A credit card war has erupted between large retailers and credit card companies. The culprit: chip-embedded credit cards. Over the last year, credit card issuers have been sending consumers new cards that have a chip embedded in them. Allegedly, these new “smart” cards made your use of a credit card safer. But did it really? Not according to Home Depot, Walmart and a number of other retailers. In fact, these new cards may have given the Visa and Mastercard a new way of overcharging consumers! Aaarrgh.
Recently, Home Depot filed an anti-trust suit against MasterCard and Visa in Federal court for allegedly forcing consumers to use unsecure credit cards raises the question. A central issue in Home Depot’s lawsuit is the retailer’s accusation that Visa and MasterCard are conspiring to prevent adoption of more secure technology in order to maintain market dominance and profits. “For years, Visa and MasterCard have been more concerned with protecting their own inflated profits and their dominant market positions than with the security of payment cards used by American consumers and the health of the United States economy,” Home Depot states in its 138-page lawsuit. This follows a similar lawsuit filed by Walmart and a group of smaller retailers earlier in 2016. In fact, Walmart Canada also announced that its stores will boycott Visa cards, citing high fees for transactions.
Chip-and-PIN cards operate just like the checking-account debit card you have been using for years. Entering a PIN connects the payment terminal to the payment processor for real-time transaction verification and approval. However, many payment processors are not equipped with the technology needed to handle EMV chip-and-PIN credit transactions. So it is not likely you will have to memorize new PINs anytime soon. A vast majority will be issuing chip-and-signature cards, which aren’t all that different from how credit cards work now. (As with a magnetic-stripe credit card, you sign on the point-of-sale terminal to take responsibility for the payment when making a chip-and-signature card transaction.)
But the failure to require a PIN turns out to be very expensive. Credit card fraud is now a $16 billion a year problem in the United States alone, and every hour, thieves with skimmers are stealing Americans’ credit card numbers. While chip-enabled cards offer an extra layer of security beyond the chip itself, by not requiring the user to enter a four-digit PIN, there’s not real benefit. “Signatures can be copied or forged, and cashiers are not handwriting experts trained to identify forged signatures.” As a result, Home Depot claims U.S. consumers and merchants such as the Home Depot pay fraud-related costs that are “unrivaled in the rest of the industrial world.”
In fact, the lack of PIN requirements in the U.S. could lead to even greater fraud in the future, as more transactions shift to online payments, where no physical card is presented The answer is yes, the new cards were supposed to improve security. However, the Home Depot suit and a similar one recently filed by Walmart against Visa claim that the system was executed poorly, leaving credit card transactions vulnerable to fraud. Unfortunately, the PIN is only good if hackers can’t get it. And that’s the rub. Two high-profile data breaches at Target and Home Depot occurred because hackers used malware to collect customers’ credentials, including PINs, from the retailers’ systems. Those breaches affected 56 million cards in the Home Depot breach and 40 million in the Target breach.
What’s Really Going On?
The newspapers make it sound like the battle is over PINs vs. signatures? But that’s not what is really going on. All the evidence suggests that this is a battle between retailers and credit card companies about fees. Many retailers have pointed to the fact that consumers’ card transactions are routed over Visa’s or MasterCard’s signature debit networks, where merchant fees are often more than double what they are on comparable pin debit networks, according to data compiled by the Federal Reserve. “Visa and MasterCard have pushed consumers to use payment card technology that Visa and MasterCard know is defective and subject to fraud and have colluded with each other and with the banks that issue debit and credit cards to do so,” it reads. As a result, Home Depot is charged higher fees by the card issuers, the suit claims.
“The Interchange Fee on signature transactions is markedly higher than the fee on PIN transactions,” Home Depot’s complaint alleges. “According to data from the Federal Reserve Board, as of 2009, the average Interchange Fee for signature debit was 56 cents per transaction (or 1.53%) while the average fee for PIN debit was just 23 cents (0.56%).”
Wal-Mart’s lawsuit follows two decades of negotiations, court battles and Congressional lobbying between retailers and payment card networks over billions of dollars in fees paid each year to process transactions. Wal-Mart and other merchants sued Visa in 1996 over a policy called “honor all cards” that forced merchants to accept both credit and debit cards. The case was settled in 2003 on the night before it was to go to trial, with Visa agreeing to pay $2 billion to retailers and lower the fees it charged to merchants for debit-card transactions.
Wal-Mart also sued Visa in 2014 for more than $5 billion over card fees charged to merchants, known as “interchange.” The companies settled the case last year.Retailers nationwide reached a $5.7 billion settlement with Visa and rival MasterCard in 2012 over allegations that the they illegally fixed fees for credit cards through restrictive rules that prevented merchants from passing along the costs or even disclosing them to customers. However, in late June, an appellate court rejected the settlement on the basis of attorney conflict of interest and sent it back to the lower courts. In the interim, 8,000 retailers, including Wal-Mart, dropped out of the settlement, claiming the accord wasn’t big enough and that it allowed card firms too much freedom to raise rates in the future. Wal-Mart filed its own suit against Visa seeking at least $5 billion in damages, but did not pursue claims against MasterCard. The case has been settled for an undisclosed amount, according to Visa company filings. Retailers also successfully lobbied for limits on debit card fees, passed as part of the 2010 Dodd-Frank financial reform legislation. The result is that debit card fees have dropped by roughly two thirds.
