Kogan asking for full drivers license to send order.

LRoger Ramjet on 11/05/2020 - 21:10
Last edited 11/05/2020 - 21:17

Purchased $110 worth of smart power sockets that were on sale from Kogan and used my ANZ CC to pay. Received an email the next day asking for a photo of my drivers license with the CC to ensure "security" details here. Left it a couple of days and they charged my CC anyway but I didn't receive any shipping details so I emailed my license with only my address and name showing. Received an email back asking for a photo of the whole license. I asked if i can change payment method to PayPal as i wasn't comfortable sending my full drivers licence photo for a $100 order when i could already see they had charged me for it nor is there any mention in their privacy policy about what they're doing with this information. They cancelled my order and said i could buy them from the link which is no longer on sale.

I really dont understand why they need a full copy of your drivers license when its obvious my name and address were on the legitimate licence which really if i stole a wallet the whole process is pointless anyway. Would they even be affected by fraudulent CC transactions as isn't this covered by the banks insurance? If not, whats the point when i could have paid with PayPal or ZipPay without any requirement to send them my ID. It just seems to be data harvesting for some thoughtless policy and just stupid and frustrating really.

Can anyone shed some light on this policy?

Electrical & Electronics

Related Stores

Kogan
Kogan
Marketplace

Comments

  • Belistic on 11/05/2020 - 21:13
    +16

    Not sure why the reason, but I wouldn't of sent them my licence either.

    • Roger Ramjet on 11/05/2020 - 21:19
      +2

      The whole licence though? I provided a redacted photo (photo,number and DOB covered with strips of paper) showing my name and address and the redacted CC with my name.

      If i was buying >$500 worth of stuff i might understand but $100?

      • whooah1979 on 11/05/2020 - 21:24
        -7

        You photoshop your driver licence. It is no longer a valid form of ID.

        • Roger Ramjet on 11/05/2020 - 21:28
          +2

          Not photoshopped, just some torn bits of paper over the top. It was obvious the license was legit still.

          • whooah1979 on 11/05/2020 - 21:43

            @Roger Ramjet: I tried to obscure particulars from my IDs for a KYC. They rejected the IDs on the grounds that they were incomplete ID.

            • Roger Ramjet on 11/05/2020 - 21:52
              +3

              @whooah1979: Yes i knew this when i sent them the photo… My question is why do they need this, its a pointless process when I'm sending them a photo of it. Loss prevention in person or picking up a package like the other post about the Good Guys asking for ID or at Aus Post is understandable but this is process for process sake and achieves nothing except leaving me open to have my identity stolen when they eventually get hacked or sell it to another company as is in their privacy policy.

  • brokenglish on 11/05/2020 - 21:22
    +6

    It's Kogan's anyho policy. To make up for the sale price difference, they need to get it from somewhere else = your personal details.

  • outlander on 11/05/2020 - 21:36
    +9

    Sounds like you need to steal someone else's details, so that you can legally acquire the things you want. I'm sure whooah1979 (above) will be happy to volunteer his for you.

  • fluffyllama on 11/05/2020 - 21:43
    +3

    I agree. Don't see any reason to ask for licence, unless it's when signing for an item to confirm ID. If name matches invoice/sender details, what benefit is there knowing the licence number?

    ABC article about licences being used for identity theft - https://www.abc.net.au/news/2019-09-06/drivers-licence-ident…

    • Roger Ramjet on 11/05/2020 - 21:48
      +1

      Exactly, this sort of thing is what i worry about as its 60 points of an ID check. Once its in the public domain your license number is extremely difficult to change, they just weren't designed to be used in this way.

  • garetz on 11/05/2020 - 22:11
    +6

    Just say you dont have a license ?

  • [Deactivated] on 11/05/2020 - 22:28
    +2

    Chemist warehouse does something similar for their click and collect service where they require licence details, cc used to pay for it and copy of invoice. That was for a $15 foundation.The only reason it was c&c was because my wife didn't trust me to pick the correct shade in store.

    • xuqi on 11/05/2020 - 22:55
      +2

      Chemist warehouse doesn't ask for an electronic copy of it, they simply want to sight it on pickup. Goodguys and other similar stores do the same.

      • whooah1979 on 11/05/2020 - 23:04
        +1

        How do you suggest op show Kogan their ID when they don’t have shop front?

