back to article Kid spanks a grand on Xbox using Mum's bank card

An 11-year-old boy has landed his mother in debt , after splashing more than £1000 on Xbox Live, without her knowledge. Mum-of-two Dawn Matthews entered her debit card details into the console to buy her son, Brendan, an Xbox Live membership to play against buddies online. The 37-year-old went about her business, blissfully …


This topic is closed for new posts.
  1. Human Writes

    Perhaps what she should be seeking...

    ...instead of a solicitor is parenting lessons.

    She's blaming everyone else but her own kid.

    1. PaulWizard

      to be fair

      the child is, er, a child. If she gave him the card and pin and let him loose in a sweet shop over a 6 month period I would expect similar results. Its her failure for either failing to check what her card was being used for and/or failing to educate the lad about the value of money.

  2. Anonymous Coward

    Why do people...

    ... always try to blame someone else for their own stupidity?

    Bank charges, credit card overruns, the kids using your details - 1 cause = lack of attention on behalf of the account holder.

  3. Oliver Mayes

    Sorry, but I'm with Microsoft and the bank here

    She entered and saved her card details, then went to the parental control settings and authorised her son to access xbox live. At what point did Microsoft do anything wrong here? You do not require card details to have a live account, you can just buy an annual membership code over the counter from any game store and use that.

    It's obviously a problem but she can't just expect to get all her money back when her son has purchased and spent several months using the content.

    1. Lamont Cranston

      I don't think she should get her money back,

      but I would like to see Microsoft (and everyone else) change their practices so that you cannot make repeat purchases on a saved credit card without some further authorisation.

      I had money taken off my debit card (by my own father!) after failing to realise that Amazon doesn't have a log off function. I know better, now (my debit card stay off-line, and I put nothing through his malware infested PC), but how many people know about clearing their cookies, etc.?

      Standard rant about an unsupervised child having access to an online account, naturally, but can't she just send it all back for a refund?

  4. TonyHoyle

    Oh dear

    "she failed to notice the debts because she had no access to online banking and was busy sorting through numerous letters about her direct debits bouncing."

    Phone banking? Walking into the local town and actually speaking to someone? The fact that she was sorting through 'numerous' letters about bounced direct debits wasn't *bit* of a clue?

  5. Kevin Gurney

    This is Barclays / Microsofts fault how ????

    Surely she should be giving her son a little telling off instead.

  6. Sir Runcible Spoon Silver badge


    It doesn't help that M$ won't allow you to remove a credit card from the gamer account once it's been used. They only allow you to overwrite it with a new (and currently valid) one.

    I had let my CC card company know that the card details had been cloned and to get a new number issued when they refused to remove it.


    1. Anonymous Coward

      Re: Sir

      another option is to use a virtual debit card, the card is limited to what you put on it. You will always have to load it before you can use it, so there won't be any mistakes. You can even set the limit on yourself by making a point of only adding 50 quids every 2 months and no more. (this is what I use on PSN).

      but keep in mind that the issuer of the virtual debit card will take their own percentage every time you load the card, in my case they take 4.95%, which is far less then the headache I would get should I use my real card and get screwed. (like this lady)

    2. juice Silver badge

      Partly true...

      You can delete a credit card from your account via the website, but Microsoft block this if you had a paid Gold account. I'm struggling to think of a non-profiteering reason for this...

      In any case, there's a bit more info (and a possible workaround) here:

      1. Mark 65


        Would it not be considered illegal in the EU to retain someone's credit card details and prevent their removal?

    3. Anonymous Coward


      I get it, it's "M$" because they charge money for things! Ha ha let me try one. App£e.

  7. heyrick Silver badge

    Doesn't it have parental controls?

    Spending limit?

  8. Jay 2

    Already-paid bill?

    If you pay your plastic bill without carefully checking all the transactions then you're a bit of a muppet.

    1. The Indomitable Gall

      Plastic bills?

      It's a debit card, you muppet. No "plastic bills" to pay.

      1. Nicholas Shaw

        Times are tight, so extra caution is required....

        Then again, if times are so tight and she is finding it difficult to balance the books, you would have thought that a regular check on her bank account would be sensible. In fact, the moment you get all these letters saying your payment has bounced, you would have thought that the first thing she would do is check the balance on her account and try to sort out what has happened.

        This whole thing seems to be what seems to be more and more common, where muppets no longer have any responsibility and can blame anyone but themselves. And what about the boy, he was 11, why on earth is it not his responsibility to not actually buy something? These things all have a price.

  9. PaulWizard

    A fool and her money...

    For once I can't blame Microsoft, the tools are in place to prevent your little darlings spending all of your money. It's in all credit card Ts&Cs that you should be responsible for the use of your card. Plain stupidity. I hope she gets laughed out of court, otherwise the rest of us are gonna have to put up with some more stupid levels of notices on cards and payment screens. Is anyone else buying this bullshit she's running about not checking her online account/never reading statements? I feel sorry for the kid, what kind of example is this if when you do something utterly stupid you just blame everyone else for it!

    1. Anonymous Coward
      Anonymous Coward

      A fool and her money?

      A commentard and his comment?

      1. Pascal Monett Silver badge

        more like

        a troll and his tool

  10. Oli 1

    not the first and wont be the last

    The amount of friends whose kids have done similar is amazing to me, with all the supposed security around credit card details most of them thought it would be impossible to put a payment through without some sort of confirmation required by the card holder, ie enter a pin number or confirm the security code etc.

