customer by ignoring a valid request to cancel (even one sent via certified mail) than a customer trying to welch on a contract.


I'm sure the gym is trying to screw him. They make money when you don't show up, not when you do. That's why you read the contract before signing it, and negotiate it to something less shady. Or take your business elsewhere.

Like I said in another reply, you mail the Attorney General's office so that if there's a pattern of screwing customers, the state can take appropriate action.


I don't follow your point. If I'm getting screwed shouldn't I be able to prevent them from automatically billing me (in addition to mailing my attorney general, which seems does not seem likely to resolve the situation in the short-term)? Why can't I cancel a recurring billing relationship just like I can cancel a check?


It is interesting that charges can be put through after a card is cancelled. I, for one, did not know that.

I've cancelled cards previously because merchants were unreasonable or unresponsive. Gyms are one of the worst for this. Cancelling a gym membership is an exercise in torture.

Anecdote: I was in an Equinox gym a couple of months ago, thinking about joining. I saw a "representative" who was happy to give a tour through the gym and explain the costs and benefits. For these sorts of things however I give a fake phone number because I loathe the follow-up calls from such places.

Anyway, at one point while standing around reception where there were 5 or so such representatives standing around the receptionist answered the phone. Someone was inquiring about closing their account. She said they had to speak to a specialist and none were available. What the...? No one else seemed to be with a customer. It just struck me as another tactic to make it more difficult to cancel.

Now for me this would be relatively easy. My company has a corporate membership so it can be deducted directly from payroll and when I say for it to stop, it stops. But honestly I can't condone these hard sell tactics by giving such companies my money.

Cancelling a gym membership should be as simple as a 2 minute phone call or (better yet) clicking a button on a Website (Equinox has a Website where you can reserve exercise bikes no less).

My only experience with dispute resolution was reasonably painful although not as bad as it could be. I ordered something online and the merchant called me to say that price was only when I bought it as part of a package. I said I didn't want it. He said fine. A week later it turned up anyway. I had the charge reversed. They applied it again. I had it reversed (again). I had to send the item back by registered post.

I think the lesson to take from gym memberships and similar fixed-fee for shared usage pricing models is that they create the wrong incentives. Gyms really want customers who pay every month but never come in so they can oversell their capacity. If gyms were pay-for-use you simply wouldn't have this problem. Likewise you could discount memberships for people who come in at non-peak times, etc.

Some point out the "you signed a contract" argument and agreed to those terms. To this I response: people have an innate sense of fairness. People will (rightly IMHO) reject unreasonable terms. If I don't pay my gym membership, I can no longer go to the gym. This isn't like failing to make a car payment.

Unfortunately consumers seem to like monthly fees so you kind of get what you ask for.


I suspect the economics of gyms might be such that if it was pay-per-use they'd either have to charge insane rates or go under. It's not so much that consumers like monthly fees as that the gyms like them because they're easy to forget about.


Most gyms charge attractively low fees because they are typically a year or more contract, with an auto-renew clause, and they know that the vast majority of the members will use the gym a few times and then stop coming. If all their members used the gym regularly, they'd be packed to overflowing.

There are gyms that charge per use, the fees may appear higher but if your dedication to exercise doesn't turn out the way you planned you will be money ahead.

For the best chance at getting a payment plan that doesn't count on you having low motivation to exercise, look for locally-owned independent gyms, avoid the Bally's and other franchise/chain operations.


>look for locally-owned independent gyms

This isn't good advice. The locally owned ones are often even more desperate and willing to go the extra mile to defraud you. The idea that small businesses are more honest than big ones is a complete myth. Most of the time it is the reverse: big corporations have more to lose.


