The bank card was stolen by a third-party payment company. How to sue the company?

Responsibility Determination of Bank Card Binding to Third-party Payment Platform Being Stolen and Brushed

20 17-0 1-09 10:22

Introduction: With the development of network economy, the emergence of third-party payment platforms led by Alipay, Tenpay and WeChat payment has injected new impetus into the development of e-commerce. In recent years, third-party payment platforms have risen rapidly. It is not only a payment tool, but also the most important link in e-commerce transactions. However, in the process of rapid development, there are also some legal problems in the third-party payment platform. For example, if a bank card is stolen after a consumer binds to a third-party payment platform, who will be responsible? In this issue, Faxin Bian Xiao collates the relevant cases and opinions of People's Judicial Case No.29, 20 16, and interprets the responsibility of bank cards tied to third-party payment platforms by combining other cases and laws, hoping to provide reference and help for readers.

People's Justice and Cases

If the third-party payment platform bound to the bank card is stolen, the court should determine its responsibility according to whether the issuing bank has fulfilled its contractual obligations —— Mou Peng and China Construction Bank Corporation Zhongshan Acer Branch Debit Card Dispute Appeal.

The gist of the case: in the case that the bank card is bound to the third-party payment platform, the issuing bank shall perform the contractual obligations to the third party according to the cardholder's instructions, and it shall not be considered as a mistake in contract performance, and the issuing bank shall not bear the responsibility; If the issuing bank violates the contract or fails to perform the obligations attached to the contract, it shall bear corresponding responsibilities.

Case number: (20 16) No.430, Minzhong, Guangdong 2072

Trial Chamber: Zhongshan Intermediate People's Court, Guangdong Province.

Source: People's Judicial Cases, 29 issues, 20 16.

Brief introduction of the case:

20 13 On July 23rd, Peng handled the Baihui Dragon Card in Zhongshan Acer Sub-branch of China Construction Bank (hereinafter referred to as Acer Sub-branch of CCB). On July 3, 20 15, the card cost 5,000 yuan through China UnionPay Shanghai Branch 14:36:52, and 5,000 yuan through Shenzhen Tenpay Technology Co., Ltd. 14:47: 16.15: 00. On June 5438+05: 07: 53, Zhifu spent RMB 3,000, and Zhifu spent 700 yuan. Peng said that when he used the card on July 9, 20 15, he found that the balance in the card was zero. On July 9, 20 15, Peng printed the transaction list in Zhuhai Xiangzhou Sub-branch of CCB. On July 15, 20 1 1, Acer Police Station of Zhongshan Public Security Bureau of Xiang Peng reported the case. On July 5th, 20 15, Peng printed the details of the card in Zhongshan Langqingxuan Sub-branch of China Construction Bank. Hou Peng sued Zhongshan Branch of China Construction Bank to the First People's Court of Zhongshan City, Guangdong Province, demanding that Zhongshan Branch of China Construction Bank be ordered to repay Peng's stolen deposit of 14700 yuan and the corresponding interest loss.

It was also found that the principal and interest of the mortgage loan handled by Peng in Zhongshan Branch of China Construction Bank were recovered normally from October 20 10 to June 20 15, and only 5.9 1 yuan was recovered on July 4, 20 15. Both parties confirmed that the debit card involved had SMS service, and Peng claimed that the account was stolen and did not receive SMS notification of account fund change. Peng also confirmed that he had made many small purchases through third-party payment platforms before.

The referee's reasons:

The Intermediate People's Court of Zhongshan City, Guangdong Province held in the second instance that this case was a debit card dispute. Peng handled a debit card in Acer Sub-branch of China Construction Bank, and the two sides formed a savings deposit contract relationship. In this case, the amount of the five disputes was paid through the third-party payment platform, and the transaction of the third-party payment platform used the account provided by the third-party payment platform to pay for the goods. When the buyer binds the debit card to the account provided by the third-party payment platform for the first time, the bank will check whether the mobile phone number provided by the third-party payment platform is consistent with the mobile phone number reserved by the bank when the customer pays, and the payment can be made after passing. If the bank has verified the relevant information during the business association according to the above requirements, in order to ensure the authenticity and reliability of the customer's identity, it is not necessary to verify it again in the subsequent transactions, and the payment can be made according to the instructions.