    Lesson to parents really, read what your agreeing too or do as my "tech savy" xbl friends do, pay then login and change a few details so the card payment will fail on any future payments!

  11. Anonymous Coward
    Anonymous Coward

    Can't touch him

    "Dawn said she failed to notice the debts because she had no access to online banking"

    Ever heard of bank statements printed at the ATM? Going to the bank? Phoning them?

    "and was busy sorting through numerous letters about her direct debits bouncing"

    And still she didn't get a clue?

    "She attributed this to the recession and rising costs of petrol and food"

    Yep, once again, it's the society's fault.

    I hope the poor little darling is not too traumatised by putting his mum in debt. I was going to suggest a good slap in the face to teach him a lesson, but these days kids are supposed to be educated without touching them. We're also told that it works. Well, you can bet that I wouldn't have done it as a kid as I would have got my head spinning for sure.

  12. Anonymous Coward
    Anonymous Coward


    When I were a kid, at best this would have received a proper beating, at worst I'd have got the "I'm so disappointed in you" line.

    Than my old dear would have worked out a way to pay it off in instalments as she'd know full well it was partly her own fault.

    She'd probably throw the xbox in the bin or give it to some kid down the road.

  13. mhoulden


    According to the original article this happened over a period of 6 months. Did she not get any bank statements in that time? If so, why didn't she read them, particularly when her direct debits started bouncing?

    1. John G Imrie

      6 months

      I only get 1 statement every 6 months on my account.

      1. Dan Watson

        Not Credit cards

        It's law that you get a Credit Card bill every month if there is a balance on it.

        She would have received one.

      2. Andy ORourke

        I'm exactly the opposite

        Me & the wife have a joint account with Santander with access to online banking yet we BOTH receive a paper statement EVERY month in serperate envelopes individually addressed. We have no way to opt out of paper statements (none that I can see anyway!)

    2. Guus Leeuw

      Re: Err.... (mhoulden)


      "Did she not get any bank statements in that time? If so,..."


      Did she not get any bank statements in that time? If not so, ...


      Did she get any bank statements in that time? If so, ...


  14. Anonymous Coward

    "The Xbox Live account is now been closed"

    was she the one who closed it? if everything is paid for then why close it and lose access to what you bought?

    or did MS close it after they got the complain?

    1. LaeMing Silver badge


      as part of the lad's punishment?

  15. Anonymous Coward


    Normally in these cases I struggle to have any sympathy. However, the way that many web-sites now automatically remember your credit card details without any obvious authorisation will make this type of situation more and more common. If the mum didn't realise that her details were remembered, and the son didn't realise how financially screwed his mum was, you can easily foresee this sort of thing happening. Personally, I think credit card purchases should move to a 2 form factor system. Using a secure-id type system with a crypto-secure random number sequence to authorise individual transactions explicitly would reduce fraud potential to pretty much zero, for only a little extra hassle (and certainly less hassle than Verified by Visa etc.)

    1. Shaun 1

      Child account

      If you set it up as a child account, you have to reenter card details to buy MS points.

      1. Anonymous Coward
        Anonymous Coward

        Child account?

        And she's supposed to know that because?

        Nope sorry, Microsoft could easily and clearly state when buying stuff on Xbox live that your credit card details will be remembered and used to make purcahses in the future at the touch of a button,


        Make it so that you have to choose to have your details remembered rather than it be the default choice.

        But of course Micro$oft doesn't want that do they? Oh no, they'd rather engineer things so that you present youself for explotation.

        1. Dan Watson

          She's supposed to remember this because...

          ...She's supposed to be a responsible parent.

          Anyone who gives their children any product that they don't know how to use themselves is irresponsible. She allowed her son to set up a social networking account - paying for it - without checking first what she was paying for.

          If she had have done she would have noticed the differences between a normal account and a child account. She would also have realised you can buy MS Points and that there was no need to keep her card details saved.

          I bet she would have happily let her son on the internet without supervision, then complained when he downloaded porn or got groomed.

          1. Allan George Dyer Silver badge

            irresponsible parents

            "Anyone who gives their children any product that they don't know how to use themselves is irresponsible."

            Guess I'd better cancel the kid's violin lessons, then.

            You're overgeneralising, and denying people the opportunity to give their children opportunities they were denied... though an Xbox isn't what I'd consider an valuable opportunity.

        2. This post has been deleted by a moderator

  16. KrisM


    whats a solictor going to do? although annoying, surely she would not have much scope for suing microsoft, seeing as she entered her card details willingly, and did not remove them (and also explaining to son not to buy stuff, assuming she knew this was possible - son must have know what he was doing tho!)

  17. Matt Siddall

    So, let me get this straight...

    "When she contacted the bank, she was told everything had been spent on Xbox Live, with 25 payments alone made in the last two months. In one month Brendan spent £350. His entire expenditure totalled £1087."

    Presumably the one month in which he spent £350 was the highest spending, else why mention it? So he must have taken over 3 months to spend all the money, and she didn't notice anything wrong with her balance until all the cash ran out?

    People really should be checking their credit card statements - what if someone cloned her card and only managed to spend £500 on it. She wouldn't have noticed? How many other people have had fraudulent activity on their cards and haven't noticed?

