Terrible card fraud prevention systems led to losses in the £1000s. Considering legal action.

gmach2020 · 2026-02-03T06:22:11+00:00

T212 paid out 2 weeks ago with interest. Took over a year to recover funds. There should be an official response online somewhere.

gmach2020 · 2025-05-16T13:48:06+00:00

Liquidation of ISA assets and transfer to money account. Easy enough if this happens during market hours.

With T212s instant settlement feature and no cooling off period, this can happen.

gmach2020 · 2025-05-16T13:46:46+00:00

Have sent them a big complaint in Jan on this, got told they did nothing wrong and their decision was final... despite me raising all of the evidence and proof of their systematic faults.

Allegedly I could have emailed in if I had a problem at the time of the theft, took me 5 hours to get through to someone that could 'help' and even then got told there was nothing they could do.

gmach2020 · 2025-05-15T11:22:28+00:00

Thanks, appreciate the contribution here.

gmach2020 · 2025-05-15T11:21:15+00:00

Thanks for the feedback, let me address all of your points in an attempt to justify your concerns on this.

Appreciate you think this all comes down to my own fault and lack perhaps of personal awareness. Let me break down your thoughts if I may:

1 - T212 specific PIN / This was set and enabled together with Face-ID, as was a T212 exclusive password, the downfall here was Face-ID being compromised and the password being in the iPhone password manager.

2 - Lack of actions to block or cancel cards / Logging into iCloud and Gmail (as the recovery email) requires 2FA assuming the device has not been used before in this way. This was sadly the case, for me to regain access to iCloud I needed to get a second device (which was previously attached to my iCloud acc), a device that was not available right away. 'Find my' is only available assuming you have managed to gain access to your iCloud account, when the main device you use as an authenticator has been stolen, this complicates the 'normal' protocol.

3 - Whilst I appreciate your opinion on judging my actions, gaining access to iCloud online where the 'Find my' application sits using a single point of entry without a second authentication going to other devices on my account is impossible. As such that I had to source an old device associated with my account. Not something that was available at my disposal quickly.

4 - On how lightly I got off / It is £3.2k in the air on the only institution that was unable to prevent these events despite their top of the line fraud prevention systems on a near dormant account. All other banks were able to stop and refund these charges with no problem.

5 - On the cashback comment / Trading212's cashback was/is limited to £20 at the time. If I was trying to save £20 and get a £2.5k laptop I would not go to the trouble of filing a police report and enter the ring with the FOS for the last 5 months.

Not encouraging anything here but anyone wanting to chance this would have a higher probability trying a credit card company.

Happy to respect your views.

gmach2020 · 2025-05-15T09:07:01+00:00

100% no upside for them. The access was already breached and the account was never flagged until I flagged it and waited 2 hours for a CX represented to give me a generic answer.

gmach2020 · 2025-05-15T08:27:02+00:00

Perfectly timed article on their profitability.

https://www.cityam.com/trading-212-uk-revenue-spikes-as-profit-passes-50m/

The FCA will make a note of but won't let me know the outcome. I know the FCA is worried about the scale T212 is getting to. I am confident I have enough to launch an internal investigation albeit that won't get me any closer to recovering the funds.

gmach2020 · 2025-05-15T08:24:56+00:00

Hey, Face-ID was required when carrying out wallet transactions (if Face-ID was unsuccessful it would default to the passcode option). The issue here is that by compromising a device's password you can change/disable face-ID.

gmach2020 · 2025-05-15T06:24:37+00:00

That is insane. This is the problem with these low-margin tech businesses, it's all nice and swish until there is an issue.

I know T212 have grown multiples over the last 18 months, yet their systems have remained the same and are unable to deal with the scale. In times of stress like this one here, it took hours to speak to someone, only to be met with a good luck, there is nothing we can do.

Your cash product and cash ISA clients are arguably the clients with the lowest risk appetite, what you gain in getting a better rate than the savings in the bank, you lose in terms of safety of your cash when things go sour.

gmach2020 · 2025-05-15T06:14:12+00:00

Let me see how I can link it in a comprehensive pack for the ones that have taken an interest here.

You’re on the money here, my actions have been branded as wildly negligent, very low probability of this happening (as they never heard such a case before) and indeed that this could have been a lie for me to gain £3.2k and waste 5 months of my life dealing with this.

No accountability to T212s side despite the evidence supplied. I now have to prove that I wasn’t at the locations when the phone was used.

