A while ago, my wife and I were up in our office talking about a possible purchase – actually it was something I wanted, and she was going to buy it for me. We had looked around and she remembered that QVC had a good price once, so we looked on-line and I said yes, I’d like that one. My phone was with me, whilst her’s was downstairs, so I handed her my phone to order it.
The order process went OK, she placed the order and then handed me back the phone. Just as she did so, a text message came in form my bank, telling me that my credit card had been just been used in an on-line or phone transaction. I looked, and we both laughed, because her present to me had come from my credit card!
But the laughter lasted only about a minute, when we went back and thought about the transaction.
She was asked if she was Mrs Knight, what address it was to be shipped to, and if she wanted to use the credit card details on file. But thinking through the conversation again, at no point was she asked for identification for her, or her details. At no time was she asked to verify the credit card details, or if she had the right to use it. Our assumption is that, because the call came from Mr Knight’s phone number, and she said she was Mrs Knight, they accessed all my details, and the transaction went ahead.
I went on-line and deleted my card details from my account with QVC, but I see that they just automatically keep card details every time you use them, so I have to remember to delete it each time I buy from them.
You might say, does it really matter? Isn’t that an overreaction?
On that occasion, no, it didn’t matter – but what if someone has stolen my phone – could they have just ordered whatever they wanted, had it shipped to their address, and all I’d now about it was a debit to my Credit Card? And even in this case, if I hadn’t had text alerts from my bank, I would have been unaware of the use of my card, and so in danger of going over my credit limit.
I am still rattled by this, as you can tell – I will still use QVC – I did last night, but this morning I went into their site and removed my card details again.
Because next time it might not be something that we’d laugh about.