    I could certainly see Microsoft refunding the money to her had she come forward within a month or so, saying that she didn't authorise it - but having let him play with all the goodies for at least 3 months (probably a lot more) I really don't see why they should refund anything. At best, they might offer to refund the last month of transactions as a goodwill gesture.

    And didn't the kid realise what he was doing? I'd think he should be in a world of trouble right now...

  18. Ian Ferguson

    May I be the first to say

    Pffffffhahahaha *snort*

  19. Anonymous Coward


    Nothing to do with the bank or M$ - you knowingly entered your info... clip round the earhole for the kid and a large smack in your own face for being a dumb ass.

  20. Anonymous Coward
    Anonymous Coward

    Kids do steel money from parents for XBox Live

    This is a common problem. I myself had my two sons take money using XBox Live. You have to regsiter using a card (which young children do not have) and it is then not possible to delete the card details i.e by making thepayument a onece off to buy the live account. Microsoft now this is a problem but justify their actions based on 'ease of use' thereby making it easy for your kids to rob you blind. My sister and many of my froends have had just the same experience.

    1. MarthaFarqhar

      You don't have to buy using a credit card.

      Then don't buy using your card. Take your card down to most supermarkets, they sell Live membership cards and Points cards that can be redeemed on the console.

      The kid must have known full well what was happening, it tells you how many points or how much in cash it costs for each download.

      And well done to the Daily Mail when they published this, you could clearly see the kids gamertag.

    2. Wild Bill
      Thumb Down


      You do not have to register using a card. Basic xbox live accounts are free, and you can upgrade to Gold (to play online etc.) by EITHER entering your credit card details, OR by purchashing prepaid membership cards (which can generally be found much cheaper than the going rate online by the way). The same goes for Microsoft points.

  21. TheTick


    Correct me if I'm wrong, but don't you need to enter the CVV number for any purchases made without the cardholder present, as in most online transactions? And isn't it illegal for companies to retain the CVV number on their systems?

    So is MS breaking the law or was the kid just clever enough to remember the numbers?

    1. TakeTheSkyRoad


      This is what I thought would be happening when the CVV was introduced but in practice LOADS of companies retain this (so doubt it's illegal). For example, paypal, dabs, itunes.... none of these ask me to confirm the CVV though the web based ones do redirect to the "Varified by Visa" or equivilent page.

      Rather pointless of it to be introduced then I think

    2. Anonymous Coward
      Anonymous Coward


      funny, I don't need to for amazon, or Paypal on ebay or or or or....#

      Of course I need a (strong) password to get to this, but then again, I don't check the "remember this password" options for any site that uses credit card info.

    3. Anonymous Coward
      Anonymous Coward


      The CVV may not be stored under PCI DSS, the card details may not be in the plain when at rest.

      The user probably setup a repeating payment, you don't need to auth each time it is taken, MS are very clear about the fact that this can lead to your darlings running up large costs on your CC.

  22. Anonymous Coward

    You have to pay to play?


    She should have bought him a PS3. Not only does it have better games and better features, but it's free to play online too, this would never have happened.

    She could have gifted him one-off PSN credits if wanted to.

    1. Daniel B.

      Sony actually does this better.

      The PSN service is not only free (unless you want the "plus" service), it has the option of using pre-paid cards instead of giving them full access to your credit/debit card. Using that route means that you won't have your CC tied in such a way that you might get charged without your knowledge.

      Oh, and PSN child accounts have explicit locks which allow the parent to lock down how much the kid can spend. But then it could be the case that the account for said kid was made as an adult ... probably for that retarded reason that kid accounts have some features locked out. In PSN's case, under-18ers can't post to Facebook, and in some cases nobody under 13 can even *make* a fricking account.

      So it does seem to be a FAIL on MS side as well, especially if they have the same retarded nerfing of under-18 and under-13 accounts.

  23. Lottie


    But I fail to see what a solicitor will do.

    I'd sell the xbox and anything else of the kids to make up for some of the cost.

    She does seem quite clueless though. Xbox live, but no access to online banking? Even if I didn't have access to it, I'd certianly pop into a branch to see what was going on when the red letters came instead of assuming it was due to the recession.

  24. Anonymous Coward
    Anonymous Coward

    She should start by

    .. selling the XBox to raise a few quid. S'funny how she's claiming poverty whilst her fat son plays on a new XBox..

    1. PaulWizard
      Thumb Down

      Now come on!

      there is no need to insult the poor lad. I remember being a bit portly at 11 too. The mothers stupidity deserves 100% of your mocking.

  25. David Precious

    Plans to contact a solicitor?

    For f**ks sake, take some personal responsibility for your child's actions rather than trying to blame someone else. Of course "Barclays and Microsoft both deny liability over the already-paid bill", and quite rightly so.

    You set your kid up with an XBox Live membership (for which a cursory Google would suggest the minimum age specified is 13 anyway), input your card details for him to use, and then get all upset that he used them?

    Where's the old-fashioned ideas of supervising your children so you know what they're doing, and taking responsibility for their actions? Grow up woman.

