back to article Kid spanks a grand on Xbox using Mum's bank card

An 11-year-old boy has landed his mother in debt , after splashing more than £1000 on Xbox Live, without her knowledge. Mum-of-two Dawn Matthews entered her debit card details into the console to buy her son, Brendan, an Xbox Live membership to play against buddies online. The 37-year-old went about her business, blissfully …

COMMENTS

This topic is closed for new posts.
  1. David Precious
    WTF?

    Plans to contact a solicitor?

    For f**ks sake, take some personal responsibility for your child's actions rather than trying to blame someone else. Of course "Barclays and Microsoft both deny liability over the already-paid bill", and quite rightly so.

    You set your kid up with an XBox Live membership (for which a cursory Google would suggest the minimum age specified is 13 anyway), input your card details for him to use, and then get all upset that he used them?

    Where's the old-fashioned ideas of supervising your children so you know what they're doing, and taking responsibility for their actions? Grow up woman.

    1. John G Imrie

      Maby

      the solicitor is to sue her kid

  2. envmod

    kid is to blame

    in as much as you can blame a child - this is entirely the kid's fault - he knew exactly what he was doing. this is why kids don't have credit cards - they would spend irresponsibly and without thinking about the consequences.

    not much the poor mother can do i don't think - the goods, services etc were delivered and paid for, they're not going to let her off, she should have deleted her card details after she had used them to sign up for xbox live membership.

    she'll just have to work out a payment plan to clear the debt i guess.

    personally i would immediately ban the child from all gaming, sell the xbox to halp pay for the debt and instruct the child to spend more time outside (i've seen a picture of him - he's a pale, sickly looking kid).

  3. Anonymous Coward
    Anonymous Coward

    Sigh...

    The xbox support people are very clear that you are responsible for charges run up on your credit card by your kids.

    I mean what was she thinking - giving a child unsupervised access to her credit card?

  4. Anonymous Coward
    Anonymous Coward

    damn right

    Barclays and Microsoft have no liability. She gave her child access to her bank account and he bought a load of stuff with it. End of story! Make the kid pay the money back if you really must blame something other than your own stupidity. Most kids use pre-paid xbox live cards to get online/buy things, a debit card certainly wasn't the only way of doing it!

    If people don't have to live with the consequences of their mistakes, they'll never learn not to do stupid things again.

  5. The Indomitable Gall

    Before the commentards start...

    Some people are IT illiterate. The expected behaviour of a debit card is that it is presented for each new transaction. Storing credit/debit card details in accounts is against the basic principles of how the system works in the offline world. I think the mum's fighting a losing battle, but IMO, XBL are to blame. They want to make money, so they make it easy to spend money. They expose the consumer to additional risks in the name of profit.

    Yes, the mum should have read the Ts&Cs more carefully.

    Yes, the mum should have checked her bank statements (and the whole "online banking" thing is also partly to blame).

    But no: XBox Live shouldn't have allowed this to happen in the first place.

    1. Jeremy 2

      Well yes, but...

      "XBox Live shouldn't have allowed this to happen in the first place."

      Well maybe but just what do you expect Microsoft to do? Refuse a transaction from somebody who, as far as they can possibly tell is an authorised used of the card? Like they're going to do that. He spent a grand over the course of six months so on average, about £170 month. That's way more than you'd ever catch me spending on there but I'd wager it's not all that unusual to do so.

      The whole thing is ultimately her liability as well she probably knows. Being technically illiterate is not an excuse for not reading the T&Cs or not checking your bank statements especially if things keep bouncing!

      Instead of the two decent options available to her; either taking it on the chin or maybe appealing to Microsoft's 'good nature' (hehe), she's implying that she's going to sue. I'm sorry, but my sympathy for her situation ended right there.

      When you try and purchase something that requires more MS Points than you have onhand, XBL puts up a prompt saying words to the effect of "if you agree, £x.xx will be charged to your credit card xxxx-xxxx-xxxx-1234". The kid may only be 11 but you can bet your life he damn well knew what that meant.

      She should give the kid a right bollocking, sell his xbox and games to recoup some of the loss and consider it a life lesson - for both of them!

