Prepaid cards make online
purchases easier and more secure. But, writes Jane Cooper, there is
a down side. The cards add an layer of anonymity that can enable
criminals, in particular those involved in child abuse, to transfer
funds more easily on the internet. We look at what the industry is
doing to tackle the problem.

 

Table showing methods of payments advertised by websites selling indecent images, 2009-2010The prepaid card
industry has been forced to defend its practices in the face of
accusations that some products are being used for online crime.
Child protection agencies are concerned that virtual prepaid
products, which can be exchanged for cash and allow consumers to
shop online with anonymity, are being used by paedophiles to
purchase and download images of child sexual abuse.

Industry players are grappling to
find a balance between providing a convenient product that enables
privacy and a system of checks that prevents abuse. The industry is
keen to prove it is capable of self-regulation before the heavy
hand of the government intervenes.

The issue has already become
political in Britain. Labour MP Geraint Davies has brought a bill
to Parliament, which is due for a second hearing in January 2011,
calling on the government to penalise any card company that
facilitates the sharing of indecent images.

Davies tells Cards
International
that he wants identity checks to be done on
anyone who buys virtual prepaid products.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

Under current European regulations,
the threshold for know-your-customer (KYC) checks is €150 ($202).
Consumers do not need to provide any personal information if the
product cannot be reloaded and the stored value is below this
limit.

This ease of use is the main
selling point of virtual products. They are targeted at consumers
who do not have a credit card or bank account, or for those who are
wary of sharing their financial details online. The anonymity is
highlighted in products’ marketing material.

pullquoteFor example, Neovia Financial’s Net+ Virtual Prepaid
MasterCard website carries the tag line, “Be the ninja! Net+ gives
you more than just prepaid cards – it lets you shop with
stealth!”

Simplicity and online security is
emphasised with the 3V Voucher, a disposable prepaid Visa number
that consumers can buy at retailers with cash. That Visa ‘virtual
card’ number is then used to shop online as if it is a regular
payment card and also carries an expiry date and card security
number.

Aside from the virtual cards that
are issued on the Visa and MasterCard networks, there are virtual
vouchers that have been designed more specifically as a form of
online cash. Ukash virtual vouchers can be bought with cash at
retailers that advertise the epay, PayPoint or PayZone signs.

The cash is exchanged for a unique
voucher code, which can be then spent at online merchants who have
signed up to the Ukash payment scheme.

Although the products are
anonymous, Ukash marketing director Paul Coxhill says: “We can
trace each voucher from point of issue to point of redemption as
they each have a completely unique 19-digit number that can only be
used once.

“We are sometimes asked to check
the provenance and origin of vouchers for various reasons and our
system allows us to do that extremely well.”

 

Know your
customer

The anonymity of the virtual
products is not an issue for Ixaris Systems, which operates the
EntroPay brand, as it does not let cash into its system.

pullquoteJohn Chaplin, president of Ixaris, explains that
customers first have to register for an EntroPay account and enter
their personal details, which are checked. The EntroPay Prepaid
Virtual Visa Card is then loaded from a bank account or an existing
payment card.

When asked whether another prepaid
card, which has been bought with cash, could be used to load the
EntroPay card, Chaplin responded that it is rare.

If someone does try to load an
EntroPay card with an off-the-shelf prepaid card, Chaplin says: “We
spot it immediately in our monitoring systems as suspicious and
take the appropriate action.

“Similarly, if we spot anyone
trying to use an EntroPay account to fund an anonymous prepaid
account, that would also be rated as suspicious and would be
blocked.”

Newcastle Building Society (NBS), a
major UK prepaid issuer that works with more than 20 programme
managers to provide virtual cards, also focuses on the registration
of consumers.

NBS head of cards Chris Reddish
says: “These cards are required to have a registration facility
including the customer’s details, which are electronically verified
before the customer can use the card.”

In terms of preventing these
virtual products being used to purchase indecent images, it is not
just the consumer – who is using the card to buy online – who needs
to be checked. It is also the online merchants, who could be
selling the images and accepting the payments.

