Trends & Tactics

Settlement? What Settlement?

Who said the proposed settlement of a massive court case involving interchange unveiled in July 2012 would put to rest the decades-old dispute between merchants and the bank card networks over card-acceptance costs?

Beginning just before Memorial Day, partisans filed three interchange-related lawsuits in less than a month. Meanwhile, about 7,800 retailers and merchant trade groups opted out of the proposed settlement by a May 28 deadline, Reuters reported.

The settlement will be the subject of a Sept. 12 fairness hearing scheduled before Judge John Gleeson of U.S. District Court in Brooklyn, N.Y.

The objectors represent a tiny fraction of the more than 5 million U.S. merchants that accepted Visa and MasterCard cards between 2004 and 2012, the period the settlement covers. But they control a much bigger share of card volume. Their ranks include some of the nation’s biggest merchants, including No. 1 retailer Wal-Mart Stores Inc.

While Gleeson gave the settlement preliminary approval last November, he said final approval calls for a higher standard and he promised to hear out the objectors’ complaints.

Neither side seems willing to lay down its legal arms during the interlude.

In late May, Visa Inc., MasterCard Inc., and nine banks sued in the Brooklyn federal court seeking a declaration that their conduct with respect to interchange and network rules did not violate antitrust laws. The suit named as defendants 10 retail trade groups and merchants that were named plaintiffs in the original litigation leading to the settlement, litigation that dates back to 2005, but that opted out or declared their intentions to opt out of the damages part of the $7.25 billion settlement.

The networks and banks filed their suit shortly after a group of retailers led by Target Corp. sued Visa and MasterCard over interchange in the federal court in Manhattan.

Many merchants and trade groups have complained that the settlement would leave Visa and MasterCard free to continue setting interchange rates at allegedly high levels and impose rules that merchants couldn’t challenge in court.

The settlement would give class merchants just over $6 billion from a Visa-MasterCard fund and about $1.2 billion through temporary credit card interchange cuts, plus greater freedom from some network rules, notably the ban on credit card surcharges.

Visa and MasterCard say the settlement will provide merchants with what reportedly is the nation’s largest-ever private damages recovery and requires both companies “to each make significant changes” in some of their rules.

“A declaration in plaintiffs’ favor against the defendants is necessary to prevent the continuation of endless, wasteful litigation between defendants and plaintiffs,” their complaint says.

Attorney Anita Boomstein says “there’s nothing new” in the Visa-MasterCard suit.

“What they have done is repackage all of the arguments they have made,” says Boomstein, a partner at Hughes Hubbard & Reed LLP in New York who has advised merchants about the litigation. “I think it’s a clever way to try and change the focus, so that instead of being on the defensive they’re on the offensive.”

Then, on June 12, Visa sued Wal-Mart in the Brooklyn court seeking to prevent the retailer from suing Visa over interchange.

Bentonville, Ark.-based Wal-Mart is mulling its own antitrust challenge to the interchange-setting process. Visa’s suit doesn’t ask the court to actually forbid Wal-Mart from suing, but it seeks a declaration that the Visa conduct Wal-Mart would question has been legal, making a lawsuit pointless.

“Put simply, Visa seeks finality in its dispute with Wal-Mart,” Visa’s complaint says.

Wal-Mart said in a statement that “we are disappointed that Visa chose to file this unwarranted and unsupportable lawsuit in retaliation for our decision to opt out and object to an unfair settlement agreement.”

Gartner Sees a Lot Less NFC in the Future

Mobile-payments observers have noticed the steam leaking out of the NFC engine for some time, but now numbers have emerged to show just how big the leak is.

Last month, Gartner Inc. made a sharp downward revision of its five-year projection for mobile payments based on near-field communication (NFC) technology. That’s the technology that lets handset users tap and pay to buy things in stores.

With NFC adoption flagging among merchants, especially, worldwide NFC payments volume will reach $22 billion by 2016, down fully 40% from the original forecast released a year ago, says Gartner.

Overall, the Stamford, Conn.-based research firm is still projecting robust growth for NFC, a two-way radio-wave protocol that also lets consumers receive and redeem rewards. Global NFC volume will balloon nearly nine-fold, from $4.7 billion this year to $36 billion in 2017, the firm says, with growth accelerating after 2016.

But it will account for a small fraction of total mobile-payments volume—2% in 2013 and 5% in 2017.

Why the substantial reforecast? Slow uptake of NFC by consumers and merchants and missteps by Google Inc.’s Google Wallet and by Isis, a joint venture put together by the largest U.S. mobile carriers, are the top culprits. Both initiatives were expected to promote NFC payments nationally but instead have stumbled.

Launched commercially in the fall of 2011, Google Wallet went through a major overhaul less than a year later, and now the future of the product is anybody’s guess. Earlier this year, the Google executive who ran Wallet left the company.

Meanwhile, Isis was expected to launch in Austin, Texas, and Salt Lake City last summer but didn’t go live in those cities until October. Isis has not disclosed numbers but usage and acceptance are said to be weak.

“We have lowered the forecast of total [NFC] transaction value for the forecast period due to lower-than-expected growth in 2012, especially in North America and Africa,” says Sandy Shen, research director at Gartner, in a statement.

Still, there are promising signs for NFC, according to other research also released last month. All major handset manufacturers with the notable exception of Apple Inc. now offer phones with NFC chips, according to Sweden-based NFC researcher Berg Insight. The firm says 140 million NFC-equipped devices shipped last year, while the global installed base reached 170 million units, or 3.3% of all handsets.

That share will soar to 32%, however, by 2017, when Berg expects the installed base to hit 2.1 billion.

That could help solve one of the major issues plaguing NFC-based mobile payments: lack of capable phones. “I believe we will see increased handset volume in 2013 that supports NFC,” says Cherian Abraham, mobile commerce and payments lead at Experian Global Consulting, by e-mail. “With Samsung and Motorola shipping NFC phones, I expect the numbers to pick up.”

At the same time, shipments of point-of-sale terminals capable of NFC transactions are also on the rise. Berg Insight estimates they will account for 82% of the North American installed base by the end of 2017.

But merchants may install NFC terminals, and consumers may buy NFC smart phones, without actually using the technology. Some experts say a focus on non-payment NFC capabilities, such as the automatic redemption of offers, is missing.

For all forms of mobile payment, whether NFC-based or not, Gartner expects dollar volume in North America to reach $37 billion this year, up by more than half from 2012.

Berg Insight, meanwhile, estimates the volume of mobile-wallet transactions in physical stores amounted to $500,000 last year, a total mostly accounted for by a single initiative, Starbucks Corp.’s mobile-payments app, which relies on barcodes rather than NFC. Starbucks revealed in May it is processing 4.5 million mobile transactions each week.

Optimistically, Berg expects in-store mobile-wallet volume to grow dramatically to $44 billion by 2017 as Google Wallet, Isis, and other major initiatives finally build momentum.

Double Trouble for Data-Breach Victims

A new study shows that the likelihood of a consumer becoming a fraud victim after his or her personal information was compromised in a data breach nearly doubled in just two years.

Javelin Strategy & Research discovered this growing link between data breaches and fraud after reviewing findings from its three most recent annual identity-fraud studies to learn more about the connections between breach notifications to consumers and incidents of actual fraud.

In all, 12% of consumers Javelin surveyed last October reported being notified of a data breach involving their personal financial information. But 51% of fraud victims had been notified that they were data-breach victims in the past 12 months.

Looked at over three years, the fraud-incidence rate is increasing sharply. In 2010, for example, some 4.4% of all U.S. consumers were fraud victims, but 11.8% of data-breach victims became fraud victims. Only 1.4% of consumers who were not data-breach victims became fraud victims.

By 2012, 5.3% of all consumers were fraud victims, with 22.5% of data-breach victims reporting they also were fraud victims, as were 2.9% of non-data-breach victims.

One explanation for the strengthening breach-fraud connection is the likely displacement of hackers “who did it for fun” by those with more businesslike but criminal intentions, according to Al Pascual, senior analyst for security, risk, and fraud at Pleasanton, Calif.-based Javelin, a unit of Greenwich Associates. But hackers also are improving their techniques.

“What we really think is driving that more than anything else is criminals are getting better at figuring out what is of value and then going out and really looking for it,” says Pascual. “They’re looking for that low-hanging fruit.”

The lowest-hanging fruits are credit and debit card primary account numbers (PANs) and expiration dates, which can be easily sold on so-called carder Web sites and used to produce counterfeit cards.

There are so many PANs and accompanying expiration dates on the black market nowadays that they’re going for only $1 to $3 for a Visa standard credit card, as little as one-tenth their price five or six years ago, according to Pascual.

“It’s a question of volume,” he says.

Consumers whose debit card data were compromised were the most likely to report incidents of fraud: 37.1% versus 28.2% for consumers reporting credit and/or debit card numbers were breached, 27.7% for Social Security numbers, and 24.3% for credit card numbers alone.

Credit cards tend to have somewhat tighter fraud-prevention controls than debit cards, which consumers frequently use as substitutes for cash, according to Pascual, a former fraud investigator with processor Fidelity National Information Services Inc. (FIS).

“So those controls tend to be a bit looser; [debit card issuers] don’t want to turn down those transactions for fear of losing that customer,” he says.

Card networks typically fine merchants or payment processors when they sustain a data breach, but the costs those entities bear are just a fraction of the total losses breaches cause when actual fraud, consumers’ time to remediate the resulting problems, and related expenses are factored in, says Pascual.

“There’s no onus on anyone to improve their data security, and there needs to be,” he says.

Javelin’s findings, released on June, are based on surveys of up to 5,249 consumers.

Small Sellers: Mobile Stumbling Continues

As time passes, it’s becoming clearer where the signal is being dropped when it comes to remote payments by mobile device: it’s with small merchants.

As it turns out, while more and more consumers are using handsets and tablets to access e-commerce sites, only a minority of small merchants have made their sites easy to navigate and buy from, according to research released in June.

Indeed, mobile optimization—making sure a site loads quickly and renders checkout forms that are easy to read and fill out—remains a relative rarity among Level 4 e-commerce and multichannel retailers, according to ControlScan Inc., an Alpharetta, Ga.-based security-technology vendor that conducted the research with Hauppage, N.Y.-based merchant processor TransFirst.

Level 4 merchants process up to 20,000 e-commerce transactions or as many as 1 million face-to-face payments each year.

Among both e-commerce and multichannel merchants, some 49% say they haven’t mobile-optimized their sites, while a further 17% don’t know or are unsure. Meanwhile, for the first time, more than half of U.S. consumers have a smart phone, while just over a third own a tablet, according to the Pew Research Center.

These increases in mobile ownership are showing up in the results small sellers are seeing. Among those that track mobile sales, some 16% say more than 25% of their of their business is now coming from a mobile device, compared to 7% in a similar survey the two companies conducted last summer (“Stumbling over Mobile Payments,” Trends & Tactics, October).

Unfortunately, such tracking is the exception rather than the rule. Fully 70% of the small-merchant respondents said they don’t track mobile transactions as distinct from PC-based payments, and another 12% don’t know or are unsure whether they do. Yet, when asked why they haven’t optimized their sites, the majority, some 57%, cite the absence of a “compelling” reason to do so.

This result confounds the researchers. “I find this silly because in a card-not-present environment, they’re not talking to the customer,” says Craig Tieken, director of product at TransFirst.

But a customer who wearies of pinching and tapping on a little screen is likely to go to a competitor’s site. “Once that visitor is gone, they’re probably gone for good,” says Tieken.

There has been some progress since last year’s survey, say both Tieken and David Abouchar, senior director of product managent at ControlScan. For example, the fraction of merchants that haven’t optimized for mobile has declined from 2012’s 55% level. And those e-commerce-only merchants that track mobile distinctly from PCs has grown from 16% to 28%.

Still, multichannel merchants have regressed on this question, sliding from 20% to 14%. “We’re seeing the right movement, but I’m not sure we’re seeing enough movement,” says Tieken.

Both men point to independent sales organizations and other acquirers as critical agents in getting small e-commerce merchants to optimize their sites for the rapidly growing hordes of mobile shoppers. “They’re the front line,” says Tieken.

Abouchar advises ISOs to show small-merchant executives what their checkout pages look like side-by-side with an optimized site. “A picture is worth a thousand words,” he says. “It’ll become very clear how challenging it is to work with a non-optimized site.”

Corrections & Clarifications

In our “Annual Field Guide to Alternative Payments,” May, we indicated that Secure Vault Payments had been rebranded as PayWithMyBank. In fact, Secure Vault Payments continues as a service under that name, while PayWithMyBank is a separate service.

Readers of “Prepaid Cards Navigate the Durbin Waters,” March, may have inferred that Visa Inc.’s and MasterCard Inc.’s zero-liability policies for fraudulent transactions cover PIN-debit transactions. In writing and editing the article, it was not our intention to convey this inference, but we decided to check with the networks anyway. Visa’s policy can apply to PIN-based transactions, but only if Visa processes the transaction, according to a spokesperson. MasterCard did not respond to several Digital Transactions inquiries, but its Web site says its policy does not cover a transaction when a PIN is used for an unauthorized purchase.