Visa Accidentally Charges People $23 Quadrillion
from the yes,-that's-a-real-number dept
I saw a couple of days ago on Consumerist that a teen had apparently discovered a debit of $23,148,855,308,184,500.00 on her debit card for a purchase at the local drug store. That's $23 quadrillion -- or 2,000 times the national debt. CNN is now reporting that a bunch of folks were hit with this charge (the identical number). Most are also dealing with insufficient funds charges. Visa, not surprisingly, is apologetic, promising to sort things out and agreeing to get rid of any excess charges due to this. However, it does make you wonder... shouldn't Visa's debit cards have some sort of "reality check" included?
Reader Comments
Subscribe: RSS
View by: Time | Thread
The plan
[ reply to this | link to this | view in chronology ]
[ reply to this | link to this | view in chronology ]
Easy Fix
[ reply to this | link to this | view in chronology ]
Re: Easy Fix
[ reply to this | link to this | view in chronology ]
Re: Re: Easy Fix
[ reply to this | link to this | view in chronology ]
Re: Re: Re: Easy Fix
[ reply to this | link to this | view in chronology ]
Re: Re: Re: Re: Easy Fix
[ reply to this | link to this | view in chronology ]
Re: Re: Re: Re: Re: Easy Fix
[ reply to this | link to this | view in chronology ]
Re: Re: Re: Re: Re: Easy Fix
[ reply to this | link to this | view in chronology ]
[ reply to this | link to this | view in chronology ]
[ reply to this | link to this | view in chronology ]
On the flip side...
[ reply to this | link to this | view in chronology ]
Re: On the flip side...
[ reply to this | link to this | view in chronology ]
Re: Re: On the flip side...
[ reply to this | link to this | view in chronology ]
Re: On the flip side...
[ reply to this | link to this | view in chronology ]
Sad
[ reply to this | link to this | view in chronology ]
Re: Sad
[ reply to this | link to this | view in chronology ]
LOLZ
[ reply to this | link to this | view in chronology ]
[ reply to this | link to this | view in chronology ]
[ reply to this | link to this | view in chronology ]
[ reply to this | link to this | view in chronology ]
Re:
[ reply to this | link to this | view in chronology ]
Imagine the interest charges for one month @ 12%
[ reply to this | link to this | view in chronology ]
Obviously a data conversion error...
(Yes, I know I didn't convert the $5 to hex, it's just an example...)
[ reply to this | link to this | view in chronology ]
Re: Obviously a data conversion error...
[ reply to this | link to this | view in chronology ]
Re: Re: Obviously a data conversion error...
A comment there brings up an excellent point. All of the charges we're seeing are the *same* value, 0x2020202020201250. After you remove the padding spaces that were put there you're left with 0x1250, which is 4688 in decimal. Since these amounts are always sent in cents, that corresponds to a $46.88 charge. There's no way that all of the customers I've seen (and the 13k supposedly affected, if we assume that they all have the same amount as well) purchased the exact same value of items. One guy bought a pack of cigs and incurred the charge, which is simply impossible to reach $46.88 with.
This is pretty clearly not *just* a padding issue. There's a genuine bug behind this, or perhaps a hack attempt. This does sort of smell like a buffer overflow exploit...
[ reply to this | link to this | view in chronology ]
Re: Obviously a data conversion error...
[ reply to this | link to this | view in chronology ]
Re: Re: Obviously a data conversion error...
But..but..but.. better people cost more!
[ reply to this | link to this | view in chronology ]
http://it.slashdot.org/article.pl?sid=09/07/15/2050215
[ reply to this | link to this | view in chronology ]
(*Dr. Evil voice*) $23 Quadrillion Dollars
[ reply to this | link to this | view in chronology ]
Now they can fund national health
[ reply to this | link to this | view in chronology ]
Not Visa's fault!
[ reply to this | link to this | view in chronology ]
[ reply to this | link to this | view in chronology ]
I asked the same question...
