My web hosting service renewed my subscription by charging my bank account through an expired debit card. Why do banks give payment processors such power? It’s ridiculous!
My leverage has always been to leave expired cards on file when I find it difficult to cancel a subscription. It's crazy that they can get around it.
The business is using a card account updater. All of the card networks offer this service and most issuing banks participate.
This is an extremely popular feature with both consumers and merchants as most of the time card payment changes (card reissues, expiration etc) causes unwanted disruption. You happen to be in the minority who dislike it.
Your issuing banks is who you need to take this up with, the payment processor is acting on their behalf in this case.
I did reach out to the bank. My issues is they didn't give me the option to opt into this. I should have a choice! Their rep said even the folks at the bank location can't uncheck the box that opts me out of it.
The reality is I won't dislike it if I knew about it beforehand but I didnt.
They went on to list a lengthy process for what I should do just so it doesn't happen in the future. Not ideal.
This is commonplace. Banks allow it to avoid subscriptions failing where the customer hasn't updated their card. Merchants may also be able to get the updated card details from the bank.
What you can do instead is get an account that lets you create virtual credit cards that you can later cancel and destroy. This should prevent any future charges going through.
> create virtual credit cards
I was forced into this behavior by Google Pay/Wallet, and I found it extremely precarious.
With one of those virtual cards I purchased an item at a high cost, and unfortunately I had to go through a cycle of factory reset and reload everything to my phone. This necessarily wiped the "virtual cards" stored there.
Thereafter, I went back to the merchant for a refund, and we found that a credit to the "original card" was impossible because I "no longer possessed" the original card! I was rather infuriated that it would be this easy, but Google assured me there's no error and this is how it works. Google claims that they're protecting our privacy, but I basically did not ask to be enrolled in these virtual cards and, when we trust the card processors, this is a disadvantage and honestly, kind of insulting to our relationship.
This glitch cost me a long, long time as I needed to wait for a paper check to issue in the mail. Therefore, I would urge caution and being fully-informed of the corner cases, before anyone tries to use a virtual card for any serious transactions.
Have never had any of those issues with refunds or reversals using privacy[dot]com virtual cards, fwiw
Well, the trouble lay in the fact that the virtual card[s] were tied to the Android device, and when I was forced to factory-reset it, the cards went along with that. If I had not had catastrophic system trouble then it would not have been noticed (and I would've been less wary).
If your virtual card is not contingent on something like that, I'd say it's more robust. If the only way your virtual cards get destroyed is your say-so, then that's fine. But if they are, by design, ephemeral, I would say that is a different design goal, and while using an ephemeral card to pay for food or gas may be just fine, paying for a pair of glasses or other durable thing, and then expecting a refund much later on, that's perhaps risky and should be avoided where possible.
The whole point of a financial account is its stability, so that we're able to account for transactions over time. I understand that a credit/debit card is, by nature, more ephemeral than most accounts, even having an expiration date, but it infuriated me that Google sort of mandated these "virtual card numbers" and imposed them on every account I loaded into Google Wallet, rather than asking me if I needed protection or not. In an environment where I trust those vendors where I'm doing business, it only hurts both of us to virtualize those account numbers, and invalidate them at the drop of a hat!
Some merchants are more adept at this than others. I had a Wordpress plugin (Elementor Pro) manage to charge me despite an expired card to my fury. While another SaaS (Webflow) couldn't manage the same while trying to charge the expired card 5 times (and mailing 20 times).
When some of my banks issue a new card in case of loss, they keep either the same numbers (except for the expiry date or verification code) or do slight changes (last 4 numbers)
Subscriptions linked to any of these cards fail to renew, so it seems this works differently from renewed cards you receive when the original is expired or about to expire.
Maybe this is just how banks treat cards in my country, but have you seen this work elsewhere?
interesting! Where are you from?
Chile, so I'm curious whether this is a local oddity or can be replicated elsewhere.
Weird. What is the expiration date for, then?
The expiration date is a few extra digits that help validate the card. They might not let a new charge go through with an expired card (or they might), but a recurring charge is handled differently. Expecting that a service provider will cancel an account just because the card on file doesn't work is a great way to get a large unexpected bill in the mail.
that was my thinking exactly!
I set my card balance to zero.
Interesting. How does one do that?
You can have a dedicated account for your card, in theory you can create an account per valid card and cancel it afterwards or at least nullify it
I think this only work for expense management systems like mercury and brex?
Ah. Does that work only for debit cards or for credit cards too?