Hey Richard,
I’m a Security 
and Fraud engineer at Mondo 
.
I hope you understand that I can’t talk in detail about our systems and procedures for dealing with fraud as knowledge of how they work could aid a fraudster in evading them.
We have only had a few cases of third party fraud (where one of our customers gets defrauded). The limited dataset makes it difficult to try and draw any conclusions about how the card 
details could have been compromised. We also only get a limited amount of data from our card processor, for example I’m unaware of a way that we can tell whether the merchant sent a CV2 code for verification.
Once we are fully operational and have access to more data I’d like to experiment with having a different PAN (card number) for contactless 
/ chip and pin / mag stripe /online. This would give us greater visibility 
into how card details were being compromised and also reduce fraud exposure as a PAN that a fraudster could obtain via contactless would be useless to them.
I’m currently working on an improvement to our top up flow, the majority of which is a bit of a refactor on the backend to make the code simpler. It will also mean that fewer top ups will have to go via 3DS (MasterCard secure code / Verified by Visa) and those that do won’t require the card details to be reentered every time.
Best,
Daniel