Got something to say or just want fewer pesky ads? Join us... 😊

O/T Think your credit card expires at the end of the expiry date month? Think again!



Greavsey

Well-known member
Jul 4, 2007
1,122
Thanks for the confirmation about the facts.

Why is it a problem? Uber tried to use the new card three times (for one transaction), two weeks before my existing card expired. JLFS declined the transaction three times (and didn't tell me). Uber told me on the third transaction.

How am I supposed to know which suppliers are going to upload the new details, when?

The bottom line is, as I implied in the title, and specified in my OP, effectively (for some transactions from certain big customers of the issuer) your credit card does not expire at the end of the expiry month, but shortly after you've received the replacement card. That's ok, if the issuer tells you that. They don't. Perhaps they should.

OK, sounds like there was an unfortunate cock up in your particular instance. The new card details should only be sent by the issuer and used by the merchant when you have activated your new card.
 

Goldstone1976

We Got Calde in!!
Helpful Moderator
NSC Licker Extraordinaire
Apr 30, 2013
13,754
Herts
OK, sounds like there was an unfortunate cock up in your particular instance. The new card details should only be sent by the issuer and used by the merchant when you have activated your new card.

The guy at JLFS said that they routinely send the new card details to companies like Uber at the same time as the replacement card is sent to the issuer's customer. It's definitely a cock up by Uber, using the new card so early, but it doesn't sound like it was a cock up by JLFS in sending them the details when they did - just standard practice.
 

Seagull73

Sienna's Heaven
Jul 26, 2003
3,382
Not Lewes
I too work in this industry, and I have to say I have never heard of this practice from card issuers.

It is against data protection and potentially PCI compliance to issue a new card and allow a supplier to store it without the cardholders permission. You have given express permission to use one payment card, but when the number changes on renewal (if it does) - the expiry date of the card effectively ends the permission you have given until you as the customer give the permission again. It is certainly not up to the card issuer to determine that is what you want to do - irrespective of the intentions.
 

beorhthelm

A. Virgo, Football Genius
Jul 21, 2003
35,237
I used to work in the industry and this is exactly what happens as described by Goldstone1976. It is meant mainly as a positive customer experience so that you don't have to remember everywhere you have your card details on file, e.g. magazine subscription or insurance services etc.

i can see the benefits, yet i have always had to provide new details for insurance, Amazon when cards expire. odd.
 


Greavsey

Well-known member
Jul 4, 2007
1,122
i can see the benefits, yet i have always had to provide new details for insurance, Amazon when cards expire. odd.

It's entirely dependent on whether the merchant has opted into the product via their payment provider. I don't think it's particularly prevalent here in the UK yet. I'm sure Amazon will have it very soon.
 

beorhthelm

A. Virgo, Football Genius
Jul 21, 2003
35,237
OK, sounds like there was an unfortunate cock up in your particular instance.

there's another thing, if send details shirley they'd be sent a file with thousands of cards renewed that month and process it as a batch - not just update Mr Goldstone1976.
 

Goldstone1976

We Got Calde in!!
Helpful Moderator
NSC Licker Extraordinaire
Apr 30, 2013
13,754
Herts
I too work in this industry, and I have to say I have never heard of this practice from card issuers.

It is against data protection and potentially PCI compliance to issue a new card and allow a supplier to store it without the cardholders permission. You have given express permission to use one payment card, but when the number changes on renewal (if it does) - the expiry date of the card effectively ends the permission you have given until you as the customer give the permission again. It is certainly not up to the card issuer to determine that is what you want to do - irrespective of the intentions.

This is what I was implying in the last sentence of my OP: "Bigger issue: wtf are credit companies doing, giving my card details to anyone, at any time?"

I can see the customer service angle, but, afaik, I've never said its ok to send the details of my replacement card to a random (from my perspective) selection of the issuer's customer to ease an administrative burden. I say afaik, because it's been some time since I read the T&Cs - maybe there's something to that effect in them? Or in the letter that comes with the replacement card? I doubt it though.

The facts of my case are:

I authorised Uber to use my card expiring 06/17, some time ago. They've used it many times over the last year or more.

I received a replacement card (same number, exp 06/20, different 3 digit code) about a month and stuck it in a drawer, intending to activate it around about now.

I took a journey with Uber on 15/6. Uber emailed me last night, saying my payment had been declined.

