- Asking for zip code as authorisation seems pointless – if I’ve stolen a purse or wallet with cards in, I’m likely to have either the zip code already or have enough info to find it within seconds on the internet
- Asking for a signature, yet not even checking it seems odd. Perhaps I have an honest face or perhaps the risk didn’t warrant the effort
- Photo ID, at least for non-US, seems pointless. How many people can spot fake ID, or know what a, say, Latvian national ID card looks like?
- Check in at a hotel – swipe the card, pre-authorising a charge of $150 a day, no signature, no receipt
- Pay at gas pump – different price for credit and cash, pre-authorised, required to enter zip code registered for card
- Paying at till – card swiped, photo id, no signature, no receipt
- Paying at till – card swiped, photo id, no signature, receipt only available by email
- Paying at till – card swiped, no photo id, signature, standard receipt
- Paying at table – card taken away out of sight, signature required, but no check on whether payment has been made before leaving the restaurant
- the decision to cap debit and credit interchange to 0.2% and 0.3% of the transaction amount respectively;
- the requirement to separate schemes from processing companies.
The Commission expects that the caps will cut total EU debit card fees from ~EUR4.8bn to EUR2.5bn and credit card fees from EUR5.7bn to EUR3.5bn. How big of a deal is it though? The answer is that the impact will vary hugely market-by-market. For example, in Germany average credit card rates stand at 1.8%, and given the country’s aversion to debt, most cardholders are “transactors”, i.e. usually pay their balances in full, so interchange is the main source of income for the issuers. Compare that to the UK where Visa’s credit card interchange rate for EMV cards is 0.77%, and while the number of “revolvers” (i.e. people who borrow on credit cards) and their outstanding balances have been declining, the revolvers still represent over 60% of all cardholders, making the issuers less reliant on interchange income.
For debit it gets even more interesting. While average debit card charges are 1.6% in Poland, many other countries already have low and flat (i.e. fixed irrespective of the amount) fees for their domestic debit transactions. For example, Visa dominates the debit market in the UK and its interchange fee for a debit transaction currently stands at £0.08. Given that the average UK debit card transaction is just over £45, it already works out as an effective rate of 0.18%, i.e. cheaper than the proposed cap. From Durbin experience in the US, the proposed fee ceiling quickly became effectively the floor as well, i.e. most transactions were priced at cap. If this were to happen in Europe, the fees on debit cards in many markets might actually increase! Of course, the EC hasn’t ruled out the possibility that it might decide to ban interchange fees on debit cards altogether, but we expect this to remain a prospect in the distant future.
The EC proposals also include a recommendation that ‘card schemes and the entities that process transactions’ be organizationally separated. It will be interesting to see the actual interpretation of this recommendation. A similar requirement is one of the fundamental tenets of the SEPA cards framework: “a scheme should implement a separation of SEPA card schemes’ brand governance and management from the operations that have to be performed by service providers and infrastructures without any possibility for cross-subsidisation.” Visa’s and MasterCard’s position has always been that they meet these requirements by not mandating their processing services and having separate pricing for scheme and processing services.
However, some commentators believe that this time the Commission might want to go further and impose legal separation of the schemes, processing assets and potentially even issuing and acquiring side of the business, which would have far reaching consequences to most players, from Visa/ MasterCard to American Express to local debit schemes to even banks. Given the lack of clarity in how this might be implemented so far, we expect a lot of lobbying on all sides in the coming months and years until the outcome is settled.
- Domestic interchange rates for debit and credit to be capped at 0.2% and 0.3% respectively
- Legal separation of schemes/networks and processors
- Up to 1.5m cards records “may” have been affected;
- The incident is contained to North America only;
- Only Track 2 data has been taken (not Track 1 data and not customer name, address, etc.);
- Visa removed Global Payments from a PCI compliance list;
- The incident does not involve any merchants, ISOs or customers and occurred on some “local servers” at Global Payments;
- Due to the ongoing federal investigation, the company can’t be specific about timelines, but did confirm that “about 3 weeks ago” it discovered that some card data “may have been taken” and immediately contacted federal law enforcement agencies and the schemes;
- Customers are “encouraged to be vigilant”. Also, the company is setting up an information site for consumers which should be operational later today: http://www.2012infosecurityupdate.com/
- Continues to process all card transactions, including Visa;
- Is working with the schemes and other parties to address the situation; “~100 people are working on this”;
- Intends to get its ROC (Record of Compliance) back “as soon as it is humanly possible”;
- Will continue with its planned investments in other areas, but also will “spend even more on security” going forward;
- Expects to come out stronger and more experienced as a result, and believes that their customers will recognise this.
- Are social rewards a passing fad? While this Amex/Twitter hookup received a fair bit of attention is it going to stick? It reminds me of a SPG promo announced about a year ago that offered 250 Starwood points for every Foursquare checkin during a hotel stay. Being a regular traveller, I tried this a few times and received some bonus points. I’ve since totally forgotten about it, and I am a points junkie! I don’t have any hard stats but I’d wager that usage of this promo has dropped off. Will the Amex/Twitter offers follow the same fate? There are hard dollars and a larger number of merchants involved here (see list of Twitter offers here) so it’s a tad different.
- Do social rewards increase brand loyalty? Everyone likes a good deal these days but how much loyalty is this actually creating? Would you, for example, switch to McDonald’s from Burger King in order to cash in? Would this create additional loyalty towards Burger King?
- Will social rewards drive folks to regularly transact using Amex cards (over another payments vehicle)? There is a battle brewing between merchant rewards online banking solutions and American Express. As Zil noted, there are quite a number of vendors in this space. Cardlytics in particular has been successful at penetrating the large bank market and has also formed partnerships to deploy via Intuit and Fiserv. The Amex/Twitter program is a direct attack against online banking merchant rewards. It’s but a blow in what is going to be a drawn out battle to own the transaction.
There are lots of questions for the moment and not a lot of answers given the immaturity of this space. I welcome your thoughts and comments.