Retail Payments Risk Forum
Take On Payments, a blog sponsored by the Retail Payments Risk Forum of the Federal Reserve Bank of Atlanta, is intended to foster dialogue on emerging risks in retail payment systems and enhance collaborative efforts to improve risk detection and mitigation. We encourage your active participation in Take on Payments and look forward to collaborating with you.
Federal Reserve Web Sites
Other Bank Regulatory Sites
Take On Payments
February 27, 2017
Wouldn't It Be Nice to Tap and Pay?
In the mid-2000s, after setting up a new checking account following a move, I received a debit card that, in addition to the magnetic stripe, had contactless functionality. I remember thinking how "cool" this feature would be, not having to swipe the magnetic stripe but simply tapping the card on the point-of-sale (POS) terminal. However, I quickly became disappointed, as I couldn't use the tap functionality in most places that I shopped. In the few places that did allow for taps, I don't recall the tap ever working properly. After a few months, I never attempted to tap it again and reverted to the traditional swipe.
Fast forward to 2017, and contactless card usage is surging in the United Kingdom, Australia, and Canada while remaining all but nonexistent in the United States. In November 2016, contactless cards accounted for nearly 25 percent of all card payments in the United Kingdom, up from 11 percent since November 2015. In Australia, Visa reported that 75 percent of face-to-face transactions over their network happen via their contactless solution. And in Canada, 99 percent of Mastercard's consumer credit cards are contactless-enabled. A 2016 report found that Canadian consumers were frustrated by merchants that didn't accept contactless payments. All of these countries have also gone through a migration of their payments cards to EMV chip cards. Did the United States miss a great opportunity when chip cards replaced the magnetic-stripe-only payment cards?
Interestingly, in these markets where contactless card adoption rates are surging, contactless cards are leading the contactless payment push ahead of mobile payments. In the United States, we are heading in the opposite direction, with mobile contactless attempting, and struggling, to get traction. No doubt, mobile is the more challenging environment, with a variety of form factors (iPhone, GalaxyS7, Pixel, and more), different ways that the form factor can interact with the POS terminal (such as near-field communication, magnetic source transmission, and barcode), and a variety of different wallets compatible with the different form factors. With a contactless card, you get one form factor—a card—and one method of contactless interaction. (Multiple-interface cards can still be swiped or dipped at the POS.)
I am convinced that the investments made in mobile contactless to this point are one of several factors holding up this country's transition to a contactless card environment. Consumers are confused by the experience and merchants and issuers are struggling with the wide range of options to consider, such as which wallets to enable and which technologies to support. Contactless cards have the ability to create a ubiquitous experience for both consumers and merchants. And this writer believes that a payment experience can't get any easier than a tap of the card.
It's hard for me to believe that it has been 20 years since I received my keychain Speedpass fob. I have positive memories of the simple and seamless transactions that I experienced when purchasing gas by touching the contactless fob to the gas pump reader. Unfortunately, I moved to a location with very few stations that accepted my fob. I always wished that I could have a similar experience for other purchases. Contactless cards allow for that and in a much easier and simpler fashion than my mobile phone allows. So can we get on with contactless cards? I am ready to tap and pay everywhere. Are you?
By Douglas A. King, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
February 21, 2017
The Social Benefits of Biometrics
Based on my experience, most discussions about the authentication of individuals using a biometric modality (such as fingerprints, or voice or facial recognition) often just focus on key issues such as reliability, security, ease of use, cost, and privacy concerns. Certainly these are important issues, but one that is often omitted in the conversation is the use of a biometrics system for health and safety purposes.
My wife and I were recently blessed with the birth of our fifth grandchild, a beautiful baby girl. During the hospital visit, the risk management side of me evaluated the security aspects of the facility. What methods prevent the accidental swapping of babies or the theft of a newborn? While the frequency of such incidents in developed countries is very low, it is a more challenging issue in developing countries where medical recordkeeping is often minimal and limited to paper documents.
