Credit card companies are rolling out “smart” credit cards that are too dumb to thwart billions of dollars in fraud, Home Depot claims in a lawsuit filed this week in federal court.
The lawsuit, filed in federal district court in Atlanta against Visa and Mastercard, is the latest shot in a new battle that is brewing between merchants and credit card issuers of the nationwide roll-out of so-called “chip” cards — newer, more sophisticated credit and debit cards aimed at thwarting card fraud by identity thieves and hackers.
“I think there will be many more lawsuits to come,” said Mark Horwedel, chief executive of The Merchant Advisory Group, a trade group representing more than 100 of the nation’s largest retailers, including Atlanta-based Home Depot.
He said merchants are “very concerned” with how the new card roll-out is being handled, because in many cases it has shifted the cost of fraud from banks that issued the cards to the merchants that are accepting them.
“Merchants’ costs are going through the roof,” he said.
Recommended for you
Recommended for you
Recommended for you
Embedded in each of the new smart cards is a small computer chip that encrypts account information with a new code for each transaction. That makes it much harder for hackers to copy the information onto counterfeit cards.
But Home Depot, which was one of the first national retailers to upgrade its store terminals to accept the new cards, said they would be more effective at preventing fraud if they also required customers to punch in a personal identification number, or PIN. All debit cards have that option, but very few credit cards do.
In its lawsuit, Home Depot accused Visa and Mastercard of trying to block the use of PINs and pushing merchants toward accepting less-secure transactions that earn the card companies higher fees.
The companies are pushing technology that “is defective and subject to fraud and have colluded with each other and with the banks that issue debit and credit cards to do so,” Home Depot said in its lawsuit.
“As a result of their conduct, United States consumers experience the highest rates of payment card fraud in the world, and United States businesses are subject to the highest payment card related fees in the world,” the home improvement retailer said.
Home Depot said the card transaction fees are the “most onerous bank fees” it pays, amounting to almost $750 million last year.
A spokesman for Mastercard said the company hadn’t had a chance to review the lawsuit, and declined to comment. “We are aware of the complaint and will respond in due course,” a Visa spokeswoman said.
In a related move last month, Walmart filed a lawsuit accusing Visa of blocking it from requiring customers to use PIN numbers rather than signatures when using their debit cards. The latter transactions are more prone to fraud and result in retailers having to pay higher fees to credit card companies, Walmart said.
A group of Florida merchants also filed a lawsuit earlier this year citing some of the same issues, said Horwedel.
Jason Oxman, a spokesman for the Electronic Transactions Association, a trade group representing payment processors and credit card issuers, including Visa and Mastercard, said he hasn’t seen the lawsuit and declined to comment on it.
Visa and MasterCard in 2011 set an Oct. 1, 2015, deadline for banks, merchants and other players in the electronic payments world to switch to more advanced “smart” or “chip” cards and card readers similar to those long used in Europe. The cards are supposed to help slow the wave of credit card info-hacking and fraud that has swept the country.
The chip cards require a new type of terminal that interacts with the card’s computer chip rather than with the familiar, and more vulnerable, magnetic strip on conventional cards.
Oxman said about half of the 1.2 billion credit and debit cards used in the U.S. have been switched to chip cards, and about 15 percent of the nation’s merchants have upgraded their terminals to accept the new cards.
The Oct. 1 switch-over wasn’t mandatory, but merchants and credit card issuers who haven’t upgraded are responsible for covering the cost of any fraud that occurs.