Card Sharks
Web retailers beware: If an offer to accept credit cards sounds too good to be true, it probably is
By Linda Punch
Even P.T. Barnum himself would blush at these pitches: “Increase sales by 1,500%.” “Credit card processing without a merchant account” “We charge zero set up fees.”
But those are exactly the kinds of ploys a new breed of Internet scam artists is using in hopes that some online retailers will be their next unsuspecting group of suckers.
Independent sales organizations, better known as ISOs, provide the crucial link between merchants, banks and the companies that process credit card transactions and settle accounts. ISOs, which range in size from large companies to one-person organizations, sign up merchants on behalf of banks and processing companies to accept credit cards. While many ISOs are legitimate—credit card banks and processors couldn’t do business without them—their ranks include a number of shady organizations that pressure merchants into contracts marked by overly high fees and hidden charges.
Visa U.S.A. and MasterCard International have issued rules governing ISOs that help keep them in check by requiring merchant acquiring banks to conduct business with ISOs only after they are registered with the card associations. And the ISOs are required to disclose the names of banks they represent.
Along with the Electronic Transaction Association, a Kansas City, Mo.-based trade group that represents ISOs and merchant acquiring banks, the two card associations have worked to maintain ISO standards. But with the mass move to the Internet, standards are difficult to maintain, allowing a new breed of unscrupulous ISOs to emerge.
To entice unwary merchants with fraudulent sales pitches, many ISOs use e-mail and target mostly small retailers or entrepreneurs desperate to get connected to the Web. Reports of high-pressure sales tactics, arbitrary fee increases, and software overcharges by ISOs on the Internet are scattered. No one knows how much money the fledgling online merchants have lost to dishonest ISOs.
But some fraud experts say that ISO complaints from e-retailers are on the rise. And they fear that fraudulent activity could get much worse because the Web is largely unregulated. “It’s ripe for abuse, absolutely,” says Charles M. Creamer, senior vice president at the Michigan Retailers Association and ETA president.
Already some in the industry are taking steps to ward off abuse by outlaw ISOs. Visa now has a team that monitors the Internet marketing practices of ISOs and works with acquirers to bring non-conforming ISOs into compliance, says John Shaughnessy, Visa’s senior vice president of risk management. If no acquirer can be found, Visa contacts the Internet service provider hosting the site to try to remedy the problem, he adds.
It’s easy to understand why con artists are drawn to the Web. For one thing, e-commerce is growing at a rapid rate. By some estimates, consumer-driven e-commerce could grow from about $30 billion today to about $350 billion in 2003. What’s more, the Web offers a measure of anonymity to shady sales agents. If an ISO doesn’t list its sponsoring bank, ad-dress or phone number, it’s difficult to track. And it’s easy for them to elude authorities—an ISO needs only to shut down one Web site and open another under a different name.
Missing links
Further muddying the waters is the practice of some online ISOs that recruit other online businesses to set up links back to the ISOs’ Web sites. These affiliates typically are offered $200 or more for each referral generated by their site. Often they do not identify the ISO or sponsoring bank, a clear violation of Visa and MasterCard regulations.
In many cases, the operations using the Web and e-mail to solicit merchants don’t even have a sponsoring acquirer, says Chuck Burtzloff, president of Agoura Hills, Calif.-based Cardservice International, one of the nation’s biggest and most reputable ISOs. “What we’re finding is that these companies are more or less marketing companies,” he says. “What they’re doing is spamming anybody they can to get a [merchant’s] name and then they sell that name to ISOs.”
In the physical world, an acquirer can send someone to do on-site inspections of ISOs to ensure they are legitimate, notes Debra B. Rossi, senior vice president of merchant card services at Wells Fargo Bank, San Francisco. “How do you do that in the online world? You can’t even find them,” she says. “That’s sort of scary.”
The complaints surfacing against questionable ISOs have a familiar ring. A favorite ploy: offering an ultra-low credit card transaction rate to hook a merchant, then adding on other undisclosed fees or jacking up rates without warning.
Online merchants are vulnerable to such an approach because they fall under Visa’s and MasterCard’s “card-not-present” categories, which have high transaction rates to compensate for the greater incidence of fraud when the actual card cannot be presented.
Changing stories
MerchantWorkz, an online information firm for small businesses, has received several complaints from merchants about dealings with ISOs, says Wendy Hinman, MerchantWorkz’ Web development manager. In one case, a merchant said the ISO initially charged him a $995 fee to form a Delaware corporation and to set up a merchant account. But within a short time, the ISO raised fees to $2,495. “The story just kept changing,” Hinman says, adding that the merchant eventually canceled his account application, but the ISO refused to refund his fee.
Such complaints are not un-common. Richard Gordon, cheif executive of the card industry consulting firm R.J. Gordon & Co., Los Angeles, says he was being bombarded daily with e-mails offering merchant processing services at a 1.2% “discount” rate—the percentage of the sale, that merchants pay to merchant acquiring banks. That falls well below even the “interchange” rate, the part of the discount rate paid to Visa or MasterCard for Internet merchants—1.85% of the sale plus 10 cents for MasterCard and 1.80% of the sale plus 10 cents for Visa—let alone the average discount rates of between 2 and 3% charged by other Internet merchant acquirers. Gordon’s ISO, Creditcards.com, signs Web merchants for Eureka, Calif.-based Humboldt Bank.
The ultra-low discount rates cited in the e-mails were deceptive, Gordon says. “When you peeled through the layers of the onion, [the discount rate] was on top of the bank fee, on top of a 50-cent transaction charge, on top of a $100 monthly minimum.”
Another practice used by some Web ISOs is offering credit card acceptance without a merchant account. So-called “factoring” or “laundering” is the processing of one merchant’s card transactions through another merchant’s account. Visa and MasterCard both prohibit this type of processing.
But if apparently fraudulent Internet ISOs are raising concerns, so too are companies that are simply ignorant about how the merchant-acquiring business works. “There are people out there processing credit cards who don’t have a clue as to what they’re doing,” says ETA’s Navis.
Merchants wanting to set up Web sites and accept cards online often contact local Internet service providers that advertise “dirt-cheap” rates, she says, adding, “There’s every package under the sun that for $50 will set you up on the Internet. But as a merchant, you never know that there are transaction fees. There’s just really a very massive amount of misunderstanding.”
But while observers agree there are problem ISOs on the Internet, they’re seldom of one mind on how to tackle the problem. Visa maintains it is up to acquirers and established ISOs to police new Internet ISOs.
Others say the two card associations should do policing. And yet others believe that ISOs themselves must act to uncover fraud. “I try never to get Visa or MasterCard involved in some-thing we try to police ourselves,” CSI’s Burtzloff says. “Their philosophy is: ‘Since we can’t stop the bad buys, let’s stop everybody,’ which doesn’t help anybody.”
Due diligence
The only point of agreement is that renegade online ISOs must be shut down. And that could prove to be a daunting task. There are literally thousands of sites merchants can go to.
In the meantime, Navis says that merchants, like acquirers, also have to investigate an ISO’s background of an ISO before signing a contract. “If you’re in business, you need to do due diligence in terms of understanding what the implications are, making sure you get a legitimate vendor to provide services for you,” she says.
And experts also offer another piece of advice: Avoid ISOs touting ultra-low rates. If an offer sounds too good to be true, it probably is. 
|
