Visa Expands Fraud Recovery for Card Issuers

Account Data Compromise Process to Include Plus and Interlink.

Visa announced today an important expansion of its fraud recovery process to include Plus and Interlink ATM network transactions to better help financial institutions recoup counterfeit fraud losses. The extension becomes effective November 1, 2008.

“Visa works to help financial institutions prevent fraud. But when a data compromise does occur, our process helps them recover by reducing some of their costs quickly and efficiently,” said Michael E. Smith, head of Payment System Risk, Visa, Inc.

Visa launched a streamlined recovery program in October 2006 called Account Data Compromise Recovery (ADCR) which improved operational efficiencies and reduced costs associated with assigning liability and collecting reimbursement for counterfeit fraud losses and operating expenses incurred as a result of magnetic stripe storage compromise events. Under the enhanced ADCR process, compensation to Visa card issuers is automatically calculated and reimbursed based on the counterfeit fraud the financial institution reports to Visa.

Recently enhanced Plus and Interlink fraud reporting capabilities will allow Visa to extend the ADCR process to PIN-based transactions. Currently the ADCR process only applies to Visa signature-authenticated transactions.

Financial institutions can benefit from improved back-office efficiencies, which include an automation of the process. Visa card issuers can realize lower administrative costs and will be eligible for partial recovery of operational costs and incremental fraud losses. Acquirer liability for compromises associated with Payment Card Industry (PCI) Data Security Standard (DSS) or PCI PIN security violations will be defined through the ADCR program, which has a fixed 13-month window of exposure, allowing for improved liability forecasting.

Smith noted, “Expanding this process to include Plus and Interlink represents a significant improvement over the current recovery process for financial institutions for PIN-based transactions, which may require multiple recovery scenarios for a single compromise event if the event involves Visa-branded and Plus- or Interlink-acquired transactions.”

To be eligible for operating expense reimbursement, issuers must enroll in the ADCR Operating Expense Recovery program and be registered to receive CAMS alerts. CAMS is the reporting system used by Visa to alert issuers of their account numbers that have been potentially compromised. Once enrolled in ADCR, issuers may receive operating expense reimbursement only for qualifying CAMS alerts that occur after their enrollment date.

“Visa is the only payment company to provide this level of efficiency and cost-savings on fraud recovery involving either signature or PIN-based transactions,” said Smith.