Credit card giants plan online liability overhaul

Credit card giants, Visa and MasterCard, plan to relax the rules governing online liability - but not enough to ease mounting tension about the future of ecommerce, according to the banking industry.

MasterCard's ecommerce product manager, Brian Morris, told Silicon.com that the Visa and MasterCard's rules committee will meet this summer to move the broader European MasterCard and Visa (EMV) standard chip cards into their most secure ratings category. EMV chip cards are single function cards, which counter fraud, using cryptograms.

This category - which treats remote sales as though the credit card holder is present in person - is currently restricted to transactions based on the SET (secure electronic transaction) protocol which is much stricter but less used.

The move means that in "cardholder present" sales, Visa and MasterCard are liable to pay compensation to the consumer in the instance of fraud - a responsibility presently shouldered by the retailer.

But banks want more, stating that all digital signatures should qualify as "cardholder present" - to encourage retailers to sell their goods online.

Andrew Farrow, head of commercial development at NatWest's Magex division, told Silicon.com: "We're at a watershed in the cards industry. We want Visa and MasterCard to change their rules to allow for the remote seller."

Midland's ecommerce manager, David Guest, agreed: "We need simplicity. Certainly digital signatures will eventually become cardholder present but, frankly, it's a bit of a muddle at this stage. A multitude of ideas are being floated about what qualifies as cardholder present."

But it looks like only the SET-based digital certificates will win this privilege. Art Kranzley, joint head of SETCo, which manages SET on behalf of MasterCard and Visa, told Silicon.com that digital certificates based on SSL (secure sockets layer) technology lacked the necessary third-party authentication from a bank.