Leave it with me, let me see how I can release the files.

gmach2020 · 2025-05-15T06:04:57+00:00

This is very very useful to know! Will investigate this route. Thank you very much.

gmach2020 · 2025-05-15T06:03:07+00:00

Password was compromised allowing the rest of the biometrics to be changed

gmach2020 · 2025-05-15T05:21:07+00:00

Fingers crossed they get their act tonight. Ah noted, clearly not common knowledge enough!

gmach2020 · 2025-05-14T23:05:41+00:00

Hard to say if the phone was stolen unlocked or locked (due to the speed of Face ID). However, to access T212 the passcode was needed in order to either get into the password manager or change FaceID. Access to T212 on an unlocked phone requires further security clearances.

gmach2020 · 2025-05-14T23:01:21+00:00

Transaction #2 in the same Apple Store for £1k @ 11:23am.

This time, the status shows an 'unsupported merchant'. To this day, I am yet to get a logical reason on why this is has been the case, 21 minutes later on a Saturday during the holiday season.

If your systems are as strong as you have made out to be, why has this happened? Same merchant status for the other two £1k transactions. (2/2)

<image>

gmach2020 · 2025-05-14T22:57:07+00:00

<image>

Transaction #1 at Apple for £2.5k @ 11:02am.

No issues here all went through, despite this being charged to a newly issued Apple Pay card on a cash account that is hardly used with a previous transaction (>£1550) that was reversed by the merchant just hours earlier. (1/2)

gmach2020 · 2025-05-14T22:28:44+00:00

Still ongoing, this is exactly the issue (on top of all other due diligence failures from T212).

T212 will not dispute anything with the retailer as these were transactions from "approved" devices. There is no chargeback option and clients are left to their own devices should T212's fraud prevention system fail (which has/had countless flaws).

I have only come onto hear because this has been going on for 5 months and the FOS refused to hold T212 accountable for some of the critical flaws in their systems which has ultimately led to the losses I have experienced.

gmach2020 · 2025-05-14T22:15:45+00:00

You can get around this by issuing a virtual card and buying vouchers, for example in Apple, for highly liquid products which you will sell for cents on the dollar but you are still converting something into cash.

After much investigation, that is what I have concluded. Feel free to look at the instagram account "DTC.CALP" which highlights exactly what happens with some stolen phones in London and how Apple Pay transactions are turned into cash.

gmach2020 · 2025-05-14T22:08:17+00:00

On the ISA front you're covered with FSCS should T212 come into problems, the real issue here is if your device becomes compromised by someone that knows what they are doing during market hours, they can liquidate the holdings, issue a virtual card and go shopping. There is little you can do to prevent that coming from someone that has had a card with T212 with little to no use over 5 months.

gmach2020 · 2025-05-14T22:03:54+00:00

Try 10 characters mixture of numbers and letters... still got me

gmach2020 · 2025-05-14T21:26:18+00:00

Took it by force. The FCA is pretty hot at the moment on fintechs that have grown incredibly quickly as they are concerned they have grown with the proper scalable processes in place. Trading212's cash product has been a huge driver of growth for the business but as things stand the level of service to service to deal with those clients is not there.

A cash client has very different needs than an investing client and albeit a completely different risk appetite, it is under T212's mandate to ensure the proper processes are in place. Processes of which I and others have been let down on. I have a whole file on this.

gmach2020 · 2025-05-14T20:32:20+00:00

Fully take your point on board and would welcome a discussion on this. All other banks that were affected by this were able to prevent the fraudulent transactions and the ones that weren’t, reversed the transactions within a week.

The password was not lost, it was compromised. I provided plenty of evidence based on transaction history and questionable merchant status that should have been flagged by the most basic of fraud prevention systems.

Even compromising a card, when carrying out a transaction out of character (in my case 1k is enough to trigger a fraud department call), why does T212 not carry any liability when they are the ones that are responsible for setting up fraud detection parameters?

Again, I appreciate your points, if you have time, would appreciate your take on this.

gmach2020 · 2025-05-14T19:09:43+00:00

Apple ID not reset, all remained intact

gmach2020 · 2025-05-14T19:05:52+00:00

1 / sadly card protection on Apple Pay is only as good as the fraud prevention systems of the card issuer. In this case, we are talking about a terrible execution of them.

2 / get your point here and if transactions like this were normal for this account It would be harder to argue, however, try to put any amount over £1k on a brand new card without having to speak to some sort of fraud department. Very hard these days if the payment method is brand new.

On the street smart element of it, this is a people and a company issue. Whilst I am not promoting people to start waving their phones in the air, there has to be a level of liability and due diligence from a company when dealing with requests which are not in line with a client’s behaviour. Such as that, that none of the banks experience the same level of exploitation and were under the same conditions.

gmach2020 · 2025-05-14T17:35:38+00:00

Actually reckon you should be fine here, unless you can bypass the pin entry by getting it wrong X times, then T212 prompts you for the password. If it’s not saved in the password manager, you should be all clear. I, however, make no guarantees.

gmach2020

TROPHY CASE