The new Chip and PIN technology threatens the relative monopoly on processing “signature-based” verification for Visa and MasterCard transactions. According a recent press accounts, Visa makes about five cents more per signature transaction than it does for those transactions that involve a PIN. To be clear, the data shows that a couple very large credit card companies profit by using an outdated credit card verification process that is more susceptible to fraud, which pushes avoidable costs to merchants. When merchant costs go up, so do consumer prices. In other words, the big credit card companies win and everyone else loses.
The credit card companies counter this, claiming that requiring shoppers to memorize a PIN would discourage them from using the cards. Not all issuers were implementing a PIN; therefore, any card requiring a PIN was at a disadvantage in the competition to be ‘top of wallet’. Also, the costs to issuers to implement PINs for credit cards is significant.” Switching the world’s largest, most distributed, and most fragmented credit card market to a chip-and-PIN plan would have been horrifically complex and expensive, they claim. (editor’s note: although the adoption of PINs in most other countries has gone smoothly and effectively)
What Should Consumers Do?
Our suggestion: try to wean yourself off of Visa or Mastercard credit cards. Consider alternative payment services, such as PayPal, Apple Pay, Google Wallet and Amazon Payment. Others include Dwolla, Simple, Venmo and GoBank. Most, if not all, of these mobile transaction services do not charge retailers any transaction fees. These transactions are also safer; these transactions use a tokenization protocol that replaces the data of cardholders with a unique batch of numbers to validate the identity of the customer. Merchants do not get to handle the actual data of the credit card, which eliminates one possible channel for theft of online data. They also use fingerprint scanners, which provides an extra level of device-side authentication.
Square is one of the larger companies that you’ve used but never heard of. It is a heavyweight in the e-merchant space with its free iPad, iPhone and Android card readers, as well as its cheap merchant fees. It has recently unveiled a new service called Square Cash. It has entirely vanquished transfer fees for debit card accounts. The service is completely free and remarkably easy to use. More importantly, it could be an invaluable tool for e-commerce entrepreneurs as they now have a low-cost (or free) alternative to PayPal. An important aspect of Square Cash transactions is that they can be canceled and disputed. In the event that you don’t receive the service or product that you purchased or are, for some reason, unsatisfied then you appear to have recourse. At the Square Cash website, you can elect to cancel a Square Cash transaction if it hasn’t been redeemed, with a refund to your account within 14 days. It also offers a process by which you can dispute a transaction. The biggest drawbacks with Square Cash are the $250 per week limit and the email-only customer service.
Apple announced the introduction of its “Apple Pay” service. It coordinated with financial giants Citigroup and American Express, as well as merchants such as McDonald’s, to offer a digital payment system. Instead of working with PayPal on the development of its payments system, Apple struck a deal with start-up Stripe. To make a payment, a person swipes an iPhone at the checkout counter and confirms the transaction by using the fingerprint scanner on their iPhone.
Google Wallet, which has morphed into Android Pay, offers something similar, but not as simple or affordable. Google charged a 2.9% transaction fee for debit and credit card transactions (Square doesn’t offer credit card transfers) and its process is a bit more burdensome although its integration into Gmail makes things simpler once you’ve signed up. However, in June 2015, Google announced that Wallet will morph into a peer-to-peer payment system (somewhat like PopMoney) as well as the creation of Android Pay. Android Pay will be available to retailers who are looking to facilitate electronic transactions with their customers. It is a direct competition with Apple Pay. However, it raises the bar somewhat by adding loyalty points for those who use Android Pay.
Amazon Payments offers a very affordable option (in many cases, free) and is a most attractive option for Amazon customers (and merchants). Amazon allows consumers to send money for free with a verified bank account, credit or debit card. This allows you to make payments to earn credit card points or to reach minimum credit card spending requirements. Like the other peer-to-peer payment services, both the sender and recipient need to have an account with Amazon. The competitive advantage offered by Amazon is that it can afford to offer a no-fee option to make payments because it benefits its sellers and enterprise clients. So it makes the Amazon purchase proposition far more attractive to both buyer and seller. Expect Amazon to continue to expand and refine this functionality.
Dwolla requires that that those receiving money register for a Dwolla account to accept the money. Transfers under $10 are free, with anything over that mark pegged at $0.25. So the low rates are very attractive, but funds must be pulled from your bank account. Venmo is popular among the college-age and young adult demographics and is limited to mobile transactions. Spoiler Alert: it was recently bought by PayPal. Payments from your bank account, Venmo balance, and most debit cards (presumably from larger banks) are free. Payments from credit cards cost 3% of the transaction total. Users have the option of attaching a tweet-length comment or message along with it. They can then watch the messages of their Venmo-using friends flow by on a Twitter-esque feed. It is mobile-only and designed to use in social networks — these are positives for some customers but negatives to others, especially those who prefer to do payments on their desktop computers and are concerned about privacy.
If you choose not to use alternative payment services, they try to protect yourself using a wallet that blocks scanning devices or the Signal Vault, which looks like a credit card but has the same blocking powers as a shielded wallet. Also says to beware of making purchases on public WiFi. The problem with free WiFi is that it is unencrypted and unprotected. Make sure you have a VPN, a virtual private network, that encrypts and locks down your information on free public WiFi. It also helps to make your passwords complex, to check your statements for suspicious activity to know if you’ve been skimmed, and to sign up for alerts that notify you every time your card is used.