    1. John G Imrie


      the solicitor is to sue her kid

  26. envmod

    kid is to blame

    in as much as you can blame a child - this is entirely the kid's fault - he knew exactly what he was doing. this is why kids don't have credit cards - they would spend irresponsibly and without thinking about the consequences.

    not much the poor mother can do i don't think - the goods, services etc were delivered and paid for, they're not going to let her off, she should have deleted her card details after she had used them to sign up for xbox live membership.

    she'll just have to work out a payment plan to clear the debt i guess.

    personally i would immediately ban the child from all gaming, sell the xbox to halp pay for the debt and instruct the child to spend more time outside (i've seen a picture of him - he's a pale, sickly looking kid).

  27. Anonymous Coward
    Anonymous Coward


    The xbox support people are very clear that you are responsible for charges run up on your credit card by your kids.

    I mean what was she thinking - giving a child unsupervised access to her credit card?

  28. Anonymous Coward
    Anonymous Coward

    damn right

    Barclays and Microsoft have no liability. She gave her child access to her bank account and he bought a load of stuff with it. End of story! Make the kid pay the money back if you really must blame something other than your own stupidity. Most kids use pre-paid xbox live cards to get online/buy things, a debit card certainly wasn't the only way of doing it!

    If people don't have to live with the consequences of their mistakes, they'll never learn not to do stupid things again.

  29. The Indomitable Gall

    Before the commentards start...

    Some people are IT illiterate. The expected behaviour of a debit card is that it is presented for each new transaction. Storing credit/debit card details in accounts is against the basic principles of how the system works in the offline world. I think the mum's fighting a losing battle, but IMO, XBL are to blame. They want to make money, so they make it easy to spend money. They expose the consumer to additional risks in the name of profit.

    Yes, the mum should have read the Ts&Cs more carefully.

    Yes, the mum should have checked her bank statements (and the whole "online banking" thing is also partly to blame).

    But no: XBox Live shouldn't have allowed this to happen in the first place.

    1. Jeremy 2

      Well yes, but...

      "XBox Live shouldn't have allowed this to happen in the first place."

      Well maybe but just what do you expect Microsoft to do? Refuse a transaction from somebody who, as far as they can possibly tell is an authorised used of the card? Like they're going to do that. He spent a grand over the course of six months so on average, about £170 month. That's way more than you'd ever catch me spending on there but I'd wager it's not all that unusual to do so.

      The whole thing is ultimately her liability as well she probably knows. Being technically illiterate is not an excuse for not reading the T&Cs or not checking your bank statements especially if things keep bouncing!

      Instead of the two decent options available to her; either taking it on the chin or maybe appealing to Microsoft's 'good nature' (hehe), she's implying that she's going to sue. I'm sorry, but my sympathy for her situation ended right there.

      When you try and purchase something that requires more MS Points than you have onhand, XBL puts up a prompt saying words to the effect of "if you agree, £x.xx will be charged to your credit card xxxx-xxxx-xxxx-1234". The kid may only be 11 but you can bet your life he damn well knew what that meant.

      She should give the kid a right bollocking, sell his xbox and games to recoup some of the loss and consider it a life lesson - for both of them!

      1. Kevin 6


        "The kid may only be 11 but you can bet your life he damn well knew what that meant."

        My nephew is 10 and has been racking up a bill on my brothers card prolly close to $500 over the past year buying costumes, and other stuff. My nephew knows my brother doesn't notice the extra charges due to how much m brother uses the card(he buys the stupid costumes too), and he even has told me(and my sister) he knows his dad don't notice it while laughing.

        I would tell my brother but personally I feel he deserves whatever my nephew charges for giving him unprecedented acess to the x-box, Plus my brother has screwed me out of alot of cash so him losing money via this IMO is nice payback ;)

        As for the idiot that hooked her kid's xbox to her debit card I feel 0 sympathy. Kind of how I feel no sympathy for that idiot who fell off a parking garage the other day while texting.

      2. JohnG Silver badge

        @Jeremy 2

        "The whole thing is ultimately her liability as well she probably knows."

        Maybe not. Distance Selling regulations and other UK consumer law offer considerable protection for online transactions. For starters, the card issuer must be able to prove that each and every card transaction has been authorised by the card holder. The supplier should provide a record of the transaction to the cardholder i.e. a receipt showing the date, what was purchased, the VAT and the total.

    2. Arctic fox

      @The Indomitable Gall. Thank Sir. at last a voice of realism.

      Let us not forget we are a tech-website. The large majority of our fellow earthlings REALLY do not get this stuff when they are signing up for this that and the other online.

      1. Rob Moir

        I'm sorry

        but if you do not "get" a box that pops up to say that if you continue adding points then card xyz will be charged £abc then your problem isn't that you don't "get" technology, but rather that you don't "get" life. And 11 is bloody well old enough to know better. The kid knew what he was doing.

  30. Bardlee

    uhhh... moron

    I can see someone not noticing the charges like that for a month until their next billing cycle.. but it says that there was 25 payments in the last 2 months alone which hints towards this happened for more than 2 months.

    Nobody to blame but herself.. well, her kid mostly but she should check her statements. This is why credit companies will always send out paper statements so she can't use this pathetic excuse. It's always someone else's fault these days.

  31. Anonymous Coward
    Anonymous Coward

    Only my opinion

    All individual payments should have been authorised, they obviously weren't so Barclays shouldn't have paid Microsoft. Additionally Microsoft should not be keeping credit/debit card details to be used at a later date.

    Although the woman is a bit lacking in the financial awareness department I feel here the responsibilty falls on Barclays for making unauthorised payments.

    1. Anonymous Coward

      Re: Only my opinion

      "the responsibilty falls on Barclays for making unauthorised payments."

      and how would the bank know that they were unauthorized payments? She entered the details into XBL herself. The _convenience_ of storing your details on a site is enjoyed by many (including myself), it allow a revisiting customer to buy without having to re-type their card details on each visit. If this _convenience_ is abused, it is not the fault of the bank or site owner, it is the fault of the user.

      note, stolen card details is not the same as an abused card.

      1. Anonymous Coward
        Anonymous Coward

        Re: and how would the bank know that they were unauthorized

        And furthermore, how would the bank know they were authorised? Or would you expect that if you made a purchase at Asda then your bank should automatically assume that all subsequent purchases from there are being made by you?

        1. Anonymous Coward
          Thumb Down

          Re: Re: and how would the bank know that they were unauthorized

          Through the use of the Card Verification Value Code on the back of the card. PCI stipulates that this code must never be stored. Ever. If this number is not present that the card holder has not been verified and therefore the payment should not have been authorized.


          1. heyrick Silver badge

            The "security code"

            I've ordered stuff from a few (secure) American sites, who have not asked for this code. Perhaps Americans don't use it as much as Europeans?

      2. Anonymous Coward
        Anonymous Coward

        Re: and how would the bank know

        Isn't that what Verified by Visa and such is all about??? Or does this only apply when it is convenient for them.

        I'm glad you think having your card details stored somwhere not under your control and clearly retreivable in plain text is convenient but I doubt you would be so flippant if the server was hacked.

        On another point, I recently recieved a new visa card which allows contactless payments, whose fault would it be if I was charged for passing by a rogue reader? I haven't called to enable the card as requested, I suppose if I did so I would be accepting all sorts of conditions that would clear Visa of all liability for anything.

        1. Anonymous Coward
          Anonymous Coward

          Re: Chris W

          calm down a bit,

          Verified by Visa: not all websites use it, and not everyone use it (my bank doesn't give it to me as an option). So unless the user ask for it, they won't get it.

          AFAIK, this verification is only done if the website asks for it (some do), if the website doesn't ask for and you still enter your details, how is this the bank's fault?

          by the way, amazon and paypal (plus many out there) do _NOT_ store you credit card in plain text on an unsecured server. You seem not to be trusting of using your card online, but on the other hand don't mind to physically handing it over to complete stranger at a supermarket. This is strange in itself, if you don't trust a secure server, why do you trust a complete stranger?

          1. Anonymous Coward
            Anonymous Coward


            You asked how a bank would know if a payment was authorised, I gave an example to your question, If you think that's an overreaction then tough.

            The bottom line is, if the kid didn't have to enter any details of the card before purchase then it was un-authorised, and the article tends to indicate that this was the case. I don't have an x-box so I've no idea if this is how it works in reality, I can only go on the information I've been given. However it does seem from other comments that this is indeed how it works.

    2. Anonymous Coward

      Ah, but it isn't

      It's not always necessary to authorise every time. I'm guessing Xbox uses Continuous Payment Authority (aka Continuous Card Authority as I used to know it). Some discussion here:

      Some companies (there's a few examples halfway down that thread) use it instead of a Direct Debit - Pipex Internet used to use it, which is how I learned about the things when my broadband tax payment couldn't be collected (and I got in a spot of bother over it) because I'd got a new debit card. I'd assumed (oh dear, yes I'm a bit financially illiterate too, or was then) that they were just taking it by Direct Debit.

      It has to be said, nearly every search result for the term seems to be much like the above: a consumer discussion about some company abusing it. Maybe it is something that needs a rethink...

  32. David 39


    I enter my debit card details.

    I do not configure parental controls.

    I by proxy authorise my card for use on the servers

    My son downloads crap that is paid for but it's microsoft/barclays fault!

    Damnnnn. who is going to pay for the car I bought? I demand to know!

  33. Ian Tresman

    Kids NOT to blame

    The child is NOT to blame. It is the fault of MS whose system set-up is inadequate. This can EASILY be circumvented if the system worked correctly. It doesn't. MS are liable in allowed a child to make a credit card purchase.

    1. Jeremy 2

      Re: Kids NOT to blame

      "MS are liable in allowed a child to make a credit card purchase."

      When they provide multiple ways of stopping it happening, (child accounts, parental controls, pre-pay cards to avoid using a CC altogether) then no, they're not - it's a basic convenience the responsible majority.

      The wording of the articles is all very careful to avoid being so blunt about it but let's call a spade a spade for a minute. The real issue here is that the kid *stole* over a grand from his mother. The root cause of all of this is that he didn't seem to realise that what he was doing was wrong and the actual mechanism used, whether it be through stored details, nicking it from her purse or taking her card and going to the hole in the wall, is almost irrelevant.

  34. Syed

    Yeah right!

    She was too busy dealing with direct debit payments bouncing and didn't think to phone or walk to her bank - " I don't have internet banking, so can't check my balance..", boo hoo -- pull the other one love - especially the middle leg!

  35. Anonymous Coward
    Anonymous Coward

    its easily missed

    Its easily missed. The amounts are not huge as individual transactions and they just stack up.

