Update 2022 – this never happened. While the networks have the facilities in VTS/MDES and the new SRC standard with EMVCo.. the rate tier has not taken hold.
As I outline 16 months ago in mCommerce/eCommerce Convergence, there is a new V/MA rate tier coming: Card Holder Present (CHP). CHP is coming by summer 2016 (70% probability), and can be thought of as a remake of what was VBV and MSC in 2006/7 using the new token utilities built for ApplePay.
Visa and Mastercard are just brilliant here… a new rate tier makes logical sense as top online merchants have managed online fraud to under 3bps and refuse to tokenize without risk based pricing. In order for V/MA to make use of their token facilities they must get the wallet providers support before the banks can stand up their own TCH token utility, and take enhanced role in debit routing. In the meantime they also enable new mobile metaphors for presentment via BLE (see Apple Blog)
The impacts of the is new rate tier, and network led tokenization are tremendous:
- Card Not Present interchange (Issuer Revenue Loss, Merchant Gain)
- Paypal (new Competitors)
- Gateway Risk/Fraud Services (no fraud to manage)
- Bank Fraud Management (no own eCom)
- Mobile Payments, Platforms and ID Services (See Token Assurance)
- Tokenization of Cards on File (COF)
- Visa/MA Token Services (network control)
- Expansion of mobile opportunities beyond NFC to BLE (see my Apple Blog)
- Routing of all tokenized Debit
In general, CNP in credit carries a 30bps premium AND the merchant bears the cost of fraud. I expect the new CHP rate tier to land in the middle between CP and CNP and give banks responsibility for fraud loss.
As I’ve stated previously, this new rate tier will be available to any payment provider that does not steer (see my previous PayPal Blog). My bank friends tell me that Paypal is making progress in banking relationships and I do think they will be able to benefit from this new tier because of their recent efforts.
History… (experts skip this part)
Historically eCommerce payment services focused on the ability to manage fraud, as merchants held all liability in a Card Not Present (CNP) transaction. As such, payment service providers managed card acceptance and also provided fraud management services (hence their pricing of ~340-~600bps vs the card present MDR for CP of 160-180bps). Paypal’s service was the first of its kind to allow small merchants to accept cards, as the big banks had no tools to manage CNP fraud. All the large eCom specialists became VERY VERY good at managing fraud, building custom infrastructure to assess buyer patterns, and the device which the consumer is purchasing from to score transactions. Today most of their fraud rates are under 3bps.
Move from Fraud Management to Identity
In Europe, Visa and Mastercard shifted liability within eCommerce transactions onto banks in 2006 (see 3DS a Collaborative Path to Failure). This did NOT work out well for all, as the technology was highly flawed. The US never had this facility… a good thing.. and the state of the art in fraud management stayed within the big 3. For more background on this see Authentication in Value Nets. However the billions of dollars invested in building fraud management assets are being rendered useless by identity management and authentication. Visa and Mastercard are now the leaders in this space.. an indispensable common utility.
Also see Payments Part of OS: