Page 35 - gs231002
P. 35
Education
nity and investors why it was selling, the bank released Ironically, this was the same day
information about the adult content merchants we were Saddam Hussein's sons were killed in a
processing for to illustrate the risk. A couple of days after
the sale, our local paper depicted my image with the head- military operation, yet their deaths and
line, "Ex-Humboldt Bank Division Processed Porn Charg- story were secondary to Humboldt Bank's
es." Ironically, this was the same day Saddam Hussein's acquiring operations processing porn.
sons were killed in a military operation, yet their deaths
and story were secondary to Humboldt Bank's acquiring
operations processing porn.
These non-interchange pass through fees (NIPTF) have ef-
After early data breaches, PCI fectively doubled the card network costs for the average
We exceeded $5 billion in our last year of processing with merchant, and Visa and Mastercard shareholders have
Humboldt Bank. This was during a time when hackers be- benefitted handsomely. Network fees now comprise in the
range of 18 to 20+ basis points of U.S. merchant acceptance
gan exploiting security lapses. One of our sponsored ISOs
was breached. While we reported this to the card net- fees, leaving aside the cross-border fees on international
card sales.
works, there were no rules or fine schedule as the Payment
Card Industry Data Security Standard (PCI DSS) had not Stay tuned for the next installment, which will appear in a
been codified. That event and others motivated the card
networks to jointly establish the PCI Security Standards forthcoming issue of The Green Sheet.
Council, www.pcisecuritystandards.org. As founder of Humboldt Merchant Services, co-founder of Eureka
Payments, and a former executive for such payments innovators as
Years later, the processor CardSystems Solutions was WePay, a division of JPMorgan Chase, Ken Musante has experience in
breached and unencrypted magnetic stripe data was all aspects of successful ISO building. He currently provides consulting
stolen for 40+ million cardholders (see www.finextra.com/ services and expert witness testimony as founder of Napa Payments
newsarticle/13839/cardsystems-security-breach-exposed- and Consulting, www.napapaymentsandconsulting.com. Contact him
40-million-card-accounts---mastercard). By this time, the at kenm@napapaymentsandconsulting.com 707-601-7656 or www.
card networks had rules for managing data and penalties linkedin.com/in/ken-musante-us.
for not doing so. This led to enormous fees and fines that
forced the sale of the processor and forever changed the
way companies think about data security risks.
Within the First National Bank of Arizona/Nevada family,
Humboldt Merchant Services operated as a stand-alone
company. We had the unique position of being a bank-
owned ISO, which allowed us the benefits of being an ISO
(sales focused, nimble, automated) yet have the ability to
independently adjudicate merchant files.
Shareholders gain, merchants pay
We had a good five-year run and benefitted from the full-
throated support of our bank owners. During this time,
both Visa and Mastercard migrated from being Associa-
tions to become publicly traded companies. Their mem-
bers were skittish about the potential liability from pend-
ing class action lawsuits (see www.nytimes.com/2006/10/12/
business/12visa.html#:~:text=Wasserstrom%2C%20an%20
analyst%20with%20UBS,much%20it%20intended%20to%20
raise).
Both companies were underpricing their services, relative
to what the market would bear and that was soon tested.
In the early 2000s, Visa and Mastercard's primary acquir-
ing income was from assessments. At that time, in the U.S.
region, assessments were nine basis points of volume.
After going public, the card companies increased assess-
ments, instituted cross-border fees, authorization fees
(APF and NABU), monthly fees and others known as "be-
cause they can charge fees."
35
5/7/2021 1:10:32 PM
GS210501-BRC.indd 3
GS210501-BRC.indd 3 5/7/2021 1:10:32 PM