In this case, Peng made small transactions through the third-party payment platform many times, claiming that it was obviously Peng himself who bound the debit card to the third-party payment platform, and Zhongshan Branch of CCB had fulfilled its obligation to verify the identity of customers. The account number and payment password of the third-party payment platform are set and kept by Peng himself. Peng's debit card was stolen because the account number and payment password of the third-party payment platform were leaked, and Zhongshan Branch of CCB was not responsible. Just because Peng has opened SMS notification, Zhongshan Branch of CCB should fulfill the obligation of SMS reminder in time when the funds in Peng's account change. Therefore, after the debit card involved in the case was stolen for the first time, because Zhongshan Branch of CCB failed to inform Peng of the changes in his account funds by SMS, Peng failed to find out the abnormal changes in his account funds in time, failed to report the loss in time and stopped paying, resulting in an increase in losses. China Construction Bank Zhongshan Branch undertakes certain responsibilities. According to the specific circumstances of this case, the court ruled that Zhongshan Branch of CCB should bear 50% responsibility for the losses caused by the stolen brushes four times after the first theft, that is, Zhongshan Branch of CCB should compensate Peng for the losses of 4,850 yuan [(5,000 yuan+65,438 yuan+0,000 yuan+3,000 yuan +700 yuan) x50%] and the corresponding interest losses.

The Intermediate People's Court of Zhongshan City, Guangdong Province made (20 16) the final civil judgment of Guangdong 2072 Minzhong No.430: Zhongshan Branch of CCB must compensate Peng for the loss of 4,850 yuan and the corresponding interest.

Court view:

1. Payment mode of bank card binding to third-party payment platform

When the cardholder binds the bank card to the third-party payment platform, he can complete the operation by inputting the bank card number, ID number, mobile phone number and dynamic verification code sent by the bank. According to the requirements in the Notice on Strengthening the Management of Cooperative Business between Commercial Banks and Third-party Payment Institutions jointly issued by the China Banking Regulatory Commission and the Central Bank: "Commercial banks should check whether the mobile phone numbers provided by third-party payment institutions are consistent with the mobile phone numbers reserved by banks before paying customers. If the bank has implemented relevant information verification in the business association according to the above requirements to ensure the authenticity and reliability of the customer's identity, there is no need to verify it again when trading. " It can be seen that if the bank has verified the relevant information in the business association according to the above requirements and ensured the authenticity and reliability of the customer's identity, it does not need to be verified again in the subsequent transactions, but only needs to pay according to the instructions, thus embodying the convenience of third-party payment. When the bank card is bound to the third-party payment platform, the third-party payment platform and the cardholder will agree on the corresponding payment password, which is set and kept by the cardholder and has nothing to do with the issuing bank. When the issuing bank receives the payment password entered by the cardholder and agreed with the third-party payment platform, it will immediately pay the third-party payment platform without verifying the identity of the cardholder.

2. We should comprehensively judge and identify the fact that the bank card bound by the third-party payment platform was stolen.

When the bank card is bound to a third-party payment platform, the cardholder completes the payment through online transaction on the Internet, which is different from the fake card or the stolen cloned bank card in the case of physical card. When determining the fact that the entity bank card has been cloned, the court will generally judge whether to clone the stolen bank card according to the evidence provided by the parties, the distance between the trading places where the card was cloned and the cardholder's location, the transaction time and loss reporting time, the alarm record, the loss reporting record and the cardholder's identity.

In fact, the identification of theft in online transactions has always been a difficult problem in trial practice. Judging from the existing cases of stealing cards from third-party payment platforms, it is very limited that cardholders can provide evidence to the court to prove the fact of stealing cards. In this case, the court did not fully demonstrate how to identify the five transactions involved as misappropriation by others. Based on the facts of this case, we can only confirm the alarm record of the cardholder Peng and the frequent abnormal transaction record of the bank card involved in the case on the third-party payment platform at a specific time. Generally speaking, it is important evidence for cardholders to call the police as soon as they find that their bank cards have been stolen. The cardholder maliciously reported a false alarm, which violated the provisions of Item (1) of Article 23 of the Law on Public Security Administration Punishment, and his behavior hindered the normal work order of the public security organ, so he should be punished for public security administration according to law. Therefore, the cardholder's alarm behavior is generally recognized as the cardholder's real behavior. However, the alarm record can't be used as the general standard basis for determining the fact of stolen brush, that is to say, the judge can't determine the fact of stolen brush only by the cardholder's alarm record, but should also comprehensively judge whether there is a fact of stolen brush according to other evidence of the case, such as the abnormal transaction record, the reminder message of the issuer, the refund record of some third-party payment platforms, the I P address of online transaction, the defense opinion of the issuer, etc., combined with personal life experience and according to the high probability proof standard.

3. The court shall be responsible for the theft of the bank card bound by the third-party payment platform according to whether the issuing bank has fulfilled its contractual obligations.

