Journalist Demands Google Give Up Its 'Fair... >>
<< Google To Newspapers: Here, Let Me Introduce...
 tdicon 

(Mis)Uses of Technology

by Mike Masnick

Thu, Jul 16th 2009 9:40am


Filed Under:
charges, debit card

Companies:
visa



Visa Accidentally Charges People $23 Quadrillion

from the yes,-that's-a-real-number dept

I saw a couple of days ago on Consumerist that a teen had apparently discovered a debit of $23,148,855,308,184,500.00 on her debit card for a purchase at the local drug store. That's $23 quadrillion -- or 2,000 times the national debt. CNN is now reporting that a bunch of folks were hit with this charge (the identical number). Most are also dealing with insufficient funds charges. Visa, not surprisingly, is apologetic, promising to sort things out and agreeing to get rid of any excess charges due to this. However, it does make you wonder... shouldn't Visa's debit cards have some sort of "reality check" included?
46 Comments | Leave a Comment

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    TheStupidOne, 16 Jul 2009 @ 9:59am

    The plan

    was to charge a few people that amount in hopes that one person wouldn't notice the charge and actually pay it. They just forgot that there isn't that much real money in the world.

    reply to this | link to this | view in chronology ]

  • identicon
    C.T., 16 Jul 2009 @ 10:08am

    Reminds me of when I got my cell phone statement and it indicated I owed ~$45,000 for the month. Apparently Sprint is notorious for sending out incorrect statements. Good thing I didn't have that bill set to auto-deduct from my checking account.

    reply to this | link to this | view in chronology ]

  • icon
    Dark Helmet (profile), 16 Jul 2009 @ 10:08am

    Easy Fix

    Seems like there should be a fairly easy to write threshhold script in place to avoid this kind of thing.

    reply to this | link to this | view in chronology ]

  • identicon
    DrPiper, 16 Jul 2009 @ 10:22am

    How about setting a database field size limit to the amount due field.

    reply to this | link to this | view in chronology ]

  • icon
    Shawn (profile), 16 Jul 2009 @ 10:25am

    or I dunno not allowing any charge over a billion or so go through to the issuing bank?

    reply to this | link to this | view in chronology ]

  • identicon
    Ilfar, 16 Jul 2009 @ 10:27am

    On the flip side...

    Well on the other side of the equation, you have to admire them for building their system to handle values well beyond what anyone would ever expect them to handle. Now that's future-proofing! ;)

    reply to this | link to this | view in chronology ]

    • icon
      Brian (profile), 16 Jul 2009 @ 10:34am

      Re: On the flip side...

      Wait until inflation gives us a massive reality smack down. The future isn't as far away as you think ;)

      reply to this | link to this | view in chronology ]

      • icon
        ChrisB (profile), 16 Jul 2009 @ 11:28am

        Re: Re: On the flip side...

        Given the amount of money that was destroyed when the housing bubble burst, that could be a long time. Deflation is more likely. Look at Japan, who are coming up their second "lost decade".

        reply to this | link to this | view in chronology ]

    • identicon
      SumDumGuy, 16 Jul 2009 @ 1:56pm

      Re: On the flip side...

      At Visa, we are fully prepared for decades of hyper-inflation...

      reply to this | link to this | view in chronology ]

  • icon
    btr1701 (profile), 16 Jul 2009 @ 10:29am

    Sad

    What’s really disturbing about this is that a number that large is only 2000 times the national debt.

    reply to this | link to this | view in chronology ]

  • icon
    RedSpdr (profile), 16 Jul 2009 @ 10:30am

    LOLZ

    Nah man, is just that some one found the debit card Dr. Evil used in Austin Powers.....XD

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Jul 2009 @ 10:31am

    CC companies can garnish wages and take you to court and stop you from buying a house under the right circumstances. But when they make a mistake (a pretty fucking big mistake at that excuse the french) they just have to apologize and take what they over charged away, I feel that they should be responsible for added compensation whether its additional monies, or a $20 gas card, something to try and prevent future mistakes like this from happening. Plus its good business...oh wait they don't need a good business model cause everyone needs them I forgot

    reply to this | link to this | view in chronology ]