The payment schemes, such as Ukash,
Visa and MasterCard, all have policies in place to police the
merchant base and prevent the sale of illegal materials.

Visa Europe says that since 2002 it
has been using ‘spider’ search technology to scan the internet to
find sites displaying the Visa logo and selling child abuse
imagery.

“Whenever we find a site offering
such material for sale via Visa cards, we alert out member banks
and law enforcement agencies,” the company said in a statement.

However, there are complications
with such an approach to preventing the sale of indecent
imagery.

The Child Exploitation and Online
Protection (CEOP) Centre points out that these rogue online
merchants frequently change the URL of their website, location and
host country.

“This would make it almost
impossible to block transactions on a particular site as they would
be difficult to trace and identify,” CEOP said in a statement.

“Commercial child abuse websites do
not have a commonality of merchant code in the same way that, for
example, gambling sites do.

“Therefore, again it would be
impossible to group commercial child abuse websites together and
ban payments to these sites.”

 

Industry
engagement

Both Visa and MasterCard are
heavily involved in the work of CEOP and are cooperating in
tackling the distribution of child abuses images on the
internet.

CEOP established the European
Financial Coalition (EFC), which comprised law enforcement
agencies, industry players and non-governmental organisations to
find ways of preventing the sale of such material.

In September 2010, the EFC Payments
Industry Working Group – jointly chaired by Visa Europe and
MasterCard – commissioned a ‘problem profile’ on the use of prepaid
cards for purchasing online access to child abuse material.

A spokesperson for CEOP said: “It
is evident that Visa Europe and MasterCard recognise the threat
posed by prepaid cards.”

The EFC funding has now ended but
CEOP continues to work with the companies. Visa Europe, for
example, has funded the training of law enforcement organisations
in countries such as Romania, Bulgaria and Poland.

Another collaboration is the
Prepaid International Forum (PIF), a forum for industry players to
discuss such issues and establish best practice guidelines.

CEOP has raised the issue of child
abuse imagery with PIF, and hopes the trade body will provide a
means of developing joint measures with card issuers to prevent the
misuse of prepaid cards.

 

Age-restricted
goods

The issue of anonymity is not just
related to child abuse imagery, however, and PIF has also been
concerned with KYC checks to prevent the cards from being used by
underage children to purchase alcohol online, for example.

NBS’s Reddish says he has been
working with PIF to help establish a code of practice.

“By working together in this way,
industry leaders can be proactive in establishing guidance that
will help ensure the industry will remain regulated in the way it
needs to,” he says.

Reddish is also PIF’s chairman and
adds that the forum ran a workshop in November 2010 to identify the
scope and extent of the issue of prepaid cards being used in the
sale of age-restricted goods, and plans to engage with merchants,
issuers, processors and payment networks to consider how the
age-related sales process could work in practice.

Reddish adds: “This is an issue
that sits firmly on PIF’s agenda. From an issuer and processor
perspective, PIF understands that the issue is a very complex one
with no simple solution.

“Retailers also need reassurance
that investment in new systems to prevent the sale of
age-restricted goods to minors is worthwhile. We will be working
with industry stakeholders with the aim of identifying some
practical solutions.”

Back in the UK Parliament, Davies
is also concerned that the prepaid products can be used for
underage sales, but for now he is focused on the issue of
purchasing child abuse images.

In response to the measures that
Davies is proposing, a CEOP spokesperson says: “Imposing fines on
the credit card companies who facilitate payments for these sites
will not remove the market for the images – there will always be a
desire for them.”

The industry, says CEOP, already
has acceptable user policies that prevent their products being
misused in this way but it urges the industry to enforce them.

The industry has already
established best practice guidelines, which include due diligence
on the merchant base, monitoring and tracing transactions, as well
as developing an ongoing awareness of the vulnerabilities of
virtual prepaid products.

Industry executives acknowledge
that implementing the best practice guidelines does not mean that
the products will never be misused.

It will, however, help the industry prove that it is capable of
self-regulation and that government intervention on the issue is
unnecessary.

Picture of a credit card resting on a computer keyboard