Mastercard and Visa require all card issuers to provide opt-in fraud alerts via text and message
Payment networks Mastercard and Visa now mandate credit card issuers to ask consumers if they want to receive text alerts about their card transactions in an effort to reduce the impact and cost of fraud.
As of Oct. 14, 2016, Visa required issuers of consumer credit, debit and reloadable prepaid cards to provide opt-in alerts via text, email or push alerts for potentially fraudulent transactions. Mastercard followed suit on April 21, 2017. Those that send out cards from these networks must now comply with both deadlines.
While the largest banks have had mobile alert programs for years, the network requirements aim to make digital and mobile contact ubiquitous with cardholders as alerts can stop fraud quickly. That saves cardholders the hassles related to card fraud, and it saves issuers money that’s lost when a card is used illegally. These network requirements mean that while consumers may decline to receive mobile alerts, banks must offer to send them.
How does it work? Consumers who opt in for the alerts can receive real-time text messages, emails or push notifications based on preferences such as amount spent, method of spending (e.g., online or in store) or geography.
Cardholders get a notification whenever a potentially fraudulent purchase occurs. The fraud alert will ask the cardholder to confirm or reject the purchase. Issuers who don’t get a response may put a temporary hold on the card until the suspicious transaction has been verified.
“We know that this technology is very good from a fraud-reduction perspective,” says Mark Nelson, senior vice president of risk products at Visa.
Old message, modern delivery
Fraud alerts aren’t new. For decades, banks have called consumers to check on suspicious activity, but phone calls are time consuming and expensive. Times have changed, too: People today are less likely to answer their phones, but sending a fraud or other alert via text or push notification often can get an immediate response.
“Purchase alerts are a better customer experience than the phone calls,” says Ben Knieff, a senior analyst with Aite Group, a financial industry research company. “And it ends up reducing costs in the call center.”
Visa has found that alert programs have led to a 40 percent decline in subsequent fraud losses.
Four in 10 consumers (45 million Americans) received notifications from a bank via email, text or push in 2014, according to a 2015 report by Javelin Strategy & Research. That number is expected to climb to 52 percent by 2019.
Issuers of Visa cards and Mastercards in North America now have purchase alert programs in place to comply with the mandate. For issuers that haven’t created their own alert systems, Visa rolled out its Purchase Transaction Alerts Program in April 2016. It offers text messaging, emails and push notification capabilities. Mastercard’s In Control program offers similar services. “People really want and need this,” says Jill Bugh, vice president for Mastercard’s In Control.
The Visa and Mastercard programs make it possible for smaller issuers to offer transaction and card alerts. The ubiquitous alerts benefit cardholders, says Brian Riley, director of credit advisory services at Mercator Advisory Group. “You won’t be forced into going to a big bank because they’re the only ones with the security features that you want,” he says.
Big savings for issuers
By reducing fraud, the alerts cut the related costs to issuers and can save cardholders hours, days or longer of headache resulting from credit card fraud.
Since most issuers extend zero liability coverage to consumers for fraudulent purchases, card issuers are forced to eat those fraud costs.
“The consumer is protected financially, but they still have to deal with the inconvenience of having the card shut down and having to have it reissued,” Riley says.
With its program, Visa considers more than 500 data points to determine whether a purchase is suspicious and then creates a risk score that it sends to the bank. Issuers may act based on that score, or they may have their own monitoring criteria. Purchases made at gas stations (where thieves often test stolen cards), overseas or for unusually large amounts all may trigger an alert.
Balancing convenience and security
While payments security experts agree that purchase alerts are a smart way for consumers to stay on top of their spending and any potential fraud, issuers who send out too many notifications risk alienating or annoying consumers.
About 40 percent of Americans have had a transaction blocked or questioned by a credit card company, according to a CreditCards.com 2015 survey. More than half of the respondents said most or all the alerts were false alarms. Still, more than a quarter said that the fraud alert systems had alerted them to a fraudulent purchase.
“Banks have to find the right balance between convenience and security,” Nelson says. “They can’t expect you to text back every time you use your card, or you’re going to get annoyed with them.”
It’s typically free to enroll in your credit card’s alerts program. Sign up online or via your credit card’s app or by calling your issuer’s customer service center. You also have to adjust the settings on your phone to allow push notifications from the app.
“Our goal would be to get every consumer to enroll in this type of service, because it’s one of the easiest, fastest ways to identify fraudulent use of your card,” Nelson says.
If you opt in to text alerts, you’ll owe standard text messaging charges for those notifications. Compared to the hassle of dealing with fraud, however, that’s a pretty small price to pay.
See related: How to detect card fraud, identity theft, Startups use tech to put cardholders in charge of security