        • xuqi on 11/05/2020 - 23:06
          +4

          I think OP's done the right thing by not sending them the info. Losing your identity isn't worth a ~$100 purchase.

  • John Kimble on 11/05/2020 - 23:23
    +5

    Would they even be affected by fraudulent CC transactions as isn't this covered by the banks insurance?

    Yes, in the event of a fraudulent transaction the bank would just debit their merchant account, Kogan lose the money and the goods (if sent).

    There is no such thing as "banks insurance" for card not present fraud.

    I really dont understand why they need a full copy of your drivers license when its obvious my name and address were on the legitimate licence which really if i stole a wallet the whole process is pointless anyway.

    Kogan are not concerned with fraud due to stolen wallets*. They are worried your card details have been stolen or hacked online and used without your knowledge. Which makes up 85% of fraud on Australian cards. See here: https://www.auspaynet.com.au/insights/Annual-Review/2019-Ann…

    The request of the card and licence is to
    - one show you have the physical card and
    - two show you are who you say you are, which would mean it is more likely a genuine transaction.

    It just seems to be data harvesting for some thoughtless policy

    It's not data harvesting, it's a common technique to try and reduce their online fraud levels. It's not perfect, your privacy concerns are valid and as you have experienced sometimes genuine people get flagged incorrectly.

    *stolen cards are typically used for pay wave transactions or attempted cash advances. Something card issuers are concerned with.

    • Roger Ramjet on 12/05/2020 - 10:59

      Surely there’s another way. Speaking to friends they have had identity challenges on online transactions but resolved them by replying to an email or taking a phone call.

      • John Kimble on 12/05/2020 - 11:17
        +1

        Not really. Replying to emails or taking a phone call doesn't prove the ownership of the card and ID check as much as sending copies of ID.

        Another less intrusive method is when a merchant puts through a small value auth or refund to your card and asks you to verify the exact amount.

        But even then some people don't like that because of the extra effort/delay because it can sometimes take a few days to appear on the card.

        The newest "frictionless" security measure is 3DS2, but it has not been mandated in Australia or adopted by many banks or merchants yet.

  • blonky on 11/05/2020 - 23:39
    +1

    Prior workplace was also an ecommerce retailer - this did come up occasionally when the system would flag a suspicious transaction

    Our team would call the customer to validate their drivers licence and compare against the credit card name to confirm the card owner is the same person who placed the order

    Typical reasons were multiple small transactions in quick succession or a new account making a large purchase

    As far as I know, no customers ever pushed back

  • jimbobaus on 11/05/2020 - 23:47

    It’s common in card not present transactions.
    If a charge back occurs and the retailer can prove they checked and validated the customer the bank will let them keep the funds after an investigation.
    Literally had this situation at work, because we got the ID we didn’t loose the funds due to the charge back.

    Fraud prevention 101 is to get proof of card ownership via ID etc
    If you are not comfortable then best to use PayPal etc in every instance you can.

    • John Kimble on 12/05/2020 - 00:05
      +1

      If a charge back occurs and the retailer can prove they checked and validated the customer the bank will let them keep the funds after an investigation.

      Incorrect. A retailer can still lose a chargeback if the provided documents do not match the genuine cardholder details. Just because they checked, doesn't mean they automatically win a chargeback.

      Literally had this situation at work, because we got the ID we didn’t loose the funds due to the chargeback.

      Likely because it proved the customer completed the order, therefore the customer had no chargeback rights.

      • jimbobaus on 12/05/2020 - 00:15

        I didn’t say otherwise.
        This is why they ask for the card and id.
        We did and we were able to beat the charge back attempt.

        Have posted quite a lengthy post some time back about the misconception that charge backs always go in the cardholders favour.
        If the retailer does everything to minimise fraud and ticks the boxes (ID, card etc) then they win in a charge back investigation more than they loose.

        Chargebacks are often used as a way to get a refund when someone isn’t happy and the retailers are within their rights to refuse (airlines recently for example) and this is why more and more Handkey retailers (card not present) are being asked to further verify transactions.

        The OP’s complaint will becomes more standard as time goes on.
        The banks are however I believe working on a new system but this will probably only work with Aus based hand key retailers.

        This is why Kogan wants the info.

        • John Kimble on 12/05/2020 - 00:24

          If the retailer does everything to minimise fraud and ticks the boxes (ID, card etc) then they win in a charge back investigation more than they loose.

