The challenger to these will solve for a different problem. Not every transaction needs complex fraud detection or being able for the customer do to chargebacks.
For a 3% discount, would customers agree to use something that worked just like cash, where the transfer was instant and couldn't be undone? Then you don't have to worry about fraud, chargebacks, etc.
You are missing the opposite side of the fraud picture: Where it's not the business scamming you, but someone taking your credentials and spending up to the limit in a store that deals with no chargebacks. This is, if anything, the larger size of the fraud losses for the Stripes of the world. Fake businesses that use the cards either for testing if the creds are good, or where the owners charge cards that they obtained from some other malicious actor.
So it's not that I get 3% off by not supporting chargebacks, but whether I want to have a dollar under a payment system that supports someone emptying me out without recourse.... and the answer is often no.
Or further abusing your weak password on a site and then racking up a ton of charges to a product that they're capable of laundering in some way into money for them at any ratio.
There's an issue that you're not addressing: what happens when someone who isn't me spends my money? I think people would be happy for the theoretical 3% discount until their account is drained and sent to North Korea with no recourse.
It is fantasy to think they'd get a 3% discount. The goods in stores that take only cash do not tend to be cheaper than those that do.
They know what people are willing to pay and will charge the price. If they see people are willing to pay $99 with a credit card, then they'll be willing to pay that with cash.
I think the issue here is who is paying the fee and where is the fee surfaced. A free market solution would work here, but it requires some regulating to create the transparency required.
Everyone pays their own credit card fee as a line item on the receipt, merchants are required to print it on the receipt. If customers actually had to pay their own fee's on each swipe you'd see a lot less people reaching for the Platinum card and instead for the no frills local bank credit card. You'd also see immense downward market pressure on swipe fees as now card issuers have to compete against each other.
Technically the merchant is paying the fee, and he perhaps is passing some or all of it to you.
The reason merchants might not pass it all to you if that they get a lot more sales volume when they support credit cards, so they can still be more profitable while paying for some of those fees.
I know I'm going to get hated for saying this, but the businesses that charge extra for credit card use under $10 are trying to extract as much out of you - they're aiming to get the best of both worlds. The price of their goods are still such that they're assuming you'll pay with a card.
At the end of the day a business has several costs. Rent, cost of shipping, utilities, etc. When these go up so do the costs of goods. Credit card fees are no different in that regard. If they hated it that much they wouldn't support credit card payments. They do support it because then know it'll bring in more revenue than without - and will easily pay for itself and more.
The issue is there's a huge disparity in the fees for certain payment methods.
Some cards cost merchants much more than others, but they are contractually forbidden from differentiating their prices based on that. It's anticompetitive. Lots of "buy now pay later" schemes work similarly, when afterpay was (or is) a big thing they charge 7% and forbid the merchant from including that cost in their prices.
If the consumer had to bear the cost of their payment choice, no problem, but the reality is consumers with low fee payments are paying slightly more than they should for everything and those with high fee payments pay less than they should for everything.
The reason merchants don't pass fees onto credit card customers only is that the credit card network prohibits them from doing so. If they were to charge a credit card fee, they'd get banned from processing credit cards at all.
> The goods in stores that take only cash do not tend to be cheaper than those that do.
In NYC they most definitely do. A lot of the corner stores will change you less with cash. I'm not sure it is a the card payment or that they are keeping the sale off the books, but something that might cost me $18.50, I'll pay $18 for.
When I wrote that comment I knew someone would come out and use New York City as a counterexample.
The reality is except for a few of the really major cities those types of stores are usually more expensive than their larger counterparts in virtually all other cities in the US.
In my city I'm not going to get cheaper groceries by going to the smaller stores. They are more expensive regardless of whether they support credit cards or not. They may be superior and certain other aspects but price is not one of them.
My guess is the opposite may be true only in places where owning a car is expensive or inconvenient.
In Poland, the default way for computer shops in 2000-2010s was to offer 2% discount when paying in cash. (The prices displayed were assuming cash, so if you paid by card, you'd pay more.)
I didn't see this anywhere else though. It probably made sense for computer shops because most transactions one would do there would be sporadic, big, and planned.
(Since then, the Mastercard/Visa fees went down to 0.2-0.3% due to EU rules, so probably those discounts are less popular now).
In the US offering different prices when paying by cash vs card was a violation of the agreement with Visa, as is putting a minimum price threshold for card usage.