Unfortunately, as much as I hate the middle ground fallacy, it is correct here. It's far too broad to say that locally owned ones are more likely to defraud you or less likely. The real truth about locally-owned establishments is that with big corporations you know exactly what you are getting because it is the same everywhere whereas individual local establishments will depend on who the owner is. If the owner is desperate and willing to do everything to defraud you, so will be the establishment. If the owner is the nicest person in the world they'll be perfectly happy running a business in the red for as long as they can avoid total financial ruin so that they can better serve their customers. And, of course, you'll get everything in between.

The advice to go local is less about it being a guaranteed win and more about it being how you find those who will go above and beyond everything.


Your description is accurate but the advice to go local is usually not given that way, it's usually given as a slogan.

I've actually never heard anyone say "The advice to go local is less about it being a guaranteed win and more about it being how you find those who will go above and beyond everything."

Instead I always hear a dogmatic something like "support local business! Big corporations are evil!" When I've actually been defrauded out of FAR FAR FAR FAR more money by buying local.


Agree, this is why I said "for the best chance" which is, IMHO, far from saying "for a sure thing"


>attractively low fees Standard price around here (Perth.au) is $50/fortnight or ~$15 per use. Is that considered reasonable?


Planet Fitness here is $19.99/month or $10/month with a $59 signup fee. 24/7 access.


Planet Fitness with their "lunk alarm". That's not a gym.


Wow, had never heard of that. Sounds completely ridiculous.


And that's why I never sign up for a gym for more than 6 months (but usually 3 or 1 month since I'm on the move)

(Also, I do go to the gym)


Consumers aren't paying to use the equipment. They're paying for the sensation that they care about their bodies and for the peace of mind of knowing that if they had time or motivation they could go work out. Interest in something = spending money on it (at least here in America).


That's an extremely cynical view. You really don't think that people spend money on gyms so that they can go into the place and use the equipment?


There's an episode of Penn and Teller's Bullshit on this very subject. I'd guess 10-15% of gym members go to the gym regularly.


its a market. all the gyms in the market use slimey tactics. you can start your own gym if you like. good luck competing though. TLDR: don't ever start a business that competes on price.


I can't speak to every gym, but having done some IT contracting for a few I can speak to the ones around here.

Check your agreement. Around here if you call they'll give you the runaround, but every single one accepts a cancellation through signed, registered letter giving 30 days notice. A few of them won't even accept it through any other means (even if you drop off a signed letter, etc).


I've never met a gym that allowed cancellations over the phone. It always requires a signature in person (fax at best) in my experience.


The pay-per-use gym is an interesting idea, but compared to the fixed-fee gym it creates a bit of a disincentive to get in shape. If going to the gym more often means that you'll have to pay more, you'll probably go less often.


The basic affordances underlying credit cards are backward: “Here's my wallet -- go ahead and take what you think you need.”

Carrying a computer (i.e. phone) running a user agent can vastly improve the interaction. Something like:

1. Transmit an identifier from user agent to merchant via radio, barcode, or some other method.

2. Merchant's system asks user agent (either directly or through a service such as the user's bank) for a dollar amount.

3. User agent asks the user: "do you accept this charge? yes/no"

At no point is the merchant given a piece of information that allows them to charge whatever amount they want. The transaction isn't complete before the user approves the amount on their own device.

It's kind of amazing we haven't switched to something along these lines already.


I can already hear someone asking "Is it PCI Compliant?".

Unfortunately payment technology, and monetary exchange in general is so valuable that frozen accidents stay because implementing something better would be detrimental to an incumbent's revenue stream.

Bitcoin :P


Every month, your card company sends you a list of charges. If any of them are illegitimate, you tell the company, and don't pay, and they investigate. That's basically the same as your proposal. Your credit card number is like a public key, if you will. Checks are worse. They pay out immediately without asking for approval.


No, it isn't the same. I don't want to wait until the end of the month. The information about this transaction is freshest in my mind at the exact hour and minute I enter into it.

I want a notification on my phone immediately:

"(Merchant X) requests a payment of ($Y). Do you accept this charge? ( ) yes ( ) no [ ] Auto-apply this answer to future requests from this merchant"

The notion that I shoudn't, by default, have a role in approving each and every transaction before it goes through is a holdover from the days when I didn't have an always-connected computer in my pocket.

