Why the Current Payment Ecosystem Isn’t Keeping Pace

By: Hannah Walker, Vice President, Political Affairs, FMI

‘Tis the season of family turkey feasts, Christmas trees and card fraud?  OK, so maybe the third one doesn’t really fit into the theme of the season, but let’s face it, card fraud is real and happening year-round. FMI members tell us that card fraud losses continue to rise each year, and there really seems to be no end in sight. 

Hearing our members’ frustrations, last year FMI joined with other trade associations, retailers, and debit networks, to form the Secure Payments Partnership (SPP). Since then, we’ve spent countless hours on the Hill to educate congressional staff about how the U.S. leads the world in card fraud, and how our current payment ecosystem just isn’t keeping pace. It costs retailers and consumers billions of dollars each year in fraud losses, according to Nilson. In addition to meeting with lawmakers and regulators, the SPP has met with all the global card brands and the standard-setting bodies EMVCo and PCI.

Today, the SPP released a white paper outlining the current scheme of EMVCo acting as the de-facto, standard-setting body for payment card security. Let’s just say it isn’t working.

The report shows: 

• Visa and MasterCard own and control EMVCo and ensure it sets standards that Visa and MasterCard can use to circumvent competitors before negotiations among business partners even begin. 
• How EMVCo bolstered Visa’s 20-year-plus battle against unaffiliated debit networks, resulting in the implementation of less-secure chip-and-signature EMV cards in the United States.
• How EMVCo adopted expensive, complex and difficult-to-implement technology such as near field communication (NFC) because it prevents other competitors from entering the mobile payments market.
• EMVCo adopted an anticompetitive tokenization standard that discriminates against debit networks and non-card forms of payment.
• How EMVCo ignored the work of other standards-setting organizations such as the Fast Identity Online (FIDO) Alliance and World Wide Web Consortium (W3C), institutions that were developing open standards for authentication that would have allowed other competitors into the system.
• EMVCo has introduced the Secure Remote Commerce standard, which purports to become a new integrated checkout platform for online payments. This standard has the potential to make it difficult to route transactions through unaffiliated debit networks, create higher dependence on the card companies and increase merchants’ payment processing costs.

Unlike true standard-setting bodies that are open, inclusive and offer all stakeholders a seat at the table, EMVCo is a closed body and only the global card brands can affect outcomes. The paper lays out several examples where security in the U.S. is ranked second-rate compared to profits and demonstrates where the U.S. missed opportunities to introduce true innovation and competition into the marketplace. 

FMI members value competition and strong industry standards that foster it. Members of the SPP discussed the white paper findings at a congressional staff briefing on Capitol Hill. Panelists from the merchant and debit network community showcased key findings and offered constructive solutions. The panel included Doug Kantor, partner, Steptoe & Johnson LLP, Stephanie Martz, senior vice president & general counsel, National Retail Federation, Reed Luhtanen, senior director global treasury, Walmart, and Dan Kramer, executive vice president, government & community affairs, SHAZAM. 

We are committed to education on payment card security and the SPP will continue to highlight solutions that improve the U.S. electronic payments system, which ranks dead last in the world. 

Learn More About the SPP and FMI’s Work with the Partnership