Crown Court – Criminal Prosecution for Theft, June 2009. An Expert Report was produced and served on behalf of the Defendant who, when employed by a major retail store chain, allegedly made fraudulent credit card refund transactions to his own credit card using the store’s electronic till system. Expert technical investigations revealed that the design of the system was such that it was ‘neutral’ as to whose credit card could be used for such refunds and no system security checks were made nor audit trail produced. It was therefore not possible to prove beyond any reasonable doubt that the Defendant had made such erroneous refunds deliberately, and with criminal intent, rather than by innocent mistake, or even due to a sporadic system malfunction. The findings of this expert investigation were clearly reported by Dr. Castell to the court and (most unusually) were fully accepted by the Prosecution without any need for cross-examination, assisting in achieving a Not Guilty verdict from the Jury.
This case reveals some potentially serious security and integrity issues concerning credit card refund transactions in the retail sector. The store chain in question utilised, without any customisation, a leading 3rd-party credit cardswipe and pinpad authorisation package widely employed in electronic till systems across the whole retail industry.
About Dr. Stephen Castell
Chartered Information Systems Practitioner and A Member of the Expert Witness Institute and Chairman of CASTELL Consulting. He is an internationally acknowledged independent computer expert who has been involved in a wide range of computer litigation over many years. He is a member of the Legal Affairs Committee of the British Computer Society, and a Committee Member, British Computer Society Law Specialist Group.