  • identicon
    Gyroc, 16 Jul 2009 @ 10:31am

    CC companies can garnish wages and take you to court and stop you from buying a house under the right circumstances. But when they make a mistake (a pretty fucking big mistake at that excuse the french) they just have to apologize and take what they over charged away, I feel that they should be responsible for added compensation whether its additional monies, or a $20 gas card, something to try and prevent future mistakes like this from happening. Plus its good business...oh wait they don't need a good business model cause everyone needs them I forgot.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Jul 2009 @ 10:35am

    Someone accidentally bought Europe on their credit card.

    reply to this | link to this | view in chronology ]

  • identicon
    reality sinks in, 16 Jul 2009 @ 10:45am

    Looks more like someone entered the credit card number in the Charge amount field.

    Imagine the interest charges for one month @ 12%

    reply to this | link to this | view in chronology ]

  • identicon
    pegr, 16 Jul 2009 @ 10:47am

    Obviously a data conversion error...

    The processor submits the batch to Visa, let's say. The file spec says "pad the digits on the left with nulls", but the programmer pads it with spaces. Null in hex is "00", but a space in hex is "20". Now a five dollar transaction, instead of this: "000000000000500" now looks like: "202020202020500"... Whoopsie!

    (Yes, I know I didn't convert the $5 to hex, it's just an example...)

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 Jul 2009 @ 11:31am

      Re: Obviously a data conversion error...

      http://stackoverflow.com/questions/1133581/is-23-148-855-308-184-500-a-magic-number-or-sheer-chance

      reply to this | link to this | view in chronology ]

      • icon
        Xanthir, FCD (profile), 17 Jul 2009 @ 7:42am

        Re: Re: Obviously a data conversion error...

        http://stackoverflow.com/questions/1133581/is-23-148-855-308-184-500-a-magic-number-or-sheer-chance

        A comment there brings up an excellent point. All of the charges we're seeing are the *same* value, 0x2020202020201250. After you remove the padding spaces that were put there you're left with 0x1250, which is 4688 in decimal. Since these amounts are always sent in cents, that corresponds to a $46.88 charge. There's no way that all of the customers I've seen (and the 13k supposedly affected, if we assume that they all have the same amount as well) purchased the exact same value of items. One guy bought a pack of cigs and incurred the charge, which is simply impossible to reach $46.88 with.

        This is pretty clearly not *just* a padding issue. There's a genuine bug behind this, or perhaps a hack attempt. This does sort of smell like a buffer overflow exploit...

        reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 Jul 2009 @ 1:11pm

      Re: Obviously a data conversion error...

      I think you nailed it. Time to fire the software QA folks and get some that know what they are doing. Software Engineers makes these kinds of mistakes all the time, testing should find them. This one should have been really obvious. Did they test thier code before putting into production? And, how did that transaction get approved by the bank? Some system, nice work Visa.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 16 Jul 2009 @ 5:48pm

        Re: Re: Obviously a data conversion error...

        Time to fire the software QA folks and get some that know what they are doing. Software Engineers makes these kinds of mistakes all the time, testing should find them. This one should have been really obvious.

        But..but..but.. better people cost more!

        reply to this | link to this | view in chronology ]

    • identicon
      Techflaws.org, 17 Jul 2009 @ 3:58am

      http://it.slashdot.org/article.pl?sid=09/07/15/2050215

      So much for reality check.

      reply to this | link to this | view in chronology ]

  • identicon
    Hidden Force, 16 Jul 2009 @ 10:53am

    (*Dr. Evil voice*) $23 Quadrillion Dollars

    I tried to calculate how much this charge is compared to all the money in the world. Although it's difficult to find an estimate of the total amount of money in the world, the CIA Factbook says that the estimated Gross World Product is $62.25 trillion (in USD). Therefore this charge is a "mere" 371.869 times larger than the entire GWP.

    reply to this | link to this | view in chronology ]

  • identicon
    Haywood, 16 Jul 2009 @ 11:01am

    Now they can fund national health

    The taxes on that one transaction should fund it for years.

    reply to this | link to this | view in chronology ]

  • icon
    kevjohn (profile), 16 Jul 2009 @ 11:02am

    Not Visa's fault!

