German only
A Swiss customer lost 30,000CHF. His account was hacked and they stole 30000CHF!! Crazy
So? Unfortunately that happens a lot
The article is unfortunately behind a pay wall
The article also says that apparently 6 transfers were debited from the bank account. AFAIK Revolut does not initiate a transfer? You send money to Revolut with a transfer or with a credit card.
https://www.20min.ch/finance/news/st...000---26322505
for those who don't want to waste money for online newspaper subscriptions.
And see here (just recently): https://www.englishforum.ch/3088283-post628.html
https://twitter.com/revolutbank?lang=en
It seems Revolut's problems continue. For me now this is simply one to clearly avoid.
Revolut's card limit wasn't respected by Revolut themselves: the card limit is 15k but 30k got stolen in six transactions of 5k each within minutes. And customer support is abysmal even though the person had a black "Metal Card" which comes with higher cost for supposedly better service.
The tranfers were stopped because the customer blocked his UBS account, otherwise the amount stolen would probably be much higher. Tough luck if it happens to you while you're asleep or otherwise unavailable.
He had a UBS Visa card connected to the app, by doing so one can spend on revolution up to the maximum limit of the creditcard and Revolut will charge the creditcard automatically.
Now wether Revolut is hacked or its app is leaking or the guy himself has his phone/computer, account or card hacked/copied has to be seen. Personally I suspect that the problem is on his side. All it takes is using the card at a wrong spot where they copy your card details or having your computer/phone hacked. This is no different from any other card providers.
When connecting a card like the guy did the limit of the card becomes the new limit of Revolut.
This is clearly fraud though, so either the bank or Revolut is on the hook for the charges. The customer should get his 30k back and then his for his bank, Revolut, and whoever else to sort it out so they can recoup the money on their side.
Could also be that the customer was not careful enough and due to this had his account data leaked himself, why would somebody else have to pay up if such would be the case? Also if the money has been taken out of a cash machine somewhere in the world through an anonymous or fake account recouping is unless they actually arrest these people and they have the money left no option.
The beauty of it is that the onus is 100% on Revolut to prove their allegations. And even if they can't arrest and recover the money from the people who did it, it's really not the customer's problem. It's a risk of doing business as a bank and it's built into the cost.
I'm not sure what an "anonymous or fake account" that would let you withdraw from an ATM is, or how you'd even go about getting one if you were a criminal.
I’m sure that they will have their a@@es covered legally. So it will be interesting to hear what actually happened.
MasterCard and Visa are pretty specific about what constitutes fraud. Unauthorized transactions being one of the cases specifically mentioned for which the customer has zero liability, provided they informed the card issuer of the fraud and requested a card block as soon as they got aware of it.
Customer sets up account and gives the account privileges like how much money is to be maximally redrawn, not if customer leaks the log in data that other persons are basically granted the same privileges, so how is Revolut at fault for that, if only allows the account to do what the customer told Revolut the account should be able to do, and nope the onus is not 100% on Revolut. One of many possible examples:
step 1: Set up offshore cooperation in Panama through local lawyer.
step 2: Set up banking account on name of company.
step 3: Transfer money towards the company.
step 4: Use company card to pull money out of the wall wherever in the world.
Only the lawyer knows who the person behind the company is, and the lawyer is legally not allowed to hand out his customers data for this. Thus all that remains in the open is an empty worthless company in Panama they can go after.
Easier is just to use a mule, give a teen or poor person a couple of hundreds to set up a normal bank account and leave that person in the mist on who you are.
The transactions from UBS towards Revolut are authorised
You have a vivid imagination! And no, these transactions aren't authorized because they're the result of fraudulent withdrawals/transactions with the Revolut card. From UBS' standpoint, they might not be on the hook for the money, but Revolut would be. And to the customer it's all the same: zero liability one way or another, either because UBS refunds, or because Revolut does. If you get your money back, do you really care which of the two refunded you?
Nobody knows yet what exactly happened, it is all speculation.
No it is not my imagination, I in contrary to you however am separating the different things that come into play in these situations.
Customer has a Visa card through UBS, Customer has handed over Visa/USB account/card details to Revolut and has allowed Revolut to redraw any money spend through the Revolut account to be taken from the UBS/Visa card.
Conclusion: Visa/USB towards Revolut has been authorised by the customer.
Now the other part: The money that went from the Revolut account to wherever, customer states this has not been approved so he has a dispute with Revolut.
So a research will be opened, they will check what time, from what sort of machine and from what IP/location the order has been given. They will check if it might have been a fault from within their own systems, if that account specifically or their systems might have been subject to an attack/hack, through brute forcing or any of the other methods. Now if it turns out that his card has been used in let's say Brasil and he was here and can still show his card than the conclusion is that his card has been copied somewhere and Revolut should accept responsibility and refund. But maybe his wallet was stolen/lost, and he got it back after a week from the police station and never cared to cancel/block his cards, the wallet still contains all cards but somebody copied them and simply handed back the wallet hoping that customer would not cancel things awaiting a nice moment in future where they can take out a large sum. In this case it is not unlikely that will be concluded that customer was careless and will not be refunded or they agree on a split.
But maybe it turns out that from Singapore or perhaps even Switzerland a normal valid log-in has been made where at first attempt his correct log-in data have been used. Than it also becomes a question of has the customer taken a reasonable to be expected effort to secure his data, more and more banks start to refuse a refund if it turns out the customer stored the data on a computer or a phone with an old OS without a firewall/virusscanner and old software with known leaks which even might contain software that is capable of intercepting/stealing the data needed to pull this off. Or maybe it turns out the customer fell for a phishing attempt. Or as has happened before one of his family members screwed things over majorly, or maybe he used open-banking providers or 3rd party providers of which one has been hacked.
It is simply to easy to say at this moment: He did not do the transfer himself, he should get everything refunded. Likely, yeah sure. Certain.. nope, not at this moment.
This +100000
Frankly for the card owner who "works in the field of IT security" to set up automatic refill of the card and allow a 15k limit was rather dumb wouldn't you say?
That appears to be not the case. The TA mentions that Revolut has indications that the SIM card had been hacked, but Swisscom says that's not the case.
To me this implies that the transactions have been conducted via the customers phone. Which would indeed put the onus on Revolut.
Why? The first 15k appear to, hrmpf, be of not that much of a concern. Clearly Revolut should respect their own card limit and refuse transactions 4-6.