      1. Kevin 6

        Agree

        "The kid may only be 11 but you can bet your life he damn well knew what that meant."

        My nephew is 10 and has been racking up a bill on my brothers card prolly close to $500 over the past year buying costumes, and other stuff. My nephew knows my brother doesn't notice the extra charges due to how much m brother uses the card(he buys the stupid costumes too), and he even has told me(and my sister) he knows his dad don't notice it while laughing.

        I would tell my brother but personally I feel he deserves whatever my nephew charges for giving him unprecedented acess to the x-box, Plus my brother has screwed me out of alot of cash so him losing money via this IMO is nice payback ;)

        As for the idiot that hooked her kid's xbox to her debit card I feel 0 sympathy. Kind of how I feel no sympathy for that idiot who fell off a parking garage the other day while texting.

      2. JohnG

        @Jeremy 2

        "The whole thing is ultimately her liability as well she probably knows."

        Maybe not. Distance Selling regulations and other UK consumer law offer considerable protection for online transactions. For starters, the card issuer must be able to prove that each and every card transaction has been authorised by the card holder. The supplier should provide a record of the transaction to the cardholder i.e. a receipt showing the date, what was purchased, the VAT and the total.

    2. Arctic fox

      @The Indomitable Gall. Thank Sir. at last a voice of realism.

      Let us not forget we are a tech-website. The large majority of our fellow earthlings REALLY do not get this stuff when they are signing up for this that and the other online.

      1. Rob Moir

        I'm sorry

        but if you do not "get" a box that pops up to say that if you continue adding points then card xyz will be charged £abc then your problem isn't that you don't "get" technology, but rather that you don't "get" life. And 11 is bloody well old enough to know better. The kid knew what he was doing.

  6. Bardlee
    FAIL

    uhhh... moron

    I can see someone not noticing the charges like that for a month until their next billing cycle.. but it says that there was 25 payments in the last 2 months alone which hints towards this happened for more than 2 months.

    Nobody to blame but herself.. well, her kid mostly but she should check her statements. This is why credit companies will always send out paper statements so she can't use this pathetic excuse. It's always someone else's fault these days.

  7. Anonymous Coward
    Anonymous Coward

    Only my opinion

    All individual payments should have been authorised, they obviously weren't so Barclays shouldn't have paid Microsoft. Additionally Microsoft should not be keeping credit/debit card details to be used at a later date.

    Although the woman is a bit lacking in the financial awareness department I feel here the responsibilty falls on Barclays for making unauthorised payments.

    1. Anonymous Coward
      WTF?

      Re: Only my opinion

      "the responsibilty falls on Barclays for making unauthorised payments."

      and how would the bank know that they were unauthorized payments? She entered the details into XBL herself. The _convenience_ of storing your details on a site is enjoyed by many (including myself), it allow a revisiting customer to buy without having to re-type their card details on each visit. If this _convenience_ is abused, it is not the fault of the bank or site owner, it is the fault of the user.

      note, stolen card details is not the same as an abused card.

      1. Anonymous Coward
        Anonymous Coward

        Re: and how would the bank know that they were unauthorized

        And furthermore, how would the bank know they were authorised? Or would you expect that if you made a purchase at Asda then your bank should automatically assume that all subsequent purchases from there are being made by you?

        1. Anonymous Coward
          Thumb Down

          Re: Re: and how would the bank know that they were unauthorized

          Through the use of the Card Verification Value Code on the back of the card. PCI stipulates that this code must never be stored. Ever. If this number is not present that the card holder has not been verified and therefore the payment should not have been authorized.

          ttfn.

          1. heyrick Silver badge

            The "security code"

            I've ordered stuff from a few (secure) American sites, who have not asked for this code. Perhaps Americans don't use it as much as Europeans?

      2. Anonymous Coward
        Anonymous Coward

        Re: and how would the bank know

        Isn't that what Verified by Visa and such is all about??? Or does this only apply when it is convenient for them.

        I'm glad you think having your card details stored somwhere not under your control and clearly retreivable in plain text is convenient but I doubt you would be so flippant if the server was hacked.