          True I suppose, but this is because it is a real/effective deterrent for a fraudster to bother to continue with the order if they are prompted for ID. Most of the time they would just abandon it and try again or at another retailer.

          So the ones that do provide the ID and card data back are more likely genuine people submitting chargebacks they are unlikely to win.

          The chargebacks a retailer loses are usually the ones that were missed completely.

          misconception that charge backs always go in the cardholders favour.

          True, but chargebacks go in the cardholder favour the majority of the time. Merchants get shafted a lot of the time.

          • jimbobaus on 12/05/2020 - 00:28
            +1

            @John Kimble: The best way to summarise I guess from our experience. If we ask for the ID and they refuse there is usually a reason. If they are genuine customers they usually do not have any issue
            Never understand why people will type their personal info into a website then complain when said website asks to see said info confirmed.

            • John Kimble on 12/05/2020 - 00:36
              +2

              @jimbobaus: There's a big difference between typing a few bits of info into a website vs sending in photos/copies of identification documents.

              There's a small but increasing percentage of people like the OP that object to this to due to (valid) concerns about how it is used/stored afterwards.

              On a similar topic, just now my wife and I are enrolling our child for primary school, they are asking for documents adding up to a 100 point check! If all that info got compromised and into the wrong hands we'd be screwed.

              It's the small number of fwits in the world that ruin it for everyone else.

            • Roger Ramjet on 12/05/2020 - 10:55
              +1

              @jimbobaus: A name and address is common info and a credit card number can be cancelled and changed easily. A drivers licence is 60 points of an ID check and is extremely difficult to change. Even a passport is designed to be lost and the number changed but a drivers licence was never designed for this.

              I’m happy to hand over commonly found or easily changed information but confidential and hard to change personal identification data is treasure to bad actors and should be treated by its owner as such.

              • jimbobaus on 13/05/2020 - 19:19
                -2

                @Roger Ramjet: The delusion is real amongst the replies.
                This has been common practice for years and every retailer has a data retention policy and privacy guidelines they must follow.

                If you want to deal with them in this day and age of high levels of credit card fraud (millions per year) then the time will come when you will have to provide ID.

                Check their policies if you do not agree then don’t send the ID but in return do not expect your order to process or complete.

                The retailers have obligations to reduce fraud under their merchant agreements and every single agreement requires that if they process card not present transactions then drivers licence and credit card must be verified at a certain threshold or transaction history.

                • Roger Ramjet on 13/05/2020 - 19:45
                  +2

                  @jimbobaus: Have you read Kogan's privacy policy? It says they pass your data to third parties… What data and who? Where are my details going and who sees them? How secure are the systems of those third parties? If it crosses international boundaries are those government protections enforced? Why do they want my details in the first place? Is insecure email the best way to send this?

                  If people are happy to pander to the corporate world while slowly losing their personal privacy that's up to them but if retailers want to provide a service that protects them and their customer… this isn't the way, be it changes needed to online banking/retailing/identity.

                  • jimbobaus on 13/05/2020 - 22:02

                    @Roger Ramjet: If you honestly think a retailer based in Australia (not just registered) is going to sell your private credit card and drivers licence information?

                    Sell your clicks and website tracking… sure but your drivers licence info?

                    You are not loosing your personal privacy. A retailer is protecting their company from fraud which is endless and constant.
                    The banks literally require them to check and if you are not ok verifying you are a genuine cardholder then don’t buy from them but also accept your ability to buy online will get smaller and smaller as this is becoming more the norm these days.

                    As I said above it’s literally a requirement imposed on retailers by the banks if they want to do handkey transactions (card not present) and as more and more companies push online especially lately this requirement is going to be seen more often than not.

                    I would also note that I notice a lot of the commenters here are the same people asking “how to improve their credit score” yet cry foul when someone asks them to verify they are a legit cardholder.

                    As someone who has been the victim of credit card fraud as both a consumer and a retailer I for one am all for anything that limits fraud and if you have nothing to hide then you would verify.

                    As I have said…. if you don’t like the policy then don’t buy from them but you better get used to not shopping online as this is becoming more normal.
                    For example JB Hifi asks to see you licence in store if you spend over $500 with your physical card present and have started asking for id got online. (Had to provide mine for a recent $450 transaction online) and I have spent thousands with them. My understanding is their bank now requires it. My work bank recently required us to verify at a certain point also.