Talking to the hospital staff, I found out they have a number of safeguards in place to ensure the right baby is with the right mother:
- Wristbands with barcodes that have to be scanned each time the nurse visits their room
- An embedded RFID transmitter in a cut-resistant bracelet on the baby's leg that allows staff to see on a locational display where the baby is at any time and to sound an alarm if the infant is taken outside the protective area
These systems link the baby to the mother, but what actually documents the identity of the baby? The paper card with the baby's left and right footprints and the mother's right thumbprint has been used for decades, but is that sufficient for the future?
This issue of infant authentication reminded me of a presentation I recently attended given by noted educator and biometrics researcher Professor Anil Jain at Michigan State University. Jain and his team worked under a grant from the Bill and Melinda Gates Foundation to develop a reliable, low-cost authentication process for young children. The primary purpose was to enable the tracking of children's vaccination schedules to ensure that the right child receives the full regimen of immunizations. One of the critical issues Jain and his team faced is the difficulty in obtaining usable fingerprints from newborns—the skin on their fingertips is pliable, which results in poor contrast between the pattern of their ridges and valleys.
The goal of the research program was to determine the earliest possible age at which reliable fingerprints could be obtained using current technology. Using a high-resolution optical reader providing a fast capture rate (infants don't like to be still for very long), the research team found that fingerprint enrollment for children older than six months provides acceptance rates of 99 percent. This method can potentially serve as a reliable authentication method for the remainder of their life. Coupled with the creation of an electronic health registry, the health care worker needs only to scan a child's finger to bring up immunization records and determine any future vaccinations required. You can find a short presentation of Jain's work here.
While the public is likely to continue to question the overall benefits of biometrics, Jain's work shows an additional use for biometrics technology. Where else might biometric programs be applied?
By David Lott, a payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
February 13, 2017
The Five-Star That Flops
For the most rabid college football fans, a major day just occurred—National Signing Day, the day when high school seniors sign scholarship papers to attend their colleges of choice. Not only have these seniors been evaluated by coaches, but also entire websites are devoted to their evaluation and ranking using a star-based system, with a five-star player being a top-rated, can't-miss player. Traditionally, much fanfare accompanies these players, and media and fans shower them with attention. Many times, these five-star players go on to accomplish great things at their respective schools, but sometimes they are "busts," failing to live up to lofty expectations and making minimal or no impact for their team. Unfortunately, my college team has had its fair share of five-star busts. Because of being let down, I no longer get caught up in recruiting rankings and I don't fret about the big recruit that got away. And in 2017, this is my new attitude when it comes to mobile payments at the point of sale, or POS.
I've been in the payments industry for a decade, and for over half of that time, I've been hearing and reading how mobile payments are going to change the POS experience. I've heard major announcements about new mobile payment wallets, from Apple Pay to Samsung Pay, and platforms, such as LevelUp, time and time again. I have overheard conversations with contemporaries and colleagues about the latest and greatest mobile solution that will forever change my experience at the POS.
But in 2017, I am not hearing any of this anymore because I am tuning it out. Oh, I am sure that I could attend a conference this year and within the first hour, someone would state that 2017 is the year of mobile payments. But after hearing about the next great mobile wallet or that this wallet will finally bring mobile payments to scale repeatedly, year after year (you get my tone by now), I am no longer getting caught up in the hype around using my phone instead of a card at the POS.
However, I will continue to get excited about mobile commerce opportunities. With more and more people shopping on their mobile phones and tablets, apps and in-browser platforms are making that experience so much better. When picking up a coffee on my way to the office or grabbing a chicken sandwich for lunch after ordering ahead on my mobile phone, I always wonder to myself, why are all those people standing in line? (I am a bit worried, and apparently rightfully so, that as more people use order-ahead features, that pick-up line might grow to be worse than the traditional ordering line.) During the Christmas season, I purchased many gifts on my mobile phone, and that experience was almost always simple and seamless—unlike in years past, when it was a bit cumbersome.
Using my phone to order ahead or shop online has truly simplified my life, unlike using my phone as a replacement to a card at the POS. With so much hype around mobile at the POS, I believe that many people only relate mobile payments to this use case, but it is so much broader. And I believe the mobile commerce piece is akin to the unheralded two-star recruit who goes on to lead his team to the national championship. What do you think 2017 entails for mobile and its place in payments and commerce?