        On another point, I recently recieved a new visa card which allows contactless payments, whose fault would it be if I was charged for passing by a rogue reader? I haven't called to enable the card as requested, I suppose if I did so I would be accepting all sorts of conditions that would clear Visa of all liability for anything.

        1. Anonymous Coward
          Anonymous Coward

          Re: Chris W

          calm down a bit,

          Verified by Visa: not all websites use it, and not everyone use it (my bank doesn't give it to me as an option). So unless the user ask for it, they won't get it.

          AFAIK, this verification is only done if the website asks for it (some do), if the website doesn't ask for and you still enter your details, how is this the bank's fault?

          by the way, amazon and paypal (plus many out there) do _NOT_ store you credit card in plain text on an unsecured server. You seem not to be trusting of using your card online, but on the other hand don't mind to physically handing it over to complete stranger at a supermarket. This is strange in itself, if you don't trust a secure server, why do you trust a complete stranger?

          1. Anonymous Coward
            Anonymous Coward

            @AC

            You asked how a bank would know if a payment was authorised, I gave an example to your question, If you think that's an overreaction then tough.

            The bottom line is, if the kid didn't have to enter any details of the card before purchase then it was un-authorised, and the article tends to indicate that this was the case. I don't have an x-box so I've no idea if this is how it works in reality, I can only go on the information I've been given. However it does seem from other comments that this is indeed how it works.

    2. Anonymous Coward
      Boffin

      Ah, but it isn't

      It's not always necessary to authorise every time. I'm guessing Xbox uses Continuous Payment Authority (aka Continuous Card Authority as I used to know it). Some discussion here:

      http://forums.moneysavingexpert.com/showthread.php?t=2002031

      Some companies (there's a few examples halfway down that thread) use it instead of a Direct Debit - Pipex Internet used to use it, which is how I learned about the things when my broadband tax payment couldn't be collected (and I got in a spot of bother over it) because I'd got a new debit card. I'd assumed (oh dear, yes I'm a bit financially illiterate too, or was then) that they were just taking it by Direct Debit.

      It has to be said, nearly every search result for the term seems to be much like the above: a consumer discussion about some company abusing it. Maybe it is something that needs a rethink...

  8. David 39

    Yep

    I enter my debit card details.

    I do not configure parental controls.

    I by proxy authorise my card for use on the servers

    My son downloads crap that is paid for but it's microsoft/barclays fault!

    Damnnnn. who is going to pay for the car I bought? I demand to know!

  9. Ian Tresman

    Kids NOT to blame

    The child is NOT to blame. It is the fault of MS whose system set-up is inadequate. This can EASILY be circumvented if the system worked correctly. It doesn't. MS are liable in allowed a child to make a credit card purchase.

    1. Jeremy 2

      Re: Kids NOT to blame

      "MS are liable in allowed a child to make a credit card purchase."

      When they provide multiple ways of stopping it happening, (child accounts, parental controls, pre-pay cards to avoid using a CC altogether) then no, they're not - it's a basic convenience the responsible majority.

      The wording of the articles is all very careful to avoid being so blunt about it but let's call a spade a spade for a minute. The real issue here is that the kid *stole* over a grand from his mother. The root cause of all of this is that he didn't seem to realise that what he was doing was wrong and the actual mechanism used, whether it be through stored details, nicking it from her purse or taking her card and going to the hole in the wall, is almost irrelevant.

  10. Syed
    FAIL

    Yeah right!

    She was too busy dealing with direct debit payments bouncing and didn't think to phone or walk to her bank - " I don't have internet banking, so can't check my balance..", boo hoo -- pull the other one love - especially the middle leg!

  11. Anonymous Coward
    Anonymous Coward

    its easily missed

    Its easily missed. The amounts are not huge as individual transactions and they just stack up.

    The ex had a shop. The bank screwed up the standing order when the landlord changed details. Instead of the payment coming out every 3 months, it came out monthly. It was missed for over 6 months because times were getting harder and "rent" does not look like an unusual transaction when looking at statements. It was only when a range of statements were seen togther did it become obvious.

    The kid bought bullshit virtual gear, MS should just refund the money considering that they already pulled the account.