    The ex had a shop. The bank screwed up the standing order when the landlord changed details. Instead of the payment coming out every 3 months, it came out monthly. It was missed for over 6 months because times were getting harder and "rent" does not look like an unusual transaction when looking at statements. It was only when a range of statements were seen togther did it become obvious.

    The kid bought bullshit virtual gear, MS should just refund the money considering that they already pulled the account.

    1. Shaun 1
      Thumb Down

      Not that easy to miss

      It's quite easy to spot when you have 25 tansactions over 2 months (so at least 12 a month) marked as MICROSOFT*XBOX LIVE POINTS*

  36. Anonymous Coward
    Paris Hilton

    Entirely her own fault

    Sounds like a classic case of someone using tech they don't understand, in this case the Mother... Next she'll be leaving her keys in the car and wondering why the kid wrapped himself around a lamp post.

    Paris because it wasn't her fault, honest your honour.

  37. Magnus_Pym

    'Pull' payments

    It's not only the risk of a third party getting you details.

    If you sign up for a monthly subscription with a credit card and forget the password you cannot ask them to stop taking payments. If the email account you originally used is now defunct you can't get back in at all. Even if you do request them to stop they don't have to and you may have difficulty tracking them down to write to them. All you can do is cancel your card and wait for the legal letters.

    Mobile phone payment is even worse you don't have to authorise payment in the first place. you can be transferred to a premium rate line or charged by text for one purchase and and heap of other stuff is loaded in via the small print. Transport for London want to be able to get 'fines' by remote control now.

    I can't see how we have ended up were any Tom, Dick or Harry can pull payments from your account without explicit instructions.

  38. Ian Tresman

    MS should be prosecuted

    MS should be prosecuted for this "scam". I ordered my son's XBOX live account on our credit card, and did not give permission for any other purchases (regardless of terms and conditions) . Yet my son has "accidentally" made several purchases. I get no warning, no option, and no receipt. This is wrong.

    While MS have been helpful in refunding the money, this is too little too late. A minor is not legally able to use a credit card, regardless of how the account is set up.

    I recommend that people contact Financial Services Authority, to ensure that MS fix this problem.

    1. Alex 0.1


      And the response from the FSA, will be that you agreed to the purchases, which you have.

      The situation is either

      1) The account is in your name, in which case you're responsible for the charges because it's your account with your card that you enteredto be used for payments (plus, your son shouldn't then be using the account in the first place), or

      2) Your son is setup with his own child or teen account into which you entered your payment details, which in both cases automatically default to all purchasing and payments being blocked via parental controls.

      You have to explicitly alter the parental controls to allow purchasing for either a teen or child account, and if you're capable enough of reading the screen to enable purchasing, it's your own problem if you're not capable of disabling said option again after making the purchase you want.

  39. Tom 38 Silver badge

    MS didnt allow the child to make a credit card purchase

    The kids mother did.

  40. Jonathan Walsh

    How does that work?

    No money to pay her bills, but enough for a solicitor?

  41. Danny 5

    if i where a bad person

    I could've cleaned someone out as well quite recently. an online friend of mine in the US helped me out getting US points on my EU XBOX, enabling me to get indie games (when ARE they going to make that available here?). i gave her my MSN details after a quick password reset and she proceeded to log on to my account, enter her creditcard details and buy points for me. i Paypaled her the money back and checked my account.

    Lo and behold! the creditcard details where saved to the account, a nice, free VISA card to play around with :D

    Good thing i'm an honest person, after scaring her for a bit, i deleted the details.

  42. Dave 49

    I'm siding with the mother

    Single mother, two kids to look after, she treats them to an Xbox. The 11 year old asks to use XBL to play online with his friends, she obliges, he does all the work with her overseeing because she doesn't know how to do it herself, and doesn't understand techology terribly well. If any questions arise, he bullshits her, and she's too trusting to know any better.

    The bills come, she doesn't bother checking them properly, or at all. This is really stupid of her.

    She kicks up a fuss, no-one cares, so she kicks up a bigger fuss, everyone laughs at her. She hires a solicitor, who, despite the cynicism from you guys, /might/ actually be able to help. You see, I've studied US Civil Law at length*, and by the terms of it, a contract can only be formed with a responsible adult aged 18 or over. Since the kid is 11, he's by no means a responsible adult, and so any contracts of sale he initiated are arguably null and void, and she might be entitled to a refund afterall**.

    * That is, I've watched Judge Judy a few times.

    ** Well, maybe. There was an episode once about this sort of thing, and I'm pretty sure the plaintiff won.

    1. David Precious

      Contract formed with her...

      If there was a contract, it *was* formed with an adult aged 18 or over - the mother, when she entered her card details, agreeing to future sums being charged to the card.

  43. TFk

    Blame to spread around

    I like how most people seem to want to take one side or the other.

    Tthe root problem is most definitely the lack of parental supervision and financial observation.

    However, on the other hand there could be more safeguards (and better advertised safeguards) in place for parents with these systems. Restricting purchases by a pin number would be a good/simple idea. Having a default monthly spending limit would be nice (though I would imagine not popular with 'businesses'). There could be a 'family' set up option on first install which guides parents who are setting up the console with their kids through all of the parental control options (like financial restrictions).