By Douglas A. King, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
February 6, 2017
ACH: No Trace Left Behind
In my payments research role, I believe that one problem with ACH is the lack of any definitive method for identifying a payment and any associated return, dishonored return, or contested-dishonored return using only the existing 15-digit trace number. Ideally, the trace number alone should facilitate the correct retrieval of payment or return details even if other payments contain duplicate payment details, such as for recurring payments.
This PDF file contains an image that outlines the complex web of relationships that can be used to trace back returns to the original payment. Without the benefit of a unique trace number, the identification of the original payment could involve using common data elements to minimize misidentifying the payment.
A unique trace number would offer the following advantages:
- Unambiguously identify a specific payment
- Facilitate tracking features similar to what is available from package delivery services such as transmittal, settlement and receipt date/time, and similar tracking of any associated return(s)
- Enhance risk-monitoring capability
- Simplify reconciliation and auditing
- Flag or prevent a return from settling before its associated forward payment
- Identify "orphan" returns sent across the public network when the original payment was sent privately between financial institutions (FI)
- Link together forward and return payments for certain international payment applications that are not possible today
Under NACHA rules, the FI originating the payment assigns a unique 15-digit trace number; the trace number's uniqueness is necessary to differentiate each payment in the batch. Uniqueness is not mandated across payments in other batches in the same payments file. Consequently, a trace number could be repeated in multiple payment files on the same day or across many days—and, even more troublesome, within the same payments file. NACHA strives for uniqueness by mating the trace number with an associated batch number, transmission (file creation) date, and a file ID modifier. Unfortunately, any return of a payment only passes along the original trace number without the benefit of the mated data.
A possible solution that could overcome the current limitations of the trace number would be a one-time-use, ACH-operator-assigned, 15-character alphanumeric trace number. When the originating network operator receives a file, the operator would replace the FI trace number with a unique trace number that he or she would forward to the receiving FI. Any return sent back to the originating FI would have the unique operator trace number converted back to the original FI trace number. For convenience, a cross-reference file associating operator trace numbers with FI trace numbers could help facilitate non-network communication between originating and receiving banks.
Operators could guarantee uniqueness by allowing an operator trace number to contain digits and upper and lowercase letters. Expanding to a 62-character set results in over 3.5 trillion distinct values using the last seven characters of the trace number (the first eight characters are the originating FI's routing and transit number). Further requiring at least one non-numeric character allows differentiation with FI numeric-only trace numbers.
What are your views on the benefits and disadvantages of non-repeatable trace numbers?
By Steven Cordray, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
January 30, 2017
Pssst…Have You Heard about PSD2?
No, I'm not talking about the latest next-generation video gaming console. I am referring to the revised Directive on Payment Services (PSD2) that the European Parliament adopted in October 2015 and that will serve as the legal foundation for a single market for European Union (EU) payments. The original PSD was adopted in 2007 but, according to official statements, the Parliament found that an update was necessary to incorporate new types of payment services, improve consumer protection, strengthen payment transaction security, and increase competitiveness with an expected result of lower consumer fees in the payments processing market. PSD2 applies only to digital payments and must be in force in all EU countries by January 13, 2018.
The directive and subsequent implementation rules that the European Banking Authority* is developing make a number of major changes in the European banking landscape, including:
- Opens up the regulated financial services system to merchants and processors who might initiate payments on their consumer customer's behalf as well as data aggregator firms. In particular, PSD2 will apply to any financial institutions already operating within the scope of the PSD but will also apply to third parties such as operators of e-commerce marketplaces, gift card and loyalty plans, bill payment service providers, public communication networks, account access services, mobile wallets, and those who receive payment by direct debit.
- Requires financial institutions, upon the request of their customers, to allow these approved nonbank, third parties significant, but not unlimited, access to the customer's account and transaction data through APIs (application program interfaces). Many financial institutions see having to turn over customer data to potential competitors as a significant threat to the retention of their customer's business as well as concerns with data security.
