The Eleventh Circuit affirmed the denial of coverage under a Computer Fraud policy. Interactive Communications International, Inc. v. Great American Ins. Co., 2018 U.S. App. LEXIS 12410 (11th Cir. May 10, 2018).
Great American issued a Computer Fraud policy to Interactive Communications International, Inc. (InComm). InComm sells "chits" to consumers, who can redeem them by loading their value onto a debit cart. After purchasing a chit at a retailer like CVS, a consumer can call InComm to redeem the chit and have its value moved to his card. When the customer dials InComm's 800 number to redeem a chit, he is connected to InComm's interactive voice response (IVR) computer system. To redeem a chit through the IVR, a consumer enters his debit card number and PIN. The IVR then credits the value of the chit to the card, and the funds become immediately available to the cardholder.
After making the funds available for use, InComm is contractually obligated to transfer money, equivalent to the value of the redeemed chits, to the bank that issued the debit card. The funds were then maintained in the card-issuing bank until the cardholder conducted a transaction.
Between November 2013 and May 2014, fraudsters made multiple redemptions of a single chit. The fraudsters determined how to redeem a single chit multiple times by making two or more concurrent calls to he IVR system simultaneously requesting the redemption of a particular chit. One call would transfer the funds from the chit to the debit card account, while the other would return the chit to an "unredeemed" state, allowing it to be redeemed again. Over seven months, InComm's system processed 25,553 fraudulent redemptions associated with 1,988 individual chits.
InComm sought to recover $10.7 million that was redeemed on debit cards issued by Bancorp. InComm believed the fraudsters' simultaneous calls to the IVR system were legitimate and wired the funds to Bancorp to cover the purchasing power available on the cards.
The Great American policy provided coverage for "loss of, and loss from damage to, money, securities and other property resulting directly from the use of any computer to fraudulently cause a transfer of that property to a person." The district court granted summary judgment to Great American because the fraud was not accomplished through the use of a computer within the meaning of the policy and the loss did not result directly from the use of the IVR system.
The Eleventh Circuit first determined that the fraud was perpetrated through the use of a computer. But it also held that the loss did not result directly from the use of the IVR. The court reasoned that one thing results "directly" from another if it follows straightaway, immediately, and without any intervention or interruption.
The court next determined when InComm's loss occurred. Further, did InComm's loss "result directly" from the fraudster's misuse of the IVR computer system?
The court concluded that the fraudster's use of the computers did not "directly" cause the loss. Several steps intervened between the fraudulent manipulation of the IVR system to enable duplicate chit redemptions, on the front end, and InComm's ultimate loss, on the back.
Even after a chit was fraudulently redeemed, each of the following had to occur: (1) InComm had to transfer money to the Bancorp account; (2) the cardholder had to make a purchase using fraudulently obtained funds; and (3) Bancorp had to disburse money from InComm's account to cover the purchase and pay the merchant. It was only at that point that InComm's loss materialized. The lack of immediacy meant that the loss did not "result directly" from the initial fraud. Therefore, the district court was affirmed.
