By Ken Musante
Napa Payments and Consulting
Editor's Note: The first article in this series was published in The Green Sheet on Sept. 11, 2023, in issue 23:09:01, and covered major industry developments during Ken Musante's early days in the payments industry.
As our business grew, I made plans to start an ISO. My boss, Humboldt Bank's founding CEO, Ted Mason asked if I would build it within the bank. Jamie Savant and I knew each other through his work at CardService International, and he became my partner. Jamie recognized the promise the internet had for card processing and pushed us to invest in processes and technology to support internet merchants.
Almost all of the first internet merchants and related leads were a bust. We would get hundreds of accounts from individuals who were as familiar with the internet as I am with a sewing machine. They had no business contracting for a merchant account. Most never processed. Jamie persevered, however, and we continued to invest in the Internet channel.
We opened an account for a tiny internet company. Like many of our internet accounts, it did not process until one December it processed $50,000. The next month it processed $4 million. We traveled to the company's headquarters in Palo Alto, Calif., and saw a paper sign with the parent company's name taped to the window. It was a single letter, followed by .com.
In the center of the building was a courtyard. Seven staff members poured over a printed ledger which was the size of a travel suitcase. These were the ledger balances for each of their customers' individual "wallet" accounts. Of course, it was not called a wallet back then, and technically, this merchant was in violation of the card network rules, as they did not yet allow for payment facilitators (payfacs).
The merchant processed nearly $30 million the following month and left us for a big bank. It took companies like Square to effectively break the rules until Visa and Mastercard recognized the internet fundamentally changed the paradigm and established programs for payfacs (for more details on this, see www.greensheet.com/emagazine.php?article_id=7244).
In the late '90s, the only way to sell online was with a PC-based solution like ICverify. Then payment gateways emerged which, for the first time, allowed merchants to connect via https protocol and SSL encryption. We were among the first resellers of payment gateways. Cybercash was the most well-known gateway, but incredibly difficult to use. It raised a bunch of money before filing for bankruptcy. Others like Authorize.net, USAePay and eProcessing Network were nimbler and had owner operators in the trenches. They would survive, innovate and integrate.
When my boss retired, the new CEO had no idea how to explain our division to bank investors. We were a NASDAQ-traded bank. We had sponsored income, ATM sponsorship and our own proprietary portfolio. We had high-risk merchants with enormous reserves and almost no losses from card processing.
We also, however, had an enormous black eye from an ATM funding loss, where the principal skipped out with millions of dollars and ended up drugged and dead in Florida. Insurance money eventually paid off the claim, but he had enough smoke to convince the board that we did not fit the risk profile of a community bank.
We bifurcated the sponsored business. Humboldt Bank wound that business down and entered into an agreement to sell the bank-owned merchants to one of our sponsored ISOs. Unfortunately, after the agreement was signed, the market went sideways, and the buyer backed out. I've never been more insulted than to have someone pay me $2 million not to buy my company (for more details, see www.sec.gov/Archives/edgar/data/1140184/000095012302011600/y65042sv1.htm).
Through my time at Pacific Coast Banking School, I had come to know Pat Lamb. Pat, who was part owner of a privately owned bank holding company in Arizona and Nevada, heard of our sale falling through. I tried to talk him out of the purchase as his bank was the same size as Humboldt Bank ($1.5 billion) and would have some of the same issues. Undeterred, he and his partners purchased Humboldt Merchant Services.
Because Humboldt Bank was explaining to the community and investors why it was selling, the bank released information about the adult content merchants we were processing for to illustrate the risk. A couple of days after the sale, our local paper depicted my image with the headline, "Ex-Humboldt Bank Division Processed Porn Charges." Ironically, this was the same day Saddam Hussein's sons were killed in a military operation, yet their deaths and story were secondary to Humboldt Bank's acquiring operations processing porn.
We exceeded $5 billion in our last year of processing with Humboldt Bank. This was during a time when hackers began exploiting security lapses. One of our sponsored ISOs was breached. While we reported this to the card networks, there were no rules or fine schedule as the Payment Card Industry Data Security Standard (PCI DSS) had not been codified. That event and others motivated the card networks to jointly establish the PCI Security Standards Council, www.pcisecuritystandards.org.
Years later, the processor CardSystems Solutions was breached and unencrypted magnetic stripe data was stolen for 40+ million cardholders (see www.finextra.com/newsarticle/13839/cardsystems-security-breach-exposed-40-million-card-accounts---mastercard). By this time, the card networks had rules for managing data and penalties for not doing so. This led to enormous fees and fines that forced the sale of the processor and forever changed the way companies think about data security risks.
Within the First National Bank of Arizona/Nevada family, Humboldt Merchant Services operated as a stand-alone company. We had the unique position of being a bank-owned ISO, which allowed us the benefits of being an ISO (sales focused, nimble, automated) yet have the ability to independently adjudicate merchant files.
@h2Shareholders gain, merchants pay
We had a good five-year run and benefitted from the full-throated support of our bank owners. During this time, both Visa and Mastercard migrated from being Associations to become publicly traded companies. Their members were skittish about the potential liability from pending class action lawsuits (see www.nytimes.com/2006/10/12/business/12visa.html#:~:text=Wasserstrom%2C%20an%20analyst%20with%20UBS,much%20it%20intended%20to%20raise).
Both companies were underpricing their services, relative to what the market would bear and that was soon tested.
In the early 2000s, Visa and Mastercard's primary acquiring income was from assessments. At that time, in the U.S. region, assessments were nine basis points of volume. After going public, the card companies increased assessments, instituted cross-border fees, authorization fees (APF and NABU), monthly fees and others known as "because they can charge fees." These non-interchange pass through fees (NIPTF) have effectively doubled the card network costs for the average merchant, and Visa and Mastercard shareholders have benefitted handsomely. Network fees now comprise in the range of 18 to 20+ basis points of U.S. merchant acceptance fees, leaving aside the cross-border fees on international card sales.
Stay tuned for the next installment, which will appear in a forthcoming issue of The Green Sheet.
As founder of Humboldt Merchant Services, co-founder of Eureka Payments, and a former executive for such payments innovators as WePay, a division of JPMorgan Chase, Ken Musante has experience in all aspects of successful ISO building. He currently provides consulting services and expert witness testimony as founder of Napa Payments and Consulting, www.napapaymentsandconsulting.com. Contact him at kenm@napapaymentsandconsulting.com 707-601-7656 or www.linkedin.com/in/ken-musante-us.
The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.
Prev Next