- Sets out two-factor customer authentication as an absolute minimum, with additional security such as one-time passwords required for higher-value transactions. The card issuer must actively authenticate all transactions above 10 euros. Critics of these provisions point out that the criminals will have fixed transaction amounts and authentication methodology information to modify their attacks.
- Supplementing card interchange limits imposed in December 2015, prevents merchants from adding surcharges to payment card transactions. Under the original directive, each country established rules regarding surcharging on card payments. It has been a common practice of European merchants to levy a surcharge on payment card transactions to offset the interchange fee paid to issuers.
While such a comprehensive single package of regulations is unlikely to occur in the United States, various flavors of these items have been and continue to be discussed. Do you favor such types of regulation here in the United States? I suspect the answer depends on your role in the payments ecosystem. I am interested in hearing from you.
By David Lott, a payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
* Final rules are expected to be published in January 2017.
January 23, 2017
Mobile Banking and Payments Survey Results
In the fall of 2016, the Atlanta Fed and six other Federal Reserve Banks asked financial institutions (FI) in their districts to participate in a survey to determine the level and type of mobile financial services they were currently offering or planning to offer. The Atlanta Fed conducted a similar survey in the district in 2014.
Financial institutions completed 117 surveys; they represent FIs of all sizes and types operating in the district (see chart below). The response rate of 8 percent should provide financial institutions with good directional information when comparing their own mobile banking and payments strategy. You can find the full report here. The Federal Reserve Bank of Boston will be preparing a consolidated report for all seven districts later this year.
Key learnings from the responses to this survey include:
- Mobile banking has become a standard service of financial institutions, with 98 percent indicating they currently or plan to offer mobile banking.
- Competitive pressure and the retention of existing customers are the primary reasons for offering mobile banking.
- Consistent with the 2014 survey and numerous other mobile research reports, FIs cite security concerns by consumers as the greatest barrier to mobile banking adoption.
- FIs identify biometric methodologies as the security tool most likely to be used in their program.
- Over half (59 percent) currently or plan to support at least one mobile wallet. Their primary reason for offering the service was competitive pressure as mobile payments appear to be gaining traction among some consumers.
- Most of the survey respondents have a long-term outlook (three years or more) for mobile payments to reach a customer participation level of 50 percent.
Supplemental results breaking the data into the six asset-size segments will be made available in early February. If you have any questions about the survey results, please let us know.
By David Lott, a payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
January 17, 2017
Payments people start biting their nails when they hear "share more with more." They have been conditioned to keep payments information from ever being shared. But that is in the context of protecting legitimate payments system users from losing money while a fraudulent party benefits. At 7,000 members, the Financial Services Information Sharing and Analysis Center (FS-ISAC) is currently the largest financial services trade association in the world. I attended their Fall Summit last October, a month fittingly designated National Cybersecurity Awareness Month, and heard plenty about sharing. The mission of FS-ISAC is always strength in sharing; this year's summit focused on expanding the trust.
Payments people are used to looking for fraud by way of chargebacks and returns, one payment-channel silo at a time. Shhh. Don't let ACH people share information with wire people, and vice versa—the risk department will let us know if there is an issue. Of course, payments fraud is an ever-increasing battle, and we must remain vigilant. However, who is prepared to recognize payment events that from a bird's-eye view may look legitimate but, when analyzed, point to a threat of mass destruction?
Recent distributed denial-of-service (DDoSs) attacks highlight the scale of network bandwidth that can be unleashed on connected systems. Payments are just that, a network of systems that connect every aspect of our economy. There are countless examples of services or goods not being rendered when payments aren't received. Liquidity failures do tend to cause a state of panic. Even attacking one specific sector such as payroll processing on the first of the month could lead to disaster. As my colleague pointed out in a July 2016 blog, cash is alive and well, but payments systems today rely totally on telecommunications, which rely on our power grid.
