WASHINGTON–The Federal Trade Commission has ordered an end to what it called “illegal business tactics” by Mastercard, saying the company has been forcing merchants to route debit card payments through its payment network. The FTC is requiring Mastercard to stop blocking the use of competing debit payment networks.
Under a proposed FTC order, Mastercard will have to start providing competing networks with customer account information they need to process debit payments, “reversing a practice the company allegedly had been using to keep them out of the ecommerce debit payment business and that violated provisions of the 2010 Dodd-Frank Act known as the Durbin Amendment and its implementing rule, Regulation II,” the FTC said.
In announcing its order, the FTC noted that with more than 80% of American adults carrying at least one debit card and more than $4 trillion in debit card purchases made every year, debit cards occupy a “significant place in the current payment landscape. The popularity of debit cards has been growing especially quickly for purchases consumers make using their personal devices equipped with ewallet applications such as Apple Pay, Google Pay, and Samsung Wallet.”
A ’Critical Role’
As a result, payment card networks play a “critical role” in those debit card transactions,” according to the FTC.
“When a customer presents their debit card to make a purchase, the network transmits the payment information to the card’s corresponding bank for approval, and then transfers the payment approval or denial back to the merchant,” the government agency said. “Payment card networks compete for the business of banks that issue cards and for the business of merchants that accept card payments.”
The FTC said processing fees charged by networks total billions of dollars every year, affecting every purchase made with a debit card.
“Most of these fees are paid by the merchants to the card-issuing banks and the payment card networks,” the FTC said, adding the 2010 Dodd-Frank Act’s Durbin Amendment requires financial institutions to enable at least two unaffiliated networks on every debit card, thereby giving merchants a choice of which network to use for a given debit transaction. The Durbin Amendment—along with its implementing rule, Regulation II—also bars payment card networks from inhibiting merchants from using other networks, the FTC added
Mastercard’s Illegal Tactics
“With the post-Durbin rise of debit ecommerce and ewallet debit transactions, Mastercard was flouting the law by setting policies to block merchants from routing ecommerce transactions using Mastercard-branded debit cards saved in ewallets to alternative payment card networks, including networks that may charge lower fees than Mastercard,” the FTC alleged.
“Specifically, Mastercard used its control over a process called “tokenization” to block the use of competing payment card networks, the agency alleged,” the FTC continued. “Transactions commonly are “tokenized” by replacing the cardholder’s primary account number with a different number to protect the account number during some stages of a debit transaction.
Tokens are stored in ewallets such as Apple Pay, Google Pay, and Samsung Wallet and serve as a substitute credential to provide additional protection for a cardholder’s account number.
How it Works
As the FTC explained, when a debit cardholder makes a debit purchase using an ewallet, the merchant receives a token from the cardholder’s device and sends it to the merchant’s bank, which in turn sends the token to a payment card network for processing. For the transaction to proceed, however, the network must be able to convert the token to its associated account number.
“Mastercard’s policy requires use of a token when a cardholder loads a Mastercard-branded debit card into an ewallet, while banks issuing Mastercard-branded debit cards nearly universally use Mastercard to generate the tokens and store the corresponding primary account numbers in its Mastercard ‘token vault’,” the FTC alleged. “Since competing networks do not have access to Mastercard’s token vault, merchants are dependent on Mastercard’s converting the token to process ewallet transactions using Mastercard-branded debit cards.”
According to the FTC, Mastercard “refuses” to provide conversion services to competing networks for remote ewallet debit transactions (i.e., online and in-app transactions, as opposed to in-person transactions made by the customer in a store), thereby making it impossible for merchants to route their ewallet transactions on a network other than Mastercard.
The Next Steps
Under the FTC consent order, when a competing network receives a token to process a debit card payment, Mastercard is required to provide them with the customer’s personal account number that corresponds to the token. The order also bans Mastercard from taking any action to prevent competitors from providing their own payment token service or offer tokens on Mastercard-branded debit cards and requires Mastercard to comply with provisions of Regulation II.
FCC commissioners voted 4-0 in favor of the consent agreement. The agency will now publish a description of the consent agreement package in the Federal Register soon.
The agreement will be subject to public comment, after which the Commission will decide whether to make the proposed consent order final. Instructions for filing comments appear in the published notice. Comments must be received 30 days after publication in the Federal Register.
Just in Time for the New Year, CUToday’s Free Morning Headline Email is Now Double-Free!
Don’t forget to check your Spam/Junk email folder if you haven’t been receiving your free, popular and daily CUToday.info news headlines.
And if you haven’t yet signed up for the new email solution on which CUToday.info has partnered with ResponseGenius, you can do so here. Signing up requires less than one minute of your time.
CUToday.info has received very positive response from readers following the move to an improved provider of the daily headlines, but many also noted they did need to go to their Spam/Junk folder and mark it as safe.
The new email solution has not only improved every reader’s delivery experience, but it also features a fresh, new format that is easy to read, especially on mobile devices.
Please note and/or make your IT department or email administrator aware the emails will be coming from the domains CUTodayinfo.com and CUTodayinfoReply.com.