A few weeks after that incident, I used a credit card (not debit) to buy gas about 50 miles from my house. I immediately received a call from the credit card company alerting me to unusual behavior.
After that, I asked the same question: Why don't debit cards have the same 'check' protection that credit cards have?
[ reply to this | link to this | view in chronology ]
Remeber Y2K anyone?
Basically the same situation here if you impose a modern day limit on a system that could end up being used well into the future.
[ reply to this | link to this | view in chronology ]
Re: Remember Y2K anyone?
> a modern day limit on a system that could end
> up being used well into the future.
You don't have to limit the amount of characters allowed in the field, just put in a simple line of code that blocks any transaction over a certain amount. If that needs to be changed in the future, it would be a simple thing to go back in and eliminate that line of code and free up the block.
[ reply to this | link to this | view in chronology ]
where I thought this story was going
"So the Visa representative asked the customer to simply pay the $23 quadrillion and it would be credited back to her account next month."
[ reply to this | link to this | view in chronology ]
Re: where I thought this story was going
[ reply to this | link to this | view in chronology ]
This is clearly a violation of the Patriot Act and Bank Secrecy Act...
[ reply to this | link to this | view in chronology ]
Are we following the money? Where's the rest of the story?
The term 'Gaming the system' comes to mind, and I have a feeling that 'someone' 'somewhere' knew exactly what they were doing when they caused this to happen. And yes, my tinfoil hat may be a little tight today (with the recession and all).
[ reply to this | link to this | view in chronology ]
Reactionary much?
The error is obvious from the amount charged - the processor padded the amount with spaces instead of zeros, which when converted from hex resulted in an extraordinarily large number. As exciting as it may be to bluster about how many Libraries of Congresses or World GDPs the amount was, it's a simple data error. No one embezzled trillions of dollars of interest, no one was ever at risk of losing their home, and no we don't need a law requiring all credit card processing code to be kludged up with arbitrary limits that "we can just change later!"
[ reply to this | link to this | view in chronology ]
Re: Reactionary much?
Hmm, I wonder if *I* could get away with that. Cash a check for, say, $10000 on an account with only twenty bucks in it and when it bounced say "That '10000' was in binary!", i.e. really only $16? No, I suspect my butt would wind up in jail.
[ reply to this | link to this | view in chronology ]
Re: Reactionary much?
> credit card processing code to be kludged up with arbitrary
> limits that "we can just change later!"
We don't need a law-- and no ever suggested we need one. But it would seem prudent, especially when people suffer time and expense dealing with the fees and charges that typically come with these "simple data errors".
If the companies' reps weren't so mindless and robotic and had the ability to use common sense in situations like this, rather than giving customers the run-around over something so obviously erroneous, then technical remedies wouldn't be necessary.
As that is not the case, they are.
[ reply to this | link to this | view in chronology ]
Re: Re: Reactionary much?
That'd be the issue. Visa should have had technological safeguards against charges this high in the first place, and then reps should have been sufficiently trained that they can decide by themselves that a multi-quadrillion dollar charge is obviously wrong.
[ reply to this | link to this | view in chronology ]
Their system was so well done that we couldn't unentangle my account from his after the merge, and after countless contacts with customer service which included several expensive long distance conference calls, I had to abandon 24 years of perfect credit history on that card and apply for a new one. So now I have a canceled card on my record, a lower charge limit, and a new card, all lowering my credit rating.
Good thing I could trust my spouse. How horrible would it have been for all that data to be made available to someone who might have been an unscrupulous enemy?
[ reply to this | link to this | view in chronology ]
Apologies?
Seriously, though, why isn't there more of an apology from the banks? Did someone get fired? Did the entire accounting department get fired? Did the bank give anything back to the people who were charged this amount, like maybe free premium-level services for a few years?
[ reply to this | link to this | view in chronology ]
Add Your Comment