Admiral James Stavridis, the keynote speaker at the FS-ISAC Summit, echoed the importance of expanding trust, along with the need to increase the resiliency of the nation in the event of a cyber-incident. Stavridis provided many encouraging solutions, one being that it is time for a cyber-force branch of the military. The United States Air Force was formed as a separate branch of the military in September 1947 under the National Security Act of 1947 as aerial warfare advanced. Stavridis proposed that now is the time for us to consider that cyber-incidents could be used as weapons of mass destruction. He applauded the current combat against cybercrime, yet encouraged new thought on what could be in store and how quickly it could arrive.
How do payments people continue down the path of protecting individual players while simultaneously protecting the nation from a crippling cyber-incident? It could be just a matter of whom you invite to the table. As I saw with attendance at the FS-ISAC Summit, the cybersecurity conversation needs to include diverse skill sets. There has been a trend in moving information security departments away from their information technology partners and under the risk and compliance umbrella so they can remain unbiased when scrutinizing payment transaction red flags and other systems. Additionally, legal barriers are being reevaluated to ensure that law enforcement can access information, most notably by FinCEN expanding Suspicious Activity Report requirements to include cyber events.
And, more deeply about whom we are trusting at the table, are we actually expanding the information shared? Could we make correlations by looking at payment volumes together with cyber activity and reports of fraud?
There is a growing sense that payment security equates to cybersecurity and national security. With Stavridis and others promoting the movement for "expanding the trust," new ideas continue to emerge. Hopefully, the technologies and strategies that are made to wow us (for example, the internet-of-things, machine learning, and the distributed ledger) can also serve to unite and protect us.
By Jessica Washington, AAP, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
January 9, 2017
The Year in Review
As we move into 2017, the Take on Payments team would like to share its perspectives of major payment-related events and issues that took place in the United States in 2016, in no particular order of importance.
Cybersecurity Moves to Forefront—While cyber protection is certainly not new, the increased frequency and sophistication of cyber threats in 2016 accelerated the need for financial services enterprises, businesses, and governmental agencies to step up their external and internal defenses with more staff and better protection and detection tools. The federal government released a Cybersecurity National Action Plan and established the Federal Chief Information Security Office position to oversee governmental agencies' management of cybersecurity and protection of critical infrastructure.
Same-Day ACH—Last September, NACHA's three-phase rules change took effect, mandating initially a credit-only same-day ACH service. It is uncertain this early whether NACHA will meet its expectations of same-day ACH garnering 1 percent of total ACH payment volume by October 2017. Anecdotally, we are hearing that some payments processors have been slow in supporting the service. Further clarity on the significance of same-day service will become evident with the addition of debit items in phase two, which takes effect this September.
Faster Payments—Maybe we're the only ones who see it this way, but in this country, "faster payments" looks like the Wild West—at least if you remember to say, "Howdy, pardner!" Word counts won't let us name or fully describe all of the various wagon trains racing for a faster payments land grab, but it seemed to start in October 2015 when The Clearing House announced it was teaming with FIS to deliver a real-time payment system for the United States. By March 2016, Jack Henry and Associates Inc. had joined the effort. Meanwhile, Early Warning completed its acquisition of clearXchange and announced a real-time offering in February. By August, this solution had been added to Fiserv's offerings. With Mastercard and Visa hovering around their own solutions and also attaching to any number of others, it seems like everybody is trying to make sure they don't get left behind.
Prepaid Card Account Rules—When it comes to compliance, "prepaid card" is now a misnomer based on the release of the Consumer Financial Protection Bureau's 2016 final ruling. The rule is access-device-agnostic, so the same requirements are applied to stored funds on a card, fob, or mobile phone app, to name a few. Prepaid accounts that are transactional and ready to use at a variety of merchants or ATMS, or for person-to-person, are now covered by Reg. E-Lite, and possibly Reg. Z, when overdraft or credit features apply. In industry speak, the rule applies to payroll cards, government benefit cards, PayPal-like accounts, and general-purpose reloadable cards—but not to gift cards, health or flexible savings accounts, corporate reimbursement cards, or disaster-relief-type accounts, for example.
