This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Click and collect – how rigorous are ID checks? Victim of ID fraud needs some answers

Anonymous
Not applicable

on ‎14-05-2016 18:04

on ‎14-05-2016 18:04

Hello,

 

I recently found out that I have been the victim of identity theft and fraud.

 

Somebody has set up two fraudulent O2 accounts in my name – a fact I only became aware of last week when I received 4 default notice letters for unpaid bills.

 

O2's fraud team are investingating, and have been predictably rubbish in their response and the way they've treated me so far (but we won't go into that now).

 

They have established that the accounts were set up online, using the 'click and collect' service. They also know which store the fraudsters picked up the phones from.

 

What I want to know is: what kind of security checks would O2 have carried out? Would they have asked for ID? If so, what kind would (and should) they have accepted?

 

Naturally, I want to know exactly what details or ID the fraudsters used to impersonate me, as it'll give me a much better idea of how the identity theft happened in the first place.

 

More than that, I want to know that O2 did everything they should have done when setting up the accounts. And if I find out that they did not carry out all the necessary checks, I will of course want to take the case further... whatever that involves.

 

Any insight or personal experiences of this kind of thing will be most welcome. Also, if you know what kind of options I have if O2 do turn out to have been negligent, I would very much like to hear them.

 

Thank you

 

 

Message 1 of 33
6,278 Views
0 Kudos
32 REPLIES 32

PhoneDoc
Level 14: Rising star 
  • 278 Posts
  • 7 Topics
  • 21 Solutions
Registered:

‎14-05-2016 21:15 - edited ‎14-05-2016 21:30

‎14-05-2016 21:15 - edited ‎14-05-2016 21:30

Sorry to hear about what you're going through @Anonymous.

To add a new connection to an existing O2 account, DPA needs to be passed, which would be logging in with your details online or answering security questions with an advisor. Opening an entirely new O2 account would require valid bank details and a credit/debit card that would be checked to verify the owner. 

To collect the phone in store, a 4 digit confirmation code sent to the account holder (via text or email) would be required. In lieu of this, government ID or a debit/credit card would be necessary. 

Hope everything's resolved for you as quickly as possible.

Message 11 of 33
2,621 Views
0 Kudos

Anonymous
Not applicable
In response to PhoneDoc

on ‎14-05-2016 22:34

on ‎14-05-2016 22:34

Thanks @PhoneDoc

 

If the phones were ordered from my existing account, presumably I would be able to see them in my order history. There's nothing there, so I suspect two new accounts were opened.

 

If what you say is correct, those security steps seem woefully inadequate. It basically means that you can open an account or buy a phone in anyone's name, as long as you have their address, date of birth and any mobile number.

 

Message 12 of 33
2,594 Views
0 Kudos

Curr946
Level 26: Upbeat
In response to Anonymous
  • 2174 Posts
  • 133 Topics
  • 44 Solutions
Registered:

on ‎14-05-2016 23:36

on ‎14-05-2016 23:36

Well no, because a valid credit or debit card in your name. Or some form of I'd, isn't impossible but your average joe couldn't pull it off
Current Phone: Sony Xperia XZ Premium
Message 13 of 33
2,584 Views
0 Kudos

PhoneDoc
Level 14: Rising star 
  • 278 Posts
  • 7 Topics
  • 21 Solutions
Registered:

on ‎15-05-2016 08:56

on ‎15-05-2016 08:56

As @Curr946 mentions, you would indeed need valid bank details and a matching credit or debit card. An ID check is carried out on the card. The fraud team will be able to advise what happened in this case and your steps going forward.
Hope this helps
Message 14 of 33
2,565 Views
0 Kudos