    Personally I think the fairest solution would be for Microsoft to refund the £350 for the past month's purchases (as the account as now been closed) and for the mother to be liable for the rest (as she has had reasonable time to question those purchases).

    As for the people says that she's 'blaming everyone but her own kid' - She's probably given him the (verbal or otherwise) beating he deserves, but that doesn't exactly help her financial situation any, now does it?

  44. juice Silver badge

    Console-based microtransactions...

    For what it's worth, you can delete your credit card details from XBLA, but you can't do it from the console. Instead, you have to log onto the website (which uses the same Passport-based authentication details) and delete it from there. It's not a particularly user-friendly system and IIRC, Microsoft don't actually provide any information on how to do this on the console itself.

    (in brief: log into, click on "My Xbox", click on "My Account", click on "Edit Payment Options". Not so simples!)

    Also, it's worth noting that this is a general "kids with parent's credit card" issue - a relative had a similar issue with their son, who ran up a bill into the thousands on his mobile phone, back when there were a lot more of the dodgy "implicit subscription" Crazy Frog/ringtone con artists around. Any system where you don't need to explicitly provide payment details is subject to potential abuse/misunderstandings.

    However, I'm not sure Microsoft can be let off so easily. They already have a set of child-protection/restriction systems in place: by default, kids are barred from video comms, their friends list is hidden and they can't view "explicit" content. Surely it's a no-brainer to add an extra "billable transactions" option and provide a set of options:

    1) no billable transactions allowed

    2) billable transactions with stored credit card allowed

    3) billable transactions allowed, only with XBL points card or manually entered CC details

    If a default choice of 1) is set, that would seem to cover all of the bases: if a parent decides to let a kid have 2), then they can't complain if a bill gets run up. Meanwhile, if they select 3), then the kid can buy a points card from HMV/Walmart; if they go a step further and steal mummy's credit card, then I'd say you've got a bigger problem than a bill for some pointless avatar items...

  45. ratfox Silver badge
    Thumb Down

    The plan worked

    The way I see it, this is exactly what developers hoped for when they added the possibility of buying items for a game...

  46. Les Matthew

    Correct me if I'm wrong

    But it was a debit card and not a credit card. So I'm assuming age restrictions may be different?

  47. Anonymous Coward
    Anonymous Coward

    ITunes is the same

    Same issue with iTunes app store.

    My son has an iPod touch, to set it up it required me to enter credit card details. I didn't enter the CVV at first but, when he asked me to buy something I entered the CVV to progress the purchase.

    Now those details are saved and a simple click on an app will purchase it. No pop up confirmation box, no requirement to re-enter the CVV, the purchase is made.

    Yes, you need to enter a password in order to progress but you need to enter the password just to download a free app - WHY? - so I've let him know what that is so that he doesn't have to ask each and every time he want to install a free app. I just have to trust him to be careful not to accidentally buy a non-free app.

    Why can't Apple simply have a double confirmation when buying an app? Why can't it require the CVV to be input each time? Why does it need a password to download free apps?

    1. Dan 55 Silver badge

      Go back into iTunes...

      ... go to account info and set the payment type to none.

    2. bubba-bear

      Prepaid VISA card?

      Can't you use a prepaid VISA card at the iTunes store?

      I have a second VISA debit card from my credit union that I keep a token amount of money in for these sorts of things. It works like a prepaid VISA debit card, the credit union simply declines any charges that aren't covered by the balance.

  48. Anonymous Coward
    Anonymous Coward

    Microsoft scamming parents!

    Similar thing happened to me.

    You can't delete your card details and MS won't do it for you unless they cancel everything that has already been paid for.

    So if I wanted my son to have the features I'd paid for I had to leave them on. They make it easy for the kids to spend money so money did get spent. A complaint to MS got nowhere and I got them to cancel the details but lost what the money had been spent on.

    A money making scam if you ask me!

  49. No, I will not fix your computer


    Everybody who owns a credit/debit card *should* be careful every time they use it, online, cashpoint, shop (avoid shoulder surfers etc.), they *must* bear some responsibility if they are not careful, however in this case, I think that M$ should have a clear disclaimer saying "Do you wish to save your payment details, this will allow the user of this XBox/Account to charge other purchases to it" and then a simple yes/no option - if they had this then M$ wouldn't have a leg to stand on as she would have explicitly agreed (rather than implicitly), yes allowing the XBox babysitter to have the card details unrestricted is ignorant, and adults *should* know better, but M$ could have added an educational warning.

  50. Anonymous Coward
    Anonymous Coward

    Verified by...

    Visa is a joke. I can never remember the info I use for that on sites, so just click on the make new account option.

  51. Stevie Silver badge


    In the case of mandatory credit card accounts for under-aged spenders (yes iTunes Store, I'm looking directly at you too) it would be at least a reasonable precaution and a measure of security for the owner of said credit card to place an absolute ceiling on the spending that can be done per unit time when you set up such accounts.

    As for this sorry woman, she has the answer to her new penury is at hand: A healthy, young kidney is worth a small fortune on the open market. Snip snip stitch stitch problem gone and a tidy profit that could be put into escrow for the next unauthorized overspend.

    And when that's used up, there's a lung to be harvested, half a liver and gosh knows what else. In an extreme case this solution would make the problem self-limiting.

