Several years ago made a purchase at a online retailer and after going through the payment portal and order confirmed I received a notification a day later from their support that they needed to validate my credit card details further.
They said they would take 2 small transactions of a few cents that I needed to let them know what amounts they were to confirm I was the owner of the card and this might take up to 3 days. Having never had this issue before and not wanting to jump through the extra hoops I declined to proceed and they refunded me. I never thought much of it again as I have been online shopping for over a decade and never had this issue so wrote it up to a retailer that that had obviously been burnt a few times and was now overly cautious.
Then recently I made a purchase from a different retailer, and again after the transaction was completed I was contacted by support saying they needed to confirm my CC details. This time they wanted me to provide CC details over the phone which I declined and requested a refund.
In both cases the extra validation requirements were not disclosed on the order page, or in the T&Cs so feel like it's a bit shady to take the order and payment and then say that the order will be delayed until they get the validation. In both cases they claimed it was for my protection which also rubs me the wrong way since it's obviously only for their benefit.
Curious if other people have experienced this and what hoops they are willing to jump through to get the retailer to send the item you've already paid for, or if I am just being unreasonable.
Yeah it's a tricky one. Along time ago I worked retail and we'd look up people on the AEC database to see if their address was real. If anything suss we'd ask them to scan and send through drivers license. Personally I'd refuse to do that if I was asked though. We'd generally refuse to ship to any other address, and we defs lost a few sales. Scammers are absolutely everywhere and businesses need to be careful.
I'd definitely NOT give CC details over the phone. They should be encrypted on the website - staff shouldn't be able to see any numbers!!