    1. Shaun 1
      Thumb Down

      Not that easy to miss

      It's quite easy to spot when you have 25 tansactions over 2 months (so at least 12 a month) marked as MICROSOFT*XBOX LIVE POINTS*

  12. Anonymous Coward
    Paris Hilton

    Entirely her own fault

    Sounds like a classic case of someone using tech they don't understand, in this case the Mother... Next she'll be leaving her keys in the car and wondering why the kid wrapped himself around a lamp post.

    Paris because it wasn't her fault, honest your honour.

  13. Magnus_Pym

    'Pull' payments

    It's not only the risk of a third party getting you details.

    If you sign up for a monthly subscription with a credit card and forget the password you cannot ask them to stop taking payments. If the email account you originally used is now defunct you can't get back in at all. Even if you do request them to stop they don't have to and you may have difficulty tracking them down to write to them. All you can do is cancel your card and wait for the legal letters.

    Mobile phone payment is even worse you don't have to authorise payment in the first place. you can be transferred to a premium rate line or charged by text for one purchase and and heap of other stuff is loaded in via the small print. Transport for London want to be able to get 'fines' by remote control now.

    I can't see how we have ended up were any Tom, Dick or Harry can pull payments from your account without explicit instructions.

  14. Ian Tresman

    MS should be prosecuted

    MS should be prosecuted for this "scam". I ordered my son's XBOX live account on our credit card, and did not give permission for any other purchases (regardless of terms and conditions) . Yet my son has "accidentally" made several purchases. I get no warning, no option, and no receipt. This is wrong.

    While MS have been helpful in refunding the money, this is too little too late. A minor is not legally able to use a credit card, regardless of how the account is set up.

    I recommend that people contact Financial Services Authority, to ensure that MS fix this problem.

    1. Alex 0.1
      FAIL

      Response

      And the response from the FSA, will be that you agreed to the purchases, which you have.

      The situation is either

      1) The account is in your name, in which case you're responsible for the charges because it's your account with your card that you enteredto be used for payments (plus, your son shouldn't then be using the account in the first place), or

      2) Your son is setup with his own child or teen account into which you entered your payment details, which in both cases automatically default to all purchasing and payments being blocked via parental controls.

      You have to explicitly alter the parental controls to allow purchasing for either a teen or child account, and if you're capable enough of reading the screen to enable purchasing, it's your own problem if you're not capable of disabling said option again after making the purchase you want.

  15. Tom 38
    FAIL

    MS didnt allow the child to make a credit card purchase

    The kids mother did.

  16. Jonathan Walsh
    Stop

    How does that work?

    No money to pay her bills, but enough for a solicitor?

  17. Danny 5
    Happy

    if i where a bad person

    I could've cleaned someone out as well quite recently. an online friend of mine in the US helped me out getting US points on my EU XBOX, enabling me to get indie games (when ARE they going to make that available here?). i gave her my MSN details after a quick password reset and she proceeded to log on to my account, enter her creditcard details and buy points for me. i Paypaled her the money back and checked my account.

    Lo and behold! the creditcard details where saved to the account, a nice, free VISA card to play around with :D

    Good thing i'm an honest person, after scaring her for a bit, i deleted the details.

  18. Dave 49

    I'm siding with the mother

    Single mother, two kids to look after, she treats them to an Xbox. The 11 year old asks to use XBL to play online with his friends, she obliges, he does all the work with her overseeing because she doesn't know how to do it herself, and doesn't understand techology terribly well. If any questions arise, he bullshits her, and she's too trusting to know any better.

    The bills come, she doesn't bother checking them properly, or at all. This is really stupid of her.

    She kicks up a fuss, no-one cares, so she kicks up a bigger fuss, everyone laughs at her. She hires a solicitor, who, despite the cynicism from you guys, /might/ actually be able to help. You see, I've studied US Civil Law at length*, and by the terms of it, a contract can only be formed with a responsible adult aged 18 or over. Since the kid is 11, he's by no means a responsible adult, and so any contracts of sale he initiated are arguably null and void, and she might be entitled to a refund afterall**.

    * That is, I've watched Judge Judy a few times.

