Scott Loftesness - Glenbrook Partners

There, did I get your attention? … Tonight’s headlines say it even more clearly – see this Wall St. Journal story titled “Merchants Win Debit-Card Fee Battle“. Or, see this post on PaymentsNews.com about the Durbin compromise announced earlier today.

Seriously, it seems to me that there’s a bit of a sleeper buried in all of this discussion about the Durbin amendment and debit interchange fees.

What’s the sleeper? Card-not-present (CNP) interchange fees – on both debit (think Durbin) and credit card purchases using MasterCard or Visa cards.

As many know, eCommerce and mail order/telephone order merchants pay higher interchange fees than merchants who are able to physically read a payment card’s magnetic stripe. That’s just the way it works.

Why? Issuers certainly have operational costs associated with handling fraud disputes on card not present (CNP) transactions – likely this was the original justification for a higher CNP interchange rate way back in the mail order/telephone order days.

A quick look at Visa’s online table of US interchange fees, illustrates this difference:

  • Card Present – Retail Debit: 0.95% plus $0.20
  • Card Not Present – eCommerce: 1.60% plus $0.15

MasterCard’s interchange fees are a bit more difficult to figure out. Looking at pages 74 and 75, you’ll find:

  • Card Present – Consumer Debit Emerging Markets: 0.80% plus $0.25
  • Consumer Debit – Merit 1 (Card Not Present): 1.64% plus $0.16

You get the idea.

For “signature” (non-PIN) debit card transactions, Visa and MasterCard interchange rates are roughly 65-75 basis points more expensive to CNP merchants. As usual with interchange fees, it’s a zero sum game – what the merchants pay goes to the card issuers – expense to CNP merchants, revenue to the bank issuers.

In addition to the higher card interchange rates borne by CNP merchants, they also are responsible for all of the fraud liability associated with CNP transactions. That’s just the way it works. If issuers can’t see (and verify) the full mag stripe card data, the rules say they don’t have any liability for fraud.

Card present merchants are protected from that liability – it is borne by the card issuer. (Note: both Visa and MasterCard offer programs – Verified by Visa and MasterCard SecureCode – that deal with that. These programs shift the liability for fraudulent transactions from CNP merchants to issuers – but most CNP merchants in the US have opted not to participate in these programs for a variety of reasons.)

If the Durbin amendment passes in some form, it will be fascinating to watch how the Federal Reserve deals with these differences between card present and card not present interchange rates for purchases using debit cards.

Note that the compromise announced earlier today by Durbin includes some new language about fraud prevention costs – giving the Fed the ability to adjust the interchange fee to the issuing bank “if the bank demonstrates that the adjustment is reasonably necessary to cover fraud prevention costs incurred by the bank.”

We live in interesting times!

What do you think? Let us know in the comments…

8 Responses to “The End of Interchange?”

  1. Chris White says:

    In the UK/Europe the historical reason for the the differential between CP and CNP is simply the perceived high risk of CNP. When e-commerce started to develop in the UK the big banks would not touch on-line merchants, particularly small ones, with a barge pole. Instead merchants relied on ‘bureaux’, such as early PSP players like Netbanx and WorldPay, to provide payment services. These bureaux services were ‘on risk’ and it was not uncommon for them to charge 7 or 8%, perhaps more. It depended in which sector the merchant was operating. While charges are now much lower the presence of EMV in the real world still means CNP is regarded as having a higher reisk profile and the differential tends to remain. Interestingly bureaux services are starting to re-emerge after having almost disappeared.

    I imagine it was no different in the US as regards the perception of risk. Hence the differential.

  2. Adam Levitin says:

    Scott,

    I think you’ve hit on something important here. The CNP liability (and pricing) rules simply do not make sense as they stand. The CNP liability rules made a lot of sense in the 1980s, when CNP began with MOTO. The issuers didn’t have any effective way to limit fraud for CNP then, so they were only willing to do the transactions if the merchants incurred the risk.

    Over the last decade, however, issuers have developed fairly good systems for preventing CNP fraud–AVN, for example. These systems aren’t perfect by any means, but issuers now have much more ability to prevent fraud in CNP situations than merchants do (virtually none), even without clunky programs like Verified by Visa. Fraud liability should be placed on the party that can prevent the fraud with the least cost, and that’s the issuer. The CNP liability rules are another sign of warped competition in the card space as networks compete for issuers, not merchants.

  3. Factcheckeri says:

    I agree, shouldn’t it be the other way around though , in a card not present the merchant should pay a higher rate but also have less fraud liability in exchange for the rate. In a card present a transaction goes through right away and the service or product is tendered , in a card not present in the case of merchandise there is time to verify a transaction, call the bank and card company, intercept shipments,etc so it can merchant liability but a lower interchange rate as well. In contrast a person buying a 2-3k computer at best buy has a few seconds for the transaction to process and the merchandise is gone.

    Furthermore the online purchase with a cvv2 and expiration date as well as AVS verification as well as the possibly of skimmers placing data on fake cards, make the current interchange rates a bit odd, any thoughts.

  4. Pseudo CP Man says:

    I am not an expert nor an interested party in this CP(card present) vs CNP(card not present) fees issue, but I do have a question I wish someone can help to answer.

    My understanding of the difference between CP and CNP transaction is that magnetic data from the card itself is read physically during a CP transaction. What if we could read the same magnetic data through some alternate means or technology from those CNP situations, would this make it a CP transaction then?

    Perhaps all CNP merchants can then save some money by the lowered fees associated with having ‘pseudo’ CP transaction.

    Tks for your comments and responses

  5. Conceptually, what’s involved is delivering the contents of the mag stripe to the issuer. If that data came from other sources, then they’d like violate another of the card networks rules (PCI-DSS related) that the mag stripe data can never be stored.

    That said, seems to me that all of this is just a “stroke of a pen” away from changing – meaning that the card network rules could enable alternative approaches such as your suggesting.

  6. Anonymous says:

    As far as I remember, the Mastercard CNP rules for the world excluding USA gave merchants chargeback protection if they were capable of 3D-secure/securecode. E.g. if merchant is 3D-secure capable but issuer is not, this is the issuers fault so they are liable. However inside the USA, it seems the US issuers don’t like this idea, so if a US merchant is 3D-secure capable, but US issuer is not, US merchant *still* has liability.
    Can anyone explain this ?

  7. Tony Goodwin says:

    For the internet merchant (UK) there have been a huge range of new costs that we have had to absorb PCI DSS being the biggest. With EU and Visa/Mastercard rules changing almost weekly, we have recently been presented with the latest IDF tables. Interchange Differential tables, Basically at the point of the transaction, we will get charged one of more of these additional charges depending on what type of transaction it is and what type of card is being used. Only we, the merchant, do not know and there is no way of knowing what this figure will be. Then when we get our invoice from Merchant Services (Global Payments HSBC), they will list all the charges we have incurred. Only we still will not know or have anyway of verifying which transactions have cost what.
    So I guess we pay up and look Big??

  8. Don Sieb says:

    I think a larger issue in the CNP discussion is m-payment and digital wallets. One could argue that a well designed smart phone payment app is more secure than even card plus PIN approach in the new EMV standard. Why? First smart phone payments have 3 levels of fraud protection, 1. No cardholder data is stored in the phone (Cloud Based) tokenization 2. pin protected, device certification.

    When a consumers uses a Smart Phone and digital wallet such as V.Me. the consumer and electronic version of the card is present.

    Bankcard interchange rules need to change as the technology changes.

Leave a Reply

Previous post:

Next post:

Clicky Web Analytics