Q: Our agency still receives airline debit memos for credit card chargebacks when we are defrauded by callers using unauthorized or phony credit cards. I understand that the only guaranteed way to avoid having to pay these debit memos is to obtain a card imprint and original signature on a charge form and to follow the verification steps in Section 8 of the ARC Agents Handbook. As you know, following these procedures is infeasible or impossible most of the time. What is realistically the best way to avoid getting these debit memos yet still conduct business by phone and email? Why don't the Expedias of the world have to pay these debit memos? Is there a blacklist of habitual defrauders that we can access? For travel that has not yet taken place, don't the airlines have a legal responsibility to cancel the reservations for future travel once we report the fraud?
A: Many agencies erroneously blame ARC's rules for having to pay these debit memos, but those rules merely reflect the credit card companies' own requirements. In fact, ARC has provided helpful guidance in the form of tips to prevent chargebacks.
You can download ARC's "Credit Card Acceptance and Chargeback Prevention Tips for Travel Agents." To find the document, go to www.arccorp.com and search under "chargeback tips." The section called "Red Flag Checklist" lists no less than 17 factors that alone or in combination should alert your frontline agents to potential fraud, including these:
- Agents are contacted for the first time via ... TTY service (for the hearing impaired).
- Several tickets are purchased with different routings, travel dates and passenger last names using a single credit card.
- "Customer" may use a religious title (e.g., Pastor Robert) or a religious premise (Missionaries to Africa) or other socially respected profession, e.g., doctors, to establish credibility.
- "Customer" uses airport codes in their emails, i.e., asking for tickets from ACC to LHR rather than Accra to London.
- Email address is from a free service (Yahoo, Hotmail, Gmail, etc.).
Of course, these red flags do not necessarily mean that someone is attempting credit card fraud, but they are probably enough to cause prudent agents either to make sure that most or all steps in the handbook are followed or to refuse to issue the ticket.
The major online agencies have to obey the same credit card processing rules that you do. Since they never obtain original signatures and imprints, they are always at risk of getting airline debit memos. Although they claim to have software designed to detect suspected fraud, they still set aside a multimillion-dollar reserve each year to pay debit memos.
There is no blacklist of customers who have tried or have gotten away with such fraud. If you were to start one, you could probably make money selling your database to other agencies, but you would no doubt have to defend yourself from defamation suits, even if frivolous.
Nothing in the law or any agreement requires airlines to cancel or refuse to board travelers that have defrauded agencies after you report a fraud. Although the carriers certainly could do so if they so chose, they will lack any incentive to do so as long as travel agencies are their de facto insurance companies.
Mark Pestronk is a Washington-based lawyer specializing in travel law. To submit a question for Legal Briefs, email him at [email protected].