Online and CC payment queried over the phone.
For anyone who doesn't understand the system, it works like this...
1. You order online and are on the merchant's website until you have completed the shopping cart, entered your delivery info (name, address etc) and pressed the button to 'Continue to Sagepay' or whoever else is dealing with the payments.
2. You have now left the merchant's site and are on a secure site operated by the Company that takes the money (Sagepay?) It's secure.
3. The payment company 'tells' the merchant that your payment has gone through (or that it hasn't) so that the merchant knows that they can or can't send the goods. None of the info that you supplied to the payment company is passed on to the merchant, who doesn't even know what type of card you used.
Sometimes, people ring me because they want to give me, a total stranger to them, full details of their credit or debit card. Occasionally, it's because Sagepay didn't work for technical reasons but usually they say that they don't trust computers - even though the computer system is far more secure than giving card details to a fallible human being who may or may not be honest, and who may or may not be careful with that info.
Personally, I deal with it by putting the payment through immediately, and then the page in the notebook with the info goes straight into the shredder - but other people may not be as careful, and the potential for dishonesty seems pretty high to me.
I think that anyone who phones up and asks for card details should be regarded with extreme suspicion. If a payment doesn't go through for any reason it's surely up to the customer to ring up and ask for the payment to be put through manually, customers should never be asked to give this information.