Slashdot Mirror
FTC Says Payment Processor Took Millions
coondoggie writes "The Federal Trade Commission and seven states have charged a payment processor with violating federal and state laws by debiting, or attempting to debit, from consumers' bank accounts on behalf of numerous fraudulent telemarketers and Internet-based merchants. Between June 2004 and March 2006, the payment processing company, Your Money Access, processed more than $200 million in debits and attempted debits to consumers' bank accounts. More than $69 million of the attempted debits were returned or rejected by consumers or their banks for various reasons, indicating the lack of consumer authorization, the FTC complaint alleges."
The question I have is how do I know who is processing the charge even if I know I am being charged ?
Well, it is kinda tiny in credit-company terms . . . $100 mil in a year is a drop in the bucket. Size probably kept it off the priority list, even if the rate did blip their radar. Now with a two year record, it's a really solid case to bring, creating a nice precedent-hammer to expedite further such cases and scare similar operators out of the business.
"There are four boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order." - Ed Howdershelt
You mean the credit card companys that scammed us all for the last 10 years on forigen exchange rates and finally got caught on that themselves?
(Oh yeah... www.ccfsettlement.com Get your share of the settlement. at least $25 of it anyway. the lawyers will get most of it.)
So these people scamming us didn't shut down some other companys scamming us too? No way! I'm hmm... less than shocked..
Because this was not credit card fraud. It was debit card fraud. Given that regular debit cards need a pin to access the account, it means that this was 'check card' fraud. I don't know why anyone would be surprised by this since Visa advertises that these cards are easy to commit fraud with. This was inevitable, and will only get worse until people start to raise a stink with their bank for trying to screw them by issuing 'check cards' instead of regular atm cards.
It always amazes me how many people think it's a good idea to carry a card that give access to their checking account with no pin, no id, and not even a signature.
When Apple Computer made a fraudulent charge to my debit card, it only took a phonecall to the bank and a mailing in of the form they sent me (postage already paid on the response envelope they sent me by the way). Sure enough, the money was gone from my account but it was back within 48 hours from picking up the phone, and of those 48 hours I spent 10 minutes actively working on the case. Not a lot of time spent, and no other resources spent except the ink for the form and the saliva for the envelope.
Defendants withdrew funds from consumers' bank accounts in one of two ways: by electronically debiting consumer bank accounts through the Automated Clearing House Network or by submitting checks and falsely representing that the consumers had approved them.
See http://www.allamericanpatriots.com/48738769_illinois-ag-madigan-joins-six-states-ftc-suit-stop-florida-company-fraudulent-debits
So this is a case of direct taking from accounts or use of fradulenet checks. That is why no Credit Card company raised an alarm, they were not even in the loop
* Winners compare their achievements to their goals, losers compare theirs to that of others.
5. Your CC company requests proof of transaction
6. Bad CC company provides tainted proof
[decision tree]
6(a). Your CC company calls the lawyers
6(b). Your CC company makes you prove that the charges are false
6(c). Your CC company decides (a) and (b) will cost more than just eating the cost
Guess what two they do the most? B and C. In credit cards, almost all of the risk is on the card issuer. The vendor has some slight risk, but only if they don't follow procedures. The card holder has very little risk since Visa and Mastercard force the issuers to pay if there is a dispute. The processor has zero risk.
Grammer Nazis - I mod you "troll" unless you actually add something on-topic. Yes, I know I have mispellings in my sig.
It seems some people are confused about the nature of the Automated Clearing House, and making very odd assumptions. Since some of this is due to a conflict in terminology, hopefully I can clear this up. ACH is a big network. You might say it's really a collection of protocols and legal policies that allow banks and credit card companies to talk to each other. Every time you use your debit card in a non-branch office (like a Wells Fargo card in a Bank of America ATM), you're using ACH. Now, I'm going to skip the in-depth network topology and give you the highlights. In short, the entire setup consists of Vendors attached to a Payment Processor , which are attached to ACH, which is responsible for routing a transaction from one ACH member to a Financial Institution (like a bank or credit card company). Vendor->Payment processor->ACH->Financial Institution. Now, why not have the Vendor connect to the FI directly? Well, each vendor would need a connection for every card. As in physical lines. That makes it expensive for everyone, and hit-or-miss for the consumer - what if they don't support YOUR card? Okay, so, why not have the vendor connect to the ACH directly? Well, when you make a transaction on the ACH, there's no additional security. Basically, it's assumed that you have the authority to make the transaction, or you wouldn't be doing it. Imagine getting a credit card scanner and service for like 300$, quickly making several hundred thousand in fraudulent charges, and skipping the country. Generally speaking, you need to be an established business with accountability to be allowed to connect to the ACH - and that's where payment processors come in. Oh, and quick terminology lesson. In ACH parlance: A debit means "take money from an account" A credit means "put money into an account" They have nothing to do with credit cards, or debit cards, or anything of the sort. Payment Processors, usually make money per transaction, or per connection time. Either way though, they profit from vendor transactions whether valid or not, so there's a good incentive to 'look the other way' with problem vendors. So, this payment processor was following all the rules, but they're charging it as sort of an accessory to criminal acts by their customers. The states are saying that they knew these were invalid debits, but they processed them anyway, just to make money. Technically it would be the vendors that have to suffer here, but the states are trying to hit every target they can, especially when busting a little work-out-of-your-house-2000$-laptop-scammer is not worth the money spent sending them to trial.
Actually, you should check your facts.
Any bank that issues a card with the Visa or MasterCard logo has agreed to meet or exceed the consumer protection policies of Visa or MasterCard. This is how it's ALWAYS been, debit card horror stories notwithstanding.
Visa:
"Debit cards have the same security protections as credit cards. Just like credit card cards, debit cards have Zero Liability* fraud protection and dispute resolution options."
http://usa.visa.com/personal/using_visa/personal_finance/debit.html
MasterCard:
"With your debit card, you'll enjoy great features such as worldwide acceptance at millions of locations, MasterCard Global Service, and Zero Liability* protection from unauthorized purchases."
http://www.mastercard.com/us/personal/en/aboutourcards/debit/standard_card.html
No, this protection is not mandated by LAW as it is with Credit Cards, but it is mandated by Visa and MasterCard who have ZERO INTEREST in seeing their good name tarnished.
Everyone has heard Debit Card Horror Stories. My suggestion is to have a critical ear and check the facts, instead of just passing-on the FUD.