If I never approve it in the first place, there's no wrong that needs to be righted, no fraud that needs to be investigated. I just got some spam asking for money. I marked it as spam to keep from being flooded in the future by the same spammer, and that's it.


I don't know where this is from. But in Portugal, I really feel blessed by the MBNet service that exists here. Basically you tie it to any card (credit/debit) and generate temporary credit card numbers with a hard value limit defined at the time of creation. Want to buy a 10$ game, generate a card with a slightly larger value and pay with it. If the merchant tries to take more, it is denied and the card automatically cancelled.

I am amazed this doesn't exist elsewhere (if it does I have never heard of it). Even banks themselves could provide something like this.

EDIT: I don't know how it actually works if you want to pay by credit. I generally generate cards with values that my bank account can cover.


Bank of America, my credit card provider provides the same sort of service. They call it ShopSafe. You generate a temporary credit card number with a certain limit and you can set when it expires.

It is fantastic for purchasing goods from web sites that may not secure their card data completely, or if you are worried about fraud on the internet. I've also in the past generated the numbers for when I need to pay over the phone and don't want to hand out my credit card number!

Extremely handy, unfortunately it seems that not enough people make use of it, to the point that BoA employees in the fraud department are at times not even aware that the feature exists...


Are there fees attached to this?

I'd be interested in using this, but I get so frustrated with Bank of America's fees. They want to charge $10/month just for using OFX to access your own financial transactions!

Given the level of security that most banks implement, this is completely indefensible in my books (given that the same information is available through the shoddy web interface).


My bank of america card is completely free of monthly fees, and I have Mint.com pull my financial transactions without issues.

ShopSafe is also completely free to use.


Whether or not you have a fee for your card itself depends on what card you get; I'm not referring to those kinds of fees.

As for the second point, Mint/Intuit probably covers those fees for their own service, but they don't allow you to interface with them over OFX, so it's a moot point for anyone who wants that information for something other than Mint.


Just to add something regarding MBNet, it is also now possible to create a virtual credit card for multiple transactions, I believe up to a year. But it will never go over whatever limit you set at the beginning. It's a great payment method indeed.


Whoah, this sounds spectacular. Is it available in the States, besides BoA?


I've used the same feature through Citi credit cards although it's fairly well hidden on their site if I remember correctly. I've never found this feature with my American Express or Chase accounts.


Is anyone surprised that Michael Arrington has soured relations with a vendor enough that they'd refuse to talk to him? Not I.

The dispute resolution process deals with these sorts of things and punishes merchants who repeatedly violate rules. Strategy number one is to not be a dick. People respond better that way and you won't end up in the situations Michael Arrington always seems to end up in.

I probably deal with as many merchants and as much travel as him and have always resolved such issues amicably.


Had a friend who cancelled an old mobile phone contract. He kept the old phone and sim in a drawer somewhere.

House got broken into and the old phone was stolen but my friend didn't notice the missing phone since it wasn't used anymore. Thief managed to call up the phone company and get the contract re-instated. Friend received bills for thousands.

Cut up your old sim cards.


My solution to this is to use an American Express card. Every single time I've had a problem, domestic or international, they've been on my side, and disputes are easy to handle. (the correct Amex cards to have are Starwood Preferred Guest for USA use and Platinum for international or status (lounge access, etc.) use.)


Interestingly the one time I had a chargeback dispute with an Amex customer--even though I won the dispute (I had clear evidence--video, signatures etc...)--Amex still credited both my account and the customer's for the full amount.


Amex is the Apple of the payment world -- they control and brand the whole thing end to end, and own the high end, charging a slight premium for some things when the market will bear it (and were both far larger premiums and lower volumes in the past).

