Slashdot Mirror

← Back to Stories (view on slashdot.org)

FTC Says Payment Processor Took Millions

Posted by kdawson on from the give-me-your-money-or-give-me-your-time dept.

coondoggie writes "The Federal Trade Commission and seven states have charged a payment processor with violating federal and state laws by debiting, or attempting to debit, from consumers' bank accounts on behalf of numerous fraudulent telemarketers and Internet-based merchants. Between June 2004 and March 2006, the payment processing company, Your Money Access, processed more than $200 million in debits and attempted debits to consumers' bank accounts. More than $69 million of the attempted debits were returned or rejected by consumers or their banks for various reasons, indicating the lack of consumer authorization, the FTC complaint alleges."

16 of 120 comments (clear)

  1. Re:This place is bad news. by thebear05 · · Score: 2, Informative

    The question I have is how do I know who is processing the charge even if I know I am being charged ?

  2. This went on for nearly 2 years? by RattFink · · Score: 4, Insightful

    It shouldn't take that long to find out fraud is going on with a company with a charge-back rate higher then 25%. Why the heck wouldn't the credit cards cut off the tap and mitigate their damages? It seems sort of foolish to me.

    --
    "I don't necessarily agree with everything I say." - Marshall McLuhan
    1. Re:This went on for nearly 2 years? by GwaihirBW · · Score: 3, Informative

      Well, it is kinda tiny in credit-company terms . . . $100 mil in a year is a drop in the bucket. Size probably kept it off the priority list, even if the rate did blip their radar. Now with a two year record, it's a really solid case to bring, creating a nice precedent-hammer to expedite further such cases and scare similar operators out of the business.

      --
      "There are four boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order." - Ed Howdershelt
    2. Re:This went on for nearly 2 years? by deniable · · Score: 3, Insightful

      Well, the summary seems to say that the merchants in this case were scammers. The feds may have wanted to back-trace / follow the money. It probably also took time to collect enough evidence for the case to proceed while not tipping off the accused.

    3. Re:This went on for nearly 2 years? by Anonymous Coward · · Score: 3, Informative

      You mean the credit card companys that scammed us all for the last 10 years on forigen exchange rates and finally got caught on that themselves?

      (Oh yeah... www.ccfsettlement.com Get your share of the settlement. at least $25 of it anyway. the lawyers will get most of it.)

      So these people scamming us didn't shut down some other companys scamming us too? No way! I'm hmm... less than shocked..

    4. Re:This went on for nearly 2 years? by profplump · · Score: 4, Insightful

      Because the credit card company doesn't actually have damages. They don't even get bad PR. Here's what happens:

      1. Bad Man, Inc. charges you through his CC processor, Bad CC Processor, LLC
      2. Bad CC Processor, LLC forwards the charge to your CC company.
      3. You notice and dispute the charge with your CC company.
      4. Your CC company gladly removes the charge from your account.
      5. Your CC company refuses to pay Bad CC Processor, LLC.
      6. Bad CC Processor, LLC refuses to pay Bad Man, Inc.

      Now, if the CC processor wasn't dirty, they'd eventually refuse to process charges from Bad Man, Inc., because he's obviously a fraud. But they are dirty, so they don't do anything. And if Bad Man, Inc. wasn't dirty he'd probably provide evidence to support his charges and try to get payment. But is his dirty, so he doesn't do anything.

      At no point in that process does the CC company lose any money, other than a few minutes of telephone support time. They probably know that Bad CC Processor, LLC is dirty too, they just don't care. Obviously it would be good for their customers if they refused to accept charges from Bad CC Processor, LLC, but they aren't very motivated because, while they have to deal with some fraud reporting, they don't lose any money, don't really risk their reputation, and still get to process the successful 65% of charges that come in. If you've ever worked in a sales-oriented company, you'll know that it's essentially impossible to get sales to walk away from existing revenue streams, even if you could sustain a better profit margin on other types of business.

    5. Re:This went on for nearly 2 years? by Belial6 · · Score: 3, Informative

      Because this was not credit card fraud. It was debit card fraud. Given that regular debit cards need a pin to access the account, it means that this was 'check card' fraud. I don't know why anyone would be surprised by this since Visa advertises that these cards are easy to commit fraud with. This was inevitable, and will only get worse until people start to raise a stink with their bank for trying to screw them by issuing 'check cards' instead of regular atm cards.

      It always amazes me how many people think it's a good idea to carry a card that give access to their checking account with no pin, no id, and not even a signature.

    6. Re:This went on for nearly 2 years? by Aqualung812 · · Score: 3, Informative
      There is a problem with your list at step 5. You are missing step 2(a), where CC company pays bad CC Processor, LLC. Bad guy has his money at the end of the day in most cases. Since they have already been paid, step 5 is more like:

      5. Your CC company requests proof of transaction

      6. Bad CC company provides tainted proof

      [decision tree]

      6(a). Your CC company calls the lawyers

      6(b). Your CC company makes you prove that the charges are false

      6(c). Your CC company decides (a) and (b) will cost more than just eating the cost

      Guess what two they do the most? B and C. In credit cards, almost all of the risk is on the card issuer. The vendor has some slight risk, but only if they don't follow procedures. The card holder has very little risk since Visa and Mastercard force the issuers to pay if there is a dispute. The processor has zero risk.

      --
      Grammer Nazis - I mod you "troll" unless you actually add something on-topic. Yes, I know I have mispellings in my sig.
    7. Re:This went on for nearly 2 years? by encoderer · · Score: 2, Informative

      Actually, you should check your facts.

