Tuesday, January 04, 2011

End times for the credit card?

Despite all of their security issues, I've never thought credit cards would go away. I figured one day banks would become liable for identity theft, and credit card companies would fix their broken-by-design security models.

I never thought credit cards would just go away -- until today. Today I went to pay my American Express Blue cash back statement. I do this monthly, it's usually a minor nuisance. Today, however, I found a newish web site. It feels Flash based. It features obnoxious, flickering ads. It made me do a security reset. The "feedback" button didn't render correctly in Safari, it wasn't the only rendering problem (just the most ironic one). To add injury to injury, the new site told me AMEX was making some incomprehensible change to its cash back program next March. I don't think that change is meant to please me.

I've seen this kind of service regression before. It doesn't end well.

It's a sign that the smart people at AMEX have abandoned ship. That fits with news coverage of the woes of the credit card business. Credit card margins are being squeezed, their prime victims, people who paid interest, have gone bankrupt.

We've all heard stories for years about a replacement for the credit card. It hasn't happened, but maybe this year will be different.

3 comments:

Ramakant Yadav said...

Absolutely shocking that in the US, there is no three-factor-authentication for credit cards. In India, we have to use a one time password that is valid for 4 minutes if we want to use credit cards on-line. It is a law, citibank follows it, hsbc follows it and so do all the other private and public banks.

I was shocked when Citibank only asked for my card number, cvv number and card expiry date when I tried to do some business on godaddy.com. How is security so completely lax in the on-line world in the US?

However, people in the US get to dispute transactions. In India, there is no such concept. Which means that if my credit card is stolen and used before I notify Citibank about it, then I am liable to pay for everything that was charged on it.

Oh and if I get a defective product and want to return it and the seller refuses to return it, then the bank wont do a thing about it. All banks in India follow the principle that credit cards are like cash.

Of course in offline store transactions, they still follow the ownership principle. If you pulled it out of your pocket, it must be yours.

Typically banks don't do a thing about credit card issues or any other customer issues until the government interferes. I get the impression that most of the customer-friendly features that banks implement are mandated by government.

JGF said...

Credit card fraud in the US is very common.

It's so lax because in the US banks almost always absorb the cost of fraudulent transactions that customer's notice. Fraud that goes undetected is paid by the customer.

Since customers don't pay, there's no political pressure to improve. (Check fraud is different, usually the customer pays.)

Banks pass their fraud costs on to customers in the form of fees and interest.

Now that the credit card margins are shrinking Banks may have trouble passing on fraud losses, so I wonder if they'll get more worried about security.

In India, does the customer pay for fraud losses or the bank?

Ramakant Yadav said...

In India, the customer pays for all transactions that occur on an un-blocked card. It says so in the terms and conditions.

If the card gets stolen, the customers are supposed to call up the bank and hot-list the credit card or debit card.

Until it gets hot-listed, the customer pays for all transactions. Citibank in India does offer card-insurance that covers all payments in this scenario. Unfortunately, none of the other Indian banks[like hdfc, icici, state bank of india etc] offer this feature.

And if you don't pay, until last year, the banks would send hired men to your office and home in order to recover the money. There is no concept of bankruptcy, you pay or you get beaten up.

So last year, the courts took a dim view of the entire "hire recovery agents and harass customers" concept and started ordering the banks to pay compensation to harassed people who would not pay back their credit card dues for whatever reasons.

Right now, citibank is involved in a huge fraud case in its New Delhi branch. Apparently one of the relationship managers took a lot of money and invested it in his personal accounts. Look in google for: citibank fraud India. The customers involved are expected to ask for compensation from citibank. I don't think they are going to get any compensation although the amount of the money involved is Rs 300 Crores.

Rs 300 Crores is 3000 million rupees in english. 45 Rupees is $1.
So that is ....around..60 million dollars give or take 10 million.