• April 29, 2010

Visa Inc. is trying to protect consumer security in the payment system by prohibiting Web merchants from providing cardholder information to other companies without the consumer's knowledge or active consent.

The misleading practice, called "data pass," usually involves a consumer shopping at a familiar retailer. At checkout, the consumer receives an offer for a discount or reward and does not realize it is from a different merchant and comes with unexpected monthly membership fees or recurring charges. Such potentially deceptive marketing can result in high levels of consumer disputes and degrades the efficiency, reliability and security of the payment system. According to a 2009 U.S. Senate Commerce Committee staff report, 35 million consumers have paid $1.4 billion for "data pass" marketing offers.

Visa's rules already prohibit merchants from sharing a cardholder's account number and other Visa transaction information with any entity that is not directly involved in completing the transaction, preventing fraud, or as required by law. To address the data pass practice, merchants will now have to prompt consumers to re-enter their card information to accept a subsequent offer from a third-party merchant. This provides a clear signal to cardholders that a second purchase is being initiated and protects them from questionable marketing practices.--Tanya Irwin