      Any bank that issues a card with the Visa or MasterCard logo has agreed to meet or exceed the consumer protection policies of Visa or MasterCard. This is how it's ALWAYS been, debit card horror stories notwithstanding.

      Visa:
      "Debit cards have the same security protections as credit cards. Just like credit card cards, debit cards have Zero Liability* fraud protection and dispute resolution options."
      http://usa.visa.com/personal/using_visa/personal_finance/debit.html

      MasterCard:
      "With your debit card, you'll enjoy great features such as worldwide acceptance at millions of locations, MasterCard Global Service, and Zero Liability* protection from unauthorized purchases."
      http://www.mastercard.com/us/personal/en/aboutourcards/debit/standard_card.html

      No, this protection is not mandated by LAW as it is with Credit Cards, but it is mandated by Visa and MasterCard who have ZERO INTEREST in seeing their good name tarnished.

      Everyone has heard Debit Card Horror Stories. My suggestion is to have a critical ear and check the facts, instead of just passing-on the FUD.

  3. Re:This place is bad news. by GwaihirBW · · Score: 2, Insightful

    In general, I think the answer is that you don't . . . but the banks and the Feds do, and you can bet they keep records and track trends. Nearly 35% unauthorized charges implies that perhaps this processor is specifically courting fraudulent businesses, and is at the least not doing whatever vetting and verifying it's supposed to be.

    --
    "There are four boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order." - Ed Howdershelt
  4. took [OT] by Seumas · · Score: 2, Funny

    The title of this article made me, for the first time in my entire life, notice that "took" is a really weird word.

  5. ouch, reject fees? by marcushnk · · Score: 2, Interesting

    I'm not sure about in America but here in Australia if someone tried to debit money from your account and it fails YOU the account holder get slugged a fee.
    I wonder if this was the case for all the failed unauthorized attempts...?

    --
    "Consider how lucky you are that life has been good to you so far. Alternatively, if life hasn't been good to you so far
  6. Re:What a load of bollocks by Anonymous Coward · · Score: 3, Funny

    >> If you don't know what you are talking about why not just shut the fuck up?

    wow, you're just a big meanie... digg.com is calling you.

  7. Re:That's why credit cards are better by Markus+Landgren · · Score: 2, Informative

    When Apple Computer made a fraudulent charge to my debit card, it only took a phonecall to the bank and a mailing in of the form they sent me (postage already paid on the response envelope they sent me by the way). Sure enough, the money was gone from my account but it was back within 48 hours from picking up the phone, and of those 48 hours I spent 10 minutes actively working on the case. Not a lot of time spent, and no other resources spent except the ink for the form and the saliva for the envelope.

  8. Does not appear to be CC related. RTFA by Shivetya · · Score: 5, Informative
    They keep refering to "bank accounts" which implies to me that they have the routing number and account number. Most likely preying on people with bad credit who could not get Credit Cards

    Defendants withdrew funds from consumers' bank accounts in one of two ways: by electronically debiting consumer bank accounts through the Automated Clearing House Network or by submitting checks and falsely representing that the consumers had approved them.

    See http://www.allamericanpatriots.com/48738769_illinois-ag-madigan-joins-six-states-ftc-suit-stop-florida-company-fraudulent-debits

    So this is a case of direct taking from accounts or use of fradulenet checks. That is why no Credit Card company raised an alarm, they were not even in the loop

    --
    * Winners compare their achievements to their goals, losers compare theirs to that of others.
  9. Lil' background info by quietwalker · · Score: 3, Informative

    It seems some people are confused about the nature of the Automated Clearing House, and making very odd assumptions. Since some of this is due to a conflict in terminology, hopefully I can clear this up. ACH is a big network. You might say it's really a collection of protocols and legal policies that allow banks and credit card companies to talk to each other. Every time you use your debit card in a non-branch office (like a Wells Fargo card in a Bank of America ATM), you're using ACH. Now, I'm going to skip the in-depth network topology and give you the highlights. In short, the entire setup consists of Vendors attached to a Payment Processor , which are attached to ACH, which is responsible for routing a transaction from one ACH member to a Financial Institution (like a bank or credit card company). Vendor->Payment processor->ACH->Financial Institution. Now, why not have the Vendor connect to the FI directly? Well, each vendor would need a connection for every card. As in physical lines. That makes it expensive for everyone, and hit-or-miss for the consumer - what if they don't support YOUR card? Okay, so, why not have the vendor connect to the ACH directly? Well, when you make a transaction on the ACH, there's no additional security. Basically, it's assumed that you have the authority to make the transaction, or you wouldn't be doing it. Imagine getting a credit card scanner and service for like 300$, quickly making several hundred thousand in fraudulent charges, and skipping the country. Generally speaking, you need to be an established business with accountability to be allowed to connect to the ACH - and that's where payment processors come in. Oh, and quick terminology lesson. In ACH parlance: A debit means "take money from an account" A credit means "put money into an account" They have nothing to do with credit cards, or debit cards, or anything of the sort. Payment Processors, usually make money per transaction, or per connection time. Either way though, they profit from vendor transactions whether valid or not, so there's a good incentive to 'look the other way' with problem vendors. So, this payment processor was following all the rules, but they're charging it as sort of an accessory to criminal acts by their customers. The states are saying that they knew these were invalid debits, but they processed them anyway, just to make money. Technically it would be the vendors that have to suffer here, but the states are trying to hit every target they can, especially when busting a little work-out-of-your-house-2000$-laptop-scammer is not worth the money spent sending them to trial.