With Visa/MC, it's a card association (until recently, a non-profit), and an issuing bank. The issuing bank may have a bunch of banking relationships with you (so you're unlikely to walk over a credit card), or only a credit card (so you're not that valuable to them anyway), and doesn't have as much incentive to protect the card association brand. End user consumers almost never contact the card association itself.


Yes, but you'll end up shafting merchants - c.f. my comment here: http://news.ycombinator.com/item?id=4440507

Note that in this case, the credit card company punished a merchant who wasn't even connected to the fraudulent transaction.

The rule of thumb is that the more lenient the company is for the customer, the more harsh they are on merchants, the higher their fees for merchants, the more reluctant merchants are to accept them, and the harder it is to find a merchant who will accept the card.

(Note how many businesses accept Mastercard and Visa but not AmEx).


What do you mean by "the correct Amex cards to have"?


Maximum value of rewards points and other benefits vs. annual fees.

Centurion (Black) is pretty much the same as Platinum, with a 6x higher fee. It used to be a lot cheaper than it is now AND have more benefits, but it's been substantially devalued. Platinum does provide a lot of perks just for having one (lounge access, etc.) worth about $500+/yr, as long as you travel. It also has no international fee.

SPG gives effectively 5% return if you use it aggressively. The problem is a high international fee.


I'm still curious as to how points are superior to cash back provided by, say the Blue Cash Preferred.


It completely depends on how you use those points and what types of transactions you choose.

The Blue Cash Preferred is a bad card for any single individual living in New York, for example, since he/she will spend very little on gas, and not enough on groceries to recoup the $75 annual fee.

However, cash back shields you against arbitrary inflation by the credit card company - it's very easy for a company to start requiring more points (or more miles, etc.) to purchase the same reward - and in fact, they've done this a lot with airline miles over the past few years.

As a result, cash back tends to be slightly less lucrative than points, just because they're able to charge an implicit 'premium' for this kind of security.


>As a result, cash back tends to be slightly less lucrative than points, just because they're able to charge an implicit 'premium' for this kind of security.

What's the premium? The annual fee? I've read through the comment several times, perhaps I'm missing something. Either way, the Blue Cash Everyday is there for nice rewards (3% groceries, 2% gas, 1% everything else) without the annual fee; I just chose to mention the BCP since, like most of the sought-after points-based cards, it has an annual fee.

I am skeptical of the actual worth of the points provided by various travel rewards cards. Here's an example: http://www.delta.com/skymiles/use_miles/pay_miles/index.jsp -- the typical conversion rate for a "mile" is one point per "mile", is it not?

10,000 points -> 10,000 "miles" -> $100 credit for total fare

Granted, there is the benefit of MQMs, but one has to consider the $150 annual fee for the particular card.

rdl specifically mentioned the Starwood Preferred Guest, which earns up to 4-5 points per dollar, although that is restricted to Starwood Preferred Guest Hotels and Resorts; it's 1 point per dollar anywhere else. Thus, there's a possibility for big travelers to earn an effective 4-5% cash back some of the time. In cases like this, I can see how points have merit. Otherwise, I'm in favor of cash back.


> What's the premium? The annual fee?

Assume for a moment that the point allocations are constant (though in reality they usually fluctuate). I can redeem those points/miles for flight tickets, hotel bookings, in-kind purchases, etc. In that case, the exchange rate of the point is set by the dollar value of the reward that I'm purchasing. Usually rewards-based cards let you choose from a few options, so we can define the highest-valued reward to be the one that determines this exchange rate.

The credit card company can adjust this exchange rate at will, either to the benefit of the consumer or not. They can do this by awarding more/fewer points or by adjusting the value of the reward (by changing the number of points required to purchase a particular reward) - or both. This is analogous to the US government increasing/decreasing the money supply (and in fact, it has the exact opposite effect, since it's the credit card company doing it). In the case of airlines, frequent flyer miles have experienced dramatic inflation recently - if you had held onto your miles from, say, 2002, they'd buy you a lot less today (assuming they didn't expire altogether).