Mobile Payments Move at Evolutionary, Not Revolutionary, Pace—While the Apple, Google, and Samsung Pay wallets continued to move forward with increasing financial institution and merchant participation, consumer usage remained anemic. With the retailer consortium wallet venture MCX going into hibernation, a number of major retailers announced or introduced closed-loop mobile wallet programs hoping to emulate the success of retailers such as Starbucks and Dunkin' Brands. The magic formula of payments, loyalty, and couponing interwoven into a single application remains elusive.
EMV Migration—The migration to chip cards and terminals in the United States continued with chip cards now representing approximately 70 percent of credit/debit cards in the United States. Merchant adoption of chip-enabled terminals stands just below 40 percent of the market. The ATM liability shift for Mastercard payment cards took effect October 21, with only an estimated 30 percent of non-FI-owned ATMs being EMV operational. Recognizing some of the unique challenges to the gasoline retailers, the brands pushed back the liability shift timetable for automated fuel dispensers three years, to October 2020. Chip card migration has clearly reduced counterfeit card fraud, but card-not-present (CNP) fraud has ballooned. Data for 2015 from the 2016 Federal Reserve Payments Study show card fraud by channel in the United States at 54 percent for in person and 46 percent for remote (or CNP). This is in contrast to comparable fraud data in other countries further along in EMV implementation, where remote fraud accounts for the majority of card fraud.
Distributed Ledger—Although venture capital funding in blockchain and distributed ledger startups significantly decreased in 2016 from 2015, interest remains high. Rather than investing in startups, financial institutions and established technology companies, such as IBM, shifted their funding focus to developing internal solutions and their technology focus from consumer-facing use cases such as Bitcoin to back-end clearing and settlement solutions and the execution of smart contracts.
Same Song, Same Verse—Some things just don't seem to change from year to year. Notifications of data breaches of financial institutions, businesses, and governmental agencies appear to have been as numerous as in previous years. The Fed's Consumer Payment Choices study continued to show that cash remains the most frequent payment method, especially for transactions under 10 dollars.
All of us at the Retail Payments Risk Forum wish all our Take On Payments readers a prosperous 2017.
January 9, 2017 in ACH , ATM fraud , cards , chip-and-pin , cybercrime , debit cards , emerging payments , EMV , fraud , mobile banking , mobile payments , P2P , prepaid , regulations | Permalink | Comments ( 0)
December 22, 2016
Why U.S. Card Fraud Is Now Present and Accounted For
Last year, I wrote a post called "Why Is the U.S. Card-Present Fraud Breakout Not Present?" in which I discussed the lack of publicly available information on the distribution of U.S. card fraud by type. I'm happy to report that more detailed data on card fraud in the United States is now present and accounted for in the Initial Data Release (IDR) of the 2016 Federal Reserve Payments Study.
As is common in other countries, card fraud can be categorized as follows across person-present and remote payment channels:
- Counterfeit card: Fraud is perpetrated using an altered or cloned card.
- Lost or stolen card: Fraud is undertaken using a lost or stolen card.
- Card issued but not received: A newly issued card in transit to a card holder is intercepted and used to commit fraud.
- Fraudulent application: A new card is issued based on a fake identity or on someone else's identity.
- Other: "Other" fraud includes account takeover and other types of fraud not covered above.
- Fraudulent use of account number: Fraud is perpetrated without using a physical card.
An extract from the fraud section of the IDR shows breakouts for card fraud by type across five countries.
As reflected in the numbers, the United States continues to be by roughly an order of magnitude a continuing and persistent target for card counterfeiters using stolen card data compared to other countries that have adopted much earlier counterfeiting controls using EMV (chip) cards. Use of chips makes in-person card fraud more difficult, because of built-in technology to thwart the creation of counterfeit chip cards. As adoption of chips for cards and terminals improves in the United States, fraud using stolen card data is likely to shift from person-present to remote channels as has already occurred in other developed countries. My colleague, Doug King, discusses these issues in detail in an interview conducted last year.
Look for other Take On Payments posts that highlight additional key findings from the 2016 payments study.