I phoned JLFS this morning and asked what happened. After some confusion, the story settled on the fact that Uber had tried to use my new card (JLFS specified the expiry date that Uber had tried to use was 06/20) three times, all for the same amount, on 15/6, 16/6, and yesterday and that JLFS had declined the card every time "because it hadn't been activated".

I asked, inter alia, how Uber had got my new card's details, when I hadn't even looked at it yet. After getting dangerously close to accusing me of lying, I got the call centre woman to transfer me up the chain. Eventually, I got to a manager, who told me the story I've outlined earlier. I accepted this story, as it's the only one that makes any logical sense, absent Uber hacking JLFS systems.

I still haven't got to an answer about how are issuers' customers supposed to know which companies they use are going to start trying to use their new card's details, and when they are going to do so. Nor did I receive an answer to the question I posed that went: "I have a valid credit card on file with Uber. You gave them details of a new one, without my knowledge or, afaik, permission. They updated their system with the new details and tried to use it. Why did you not honour it, given the fact that you provided them with the details?" The only response I got was "uber shouldn't have uploaded it yet". No reply to "Ok, but you're complicit too. It was you who sent them my cc details".

I do suspect there's some sailing fairly close to the wind by JLFS (other FS companies too, according to JLFS) in regard to sending out replacement card details. I have no current desire to stir things up for them. Note:current.
 


Goldstone1976

We Got Calde in!!
Helpful Moderator
NSC Licker Extraordinaire
Apr 30, 2013
13,754
Herts
there's another thing, if send details shirley they'd be sent a file with thousands of cards renewed that month and process it as a batch - not just update Mr Goldstone1976.

Yep. The manager confirmed that they send a batch file of all the cards that are soon (although "soon" = 4-6 weeks away)to expire to their "big customers, like Amazon and Uber". I did ask whether my issue arose often. He confirmed that I wasn't the first.

Presumably (I didn't ask), they only send details of replacement cards to say, Amazon, if the issuer's customer has used their existing card to buy from Amazon. It's a whole different thing if they send replacement card details to say, Amazon, if the issuer's customer has never shopped with Amazon!
 

Goldstone1976

We Got Calde in!!
Helpful Moderator
NSC Licker Extraordinaire
Apr 30, 2013
13,754
Herts
I know it doesn't address the point of the thread but I'm curious as to the thinking behind not activating your card when you received it.

Only because I had an existing card from the supplier with 6-ish weeks validity left on it and was busier a month ago than I am now.

I do realise that had I activated it upon receipt, none of this would have happened; but that's no excuse for the credit card issuer to send the new card's details to a list of their customers without telling me or, afaik, asking my permission. As an aside, neither is it a excuse for Uber to start using it prior to the expiry of the card they already have on file and have used multiple times in the past.
 


Cian

Well-known member
Jul 16, 2003
14,262
Dublin, Ireland
Yeah, but Uber is not a regular supplier of anything. It's a transaction by transaction contract. Why Uber, and not my local Chinese restaurant?

I imagine there's a clause in the T&Cs that nobody reads about it being considered as such. Never used it (as all the cars are just taxis here anyway) so can't confirm that. But yes, it shouldn't be considered one.

Many people use cards in lieu of direct debits - I pay my cable and mobile bills by card payment to collect Avios for instance; and that was the thinking behind allowing this in general - to stop payments bouncing when a card changes, except clearly the exact opposite occured.
 

Audax

Boing boing boing...
Aug 3, 2015
2,906
Uckfield
I too work in this industry, and I have to say I have never heard of this practice from card issuers.

It is against data protection and potentially PCI compliance to issue a new card and allow a supplier to store it without the cardholders permission. You have given express permission to use one payment card, but when the number changes on renewal (if it does) - the expiry date of the card effectively ends the permission you have given until you as the customer give the permission again. It is certainly not up to the card issuer to determine that is what you want to do - irrespective of the intentions.

Your understanding matches my own. What's being described here is not compatible with my understanding of the current UK / EU law on Data Protection, let alone the new GDPR laws that come into effect next year. Unless you've explicitly given permission to the card issuer to provide updates to companies you've purchased from, they are breaching Data Protection rules by sending *any* information to a third party. It's that simple.
 

