For the past 48 hours, I have been trying to give Dell Computer my money but it has been a very frustrating experience. The story should read: I pick out my computer online, I pay for it with my credit card, they ship the computer to me and the transaction is complete. It went nothing like this and in this blog post I want to show how online fraud and cybercrime has affected the honest consumer just trying to do business. It’s obvious no one is counting these costs because I have never experienced something so broken. As criminals get become clever in their ways, both vendors and consumers need to also evolve and this obviously was not the case with Dell over the past few days.
Day 1: I do my research and end up selecting a Dell computer, configure it just the way I want it, enter all my information and click purchase. Within minutes I get a confirmation of the purchase and an estimated delivery of the unit. The next action should be tracking the package and getting my merchandise.
Day 2: I’m at a coffee shop first thing in the morning and I open my email to find a message from Dell saying the ordering is being ‘held’. 1) while it is my first email , the subject says it is the 2nd notify. WTF? And 2) the reason is that there are ‘difficulties processing payment for your order’ which we will later find out that was complete lie after speaking to my bank who had already authorized the purchase.
So the instructions say to contact Dell at a 1-800 so I do. Person who I will call A.L. answers, gets my order # and asks me to verify 4 or 5 different things about myself and the order. I answer all the questions correctly and then she says: “What I need you to do is to send me an email from your business account please.” If you are paying attention so far, you will know that they already sent me an email which I validated with my call into A.L. So I tell her I am using my business address, it is the one I entered in the order, it is the one I used to get the number to call her. She says (don’t laugh), no, that is your gmail account, I need you to send me an email from your business. 2xWTF? I kinda lose it at this point and explain again that I use my gmail account for my business and she finally says ok ok ok, just reply with a statement that this is my order and that I confirm that the order is valid. I make her stay on the phone with me while she confirms that she received it. I ask if there is anything else and she say no, the order is no longer on hold.
Get ready to punch yourself in the face. Approximately 5 hours later that same day I get an email explaining THAT THE ORDER WAS CANCELED! The explanation being that they could NOT GET IN TOUCH WITH ME to “ensure the security of the transaction”. Really? Oh, wait, it gets even worse.
I call Dell again, give them my order number and explain to the agent that earlier in the day, I played 20 questions with a person that said the order was off a hold status and then just now received an email saying “ORDER CANCELED”. She says “Oh, that is because your credit card company did not fund the transaction and cancelled the order”. I asked “Are you sure because my other purchases went through”. She says “There is nothing Dell can do at this point because you will need to work this out with your bank” I thank her and say that I will get to the bottom of this.
Ring ring ring…I get on the line with an agent at my bank and ask her about this transaction. She confirms the amount and says “Sir, this transaction was authorized a few days ago (the initial online purchase). I ask her for the authorization number and she give it to me. I ask if she would be ok speaking with the merchant because they just flat out lied to me. She said no problem and was there to help. (love my bank)
Ring ring ring…hopefully final call to Dell. I get to an agent and explain the entire history of the transaction, and highlight the fact that I may want to speak to a manager because the last agent I spoke with lied to my face saying that the credit card company cancelled the transaction and I needed to start the entire buying process over again with another credit card. They put me on hold….waiting…waiting…they come back on the line and say they will create a new order, and ship it next day for free.
You would think at this point, I would be done but it has been 12 hours from my last call with Dell and still no confirmation. I will update the comments as this story unfolds.
So here is the deal, throughout this entire transaction, being the security person I am, I can name half a dozen places where little to no authentication was performed. In fact, the first email that came to me from Dell could have been spear phished putting me in the position of divulging all my personal information to a bad guy. What a mess. You can really see the scar tissue that online fraud has caused Dell and unless they change their processes, more valid customers will experience what I went through. I’m just trying to buy something from them.
tkonsecurity.com 
Nice post, TK. A lot of problem identification. What are the solutions?
Simple stuff:
Make sure consumers authenticate vendors;
When a credit card is authorized, the money is good, take the money.
If dell is that paranoid about a transaction of a single computer, they are going to have to find a way to escrow or something. Just let me buy stuff, I’m doing my job, they need to do theirs
Dell has made it pretty clear they aren’t in the consumer business. You may be buying it for business but you still look like a consumer unless you are buying a bunch from one of their enterprise reps. BTW, I get a new rep every few months. Lots of churn in that sales org.
Sad state of affairs
I had a similar issue with a gift from MLB.com sent internationally.
