When it comes to credit cards, online retailers have been in a can’t-live-with-them-can’t-live-without-them routine. Online shopping would barely exist were it not for the convenience that credit cards provide. Yet online retailers are much more susceptible to fraud than offline retailers and most wrestle not only with how to control and prevent fraud but also with how to deal with the card companies’ regulations concerning fraud. As a result, more merchants are turning to alternative forms of online payment, such as e-checks offered by companies like AmeriNet Inc.
But at the same time that retailers are pushing back on the fraud issue, the card companies are cozying up to some merchants to raise their online market share, offering discounts or special incentives when customers use a particular type of card.
Estimates of the incidence of fraud online vary, but many researchers place it at 2-2.5% of all transactions, more than double offline’s fraud rate of under 1%. Retailers complain that they are responsible for all fraud losses-rarely does a merchant win over a bank or a card issuer when a transaction dispute arises-yet some card companies penalize online fraud as if it is offline fraud. In a suit filed in May, Paycom Billing Services Inc., which specializes in processing card transactions for web merchants, sued MasterCard claiming that MasterCard’s policy that charges back virtually all fraudulent transactions to online merchants is unfair.
Dennis Ehling, an attorney for Paycom, notes that MasterCard’s policy is to impose penalties starting at $25 per chargeback when a web merchant’s monthly chargebacks reach 1%; if that rate is reached in consecutive months, the penalty rises to as high as $100 per chargeback, Ehling says.
By contrast, Ehling says, Visa U.S.A has a more realistic policy, charging the same range of penalties but only when the chargeback rate reaches 2.5%. “That’s justifiable, because the average chargeback rate for Internet transactions is 2.1%,” Ehling says.
While MasterCard will not comment on the suit, it does note that it is rolling out a new service-MasterCard SecureCode-that will protect merchants. It’s similar to Visa’s Verified by Visa and promises that when merchants and their customers follow all the steps in the program, banks will take the liability for fraudulent transactions.
Under MasterCard SecureCode and Verified by Visa, cardholders sign up with their card issuers for passwords. A participating merchant will pop up a window at checkout that prompts a shopper for a password. The merchant’s payments processor will send the password to the bank for authorization. If the bank OKs the transaction and it later goes bad, the bank will take the liability. If the bank doesn’t OK the transaction and the merchant accepts it anyway, the merchant is back where he started: taking all the liability.
The systems are untested thus far. Only a handful of issuers have signed up for either MasterCard SecureCode or Verified by Visa and not many of their cardholding customers have obtained passwords. MasterCard notes that Navy Federal Credit Union, a major card issuer, has joined the program and MasterCard expects 2,000 more credit unions by the end of the year. MasterCard says that it expects most major card issuers will be part of the program by the end of the year.
Managing the problem
Reception by merchants has been slow, although picking up. So far, 1,000 merchants worldwide have agreed to accept payment under MasterCard SecureCode. Visa says it has close to 500 merchants worldwide, including more than 80 in the U.S., signed up for Verified by Visa. And while some merchants are offering incentives to consumers to participate in the programs, others, including some of the biggest, remain skeptical. Those merchants’ hesitations center around the fact that they have to ask customers to take one more step in the checkout process-this when many merchants are seeking ways to make checkout less cumbersome.
With merchants reluctant to place additional steps in front of customers, payments processors and retailers are finding new ways of fighting the fraud problem. Many are taking the approach that fraud is never going to be zero, so the best way to fight it is to manage it. Thus processors offer retailers extensive databases against which they authorize payments. The databases include not just cardholder information, but also, for instance, issuing banks that have experienced a high level of cardholder fraud or worldwide addresses. Some processors then cross-check all the data against all the other data to spot incidents or patterns that they might have overlooked when each occurred in isolation.
While credit cards are definitely the preferred online payment method, there are alternatives. One of the latest twists is cash payment. In a deal with Western Union, AmeriNet is offering a cash alternative under which a customer orders a product, then pays for the purchase at a local Western Union office.
A customer who selects cash payment will receive a record-locator number generated by AmeriNet. The customer presents the number to the Western Union clerk who looks up the record and tells the customer the exact amount. After payment, the clerk sends notification to AmeriNet that the order has been paid. AmeriNet then sends the order to the fulfillment center.
Cash transactions will cost about $4 for low-value transactions and up to about $20 for transactions of about $1,000. The merchant will have the option of charging the fee to the customer, paying the fee itself or splitting it with the customer. “We’ve had very strong buy-in from merchants,” says David Kerlin, president of AmeriNet. “It’s been pretty much a no-brainer. They’re picking up incremental customers that they couldn’t reach before with no additional advertising.”
Cash payment complements the e-check option that is the basis of AmeriNet’s business. Proponents of cash payment or e-checks for Internet purchases argue that up to 40% of the U.S adult population either do not have credit cards or are maxed out on their cards. And 40% of those with credit cards limit their online shopping or don’t shop online at all for fear of their credit card account being compromised.