Goldstone1976

We Got Calde in!!
Helpful Moderator
NSC Licker Extraordinaire
Apr 30, 2013
13,754
Herts
Your understanding matches my own. What's being described here is not compatible with my understanding of the current UK / EU law on Data Protection, let alone the new GDPR laws that come into effect next year. Unless you've explicitly given permission to the card issuer to provide updates to companies you've purchased from, they are breaching Data Protection rules by sending *any* information to a third party. It's that simple.

Ok. Well, I can categorically state that I have not given explicit, knowing permission, which leaves us with three options (unless others can think of more):

1 it's in their standard T&Cs, which I've accepted by using the card.
2 I've received a letter (perhaps with the card), saying "... if you don't tell us otherwise, we're going to let our big customers know..."
3 they're acting illegally.
 


beorhthelm

A. Virgo, Football Genius
Jul 21, 2003
35,237
Your understanding matches my own. What's being described here is not compatible with my understanding of the current UK / EU law on Data Protection, let alone the new GDPR laws that come into effect next year. Unless you've explicitly given permission to the card issuer to provide updates to companies you've purchased from, they are breaching Data Protection rules by sending *any* information to a third party. It's that simple.

thinking about it, it may be reasonable to consider the Credit Card number to be their information since they issue it. so conceivably they could issue an update say where customer is xyz (<- hashed version of the actual name) change number 123 to 456. because you wouldnt want to send out a file with thousands of names and numbers anyway.
 

Goldstone1976

We Got Calde in!!
Helpful Moderator
NSC Licker Extraordinaire
Apr 30, 2013
13,754
Herts
thinking about it, it may be reasonable to consider the Credit Card number to be their information since they issue it. so conceivably they could issue an update say where customer is xyz (<- hashed version of the actual name) change number 123 to 456. because you wouldnt want to send out a file with thousands of names and numbers anyway.

Yes, possibly so. But I know for a fact that they sent the expiry date. When I updated my Uber account today, I also had to update the cvv number. Presumably, in order to have any use to Uber, JLFS would have also had to supply the new cvv to Uber too.
 

Audax

Boing boing boing...
Aug 3, 2015
2,906
Uckfield
thinking about it, it may be reasonable to consider the Credit Card number to be their information since they issue it. so conceivably they could issue an update say where customer is xyz (<- hashed version of the actual name) change number 123 to 456. because you wouldnt want to send out a file with thousands of names and numbers anyway.

Even that sounds dodgy to me. I certainly don't want my card details (even completely anonymised) being sent around between companies without my express permission. It's certainly not something I've ever encountered in the past, and I have my cards stored with a range of big-name companies. I've had, or currently have, HSBC, Nationwide, and Amex cards and none of those have ever been auto-updated when they've expired. I've always had to manually re-enter the details myself. At one point I even had two cards from the same account registered at Amazon: the old expired one that was completely useless, and the new replacement card that I'd had to enter manually because the old one had expired. Because I'm lazy it took me ages to go in and delete the old card myself.
 

beorhthelm

A. Virgo, Football Genius
Jul 21, 2003
35,237
Even that sounds dodgy to me. I certainly don't want my card details (even completely anonymised) being sent around between companies without my express permission. It's certainly not something I've ever encountered in the past, and I have my cards stored with a range of big-name companies. ...

wasnt saying it happens, speculating how it might be possible to achive without breaching data protection law. an awful lot of anonymised data about us is sent between companies without our permission or any awareness it even occurs.
 


Audax

Boing boing boing...
Aug 3, 2015
2,906
Uckfield
wasnt saying it happens, speculating how it might be possible to achive without breaching data protection law. an awful lot of anonymised data about us is sent between companies without our permission or any awareness it even occurs.

Didn't think you were, was just commenting on the idea itself. Bring on GDPR (as much as it's going to make my own job a ballache for the next year or so making sure we're fully compliant and doing so in a way that doesn't get confusing for our members).
 

Springal

Well-known member
Feb 12, 2005
23,682
GOSBTS
So I didn’t get this but have just experienced it. My ex had my card on her Uber and despite me cancelling most my cards when we split to avoid this - she’s still been able to use my ‘old’ card details saved on her account!
 

Albion and Premier League latest from Sky Sports

Paying the bills

Latest Discussions

Paying the bills

Paying the bills

Paying the bills


Top
Link Here