It's still fairly widespread though, and occasionally makes the news. Might explain why you didn't see it often.
I believe the Visa merchant agreement never forbade cash discounts, only credit card surcharges. I'm not sure, but the current rules are different due to a legal settlement.
In the US, not only does Visa now allow cash discounts and minimum price thresholds up to US$10, but they also allow, in most states, credit card surcharges (sometimes subject to specific state-law legal requirements).
Visa still officially disallows minimum price thresholds outside the US and certain related territories like Guam, and credit card surcharges outside the US - but I nevertheless see them plenty often here in Germany in small shops. I think the permission to offer cash discounts is global.
And how would that work accounting wise? Would they just claim that a bunch of PCs "fall off" a truck?
I'm not sure subjecting everyone to poorly regulated (even in the EU it's fair from ideal) monopolies/oligopolies that are legally entitled to literally tax every single transaction in the economy (in addition to the complete loss anonymity and all the implications of that) is not a too high price to pay for some reduction in tax fraud...
“Shrinkage” is the generic term I have heard for stock losses of all kinds in retail and distribution channels.
In many jurisdictions, cash payments can allow the retailer to avoid on-paying sales tax or VAT, as well as mark stock shrinkage as a loss for their own tax purposes.
Countering this would require very careful auditing of electronic toll records and paper receipt processes, which are in most cases trivial to evade if well-prepared.
And you can’t always be sure that the shrinkage - without the cash - is reported to the manager of the retailer by the person on the till, especially if an unofficial handwritten receipt is provided by the cashier.
I recall seeing a situation involving a very large champagne purchase on New Year’s Eve in cash for 25% off and a “till receipt problem”.
This is the purpose of Zelle, Venmo, money wires, and checks. But there are many problems they don’t solve, that customers and sellers prefer to be solved and are willing to pay for.
I would use my debit card even if it behaved exactly like cash, ie, when the recipient got the money, my only way of getting it back is to sue them or call the police.
Obviously any electronic payment system needs to be secure internally but society lasted a long time and made fine progress when having your wallet stolen meant losing your money.
It would be fine to require a person to charge their debit card with a finite amount rather than have it be funded up to the limit of the supporting account and that would solve the last problem compared to cash.
I understand that Europe is more secure with chip+pin, but in the US, debit cards do exactly what you describe. If fraud happens, you are out money until it is resolved.
The key difference from cash, in the US, is the ability to abuse cards at a later date without the physical card. For someone to steal your wallet, they have to be colocated with you and can only steal as much as you're walking around with.
As long as debit cards have a magnetic stripe and have their full number printed on them, and that information is useful, this problem remains.
I don’t believe SCA is enforced by the bank. It’s voluntary by the merchant. It acts as a liability shift but won’t save you from someone not caring about it and emptying your account (temporarily until the chargeback goes though). I don’t think any bank offers an option of “allow SCA-only transactions” and I don’t think it would be even possible (I’m not sure there is any token/session identifier to tie the SCA request and the actual subsequent transaction even).
When adding a card to a taxi app for example I get SCA prompt for a zero amount, but then they can charge me for any amount without subsequent SCA flows.
Presumably those subsequent transactions wouldn’t have a liability shift to the issuer but it still means that they can at least temporarily steal all your money until your chargeback claim goes through.
The whole concept of “card number” is rotten. What’s needed is an oAuth2-type system where every payment needs to redirect to the bank (actual redirect, no stupid hacky iframe like SCA/3DSecure is) and where you can see the merchant and set the max amount (and whether one-off or recurring) and the bank records that and keeps a list of authorized merchants so you can revoke them at any time. The merchant then must use this token to pull money, and can't pull more than what the token allows - just like your usual oAuth2 scopes.
This is not right at all (it's mandatory fo all banks and merchants in the EEA), although you're correct that SCA still has loopholes (like a US merchant... just trying, although a bank could just mandate 3DS to solve that).
How do you explain the example I gave where the taxi app only has to SCA me once and not upon every transaction? This is in the EU.
What I suspect is that the "mandatory" bit is by law (and the law has flexibility, which covers this taxi app scenario) but there is no technical solution to make it mandatory, thus a non-compliant merchant can still drain your account until your chargeback claim goes through.