By Steven Cordray, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
December 12, 2016
Making Sense of Dollars, Part II
The first of this two-part post took us back to the '60s and a BBC clip that assumed we'd be a cashless society by now, given it was the dawn of the digital age. A half-century later, we're hardly closer to being cashless, and those who predicted an end to cash have been replaced by those who argue that going cashless or to less cash is "for the best." This post recaps oft-cited reasons for abandoning cash, amending them with counterpoints. I trust market determinations more than I do the wisdom of the well-intended, and the free market seems to be in complete disagreement with those who assert we'd all be better off without cash.
- Cash is expensive as a cost of acceptance for merchants.
I've talked to many retailers—large and small—who prefer cash because they say it saves them money, especially when compared to credit cards. But what do they know? Many studies show that cash is neither universally nor unanimously the most expensive payment method. Indeed, there seems to be more evidence than not that cash is among the least expensive payment alternatives.
- Cash makes tax evasion pervasive.
First, tax evaders have options; cash is not their only tool. Second, tax evasion seems correlated to high taxes (see the National Bureau of Economic Research working papers 6903 and 8551; there are others). Reading further, I find tax evasion is less about opportunity (afforded by cash, for instance) and more about bad tax policy. A revolt was ignited and a great country was born amidst the perception that taxes were too high and unjust. Eliminating cash would not likely have stopped that rebellion, and it's unlikely to fix today's problem.
- Cash complicates monetary policy.
Cash can only complicate monetary policy when those making the policy want to use negative interest rates to achieve desired ends. To date, there is little to no evidence that this policy path is effective; certainly it's no panacea. That makes it premature if not fully misguided to decry cash. Even if the policy proves useful, eliminating bills may or may not make it more difficult for savers to hoard. I assert they'll find a way.
- Cash encourages crime because it's too effective (too liquid, too widely used, "too anonymous").
By that thinking, once cash is eliminated, we'll need to determine what to do about oxygen and water as there is overwhelming evidence that malefactors use these things to good effect as well. The point is, cash works well for the unjust but also for the just. It accounts for 40 percent of all transactions, as measured by the Boston Fed's survey of consumer payment choice. Here the anti-cash crowd backs off the cry of "cashless," running out a "less cash" compromise. Large notes, some say, are used far more often for illegal activities than not, and the proof seems to be TV shows, movies, and pop culture. Seriously. Don't we have to do better than that before dispensing with a primary bloodline for commerce? There is no denying that the untraceable nature of cash frustrates crime fighting; it also frustrates surveillance against the just. Those who value liberty are likely to continue to value the option to spend anonymously.
There is at least one official push to rid society of cash, and its sponsors include card networks, who would stand to benefit were cash to disappear. Anyway, legislating safety that overpromises and hides the harm it can do holds considerable risk.
By Julius Weyman, vice president, Retail Payments Risk Forum at the Atlanta Fed
- Don't Forget the Check
- Fraud Reduction at the IRS: Some Happy Returns
- Phone Scams and Phishing
- Asset Size Matters in Survey Responses
- Wouldn't It Be Nice to Tap and Pay?
- The Social Benefits of Biometrics
- The Five-Star That Flops
- ACH: No Trace Left Behind
- Pssst…Have You Heard about PSD2?
- Mobile Banking and Payments Survey Results
- March 2017
- February 2017
- January 2017
- December 2016
- November 2016
- October 2016
- September 2016
- August 2016
- July 2016
- June 2016
- account takeovers
- ATM fraud
- bank supervision
- banks and banking
- card networks
- check fraud
- consumer fraud
- consumer protection
- cross-border wires
- data security
- debit cards
- emerging payments
- financial services
- identity theft
- law enforcement
- mobile banking
- mobile money transfer
- mobile network operator (MNO)
- mobile payments
- money laundering
- money services business (MSB)
- online banking fraud
- payments risk
- payments study
- payments systems
- phone fraud
- remotely created checks
- risk management
- Section 1073
- social networks
- third-party service provider
- trusted service manager
- Unfair and Deceptive Acts and Practices (UDAP)
- wire transfer fraud
- workplace fraud