    ** Well, maybe. There was an episode once about this sort of thing, and I'm pretty sure the plaintiff won.

    1. David Precious

      Contract formed with her...

      If there was a contract, it *was* formed with an adult aged 18 or over - the mother, when she entered her card details, agreeing to future sums being charged to the card.

  19. TFk
    Stop

    Blame to spread around

    I like how most people seem to want to take one side or the other.

    Tthe root problem is most definitely the lack of parental supervision and financial observation.

    However, on the other hand there could be more safeguards (and better advertised safeguards) in place for parents with these systems. Restricting purchases by a pin number would be a good/simple idea. Having a default monthly spending limit would be nice (though I would imagine not popular with 'businesses'). There could be a 'family' set up option on first install which guides parents who are setting up the console with their kids through all of the parental control options (like financial restrictions).

    Personally I think the fairest solution would be for Microsoft to refund the £350 for the past month's purchases (as the account as now been closed) and for the mother to be liable for the rest (as she has had reasonable time to question those purchases).

    As for the people says that she's 'blaming everyone but her own kid' - She's probably given him the (verbal or otherwise) beating he deserves, but that doesn't exactly help her financial situation any, now does it?

  20. juice

    Console-based microtransactions...

    For what it's worth, you can delete your credit card details from XBLA, but you can't do it from the console. Instead, you have to log onto the xbox.com website (which uses the same Passport-based authentication details) and delete it from there. It's not a particularly user-friendly system and IIRC, Microsoft don't actually provide any information on how to do this on the console itself.

    (in brief: log into xbox.com, click on "My Xbox", click on "My Account", click on "Edit Payment Options". Not so simples!)

    Also, it's worth noting that this is a general "kids with parent's credit card" issue - a relative had a similar issue with their son, who ran up a bill into the thousands on his mobile phone, back when there were a lot more of the dodgy "implicit subscription" Crazy Frog/ringtone con artists around. Any system where you don't need to explicitly provide payment details is subject to potential abuse/misunderstandings.

    However, I'm not sure Microsoft can be let off so easily. They already have a set of child-protection/restriction systems in place: by default, kids are barred from video comms, their friends list is hidden and they can't view "explicit" content. Surely it's a no-brainer to add an extra "billable transactions" option and provide a set of options:

    1) no billable transactions allowed

    2) billable transactions with stored credit card allowed

    3) billable transactions allowed, only with XBL points card or manually entered CC details

    If a default choice of 1) is set, that would seem to cover all of the bases: if a parent decides to let a kid have 2), then they can't complain if a bill gets run up. Meanwhile, if they select 3), then the kid can buy a points card from HMV/Walmart; if they go a step further and steal mummy's credit card, then I'd say you've got a bigger problem than a bill for some pointless avatar items...

  21. ratfox
    Thumb Down

    The plan worked

    The way I see it, this is exactly what developers hoped for when they added the possibility of buying items for a game...

  22. Les Matthew

    Correct me if I'm wrong

    But it was a debit card and not a credit card. So I'm assuming age restrictions may be different?

  23. Anonymous Coward
    Anonymous Coward

    ITunes is the same

    Same issue with iTunes app store.

    My son has an iPod touch, to set it up it required me to enter credit card details. I didn't enter the CVV at first but, when he asked me to buy something I entered the CVV to progress the purchase.

    Now those details are saved and a simple click on an app will purchase it. No pop up confirmation box, no requirement to re-enter the CVV, the purchase is made.

    Yes, you need to enter a password in order to progress but you need to enter the password just to download a free app - WHY? - so I've let him know what that is so that he doesn't have to ask each and every time he want to install a free app. I just have to trust him to be careful not to accidentally buy a non-free app.

    Why can't Apple simply have a double confirmation when buying an app? Why can't it require the CVV to be input each time? Why does it need a password to download free apps?

    1. Dan 55 Silver badge

      Go back into iTunes...

      ... go to account info and set the payment type to none.

    2. bubba-bear

      Prepaid VISA card?

      Can't you use a prepaid VISA card at the iTunes store?

      I have a second VISA debit card from my credit union that I keep a token amount of money in for these sorts of things. It works like a prepaid VISA debit card, the credit union simply declines any charges that aren't covered by the balance.