MI5
Level 94: Supreme
  • 151841 Posts
  • 650 Topics
  • 28845 Solutions
Registered:

on ‎15-05-2016 09:00

on ‎15-05-2016 09:00

All you need to collect in store is a copy of your confirmation email and the texted pin code.
All can be achieved by setting up a new account online using existing details and a new payg number.
Once a scammer has accessed your account they have everything they need.
I have no affiliation whatsoever with O2 or any subsidiary companies. Comments posted are entirely of my own opinion. This is not Customer Service so we are unable to help with account specific issues.
Please select the post that helped you best and mark as the solution. This helps other members in resolving their issues faster. Thank you.
Message 15 of 33
2,562 Views

viridis
Level 56: Guvnor
In response to PhoneDoc
  • 13536 Posts
  • 106 Topics
  • 309 Solutions
Registered:

on ‎15-05-2016 11:30

on ‎15-05-2016 11:30

@PhoneDoc wrote:
As @Curr946 mentions, you would indeed need valid bank details and a matching credit or debit card. An ID check is carried out on the card. The fraud team will be able to advise what happened in this case and your steps going forward.
Hope this helps

Tenner says it was a prepay debit card account, 

No checks and a named card and account in 5 days.

Message 16 of 33
2,536 Views

Anonymous
Not applicable
In response to viridis

‎15-05-2016 11:59 - edited ‎15-05-2016 12:00

‎15-05-2016 11:59 - edited ‎15-05-2016 12:00

@viridis Yes, that's the bit I don't get.

 

There has been no fraudulent activity on either of my bank accounts. It seems they used my name, address and personal details, and someone else's bank account.

 

Which makes it even more fishy. If they haven't used my bank account, and the name and address on the bank account they did use doesn't match my details, how can they possibly have passed the ID check?

Message 17 of 33
2,525 Views
0 Kudos

MI5
Level 94: Supreme
In response to Anonymous
  • 151841 Posts
  • 650 Topics
  • 28845 Solutions
Registered:

on ‎15-05-2016 12:18

on ‎15-05-2016 12:18

The fraudsters are relying on store staff to be more interested in a sale than checking ID.
I'm sure anyone with the intent to commit fraud on this level could talk their way out of any awkward questions.
I have no affiliation whatsoever with O2 or any subsidiary companies. Comments posted are entirely of my own opinion. This is not Customer Service so we are unable to help with account specific issues.
Please select the post that helped you best and mark as the solution. This helps other members in resolving their issues faster. Thank you.
Message 18 of 33
2,511 Views
0 Kudos

Anonymous
Not applicable
In response to MI5

on ‎15-05-2016 12:33

on ‎15-05-2016 12:33

Well, if that's true and O2 didn't carry out the necessary checks, I'm taking them to the cleaners.

Message 19 of 33
2,506 Views
0 Kudos

PhoneDoc
Level 14: Rising star 
In response to Anonymous
  • 278 Posts
  • 7 Topics
  • 21 Solutions
Registered:

‎15-05-2016 12:44 - edited ‎15-05-2016 12:52

‎15-05-2016 12:44 - edited ‎15-05-2016 12:52

That is pretty odd @Anonymous, I thought the issue involved the use of your bank details as well.

 

The Fraud Team will know a lot more about this than me, and they can correct us if I'm wrong, but I believe the ID check is done on the O2 account holder, rather than the bill payer. This involves supplying a debit or credit card that's analysed for fraud prior to acceptance (it's unlikely a prepaid card would be allowed to pass); it also ensures the card is registered to the same address that the O2 account holder has supplied.

 

For the vast majority of people, the O2 account holder and bill payer will be the same person. There are circumstances where it's allowed for a different person to pay bills other than the O2 account holder. For this reason, you can enter any bank account number, sort code and payee name, when signing up. The O2 account holder is still ultimately responsible for making sure payments are made (as long as they've knowingly agreed to the contract, that is). 

 

Checks are done to make sure it's a valid sort code and bank account number that's been supplied. Other than that, I'm not sure if any further verification is even possible when it comes to actual bank accounts; banks tend not to give out customer information very easily.

 

Hypothetically, a fraudster could do all of this if they had your personal details and the details of one of your payment cards. All of which could be gained from ordering online from an unscrupulous website, ordering on a legitimate website over an unsecure wifi connection, or with spyware in your computer. Or through other means.

 

That would just be my guess from the limited information we have at the moment. Hopefully the fraud team will soon be able to give you the specifics of what happened and what to do next.

 

Message 20 of 33
2,501 Views
0 Kudos
Top Kudoed Authors
View All
Top