From the analysis of the principle of contract law, between the cardholder and the issuing bank, the case of bank card theft involves a breach of contract dispute, that is, the issuing bank should have paid the funds in the bank card to the cardholder, but paid it to a third party outside the contract. The issuing bank's breach of contract is due to the wrong performance object, and the obligor of the contract, namely the issuing bank, is responsible. The performance of the contract refers to the debtor's comprehensive and appropriate completion of the contractual obligations, so that the creditor's contractual claims can be fully realized. According to the principle of relativity of contract and the principle of correct performance, the debtor must perform the contractual obligations to the creditor, that is, the counterpart of the contract, unless the two parties agree in the contract to perform to a third party, or the contract does not stipulate that the third party will accept the performance of the contractual obligor with the explicit authorization or instruction of the counterpart during the performance. When the bank card is bound to the third-party payment platform, the issuing bank always fulfills its contractual obligations to the third party, and the account number and payment password of the third-party payment platform are set and kept by the cardholder. Payment by the issuing bank according to instructions shall not be regarded as a mistake in contract performance. Therefore, the third-party payment platform cardholder account number and payment password are leaked, which has nothing to do with the issuing bank.

The issuing bank has no responsibility, and the legitimate rights and interests of the cardholder should seek protection according to the contract with the third-party payment platform. Although it is illegal to steal bank cards, transactions are conducted through normal channels on third-party payment platforms. According to the relevant provisions of the Measures for the Administration of Payment Services of Non-financial Institutions, the third-party payment platform shall establish corresponding risk control measures. For example, in fast payment, when the fast payment user encounters malicious theft, the system identifier will send a reminder. The stolen customer will contact the customer service center within 2 hours and provide the transaction number and other information, and Alipay will temporarily freeze the Alipay account. /kloc-contact the customer service center within 0/5 working days. After the submitted materials are approved, Ping An Insurance will pay the victim 100%, and the insurance premium will be borne by Alipay. In the payment of Yifubao, if the stolen brush consumption is successful due to reasons other than the customer's own, the relevant insurance company can make full payment after the consumer reports the case and submits complete materials. If the transaction has not been completed, Yifubao will intercept the transaction and return the corresponding stolen money.

Cases related to France and Singapore

1. Commercial banks have fulfilled their obligations of identification and security in the transfer and payment of electronic funds. If a party is at fault for the theft of a credit card, he should bear the responsibility himself —— Zhuhai Branch of Agricultural Bank of China v. Xiao Jianpeng.

Essence of the case: Commercial banks and third-party electronic payment platforms have the obligation of identification and security in electronic fund transfer payment, and banks have fulfilled their obligation of identification and security. The theft of the party's credit card is due to personal reasons, resulting in the loss of personal documents and communication tools. Failure to report the loss in time leads to the disclosure of personal information, and the corresponding losses should be borne by the party itself.

Case number: (20 13) Zhu Xiang Fa Min Er Chu Zi Nuo. 1373

Trial Chamber: Xiangzhou District People's Court, Zhuhai City, Guangdong Province.

Source: Guangdong Court Net 2014-10-16.

2. If someone else completes a transaction through online banking, Alipay or password, resulting in losses to the cardholder, and the cardholder has no evidence to prove that the card issuer has improper behavior of revealing the password, the cardholder shall bear the loss of the stolen credit card —— Zhou Jun v. Linxiang Branch of Industrial and Commercial Bank of China Co., Ltd.

Essence of the case: Protecting deposit safety is the common obligation of both depositors and banks. According to the online banking payment process, in the online banking payment process, UnionPay card number, cardholder's mobile phone number, identity information and correct password are necessary conditions to complete the payment. If someone else completes the transaction through online banking, Alipay or password, causing losses to the cardholder, and the cardholder has no evidence to prove that the issuer has improper behavior of revealing the password, the cardholder shall bear the loss of stolen credit card.

CaseNo.: (20 15) No.37, Zi Chu, Lin Min.

Trial Chamber: People's Court of Linxiang City, Hunan Province

Source: China Judgment Document Network 20 15-07-02.

3. The third-party payment platform bound by the bank card was stolen, and both the cardholder and the issuing bank were at fault in the performance of the contract, so they should bear corresponding responsibilities —— Liang Yanfen v. China Industrial and Commercial Bank of China, Guangzhou Danan Road Sub-branch.

Essence of the case: According to the process rules, the bank card password, online banking login password and verification code must be completely correct before successful consumption or transfer can be made. If the cardholder accidentally discloses the bank card password and online banking login password when filling in personal information online, he shall bear the corresponding losses; If the cardholder fails to receive the SMS verification code normally because the verification code information of the issuing bank is intercepted by virus software, it means that the issuing bank has not fulfilled its obligation of informing correctly during the performance of the contract, and the issuing bank shall bear corresponding responsibilities.

