Does Skype save $3.4 million by failing its customers?

That's an evocative title for sure and one that may get me into trouble but bear with me. According to the last reports I could see covering Skype's earnings, it was tracking $860 million in annual revenue. That was back in July. Since then Microsoft has acquired Skype and we await any breakdown Microsoft chooses to provide in its next earnings call, sometime in January 2012.

Searching for card fraud rates, I discovered that back in 2010, an industry report from Aite Group estimated that US card fraud cost card providers $8.6 billion on $2.1 trillion transacted value. That's a rate of 0.409%, surprisingly low given the alarming numbers of fraud cases that are surfaced anecdotally each year and the devastating impact they have on people's lives. That doesn't take into account the monies people actually lose, despite widespread though tacit acceptance that fraud is often the responsibility of the card provider.

Using those metrics as a basis for calculation, I am assuming that Skype is no different to any other provider and, therefore, based upon reported revenue, is subject to fraud amounting to $3.4 million per annum. It's a pittance in the scale of things but an issue that Skype consistently and insistently refuses to acknowledge could be partly to do with their systems.

In addition, I discovered that if, like may others, you use PayPal as the means to service your Skype credit, PayPal may well refuse to consider unauthorised debits as fraudulent, even when it is obvious that something out of gauge is occurring.

In other words, while everyone in the chain of activity may have some measure of responsibility, the customer ALWAYS ends up paying.

What is worse, this is nothing new. A search on Google reveals numerous complaints stretching back at least to 2007 all of which say basically the same thing. If you're Skype account is hacked or in some other way compromised then Skype will not refund any losses you incur. Period.

Back in 2008, The Register said: PayPal Ambushes Users With Mystery Skype Charges. The same problems we see today were being repeated back then. The Skype forums are littered with complaints and they all say more or less the same thing. In fact when you look through the forum posts, other than questions about Windows, billing questions attract the highest number of posts - 15,000 at the latest count.

That omits the many who will quietly put up with whatever they are told. Without published metrics, we can have no way of knowing what the true scale of issue might be. But then I see Lithium provides support for Skype forums. I'm betting they know because Lithium is run as a cloud service and has permission to use its customer data to improve its algorithms. And if they know then Skype/Microsoft knows. Just how bad might it be? Continuing the story...

Yesterday and for the second time I explained how, in spite of clear evidence of broken systems and fraud perpetrated either/and on Skype and its customers, Skype refuses to take responsibility for reimbursing customers who lose money as a result of security breaches.

Since that time I have received more emails from Skype that are basically reiterating what they said in the first place i.e.

1. We take security seriously
2. Directing me to the security instructions pages
3. Refusing to provide any refund

There is a caveat to that. I do have ONE email that acknowledges fraud and says I need to deal with it via the PayPal resolution center. But even that information is wrong for reasons I explained yesterday.

All of this is despite increased attempts to escalate the problem, continue to provide details of the issues and attempt to clarify what has happened. By any standards, I have done my bit. So I dig deeper.

Based upon my experience with Skype I have been attempting to figure out the company's email workflow process. This is a simplified diagram that illustrates how it works from the customer perspective.

There is a subprocess for those who reply to email responses with further information. It mostly requires repeating what has gone before.

From what I have seen so far, I could also add that when fresh email responses come in against the original ticket they are randomly assigned. There is no obvious escalation process. Once again, Skype merely provides its standard responses.

With that in mind and bearing in mind Microsoft acquired Skype earlier in the year, I attempted to find out who is in charge. It's a person called Tony Bates. I then attempted to find out how best to contact this person. Why go straight to the top? If you look at the management structure, there is no one assigned to customer service at the executive level. In other words, customer service is not important enough to warrant a seat on the board.

I was then advised that because I am deemed to be a 'journalist' my chances of being able to speak with him are 'very, very, very low' and that in any event any conversation would likely be moderated by Microsoft's PR team. If you've been in this position before, then you know how well that goes. I was also advised that for all practical purposes, Skype/Microsoft management are in shut down mode until Jan 2nd, 2012.

Question: if this was Verizon, AT&T etc, would they get a pass? No way. There would be uproar. So why don't we hear more about this problem? I have a theory.

The Skype forums provide a wonderful resource for those wanting to vent. It is open, anyone can go look. BUT - the moderators only refer users back to Skype policy. There is no attempt to offer real help. It is easy to see how frustrated users get ground down by the relentless repeating of policy and weblinks that do nothing to solve customer problems. It is easy to see why complaining customers, all of whom are losing modest amounts will simply give up when faced with a huge corporation. But I'm not one of those people.

That's why I am throwing down this set of challenges to Skype and Microsoft.

1. When are you going to proactively respond to customer complaints beyond the scripted responses?
2. When are you going to review what is clearly a long run and highly repeatable set of problems that include badly broken processes?
3. When will you fix these problems?
4. When are you going to accept that while there may be some people who are slack in their attention to security, the recorded evidence suggests that it doesn't matter what people do, their accounts still get compromised?
5. What assurances can you provide that business customers who may be tempted to your broader range of services, will not be faced with similar problems?

Anything I've missed? Talkback in comments.