Many gift cards look like credit cards, but the resemblance is superficial. Credit cards are backed by banks, and federal law limits consumers’ liability in the event of fraud.
Gift cards have PINs that activate them. Anyone who comes in possession of that number can spend whatever money is on the card.
In recent days, complaints have rolled in about Vanilla Visa Prepaid cards, which are mostly sold through convenience stores. As we previously reported, a number of consumers across the country have purchased these cards, only to find they are either unusable or there is no money on them when they are activated.
Cybersecurity expert weighs in
ConsumerAffairs asked Dominic Chorafakis, a cybersecurity expert at Akouto, to review the complaints and give us his opinion about the source of the trouble that some consumers are reporting.
“While it is impossible to be certain without a thorough investigation, my impression from reading various complaints is that the issue isn’t a result of a single system hack but rather the result of the inherent risk with prepaid credit cards coupled in this case with what appears to be a lack of customer service and accountability on the part of the vendor,” Chorafakis told ConsumerAffairs.
This same risk, he says, can apply to any gift card because they are vulnerable to theft. He notes that there are several points in the supply chain where a card may become compromised.
“If funds were missing before the card was ever used, then the compromise could have occurred anywhere between the factory floor where the card was manufactured, and the retail store where it was sold,” he said. "If funds went missing during or after card activation, it could be that information was stolen from the end user’s computer, if the computer is infected with malware, or it could have been stolen from a merchant’s website."
For example, Chorafakis says there is an international criminal group known as Magecart that has been behind some high-profile hacks of payment networks used by online merchants. The group has allegedly used those hacks to steal debit and credit card information. Gift cards, Chorafakis says, are even more vulnerable to theft.
“Depending on where in the supply chain the compromise occurred, the customer will experience the loss slightly differently,” Chorafakis said. “This seems to be the case based on the various reviews, which leads me to believe it is not a single system hack that is behind the issue but rather a collection of different issues exacerbated by poor customer service.”
In the end, Chorafakis says gift cards present consumers with a case of “buyer beware.” When fraud occurs, many people who purchased these cards feel like they have been left to take the loss.
The Federal Trade Commission has issued advice for consumers considering the purchase of a gift card. It includes only buying from brands and stores you know and trust and making sure the cards have not been tampered with to reveal the PIN. A final point, the agency says, is to hang onto the receipt, even if the card is being given as a gift.