CaseNo.: (20 15) Sui Zhongfa made the promise of Jin Minzhong. 1066

Trial Chamber: Guangzhou Intermediate People's Court, Guangdong Province.

Source: China Judgment Document Network 20 15- 10-29.

The stolen money is paid with the cardholder's own payment password. If the cardholder claims that the issuing bank failed to give information in time to remind him of the fault and demanded compensation, the court will not support it —— Jiang and Dong 'e County Sub-branch of China Agricultural Bank Co., Ltd.

Key points of the case: the cardholder's bank card has been stolen for many times during the period when it is bound to the third-party payment platform. The issuing bank can prove that the mobile phone number reserved by the cardholder has been notified by SMS, and the stolen money claimed by the cardholder is paid or recharged by QQ through the payment password set by the cardholder or its authorized person. If the cardholder claims that the issuing bank is at fault and claims to be liable for compensation, the court will not support it.

CaseNo.: (20 15) Chatting with Chinese character No.275

Trial Chamber: Liaocheng Intermediate People's Court of Shandong Province.

Source: China Judgment Document Network 2015-11-06.

5. In the process of trading through Alipay, the parties are deceived for their own reasons, resulting in losses. Alipay will not be liable for compensation if it has fulfilled the obligation of formal review and payment security —— Yu v. Alipay (China) Network Technology Co., Ltd. for the dispute over the network service contract.

Essentials of the case: The parties who traded through Alipay were cheated for their own reasons, and there was no causal relationship between their losses and the services provided by Alipay. If Alipay fulfills the formal review and ensures the obligation of payment security, it will not be responsible for the losses of the parties.

Case number: (20 12) Hangxi Minchuzi. 17 15

Trial Chamber: Xihu District People's Court, Hangzhou, Zhejiang Province.

Source: Case Guidance of Zhejiang Higher People's Court,No. 1 2004.

Legal documents and legal basis

1. People's Republic of China (PRC) (China) Contract Law

Article 60 The parties shall fully perform their obligations as agreed.

The parties shall abide by the principle of good faith and fulfill the obligations of notification, assistance and confidentiality according to the nature, purpose and trading habits of the contract.

Article 107 If a party fails to perform its contractual obligations or fails to perform the contractual obligations in conformity with the contract, it shall be liable for breach of contract such as continuing to perform, taking remedial measures or compensating for losses.

Article 120 If both parties breach the contract, they shall bear their respective responsibilities.

2. Notice of the China Banking Regulatory Commission and the People's Bank of China on strengthening the management of cooperative business between commercial banks and third-party payment institutions.

3. When a customer's bank account establishes a business relationship with a third-party payment institution for the first time, it should undergo double authentication, that is, the customer must pass the authentication of a third-party payment institution and the customer identity authentication of a commercial bank. The bank where the account is located shall directly verify the identity of the customer through physical outlets, electronic channels or other effective means, and clarify the rights and obligations of both parties.

Four, commercial banks through electronic channels to verify and identify the identity of customers, customers should be identified by means of double (multi) factor verification, for customers who do not have the conditions of double (multi) factor verification, any of their accounts shall not establish business relations with third-party payment institutions.

8. For customers who reserve their mobile phone numbers and set up SMS notifications, commercial banks should check whether the mobile phone numbers provided by third-party payment institutions are consistent with the mobile phone numbers reserved by banks when customers pay, and then make payment after passing. If the bank has verified the relevant information in the business association according to the above requirements to ensure the authenticity and reliability of the customer's identity, it is not necessary to verify it again in the transaction.

Measures for the administration of payment services of non-financial institutions

Article 2 The term "payment services provided by non-financial institutions" as mentioned in these Measures means that non-financial institutions, as intermediaries between payees, provide some or all of the following monetary fund transfer services: (1) online payment; (2) Issuance and acceptance of prepaid cards; (3) Bank card receipt; (4) Other payment services determined by the People's Bank of China.

The term "online payment" as mentioned in these Measures refers to the transfer of money and funds between payees relying on public networks or private networks, including currency exchange, Internet payment, mobile phone payment, fixed telephone payment and digital TV payment.

The term "prepaid card" as mentioned in these Measures refers to the prepaid value of goods or services purchased outside the issuing institution for profit, including prepaid cards issued in the form of cards and passwords by using technologies such as magnetic strips and chips.

The term "bank card receipt" as mentioned in these Measures refers to the act of collecting monetary funds for special merchants of bank cards through POS terminals.