Visa Pushes Back PIN Pad Fine Threat To 2012
Written by Evan SchumanAfter some serious retail pushback—particularly in the gas station sector—Visa has relented and agreed to back off an earlier PIN pad compliance deadline originally set for July 1, 2010, some 7-and-a-half months away. The new policy isn’t threatening fines until Aug. 1, 2012.
One organization that had been pushing the change, the National Association of Convenience Stores (NACS), applauded the change.
“This is huge for our retailers, as many have expressed their inability to financially swallow PCI compliance, which costs an average location $20,000, and upgrading dispensers to TDES at an average cost of $3,000 per dispenser,” said Michael Davis, NACS vice president of member services. “Our average site operator made $40,000 pre-tax last year. For them to invest in all mandates this year means operating at break-even. This allows retailers to take the more cost-effective approach of installing TDES-capable PIN pads during pump upgrade cycles, rather than a blitz.”
But the changes were mostly fueled by strong retail lobbying efforts. Beyond the convenience retailers that NACS represents, several of the nation’s largest chains—including at least one major department store—were threatening to abruptly cut off PIN debit at the deadline, possibly switching to signature debit to temporarily sidestep the issue.
The tactic is not dissimilar from what Best Buy did this summer when it threatened Visa over contactless payment debit charges. That move took the form of a media statement the retailer issued on July 16, in which Best Buy said it “is constantly looking at ways to reduce the cost of check lane tender. As part of this exercise, we are evaluating the continued acceptance of Visa-issued contactless payment cards in our stores in light of recent price increases. However, at this time we have not completed our analysis.”
Under pressure from multiple retailers, Visa this time chose to back down. Technically, the deadline for next summer is still in place. But the threatened punishment has been pushed back a few years.
According to a Visa document detailing the change, the new threat date’s objective is not to raise revenue. “Visa’s goal is not to fine clients but to encourage adoption of the triple data encryption standard (TDES),” said the PDF, based on a slide presentation made by two Visa payment system risk managers: Stoddard Lambertson and Ross Snailer.
Another NACS representative’s quote on the NACS site suggested that the move was also in the best interest of Visa, because the extra time would allow for consideration of more retail-friendly payment strategies.
“Our analysis of card costs has shown that signature debit, while much less secure for our customers, is now the same cost as PIN debit but without the cost of having to upgrade PIN pads,” said Gray Taylor, payments consultant to NACS. “We are concerned that PIN debit interchange—which has risen an average of 15 percent on a compounded basis since 1996—will price itself out of our market, and shift significant transaction share to Visa and MasterCard while eliminating access to new payment card concepts that bring competition to the card payment market. Of course, if the latest Maestro PIN debit interchange hike—78 percent—is any indication, EFT networks will price themselves out of our market without the TDES mandate.”
Cards issued by European banks when used online cross border don't usually support AVS checks. So, when a European card is used with a billing address that's in the US, an ecom merchant wouldn't necessarily know that the shipping zip code doesn't match the billing code.
-Marc
