International comparison of bank fraud reimbursement: Customer perceptions and contractual terms

Change log
Becker, Ingolf 
Abu-Salma, Ruba 
Anderson, Ross John  ORCID logo
Bohm, Nicholas 

We set out to investigate how customers comprehend bank terms and conditions (T&Cs). If T&Cs are incomprehensible, then it is unreasonable to expect customers to comply with them. An expert analysis of 30 bank contracts across 25 countries found that in most cases the contract terms were too vague to be understood; in some cases they differ by product type, and advice can even be contradictory. While many banks allow customers to write PINs down as long as they are disguised and not kept with the card, 20% of banks do not allow PINs to be written down at all, and a handful do not allow PINs to be shared between accounts. We test our findings on 151 participants in Germany, the US and UK. They mostly agree: only 35% fully understand the T&Cs, and 28% find that sections are unclear. There are strong regional variations: Germans find their T&Cs particularly hard to understand, but Americans assume harsher T&Cs than they actually are, and tend to be reassured when they actually read them.

Journal Title
Journal of Cybersecurity
Conference Name
Journal ISSN
Volume Title
Oxford University Press
EPSRC (EP/M020320/1)
This work was supported by The Royal Society [grant number UF110392] to SJM; the Engineering and Physical Sciences Research Council [grant number EP/G037264/1] to IB; the Department of Homeland Security (DHS) Science and Technology Directorate, Cyber Security Division (DHSS T/CSD) Broad Agency Announcement 11.02, the Government of Australia and SPAWAR Systems Center Pacific [contract number N66001-13-C-0131] to AH.