No laws prohibit subscription-based businesses from guessing a customer’s card expiration date to auto-renew their payments, but the practice is iffy
The editorial content below is based solely on the objective assessment of our writers and is not driven by advertising dollars. However, we may receive compensation when you click on links to products from our partners. Learn more about our advertising policy.
The content on this page is accurate as of the posting date; however, some of the offers mentioned may have expired. Please see the bank’s website for the most current version of card offers; and please review our list of best credit cards, or use our CardMatch™ tool to find cards matched to your needs.
Dear Your Business Credit,
I work for a company that offers a monthly membership and charges members a monthly fee. Our members give us a credit card number to keep on file for the monthly charges.
Typically when a card declines or expires, we call the client and ask to update their credit card information. However, my manager recently told me to “just make up an expiration date” for expired cards and try to push the payment through. I told her I won’t do that because it sounds illegal, but she says it it’s more of a gray area.
Everyone else I’ve asked says that entering a made up expiration date won’t even work, but I’ve seen my manager do it, and most of the time it does work (she apparently knows what she’s doing, she just adds three years to the old expiration date). My question is: Is this legal, or is it fraud? — J.
Yikes! I’m not surprised this situation is giving you the willies.
Based on what I learned from two major credit card issuers, it appears that your manager is correct that guessing at credit card expiration dates is a gray area in the contracts between merchants and card issuers, but that doesn’t mean it is the ideal thing for the company to do, for a host of reasons.
To research the answer to your question, I did a spot check of credit card issuers to find out their policies. When I ran your question past a spokesman at American Express, he sent me an email that said, “There is nothing in our policy that prohibits a merchant from ‘guessing’ the expiration date of a newly issued card, though if they guess wrong the charge will obviously not go through.”
However, he said American Express has a more effective solution to update expiration dates called Card Refresher. In my previous column, “A business may spurn debit cards, but why?” I discussed two other similar services — Visa Account Updater and MasterCard Automatic Billing Updater — that also help merchants access customers’ credit card information to keep it current.
Capital One had a similar answer to American Express. “Capital One discourages merchants from guessing a customer’s credit card expiration date,” a spokeswoman wrote in an email. “Expiration dates are not consistent among issuers, nor even customers. Additionally, a merchant would not know whether a customer’s card has been reissued with a new number, such as due to theft or fraud.”
The updater services are not free, but neither is guessing. It can actually raise the company’s costs for merchant services. When I contacted Scott Tivey, president of CNP-Solutions, a consultancy in Weston, Connecticut, that helps merchants improve their credit card processing efforts, he said in an email that “with each guess, a merchant is charged for that authorization attempt. The more guessing, the more it costs to get that approval. If you have a low price point or slim margin of profit, each of those guesses deeply cuts into your margins.”
Perhaps it is more important for you to be concerned about whether your company is legally allowed to keep charging customers under their contracts. Generally speaking, “a merchant is not supposed to put through charges or make any changes to a credit card without the cardholder’s consent and the card issuer’s consent,” Robert Brennan, an attorney in La Crescenta, California, told me in an email. “I personally would not allow it.”
With more firms offering digital services that auto-renew, there has been an uptick in class-action suits in this area. A number of states — among them Illinois, Florida, Connecticut, Hawaii, Georgia, North Carolina, Louisiana, New York, Oregon, Rhode Island, South Carolina and Tennessee — now have laws governing disclosures by merchants in auto-renewal contracts. For instance, California passed one of the strictest ones, the California Automatic Renewal Law, which requires merchants to disclose the renewal terms and cancellation rights more boldly than the rest of the contract.
If your employer is not following the laws of your state — which your state attorney general’s office can supply — the company could run into trouble by failing to renew any agreements that have expired.
Updating consumers’ credit card information without letting them know could also lead to chargebacks, particularly if your firm has not drafted the contract properly. The Fair Credit Billing Act protects consumers from unauthorized charges on their credit cards. The Federal Deposit Insurance Corp. has published guidelines on how the law works.
The Federal Trade Commission, which handles complaints from consumers who think they’ve been scammed in auto-renewal contracts, has cracked down on companies that have used deceptive practices.
Card issuers are also getting interested in this issue, which may make it harder for merchants to get away with sneaky auto-renewals. Capital One launched new product last year called Second Look. The Capital One spokeswoman said the service helps customers identify unnoticed or potentially unwanted charges. “Alerts include duplicate charges, increases in recurring charges and auto-renewing subscriptions or memberships, similar to what your reader is writing about,” she wrote.
If more services like this spring up, companies may be less likely to do what your boss is doing. In the meantime, you’ve already had the courage to speak up to your boss, so hold your ground and don’t do anything you feel is unethical. If you must be involved in the auto-renewals, call the customers to get their permission to charge their new cards instead, as your boss used to do. That is the most upfront and honest way to do business.