A partial review of the latest "Fake Britain" programme concerning phantom cash withdrawals together with some background to this problem which the banks continue to claim doesn't actually exist.
Phantom transactions on bank cards – from ATMs , cyber-space or the real world – are anything but new. The August 30, 1985 edition of the London Times reported a number of cases “which showed up on computer records at times when customers claimed they had taken no money out.” With the passage of time though, there have not only been more and more substantiated cases of phantom withdrawals but an increasing number of proven ways in which money has been withdrawn from people’s accounts, including skimming at ATMs and actual cloning of cards.
In today’s episode of Fake Britain, the irrepressible Dominic Littlewood investigates an unusual case. Although he and his team come to no firm conclusion, it is clear that in future we in the UK – and of course worldwide – will be seeing more and more of this sort of apparently inexplicable withdrawal.
The victim who prompted this investigation was an elderly gent from Bristol named Stanley Tinklin who had banked with Lloyds for 79 (seventy-nine!) years. Until September last year, when according to his bank statement, someone had withdrawn £500 in cash from a local ATM.
Not only had he not made this withdrawal but he said he had never used an ATM in his life! On August 27, the day the money was withdrawn, Mr Tinklin was on his allotment all day, and his bank card locked in a drawer in his bedroom. After contacting his local branch, he was told to get in touch with the bank’s fraud team, who accused him or his wife or his family of being involved in the withdrawal.
As in all such cases, the bank refused to admit their supposedly impregnable security had been bypassed, and told their rightly disgruntled customer that they would not reimburse him one penny.
In June 2009, the consumer watchdog, Which? reported that one in five victims of such fraud failed to get their money back. Even the Financial Ombudsman appears to have taken the view that Personal Identification Numbers and now the new chip and PIN are infallible, with the clear inference that anyone who claims otherwise is either dishonest or careless. As Fake Britain demonstrated though, this is not necessarily the case.
An official photograph of the consumer champion.
Consumer champion Dominic Littlewood in relaxed pose.
Dominic Littlewood and his team went to Cambridge where they were shown a device by Steven Murdoch of the world famous University’s computer laboratory, which was able to bypass a card’s PIN. This device was tested in a local bookshop; after waylaying a customer, Littlewood purchased a book using the customer’s card but keying in a random four digit number. The device tricked the shop’s card reader into believing the correct PIN had been entered. According to Dr Murdoch, the bank’s records would show incorrectly that the customer had indeed made a purchase, but there was worse to come, because the Cambridge academic and his team have found another way the card user can be cheated, this time by a shop. This appears to be a much simpler kind of fraud; if for example the card holder makes a purchase for £5.00, the machine displays £5.00 and prints out a slip for that amount, but actually processes a larger amount, and as Dr Murdoch said, the first thing the customer hears about this is when he receives his next bank statement.
The big question though is, are these devices actually in use now? Another Cambridge academic, Professor Ross Anderson, told Fake Britain: “There are definitely signs that something like [that] is out there...what precisely the criminals’ machine looks like we won’t know until the police catch them with one...but it wouldn’t surprise me at all if sometime in the next few months we saw somebody being arrested with a machine substantially like ours.”
Perhaps fearing adverse publicity, Lloyds refunded Mr Tinklin the money stolen from his account, but when asked for an explanation, the Bank continued to insist its chip and PIN was fraud proof, and said the refund was a goodwill gesture.
Again, this is nothing new, another Times article, from nearly twenty years ago (in the October 12, 1991 Weekend Money supplement) revealed that banks were secretly reimbursing the victims of phantom withdrawals, but “Many thousands more are refused any payment and are made to feel that they, their families, or work colleagues are thieves.” As with the recent case of Stanley Tinklin “The banks have never admitted publicly that phantom withdrawals can happen. They say the payments are to keep the goodwill of customers.”
If two decades and more of thoroughly documented cases coupled with hard empirical evidence as supplied by Cambridge University are not sufficient to convince the banks that something untoward is going on here, perhaps it is time for the government to step in?
There is, perhaps unsurprisingly, a website dedicated entirely to phantom withdrawals; one suspects that its relatively modest list of confirmed cases could be expanded considerably if the banks were to come clean about the true scale of the problem, but in view of the way one major high street bank treated probably its longest serving customer, that would surely be asking too much.
This edition of Fake Britain can be found here; grab it while you can, if you can, or watch out for it on YouTube.