Credit card issuers watch online how you shop, customize offers
Online offers may vary depending on your domain, surfing habits
By Tony Mecia | Published: January 28, 2011
Many of the nation's top credit card companies are now using high-tech marketing techniques that let them change their online offers on the fly, based on shoppers' surfing habits.
That means that you and a friend across town, who happen to have identical credit records, might see different offers at the same card site at the same time. Although that might seem odd, card companies say it's part of a strategy to offer deals better suited to each individual.
Sometimes the discrepancies result from random test marketing. But sometimes the offers are different because the websites are tailoring information based on what they think they know about you.
Like other companies that do business on the Internet, card issuers are trying to strike a balance between personalizing their sites and protecting users' privacy. On one hand, they want to offer you products that interest you. For instance, they'd like to pitch travel rewards cards to frequent travelers. But at the same time, they say, they don't want to creep people out by making pitches too personalized, even though technologies are advancing that might help them make educated guesses about your income and interests based on your Internet habits.
"Over the past 12 to 24 months, the infrastructure for tracking on the Internet has gotten way, way more sophisticated," says Rob Shavell, co-founder of Abine Inc., a Cambridge, Mass., company that develops privacy software.
Some tech companies, he says, now compile databases on individuals' Internet histories, cross-reference that against other sets of data, then use algorithms to predict what kind of products people might buy. The instant someone visits a Web page, data about the visitor can be quickly exchanged, and the host site could use the information to personalize offers.
At the request of CreditCards.com, Abine analyzed 10 of the top U.S. card issuers to see if their websites employed technologies that could be used to acquire detailed information on visitors to those sites. Abine looked for the presence of "cookies," bits of information a website puts on your computer to remember you in future visits, as well as the use of what are known as "third-party calls" -- or the exchange of information about you with an outside website.
The results found that nine of the 10 card companies exchanged information with at least one outside website, and all 10 placed cookies on a visitor's computer. Discover exchanged information with the most outside sites (11) and placed the most cookies (21).
Anas Osman, Discover's vice president of new card member acquisition, acknowledges that visitors to Discover's site might see different card offers with different rates. Much of that, he says, springs from randomized testing to determine what offers visitors find most appealing.
He says Discover has dabbled with using detailed information compiled by outside companies about potential customers, but that it has abandoned that approach. "We generally found that the data that was being offered was not sufficient to make a good enough prediction" about what offers customers like, he said.
Instead, Discover uses more limited data to tailor its website to you, such as what browser you use and where your computer is. For instance, if you're using a computer from an .edu domain, you're more likely to see a student credit card as the main offer on Discover's site, Osman says.
"Our goal is to make sure the website is as user-friendly as possible," he says. Regardless of the main offer, all of Discover's offers are available on its site.
As to why Discover employed the most cookies and checks with outside websites, Osman says those are largely done to track users' activities on Discover's site and to trace Discover ads users see on other sites.
Capital One, which Abine said had the second-highest number of checks with outside Web pages, says it, too, is seeking to personalize the experience, and that sometimes results in different lead offers. Spokeswoman Pam Girardo says it's an extension of what card companies have done over the years with direct mail: They don't send you a catalog but rather an offer for a particular card based on available information.
"While we suggest products that we believe will be of interest to our visitors, we do not limit their ability to easily explore all products available on our site," she said in an e-mail.
She says Capital One does not use data captured from other sites in targeting offers.
Like Discover, Capital One makes credit decisions based on traditional methods -- application, credit check -- not on Internet data, she says. Both companies say they do not use personally identifiable information for marketing and that they comply with banking laws and their own privacy policies.
Same card, different rates
CreditCards.com first noticed differences in offer rates on cards several months ago, when compiling information for its Weekly Rate Report. The report examines rates on 100 of the most popular credit cards, and nearly every week, researchers double-checking data noticed different rate offers on one or two cards. For instance, researchers one day in mid-December found both a 13.24 percent and a 12.24 percent interest rate on the Chase Sapphire card, depending on who was looking up the rates.
Chase, which ranked No. 2 in Abine's study for placing cookies on visitors' computers, declined to discuss the technology it uses. "Because we consider that information to be proprietary, and for competitive reasons, I cannot share details on this topic," spokeswoman Gail Hurdis said via e-mail.
Any data is going to be of value. The degree to which it is of value is still being tested.
Julie Conroy McNelly
Aite Group analyst
Julie Conroy McNelley, senior risk and fraud analyst with Aite Group, a research and advisory firm, says card companies are still in the early stages of figuring out how technologies that were developed to fight fraud might be used for marketing.
"Any data is going to be of value," she said. "The degree to which it is of value is still being tested."
Device fingerprinting, link analysis
Two of the major technologies, she says, are device fingerprinting, which gives companies information on the computer you're on, and link analysis, which looks at correlations between you and other people.
Still, card companies are rightfully cautious of acquiring too much personal data, she says.
"If companies start using it for marketing purposes, there is the potential that people will view that as an invasion of privacy, and the companies might start getting regulated," she says.
Shavell, the privacy software company's co-founder, says there are two steps people can take to limit what companies know about their habits.
- First, opt of out targeted ad networks that link ads to your browsing behavior. The biggest of these is at networkadvertising.org.
- Second, he advises deleting your Internet history and cookies through your browser.
Taking those steps will better safeguard your privacy, though it's luck of the draw whether clearing your cache will save you some cash by yielding a better offer.
Be aware that if you delete your cookies, sites are less likely to show you material that interests you, and you'll have to type passwords in manually.
Says Discover's Osman: "You can use our site without cookies, but it will be a less rich, less rewarding experience."
|How credit card issuers gather, exchange data about you online|
|Card issuer||Number of outside websites contacted1||Number of cookies placed2|
|Bank of America
1This is the number of third-party websites the card
issuer's main site contacts when you go to that page. That indicates the
company is exchanging information about you, which could be used to personalize
offers and track advertising.
Source: Abine Inc. for CreditCards.com. Figures were gathered in early December.
- EMV chip card torture test – We put EMV chip credit cards through a series of tests to see how they stand up to common threats such as extreme temperatures, water and corrosive liquids ...
- Abolish the password? Card issuers are working on that – Credit card issuers and banks aim to phase out passwords over the next few years with the help of biometric authentication ...
- Startups use tech to put cardholders in charge of security – With data beaches on the rise, startup companies are developing new options that help consumers minimize their exposure to a possible hack ...