    It's the consumers' fault for not having that much in their accounts to cover the $23 quad. If they did that then they wouldn't have to worry about the overdraft fees. Pay up, losers.

    reply to this | link to this | view in chronology ]

  • icon
    Hosermage (profile), 16 Jul 2009 @ 11:10am

    What they didn't tell you in the story was that the minimum monthly payment for all that was $10.00. We hope you'll pay the 20% interest next month.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Jul 2009 @ 11:12am

    I asked the same question...

    About 3 years ago my debit card was charged $9,910. It turned out to be a mistake from a company that was supposed to charge me $99.10. I was hit with overage charges and it took over a week to resolve with the banks and company involved.

    A few weeks after that incident, I used a credit card (not debit) to buy gas about 50 miles from my house. I immediately received a call from the credit card company alerting me to unusual behavior.

    After that, I asked the same question: Why don't debit cards have the same 'check' protection that credit cards have?

    reply to this | link to this | view in chronology ]

  • identicon
    Grey Ferret, 16 Jul 2009 @ 11:44am

    Remeber Y2K anyone?

    Let's limit the field size of the Year to only 2 digits. Made sense at the time. After all, the year 2000 was only imagined in Sci-Fi, not reality.

    Basically the same situation here if you impose a modern day limit on a system that could end up being used well into the future.

    reply to this | link to this | view in chronology ]

    • icon
      btr1701 (profile), 16 Jul 2009 @ 12:33pm

      Re: Remember Y2K anyone?

      > Basically the same situation here if you impose
      > a modern day limit on a system that could end
      > up being used well into the future.

      You don't have to limit the amount of characters allowed in the field, just put in a simple line of code that blocks any transaction over a certain amount. If that needs to be changed in the future, it would be a simple thing to go back in and eliminate that line of code and free up the block.

      reply to this | link to this | view in chronology ]

  • icon
    Danny (profile), 16 Jul 2009 @ 1:22pm

    where I thought this story was going

    I expected the punch line to the story to be...

    "So the Visa representative asked the customer to simply pay the $23 quadrillion and it would be credited back to her account next month."

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 Jul 2009 @ 5:52pm

      Re: where I thought this story was going

      Actually, I've read some other accounts of people's experiences with this and some of them report that they've had to go round and round arguing with Visa reps (who insisted it was a legitimate charge) to get this charge taken off their accounts.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Jul 2009 @ 1:30pm

    This is clearly a violation of the Patriot Act and Bank Secrecy Act...

    A company can only collect $10,000 per transaction. Visa should know better!

    reply to this | link to this | view in chronology ]

  • icon
    anymouse (profile), 16 Jul 2009 @ 2:15pm

    Are we following the money? Where's the rest of the story?

    I'm willing to accept that this 'could' just be a mistake, but has anyone looked closer at where the money is going? I'm not talking about the 23 quadrillion x however many customers were charged, but how much money VISA earned on the 'float' that would be involved in transactions of this size. My guess is that the interest earned by 'someone' on these funds over an hour or two would be more than most US families are likely to see in income in an entire year (including both spouses salaries and all their kids part time jobs).

    The term 'Gaming the system' comes to mind, and I have a feeling that 'someone' 'somewhere' knew exactly what they were doing when they caused this to happen. And yes, my tinfoil hat may be a little tight today (with the recession and all).

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Jul 2009 @ 3:28pm

    Reactionary much?

    Wow, you all are ridiculous. I would think that this site, which routinely calls out politicians and businessmen for grandstanding and demanding changes based on issues that, truly, are not that significant, would not stoop to this level.

    The error is obvious from the amount charged - the processor padded the amount with spaces instead of zeros, which when converted from hex resulted in an extraordinarily large number. As exciting as it may be to bluster about how many Libraries of Congresses or World GDPs the amount was, it's a simple data error. No one embezzled trillions of dollars of interest, no one was ever at risk of losing their home, and no we don't need a law requiring all credit card processing code to be kludged up with arbitrary limits that "we can just change later!"

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 Jul 2009 @ 7:38pm

      Re: Reactionary much?

      The error is obvious from the amount charged - the processor padded the amount with spaces instead of zeros, which when converted from hex resulted in an extraordinarily large number.

      Hmm, I wonder if *I* could get away with that. Cash a check for, say, $10000 on an account with only twenty bucks in it and when it bounced say "That '10000' was in binary!", i.e. really only $16? No, I suspect my butt would wind up in jail.

      reply to this | link to this | view in chronology ]

    • icon
      btr1701 (profile), 16 Jul 2009 @ 11:27pm

      Re: Reactionary much?

      > it's a simple data error... we don't need a law requiring all
      > credit card processing code to be kludged up with arbitrary
      > limits that "we can just change later!"

      We don't need a law-- and no ever suggested we need one. But it would seem prudent, especially when people suffer time and expense dealing with the fees and charges that typically come with these "simple data errors".

      If the companies' reps weren't so mindless and robotic and had the ability to use common sense in situations like this, rather than giving customers the run-around over something so obviously erroneous, then technical remedies wouldn't be necessary.

      As that is not the case, they are.

      reply to this | link to this | view in chronology ]

      • icon
        Xanthir, FCD (profile), 17 Jul 2009 @ 7:34am

        Re: Re: Reactionary much?

        If the companies' reps weren't so mindless and robotic and had the ability to use common sense in situations like this, rather than giving customers the run-around over something so obviously erroneous, then technical remedies wouldn't be necessary.

        That'd be the issue. Visa should have had technological safeguards against charges this high in the first place, and then reps should have been sufficiently trained that they can decide by themselves that a multi-quadrillion dollar charge is obviously wrong.

        reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Jul 2009 @ 7:10pm

    Not just Visa, but Bank of America for this gaff. The same BofA who decided, without asking, to do a merge of accounts that looked similar binding my card in Pennsylvania to my estranged spouse's in California so I could not access the information about it online, but he could.
    Their system was so well done that we couldn't unentangle my account from his after the merge, and after countless contacts with customer service which included several expensive long distance conference calls, I had to abandon 24 years of perfect credit history on that card and apply for a new one. So now I have a canceled card on my record, a lower charge limit, and a new card, all lowering my credit rating.
    Good thing I could trust my spouse. How horrible would it have been for all that data to be made available to someone who might have been an unscrupulous enemy?

    reply to this | link to this | view in chronology ]

  • icon
    John85851 (profile), 17 Jul 2009 @ 12:33pm

    Apologies?

    How come VISA and the banks just give a curt apology and act as if we're talking about wanting a $10 service charge? This is a *quadrillion* dollars! Does any banker anywhere really seriously think anyone can charge this much? And if so, who in the world has that kind of a credit line? I don't think Oprah or Bill Gates could spend that kind of money... okay, maybe if they bought the entire planet, but who would they buy it from? ;)

    Seriously, though, why isn't there more of an apology from the banks? Did someone get fired? Did the entire accounting department get fired? Did the bank give anything back to the people who were charged this amount, like maybe free premium-level services for a few years?

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Journalist Demands Google Give Up Its 'Fair... >>
<< Google To Newspapers: Here, Let Me Introduce...
 tdicon 
Follow Techdirt
Special Affiliate Offer

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories

Thursday

06:25 Marsha Blackburn Wants ISPs To Sell 'Fast Lanes' Like 'TSA Pre-Check' (1)
03:23 Hollywood Front Groups Decide To Kick Facebook While It's Down, Advocate For More Internet Regulations (1)

Wednesday

19:45 State Trooper Facing Murder Charges After Tasing A Teen Riding An ATV (25)
15:30 Turns Out Lots Of People Want To Play The CIA's Card Game (8)
13:30 Techdirt Podcast Episode 164: Getting News Without Social Media (8)
11:55 State Appeals Court Upholds Criminal Conviction For Twitter Harassment Targeting An Autistic Student (26)
10:42 Comcast-Owned MSNBC Blasted For 8 Minute 'News' Love Letter to Comcast (23)
10:37 Daily Deal: The Complete Six Sigma Training Bundle (0)
09:33 Could The DOJ Be Violating SESTA/FOSTA? (29)
06:29 No, Net Neutrality Isn't Officially Dead (Yet), And The FCC Is Stalling For A Reason (20)
More arrow
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.