The credit card company can do this because they're acting as a central bank for the 'points' currency and as a monopoly (if you consider the products' parent companies, not the final branding), and as a monopsony (they are the only purchaser of the 'points' currency, so the only way to gain value from their points is to purchase their products - but they can set the prices of those products at will, since they're also a monopoly).

So, to circle back to your original question, the 'premium' is the difference between the constant cash rewards rate (say, 1%) and the 'effective' exchange rate of your points.

> I am skeptical of the actual worth of the points provided by various travel rewards cards. Here's an example: http://www.delta.com/skymiles/use_miles/pay_miles/index.jsp -- the typical conversion rate for a "mile" is one point per "mile", is it not?

I share your skepticism - they can probably change the points-per-mile rate via the fine print (though that's a more cumbersome sword). More likely, though, they'll just change the dollars-per-mile rate (ie, 'how many points does $FLIGHT cost'), since that doesn't require notifying the customer of the updated terms of their card.

For that reason, the cash back cards are more reliable - why arbitrarily force yourself into a completely centrally-regulated market?


flyertalk.com is the hacker news of travel optimization.

Personally, I find that airline miles have gotten totally inflated to uselessness. I care about airline STATUS, but mile redemptions are a huge pain. (You can get Star Alliance Gold for 20k miles/year on Aegean Airlines, and CX Silver (mid-tier and One World status) for free with Founders Card, and such). Lounge access, easier boarding, etc., which is especially useful if you buy cheap economy tickets. Airline status also helps a lot during irregular ops -- if a flight is cancelled, the guy with a UA Global Services card is going to get rebooked before the person who flies United once a year.

SPG has been fairly good about keeping the terms of the program constant (or improving them) over the past 13 years that it's been around. If you use the points optimally, you can get $0.03-0.04 per point redemption -- remember with hotel points you also get out of taxes, which in some markets can add 20-25% to the base room rate. As of last year, Starwood point redemption stays now count for elite qualification, too. You only get 1 point per general dollar spent, but can get up to 12 points per dollar during certain promotions when spending at Starwood properties; there are times when a marginal dollar spent at Starwood on a card, with status, during a promotion is actually returning $0.60 directly and then bonuses like 500 points per stay, requalification for elite tiers, etc. which make people do crazy things called "mattress runs" where they take trips just to check in and collect credit. Hotel points are kind of special with Starwood since redemptions are constant-price in points, or constant price in cash and points, while cash rates fluctuate widely. 10k points can get you a $99 Tuesday night in Las Vegas, or it can get you a $600 Saturday night in Las Vegas. Status also lets you force availability during some events (sort of works during SXSW, unofficially, and NYE in NYC).

The best cash-back cards are 2% unlimited -- there was a Schwab card (no longer offered, I believe) and was a Pentagon FCU card. Cash is undeniably easier to work with, but having point bonuses in various programs can be useful as well.

The best deal for Amazon cash back is the Citi Forward card. It gives 5% cash back on all bookstore purchases, and currently all Amazon purchases are coded as bookstore purchases. (I am going to try it with AWS once my credit balance runs out; it would be hilarious for someone to run Netflix's AWS bills through a 5% cash back card!). Otherwise by using the Chase Amazon card you get 3% on amazon, and can use a 1.78x multiplier (redeeming $900 of credit for $1600 in flights).

Someone smarter than me recently said "I could optimize for that stuff, but then I look at how much value I can add to my startup by working an extra hour...", and yeah, that makes sense too. But travel programs are a fun game to hack.


To play devil's advocate, you should not be able to just close your credit card account and be able to walk away from a contractual recurring payment agreement into which you entered.


But is it the bank's responsibility to enforce the contract?

I would rather have a civil court be the recourse for a broken contract than for a third non-governmental party to handle it.