You're right that it's not fully enforced technically. It's complicated, and I don't think that's really solvable by technology (being that this scenario is roughly equivalent to direct debiting). Banks can validate if a particular merchant has already been used by a customer and blocking them from debiting your account, but since that SCA has exceptions for recurring debiting, this is not really enforcable once the customer has authorized the merchant for any debiting.
> If you attempt an exemption and the bank returns a decline code indicating that the payment failed due to missing authentication, you’ll have to reattempt the payment with your customer but this time utilizing SCA.
Yeah, Europe is ahead on this; I hedged my earlier statements heavily.
It's not a difficult technological problem to solve. A card's chip should be able to guarantee that the card is physically present for any transaction.
Obviously online payments would pose a problem, people would need to either own USB card chip readers or banks would need to do something new and special.
In Germany (/ the EU?) we have electronic ID cards that can be used for a few online services.
The physical card can communicate via NFC, and there's a smartphone app you can use with it.
For PCs, you can buy some fancy NFC interface if you want, but you can also have your phone act as a reader, the PC connects to it over the local network.
Maybe something similiar could work for banking cards. They all have NFC anyways.
On the other hand, you might as well just have an app that is registered with the bank on your computer/phone (like how it works for smartphone NFC payments) and skip the card.
Online payments are done using pretty much the same system. Instead of the chip, you get either a 2nd authentication mechanism, or start out with a strong token (be it the strength of the token itself, or the stability of it).
An older example was getting transaction authorisation numbers. You would either get a long indexed list on paper, or you could receive then over the phone (voice or text). This was then mostly replaced (about 10 years ago) with hardware (H/T)OTP type tokens that required your card to be inserted in the token and PIN authenticated. Later on that too was replaced by a cardless version, and that one then was replaced (for consumers) with mobile apps.
The combination of minimum software versions, online authentication, transaction limits, daily limits, and time-locked temporary limit increases (so you can buy a car with your phone, but you have to up the limit a couple of hours ahead of time for it to take effect) make it pretty safe with acceptable risk for the bank. And then there's of course the standard fraud detection and prevention departments, so if you do something unusual that also involves a lot of money, you're likely going to get a call.
For business use, there are other systems, generally two types like EU-wide smartcards or bank-specific smartcards that can be used to authenticate and authorise. You'd use an USB or NFC connected method for that. Sometimes that involves entering a PIN on the device itself before the computer can talk to it, but that does make the OTP exchange very fast. You'd still have limits or multiparty authorisation setup in your organisation so you don't end up with one person just moving a couple of 100K around on their own.
And then there's some overlapping systems, apparently this one is going EU-wide: hhttps://en.wikipedia.org/wiki/EIDAS and apparently some implementations include useful things: https://www.idin.nl/en/businesses/ like age confirmation where the business doesn't need to know who, what or where you are just if you're of age (and not even a specific age). Granted, nothing is perfect, but it's a whole lot better than finding some S3 bucket somewhere with JPEGs of ID cards. As long as they don't do dumb stuff like trying to MITM TLS, it's progress. The overlap is in the concept where you can use some electronic means to prove who you are to get something done.
If you have an unprotected vector fraudsters will find and exploit it. They're literally paid to do so.
I've seen fraudsters that are ridiculously persistent to make $2,000 in a year. But they just keep poking at it at a certain point you're able to ramp that up to $80,000 in a month I know they're good it was completely worth it to him for several years.
How I've seen people spend hundreds of hours to generate a few hundred dollars worth of in-game currency or on-site reward points.
> Not every transaction needs complex fraud detection or being able for the customer do to chargebacks.
Well, not until you get hacked.
We might be happy with instant, no-undo transactions until our device gets hacked and our bank account with many thousands of dollars gets drained, through no fault of our own.
Then suddenly, complex fraud detection and transaction reversals seems like an awfully good idea.
Because the issue here isn't about chargebacks where you genuinely made the transaction but the business failed to deliver, and maybe you lose a couple hundred dollars. The issue here is about when you never authorized transactions at all, and you lose all your savings.
EU caps interchange fees at 0.3%, which is probably still too much. The 3% is mostly to finance the various gimmick programs that make naive people think they are "gaming the system" with their 20th card in wallet (and because they can, of course).
For a 3% discount, would customers agree to use something that worked just like cash, where the transfer was instant and couldn't be undone? Then you don't have to worry about fraud, chargebacks, etc.