Bamboozled: Security can be a big hassle

??????????????????Like you, I’m a consumer.

And like you, I encounter consumer problems.

My job gives me broad access to the problem fix-it people at all kinds of companies, but I never use those resources, which aren’t available to everyday consumers, to solve my own consumer problems.

I attack my own consumer problems just like you do.

Last week I had an ugly experience with a Bank of America credit card while trying to make a purchase at HomeDepot.com.

It was incredibly frustrating, and I bet what’s happened to me has happened to you. Or, it could happen to you.

I added a bunch of items to my shopping cart at HomeDepot.com, and then I entered my Bank of America credit card information.

The first attempt was declined because of a type-o with the expiration date on the card. After a second try, the charge went through, but shortly after, I received an email from Bank of America.

“Security Alert: Unusual Credit Card Activity Detected,” said the subject line.

The email said Bank of America detected unusual activity on my credit card. It asked me to go online or call the 800 number to verify the activity, otherwise it would place “certain limitations” on the card.

“Certain limitations” meant the account would be frozen, which is what I learned when I called the 800 number.

At first, I was pleased. Bank of America was looking out for me, a customer, to make sure there was no fraud on my account.

That pleasant feeling didn’t last very long.

I explained to the rep that the purchase was valid. He then said the charge was declined because HomeDepot.com placed two separate $1 test charges before it tried the larger charge.

Now, I know these temporary charges, known as pre-authorizations, are common. Gas stations, hotels and restaurants use them all the time to make sure a card is active. Also, because those types of merchants don’t necessarily know the total bill until the transaction is completed, the pre-authorization serves to make sure a customer isn’t charging up a storm that can’t be paid for.

I wasn’t expecting a test charge from a retailer like HomeDepot.com, but I accepted the bank rep’s explanation.

He unfroze the card, and I notified him that I would be placing the HomeDepot.com purchase again, once we hung up the phone.

I was specific because I wanted to make sure the charge would go through.

After I hung up, I called HomeDepot.com. I explained what happened, that I wanted to rerun the order, and I asked if it could not place those test charges — just in case it would alert Bank of America’s fraud department again.

The rep said the test charges were automatic, but he stayed on the line with me while the transaction was processed.

And it was declined again.

So again, I called Bank of America. I explained the problem to a very polite rep, who confirmed the charge was declined because of the test charge and he unfroze the card.

I then asked for a supervisor, and confirmed the rep had my callback number in case we were disconnected.

glassesThe rep put me on hold, coming back occasionally to say he was waiting for the supervisor to become available.

I was willing to wait.

It took 30 minutes — it was nearing midnight on a Friday night — and “Victoria” came on the line.

“I know this isn’t your fault, but I’m frustrated so please forgive me in advance if I sound annoyed,” I said, launching into my tale.

Midway through my polite mini-rant, the call was disconnected.

Really?

Not ready to give up, I called again.

A new rep listened to my story, apologized profusely and confirmed he had my callback number.

Then he put me on hold to find a supervisor.

During my 35 minute wait, I pulled out a credit card from a different bank and again tried to make the purchase at HomeDepot.com. Within minutes, I received an email from bank No. 2, asking me to verify the charge.

I guess those test charges look suspicious to everyone.

I clicked on the email to confirm the purchase. It went through, and I continued to wait on hold with Bank of America.

Finally, supervisor “Nick” came on the line.

I again gave my callback number in case we were disconnected, apologized in advance in case I got a little testy, and I launched into my story.

In about a minute — yes, you guessed it. I was disconnected.

And I was livid.

LOOKING FOR EXPLANATIONS

This is where I used my access to the fix-it guys.

I didn’t need anything to be fixed anymore — my card was unfrozen and I completed the purchase with another bank’s credit card — but I did want to understand what went wrong and I wanted to share it with my readers.

If it happened to me, it could happen to you, so I asked both companies for an explanation.

HomeDepot.com responded first.

The test charge happens to help prevent user entry errors before the order is accepted, spokesman Matt Harrigan said.

HomeDepot.com went back to view the transactions, and it said the first authorization failed because of an incorrect entry. He’s right. I accidentally typed the wrong expiration date the first time around.

“This was corrected and the second $1 authorization transaction passed,” he said. “However, your bank declined the transaction.”

On the third attempt, Harrigan said, the $1 authorization transaction passed again on the HomeDepot.com side, but the bank declined the transaction.

Then we heard back from Bank of America.

Bank of America has programs to monitor for suspicious transactions, but it doesn’t share information about its monitoring programs for security reasons, spokeswoman Betty Riess said.

“Our objective is to protect our customers,” she said. “We’re always listening to customer feedback, but the worst thing we can do is allow a customer to be a victim of fraud.”

In my case, Reiss said, I did the right thing by calling Bank of America to explain it was a valid transaction.

“The transaction should have gone through once you alerted us, so we apologize for the experience you had,” she said.

Then I asked why, after getting cut off from two separate conversations with supervisors, no one called me back.

“I couldn’t say what happened,” Reiss said. “But you did the right thing. And once you called and verified that this was a legitimate transaction, the transaction should have gone through.”

Okay, so I did the right thing, but my transaction didn’t go through.

Dear readers, let my experience serve as a lesson for you.

Even if you, the consumer, do everything right, sometimes transactions can go wrong. Hopefully you can find a workaround, like I did by using a different credit card, should this happen to you.

The big picture here is that our use of credit cards and online shopping means there’s a trade-off between a big hassle and improved security. I would tend to lean towards improved security, but it’s not that simple.

Let’s say, hypothetically, that someone stole my card number and it was used for a fraudulent transaction.

I wouldn’t be held responsible for the charges as long as I reported the transaction on “a timely basis,” Reiss said.

To Bank of America, “a timely basis” is usually 60 days, she said.

Under the Fair Credit Billing Act (FCBA) if your credit card is used for unauthorized charges or is stolen, you won’t be on the hook for more than $50. If you report the fraud before the card company actually pays the crooks, your liability is zero.

So the bank’s hyper-vigilant security, in this case, really protected the bank more than it protected me.

It bounced the transaction, and all I got was a headache.

Has this happened to you? Tell us your story in the comments section below.

Have you been Bamboozled? Reach Karin Price Mueller at Bamboozled@NJAdvanceMedia.com. Follow her on Twitter @KPMueller. Find Bamboozled on Facebook. Mueller is also the founder of NJMoneyHelp.com.