I suppose if it was written into the contract that the bank would perform this role prior to the card being obtained and this being made abundantly clear to both sides things would be a little different. Still, ideally I would have the bank as the holder and mover of funds at the will of the cardholder, not someone outside of the contract between the bank and cardholder.


Oops, meant to upvote you. I agree. I guess when you agree to use credit cards you're not just using a payment instrument the bank has made for your convenience, but choosing to use a system which the banks find lucrative and the merchant exert a good deal of control over. Consumers are not as politically proactive as merchants so we can't be surprised to find the laws favor the merchants.

[edit] Someone upstream mentioned authorizations. I'd like to know more about how authorizations work with subscriptions. Do they keep a rolling six month queue of auths or is there a seperate and unique structure for recurring payments?


> so we can't be surprised to find the laws favor the merchants.

The contracts that merchants enter with credit card companies are very much not in the merchants' favor.

That may not always translate into being in the customer's favor (as opposed to the banks'), but merchants are certainly not the ones winning in this setup.


Indeed. Though I'm sure the gym's merchant account requires them to stop charging a particular credit card if you ask them. You can then switch to paying by cash, stop paying, default on the account, and then go through the whole collections thing.

The OP did learn a valuable lesson, though: don't enter into a contract you don't agree to, expecting to have someone else get you out of it.


" you should not be able to just close your credit card account and be able to walk away from a contractual recurring payment agreement into which you entered."

Of course you should. What if the other party fails to uphold their side of the contract, rendering it invalid? You are suggesting that the cardholder must pay regardless of the contract terms. In reality, either party may violate the terms of their contract in incalculable ways. Singling out consumer payments is extremely myopic.

I understand you're playing devil's advocate here, but this position is extremely flawed.


I don't think that's devil's advocate - I think that's just common sense. People might start to think twice before ever giving their credit card to a business then.


Thankfully in the UK, Direct Debits[1] are used for most recurring payments and have a lot of protections in place, namely:

1. The payer has the right to cancel the direct debit at any time.

2. The payee cannot alter the date or the amount of the payment without prior notification/authorisation.

3. The bank has no ability to alter the payment instruction after it has been authorised.

4. There is a guarantee in place to return funds in case of a dispute. The bank will process an immediate refund, and it is up to the payee to chase payment. The banks play no part in the dispute resolution process.


I'm not sure why the author is so afraid of the chargeback process. If you request a merchant to stop charging you and they refuse or don't acknowledge you, your credit card company will contact the merchant on your behalf to cancel the relationship or block future transactions. It only takes a few minutes to submit the request.


Just never give authorization for recurring billing. I use my credit card for one-time payments for monthly services all of the time, and I never authorize recurring billing. When you do that, you establish an on-going relationship with the merchant that isn't so easy to cancel. But you can cancel their authorization to do recurring billing in writing, and then any charge made on that ground should be refunded to you as a simple matter of course.

It generally works out pretty well if you just never authorize automatic recurring billing.


Hmm I have a Visa connected directly to my bank account, (debit?) So far so good, but i also have an app on my phone (Android) from my bank (Handelsbanken) that lets me check/transfer money from my accounts. But i can also LOCK my Visa from being used outside of Sweden and on the internet. So every time i want to buy something on the internet or going to another country i open the app open my card for internet/international use and tada.

This service is free and i can Unlock/lock my card as much as i want too.


Why not just call the gym in question? I've had numerous accounts with recurring charges, but I've never dealt with them by changing account or card numbers.


Have you ever attempted to cancel a Gym membership? It is near impossible.


Why? I've had to switch between a few different gym companies over the years and never had any trouble.


I noticed this a few months back. I had cancelled an Amex card and get a new one (brand new number). My old one was saved in my Amazon profile. I charged to that old account a couple times before I realized that that was the card I cancelled. But it worked fine. To this day I can still pick that card when checking out of Amazon with no issue.


I closed an account, and moved. Had this happen, go to collections, damage my credit, and had no idea.




Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: