POS Vendors Now Targeted In Credit Card Receipt Error Case
Written by Evan SchumanFollowing lawsuits in February against some of the nation’s largest retailers for illegally revealing too much credit card information on printed receipts, two of those retailers are now suing their POS vendors.
In the initial lawsuits filed early this year, some 50 of the nation’s top retailers?including Rite Aid, Harry & David, Ikea, KB Toys, Disney, Regal Cinemas and AMC Theaters?were accused of printing full credit numbers and expiration dates on printed customer receipts, violating a provision of the Fair and Accurate Credit Transactions Act (FACTA) that makes it illegal for a retailer to print more than the last five digits or a credit/debit card number and it also forbids printing the card’s expiration data on that receipt. The rule took effect in phases, but by December 2006, the latest of its phases kicked in.
In the last couple of weeks, two of those retail defendants?Charlotte Russe and Shoe Pavillion?have sued their POS vendors, saying that the retailer relied on them and if the retailer is liable, then the POS vendor should pay for it.
Shoe Pavillion sued Datavantage Inc. in Ohio, saying that the receipt errors were because of “active acts or omissions” of Datavantage and was a result of how the POS vendor “designed, constructed, manufactured, installed, owned, maintained, operated, modified, sold, altered, treated, serviced or repaired the equipment and software in question, whereas the acts or omissions of Shoe Pavillion, if any, were passive only.”
Charlotte Russe sued its POS vendor, a Scottsdale, Arizona, company called Computer Dynamics Inc. The Russe case is a little different, because the lawsuit said that Computer Dynamics not only knew about the law change, but specifically told the retailer that the change needed to happen “to comply with statutory requirements.”
The POS vendor, according to the Charlotte Russe lawsuit, “breached their obligation under the sales contracts to provide software that deleted the expiration date on the receipt for the customer” and that Computer Dynamics “failed to exercise reasonable care and skill in designing, programming and providing the computer programs to Charlotte Russe and neglected to program the deletion of the expiration date on the receipt for the customer as required by state and federal law.”
The retail defendants in this case have been arguing various defenses in legal filings, ranging from ignorance of the law to software reliance to isolated pockets of out-of-date software to last minute system changes that inadvertently changed the settings for credit card number truncation, also known as masking, said J. Mark Moore, a Los Angeles attorney suing many of the retailers in this case.
Cards issued by European banks when used online cross border don't usually support AVS checks. So, when a European card is used with a billing address that's in the US, an ecom merchant wouldn't necessarily know that the shipping zip code doesn't match the billing code.
-Marc
