Saturday, April 26, 2003

Busted: A friend of mine recently had some trouble with a charge card getting rejected for no apparent reason. Coincidentally, I stumbled across an article in the 4/24 Wall Street Journal about just such a phenomenon, and why it seems to be happening more often. The WSJ story is subscriber only (I think), but I'll quote liberally.

When Robert Selander, the chief executive officer of MasterCard International, went out for a round of errands earlier this year, he decided to shop with a credit card that he hadn't used in a while.

That turned out to be a bad idea. By the time he reached the supermarket, a fraud alert was out on his card. The upshot: He got rejected at the checkout counter -- and came home to a message on his answering machine from the bank that issued the card.

These days, no one is immune from the campaign to stamp out credit-card fraud, not even CEOs of credit-card associations. Banks and retailers have an army of computers sniffing out unusual spending patterns, and every year they freeze spending on thousands of credit cards with little or no warning.

How bad is it? Well...

Internally, card issuers refer to this as the "insult rate." Some card issuers deny more than 100 legitimate charges for every fraudulent one they prohibit. Even the best operators turn down 10 legitimate purchases for every crooked one.

That's an insult rate worthy of Don Rickles. I suspect that hurts card companies more than they realize. I've never had a charge rejected, but if I did, I wouldn't bother calling them on the spot, I'd just whip out a different card, meaning a lost commission for the rejecting card company. A good reason to have more than one card. Most of us know that card companies will flag purchases that don't match a cardholder's normal patterns, but what does that mean?

The card companies raise the red fraud flag for any one of dozens of reasons. They're constantly looking for spending that doesn't fit normal cardholder patterns, or those of the retailers where people might be shopping. Most Americans don't buy computers in Paris, for instance, but a thief who stole their card might. Card companies are skeptical of purchases in foreign lands with high rates of fraud, including Russia, most of Eastern Europe and South Africa.

The alarm can also sound when it appears as if you've traveled faster than humanly possible. Two months ago, Jeff Foster, an executive vice president at Retail Decisions, a company based outside London that helps banks prevent card fraud, used his debit card right before he got on a flight in Boston and tapped it again as soon as he got off the plane in San Francisco. His bank, worried that two different people were using the card, cut him off.

One reason for the crackdown: the huge increase in Internet sales, which means there are many more transactions where the cardholder isn't present. That made it easier for crooks to assume someone else's identity, which forced credit-card issuers to take countermeasures that snared honest spenders too.

At the same time, the number of cards outstanding -- and the number of ways to use them -- has exploded in recent years. Many cardholders lard up their monthly bills with every possible charge in a quest for frequent-flier miles. Others now whip out their debit cards instead of writing checks. This means that ever-more transactions are pouring through the card networks.


When Mr. Selander, the MasterCard CEO, temporarily lost his charging privileges on his seldom-used card, his bank may have thought a thief had stolen his card and then put it on "ice." In that situation, crooks find a lost card but then wait several months before using it. By putting it away for a while, they're hoping the original owner has failed to report it and it will remain active.

Some of that makes sense, some doesn't. Not being able to verify Internet sales is meaningless. Half the time I'm not even asked to sign my card slip anymore, never mind have the signature checked or present ID. And where is the identity verification on a Mobil SpeedPass? (Not a surprising policy, though - there're a lot of misguided Internet security concerns.)

I happen to be one of those people who puts as much as possible on the credit card for the sake of airline miles or hotel points. That's why some of this seems so weird to me. I have never had a credit card purchase rejected despite the fact that I have three cards that I rotate through. That means, for instance, that one day I'll be charging frozen dinners at Meijer's on a certain card, then it won't see use again for a couple of weeks when, say, I suddenly use it to buy an fine glass of Bordeaux in Bermuda.

I suppose it would be defeating the purpose to explain the rejection rationale in detail - that would make it easy for the bad guys to circumvent - but it's instructive to note that I must have some of the most erratic purchase patterns imaginable and I have never been rejected, where as my friend, who has pretty consistent buying patterns, got an erroneous smackdown. It makes sense, I suppose. It just means the credit card companies have given up trying to figure me out, they're just letting everything go.

So if you want to avoid rejection at all costs, make a point of consistently making credit card purchases in a haphazard and irresponsible fashion. There's a moral in that somewhere, but I can't figure out what it is.