                    This will be the norm not the exception soon.

                    • Roger Ramjet on 13/05/2020 - 22:16
                      +1

                      @jimbobaus: Only they know what they do with it and that’s my point, the privacy policy is loose as. It’s so much more than clicks and tracking but this seems to be going in circles. Either way I value my personal identification more than $100 worth of smart plugs.

                      Also losing not loosing ;)

    • Ozpit on 12/05/2020 - 08:46

      Lose, not loose. Rolts, where are you?

      • jimbobaus on 13/05/2020 - 19:16

        I spelt a word wrong or my phone auto corrected it to the incorrect word.
        Hardly worth a comment reply.

      • DashCam AKA Rolts on 22/05/2020 - 11:30

        My bad. Left this discussion as it was starting to resemble a ping pong game.

  • missyr on 12/05/2020 - 00:35
    +2

    One stupid Recruiter wanted me to email my 100 points of ID (passport, licence) via unsecured email.

    I made a formal Complaint to the Australian Privacy Commissioner.

    I suggest you do the same to Kogan.

    • dasher86 on 12/05/2020 - 09:47
      +3

      did you get the job?

    • jimbobaus on 13/05/2020 - 19:14

      Why?
      Your privacy wasn’t breached.
      Your identify was being confirmed.

      What you did do however was over react.

  • eggles01 on 12/05/2020 - 14:04
    +1

    I had recently forgot my password for AfterPay and was sent a message that I had to send them 3 items,My complete copy of my photo licence,a copy of my new mobile phone bill,(I am on prepaid,so no bill)a copy of my recent utility bill (must be last 3 months).All must show the same details as they have on my file when I joined them.When they receive them they will present the details to their RISK team to decide whether they will allow me to have my account.
    Just my thoughts on these requests is that AfterPay is not a SECURE operation and the members personal details are at risk of being hacked from their company or service,and when you think about it ,what more information would anyone need for IDENTITY THEFT?

    BE CAREFULL

    • jimbobaus on 13/05/2020 - 19:15

      They are regulated under the same privacy regulations as a bank.
      Your info is fine and they fact they are asking for the id should give your comfort knowing they cadre about protecting your account and data.

      • eggles01 on 14/05/2020 - 15:16
        +1

        AfterPay has MORE security than my Online Banking account and my online Centrelink Disability Pension Account,

        My question is: as you do not work face to face with AfterPay deals etc why do they need a PHOTO OF ME,

        why do you not need a PHOTO ID when you apply for an AfterPay account,Why do you not need to present a 3 month UTILITY bill when you apply for an Afterpay account,

        there are too many WHYs and not enough answers from them as to the WHYs

  • arislan on 14/05/2020 - 15:20
    +1

    I'd just cancel the order. This kind of bullshit shouldn't be tolerated. There no legal basis to ask for photo id just buying some power sockets. If they think it is fraud, they should call the CC company so the CC can verify.

    • Roger Ramjet on 14/05/2020 - 18:20

      Basically, I've had SMS from my bank before to verify transactions are legit.

      • John Kimble on 14/05/2020 - 18:38

        Yeah, because you are their known customer. You did your ID/KYC verification when you joined the bank initially. The merchant cannot do that. They don't know if you are you.

        • Roger Ramjet on 16/05/2020 - 01:47

          That was my point. The bank has the ability and does run checks to ensure the card user is the card owner, why can’t this be leveraged to protect business from being scammed with a simple 2FA check when buying online rather than insecurely emailing your personal data to some company which has no business knowing it.

          • Hybroid on 16/05/2020 - 01:53

            @Roger Ramjet: Because Kogan is known to be a dodgy company with poor practises, rubbish/non-existent customer service and grey market products yet people still buy from them to save a few dollars…

    • John Kimble on 14/05/2020 - 18:46

      They cannot give out any information due to privacy reasons.

      If they asked questions in a specific way, then I suppose they could verify the transaction in a round about way. But it would depend who they spoke to.

      But the time it would take to call banks would be too much, they likely wouldn't bother.

      • Roger Ramjet on 16/05/2020 - 02:12

        They “can’t give it out due to privacy reasons” but if they get hacked they don’t really have a choice.

  • Brucet on 14/05/2020 - 17:45
    +1

    drivers license details ??? Tell them off.
    Never provide it.

Login or Join to leave a comment
Login Join