Confidence tricks are as old as commerce. So are confidence tricksters, also known as con artists or scammers. They manipulate individual psychology to induce victims into a bargain disadvantageous to themselves. However, con artists also manipulate institutional psychology, specifically the weaknesses in acquirer underwriting and risk management policies and procedures, to secure card acceptance.
Christian Chmiel, CEO of merchant on-boarding and monitoring solutions firm Web Shield, explains how those underwriting merchant transactions can protect themselves from unscrupulous merchants.
According to card scheme rules, transactions must be legal (in both the buyer’s and seller’s country) to be processed. This is particularly relevant for e-commerce merchants, who sell cross-border.
It is also what makes deceptive marketing practices such a pernicious risk for acquirers and payment service providers (PSPs). It challenges traditional acquirer risk management thinking and controls, as it is not what the merchant sells, it is how they sell it that creates the acceptance risk. Merchant category codes (MCCs) are not a reliable proxy for illegal activity. Every merchant type is in scope.
Acquirers guarantee their merchant’s card sales at the time of purchase and into the future. They could be left covering the costs of card chargebacks resulting from the behavior and practices of their merchant. Plus, the reputational damage if their merchant has caused financial loss. Or even the death of a customer in the case of pharmaceutical sales. Here are three examples:
- If merchants operate negative option sales models – i.e. assume that customers have bought the product unless they inform the merchant to the contrary – this may violate consumer protection laws or trading standards legislation, which would make the transaction illegal.
- If merchants process transactions without cardholder consent or fail to disclose material information prior to the sale, again this could put transactions outside card scheme rules.
- If consumers have been prevented from making an informed choice through the misleading actions, omissions or aggressive sales practices of the merchant, this could make the sale illegal.
Regulators get tough
US Federal Trade Commission (FTC) data shows that complaints about ‘free trials’ In a recent case from earlier this year, the FTC announced that it was returning more than $6 million to consumers. This followed a successful action against a vendor of online health products,
This case had all the hallmarks typical of a deceptive marketing scam. The defendants used unsupported claims, fake ads, bogus celebrity endorsements and consumer testimonials to market weight loss, muscle building and wrinkle reduction products. They also used deceptive offers of ‘free’ and ‘risk-free’ trials.
The websites failed to disclose that consumers would be enrolled in recurring billing arrangements unless they canceled within a short period of time. The process for canceling orders was not clear, and as a result many customers, who signed up for free trials, were charged hundreds of dollars for often unwanted products.
Card schemes get tough
With consumers out-of-pocket and regulators, consumer groups and the media exercised, the payment industry is coming under increasing scrutiny for its stance on deceptive marketing practices.
At the end of June 2019, Visa announced worldwide requirements for free trial merchants. This came hot on the heels of Mastercard requirements that came into effect on 12 April 2019.
Generally, both card schemes state that cardholders must explicitly consent to a recurring transaction at the time of enrolment. Details on the length of the trial, transaction amount, date for initial and subsequent payments, and a simple way to cancel must be provided.
The main points of difference in the requirements of the two major card schemes are:
- Visa’s requirements apply to merchants selling physical and digital goods and services, whereas the Mastercard requirements apply to sellers of physical goods only
- Visa requires a descriptor indicating a trial period in the merchant name field for the first transaction at the end of the trial period. This descriptor (e.g., ‘trial’, ‘trial period’, ‘free trial’) appears on cardholder statements, online banking, mobile apps and SMS alerts.
- Mastercard requires details of how to cancel the subscription to be sent with every attempted authorization. The Visa requirements do not explicitly state this although merchants must provide an easy way to cancel the subscription or payment method online, regardless of how the cardholder initially interacted with the merchant.
- Mastercard requires merchants to send written confirmation to the cardholder when the trial period and/or billing plan has been canceled. There is no equivalent Visa requirement, although confirming a cancellation is good business practice.
With the fight against deceptive marketing practices intensifying, acquirers and PSPs are under increasing pressure to improve their merchant onboarding and monitoring. Web Shield has added functionality to its on-boarding and monitoring solutions to assist customers in identifying high-risk free trial and negative option billing merchants.
Deceptive marketing practices will also be the subject of the fifth book in the Web Shield ‘Fundamentals of Card-Not-Present Merchant Acceptance’ series launched at the networking conference, 19-20 November 2019 in Warsaw. More details on the speakers, agenda and rates can be found at
— ends —
About Web Shield
aims to help acquiring banks, payment service providers and other actors in the payments space to protect themselves from bad actors involved in illegal or non-compliant activities.
Our highly precise investigation tools enable underwriters to make informed decisions about prospective clients and alert them when existing ones behave dubiously.
The Web Shield Academy trains merchant underwriters of all levels in scheduled or customized courses. The next scheduled event is the course, 24-25 October 2019 in London.