  24. Anonymous Coward
    Anonymous Coward

    Microsoft scamming parents!

    Similar thing happened to me.

    You can't delete your card details and MS won't do it for you unless they cancel everything that has already been paid for.

    So if I wanted my son to have the features I'd paid for I had to leave them on. They make it easy for the kids to spend money so money did get spent. A complaint to MS got nowhere and I got them to cancel the details but lost what the money had been spent on.

    A money making scam if you ask me!

  25. No, I will not fix your computer
    Stop

    Hmmm....

    Everybody who owns a credit/debit card *should* be careful every time they use it, online, cashpoint, shop (avoid shoulder surfers etc.), they *must* bear some responsibility if they are not careful, however in this case, I think that M$ should have a clear disclaimer saying "Do you wish to save your payment details, this will allow the user of this XBox/Account to charge other purchases to it" and then a simple yes/no option - if they had this then M$ wouldn't have a leg to stand on as she would have explicitly agreed (rather than implicitly), yes allowing the XBox babysitter to have the card details unrestricted is ignorant, and adults *should* know better, but M$ could have added an educational warning.

  26. Anonymous Coward
    Anonymous Coward

    Verified by...

    Visa is a joke. I can never remember the info I use for that on sites, so just click on the make new account option.

  27. Stevie

    Bah!

    In the case of mandatory credit card accounts for under-aged spenders (yes iTunes Store, I'm looking directly at you too) it would be at least a reasonable precaution and a measure of security for the owner of said credit card to place an absolute ceiling on the spending that can be done per unit time when you set up such accounts.

    As for this sorry woman, she has the answer to her new penury is at hand: A healthy, young kidney is worth a small fortune on the open market. Snip snip stitch stitch problem gone and a tidy profit that could be put into escrow for the next unauthorized overspend.

    And when that's used up, there's a lung to be harvested, half a liver and gosh knows what else. In an extreme case this solution would make the problem self-limiting.

  28. Anonymous Coward
    Gates Horns

    Microsoft Scam

    (Yes that subject will upset the fanboys). :-)

    Been through exactly this myself, though luckily our kids are either very honest or not very inquisitive. My wife used her card to buy our son an Xbox live sub. There is no obvious way to do this other than on the console. I watched. No obvious prompts that details would be saved or auto renew. Next year, we find her card has been debited for another years subscription. A few days later our son (who is also 11) manages to buy something like £5 worth of "points" on her card. He actually told us this before we realised, it seems he was seeing how it worked as he wanted to spend his own money on them anyway.... and it well, just... um did.

    So, on the phone to Microsoft (just getting a number was a challenge without the console). It seems the only way you can pay by card with them is to have the details auto stored for anyone with access to the console to use (good job we didn't sell it at a car boot sale). To remove the card involves them cancelling the account and issuing something like 11 prepay subscription codes to be instead... then waiting a month to make sure they've really cancelled the acocunt. And the first part takes several days.

    Frankly, in our case I feel Microsoft acted like petty criminals who seemed embarrassed they were caught. At 11, a child might know they're doing wrong but not understand the significance so I completely understand this woman's predicament.

    However, much as I hope she sues them into oblivion... in reality I guess it's just not going to happen. Personally, I've now become radicalised against Microsoft :-) and have a personal policy of never buying any of their products (even so far as getting a Macbook as my next laptop to avoid the Windows tax) and recommend never purchasing anything from them using any method other than cash.

  29. Anonymous Coward
    WTF?

    @Jonathan Walsh

    Despite what many seem to think, the law isn't only for the benefit of the rich. It's attitudes like that that allow companies like Microsoft to get away with sharp practice ("scams" almost) like this.

    Honestly, reading some of the comments on here you'd think some of the posters lived in a fluffy little dream world where big businesses exist solely to ensure you're able to buy pictures of framed kittens at the click of a mouse... and where any crime must be the fault of the victim.

  30. Dan 55 Silver badge
    Coat

    It could have been worse...

    ... she could have put her card details in an Apple ID account.

This topic is closed for new posts.

Other stories you might like