Update: 1pm Central Time – had to call Dell because I never got a new order number email. They pulled it up and read it to me on the phone. If all goes well, I should be able to track my package tomorrow but we will have to wait and see. I will keep everyone updated because at some point, you will be in my shoes.
VISA has has done an incredible job making the public believe that they protect consumers when, in fact, merchants get stuck with the costs of fraudulent transactions. Yes, that’s right, if a stolen credit card is used to buy a Dell computer and Dell ships it out, when the bill comes and the customer complains to their bank, the money to refund the customer comes out of Dell’s merchant account and it is left up to Dell to recover the stolen computer. As a result, some merchants apply aggressive fraud scrubbing to certain classes of transactions. I’ve worked on scoring systems for fraud scrubbing. We really did penalize orders for the use of anonymous email systems (gmail, yahoo, hotmail,etc.). But, at least on the systems I worked on, you had to have other factors against you (like non perfect address verification code) to end up having the order flagged for manual verification. In other words, yeah, Dell’s systems are broken, but maybe not in a simple way. Probably not all consumer orders are flagged for manual verification. Maybe their verification auto-dialer interactive poorly with your VOIP phone service. Maybe there is a bug/process flaw in their system that makes an order that gets flagged for weak address verification (which might still be authorized by the bank) look like a cancelled order to the support representatives. I’m not making excuses for Dell, I’m mostly just trying to say that Dell is very likely a big target for credit card fraud and, given their exposure, it wouldn’t surprise me to learn that they have a complicated order verification system and we all know that complicated things easily go wrong.
Totally respect the fact that they have to perform validation but 1) don’t tell me it is approved and then cancel; 2) tel l me the credit card denied me when that was not the case. Hopefully I can get resolved soon.
Dell should have done a much better job communicating to you that your order required manual verification. NewEgg gets this right (but you do have to pay attention to understand what is going on with your order). As far as I can guess, Amazon must suck up a large amount of fraud… for a long time, they didn’t even ask for the card’s CVV number (if they do now). They ship to alternate addresses, etc.. Heck, I own an expensive Kindle book on C# programming that I didn’t pay for because the credit card on file had expired when they went to charge it after the fact. When I finally got around to trying to fix it, I couldn’t figure out how and the book remains on my Kindle.
Unfortunately, due to issues of stock availability, payment processing and shipping time frames (think 4 days before Christmas), order cancellations are a normal part of the business for most retailers. Customers always get upset, even if it is handled more appropriately (buying is emotionally charged). Most mail order retailers authorize, then capture. Fraud scrubbing typically happens both before and after the authorization (the banks give feedback during the authorization). FYI, probably what really happened with your credit card was that the authorization either automatically timed out it was canceled when Dell decided to cancel your order. Either way, it means your order was denied and cancelled, but the difference in terminology could have been the source of some later confusion.
It amazes me that companies can stay in business when they make it so hard for people to buy their products. Sure, fraud and security are big problems but you really won’t have to worry about those things if people can’t buy what you’re selling. I had the complete opposite experience with Apple a few months ago. A few clicks on the website, enter my credit info and a few days later my new computer was at my doorstep. Ok, I admit I’m a bit of an Apple fanboy but you’ve got to like kind of service.
Hi TK,
My name is Lorna, and I work for Dell. Thanks for posting your comments and bringing your customer experience to our attention. We appreciate anyone who takes the time to relate their customer journey. Customer feedback remains an important tool to be used in evaluating our products and services.
I think your fellow blogger, P.J. Tezza, has provided more insight into this than I would ordinarily be able to. I understand your frustration regarding Dell’s attempt to protect your resources. If there was an improper purchase, we would much rather cancel the order and deny someone the opportunity of taking advantage of your good credit. It’s a fine line to balance prompt product shipment vs. illegal purchases. In the long run, I think you would agree it’s better to err on the side of caution.
If I may be of any assistance in this matter, please feel free to contact me on the Dell Community Forum Customer Care Board. You may message me privately by clicking on my name in blue and selecting Send Email or Start a Conversation.
Thank you for choosing Dell. Inc.,
Dell-Lorna M
Thanks for all the comments. I have an update.
My last call into Dell yesterday resulted in getting a new order number assigned and the merchandise I ordered FedEx overnight. Skeptical but excited, I tracked my package as it made its way to my office.
The happy ending here is that I now have an XPS 27 and while it was a frustrating few days, it’s a great ending.
Ill blog in my win8 experience be cause this is a great machine for that platform.