  52. Anonymous Coward
    Gates Horns

    Microsoft Scam

    (Yes that subject will upset the fanboys). :-)

    Been through exactly this myself, though luckily our kids are either very honest or not very inquisitive. My wife used her card to buy our son an Xbox live sub. There is no obvious way to do this other than on the console. I watched. No obvious prompts that details would be saved or auto renew. Next year, we find her card has been debited for another years subscription. A few days later our son (who is also 11) manages to buy something like £5 worth of "points" on her card. He actually told us this before we realised, it seems he was seeing how it worked as he wanted to spend his own money on them anyway.... and it well, just... um did.

    So, on the phone to Microsoft (just getting a number was a challenge without the console). It seems the only way you can pay by card with them is to have the details auto stored for anyone with access to the console to use (good job we didn't sell it at a car boot sale). To remove the card involves them cancelling the account and issuing something like 11 prepay subscription codes to be instead... then waiting a month to make sure they've really cancelled the acocunt. And the first part takes several days.

    Frankly, in our case I feel Microsoft acted like petty criminals who seemed embarrassed they were caught. At 11, a child might know they're doing wrong but not understand the significance so I completely understand this woman's predicament.

    However, much as I hope she sues them into oblivion... in reality I guess it's just not going to happen. Personally, I've now become radicalised against Microsoft :-) and have a personal policy of never buying any of their products (even so far as getting a Macbook as my next laptop to avoid the Windows tax) and recommend never purchasing anything from them using any method other than cash.

  53. Anonymous Coward

    @Jonathan Walsh

    Despite what many seem to think, the law isn't only for the benefit of the rich. It's attitudes like that that allow companies like Microsoft to get away with sharp practice ("scams" almost) like this.

    Honestly, reading some of the comments on here you'd think some of the posters lived in a fluffy little dream world where big businesses exist solely to ensure you're able to buy pictures of framed kittens at the click of a mouse... and where any crime must be the fault of the victim.

  54. Dan 55 Silver badge

    It could have been worse...

    ... she could have put her card details in an Apple ID account.

  55. bubba-bear

    Email purchase notification

    I have a card on a few accounts, such as iTunes and Kindle, and after buying anything, I get an immediate email detailing the transaction. Don't people watch this stuff, especially when it was going on for months? I could understand not reading email notifications for maybe a week, but ignoring emailed purchase notifications for even a month is beyond silly. Actually, I don't understand ignoring email notifications for even two days, but not everybody checks their email daily.

  56. Robbie
    Jobs Horns

    Don't give Microsoft your card details

    Back in the very early days of Xbox Live (on the original Xbox) I entered my credit card details into the Xbox console. Some time before the anniversary for renewal approached, I could see no way of *removing* said card, so to be absolutely sure of cancelling the subscription, I overwrote the card number with zeros (which it allowed me to do), changed the address and indicated wherever I could see, that I didn't want to renew membership.

    Around this time I moved house, forgot about Live and never took the console online again.

    I got charged an annual membership renewal anyway and ended up spending no small amount of time on the phone to Ireland (I think it was) trying to get a refund. In cancelling my account I had to run the gamut of the hard sell with a Microsoft operative hell bent on forcing me to justify why I was intentionally being such a fool for wanting to leave such a wonderful service. For the record, I don't overly enjoy self flagellation or protestation.

    I pay for a gold account on Live once again, purchased DLC etc, but I will never give Microsoft my credit card details. Ever. I rely instead on retail or online purchased payment scratch cards.

    This lady was probably a bit of a nerf for not checking, and I find it a bit incredulous that it went on for months without her noticing, but I have a *tiny* bit of empathy for her plight.

  57. Dick Emery

    Xbox/PS3. What demographic?

    What demographic are these consoles mostly sold to? I don't mean who buys the things I mean who are the majority that use them? If under 18's then the parental controls should be ON by default. Not the other way around. If this is the case then MS ARE to blame as the demographic that uses it most need to be prevented from being able to do this kind of thing.

  58. Anonymous Coward
    Anonymous Coward

    Wake up call

    A lot of you are saying that it is right for Microsoft to assume that the purchase is being made by the authorised user of the card yet when there is a discussion about the recording or movie industries you are all falling over yourselves to point out that they can't assume the subscriber of the internet service is ths person illegally downloading stuff.

    What's the difference? Oh, I know, here we have some poor woman being shafted by big business and on the other we have us techies being shafted by big business. We are always right and poor computer illiterates deserve all they get.

  59. Alistair James 1

    Lets put this into perspective...

    The woman is pleading poverty, yet she can buy Brendan an Xbox, ok fair enough it might have been a gift. She used her debit card to buy the boy xbox live access, ok WHY NOT BUY A BLOODY CARD FROM TESCO YOU STUPID WOMAN!!!!! I am sorry but all you lot bitching about M$ making money off this and M$ being at fault, rubbish, there is one person at fault the mother.

  60. JohnG Silver badge

    Proof of transaction

    Whilst this woman may have been a bit dim in not checking what she was signing up for, she may have a case against her bank. IANAL but as I understand it, the card issuer has to be able to prove that EVERY card transaction was authorised by the card holder. They may ask the supplier to show that they had provided the card holder with a record of the transaction i.e. a receipt with date, VAT, etc. Without this, they might have to refund the card holder.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2020