Intellectual Property and E-Commerce

profileMike34
E-CommercePaymentMechanismsLetterHead.docx
Home>Law homework help>Intellectual Property and E-Commerce

Massie, Raymond 6/7/2019

For Educational Use Only

E-Commerce Payment Mechanisms, Practical Law Practice Note 8-500-9416 (2019)

worldwide.erau.edu

All rights are reserved. The material contained herein is the copyright property of Embry-Riddle Aeronautical University, Daytona Beach, Florida, 32114. No part of this material may be reproduced, stored in a retrieval system or transmitted in any form, electronic, mechanical, photocopying, recording or otherwise without the prior written consent of the University.

Massie, Raymond 6/7/2019

For Educational Use Only

E-Commerce Payment Mechanisms, Practical Law Practice Note 8-500-9416 (2019)

© 2019 Thomson Reuters. No claim to original U.S. Government Works.

E-Commerce Payment Mechanisms

by Creighton Meland Jr. and Kevin Jonas, Baker & McKenzie LLP, with Practical Law Commercial Transactions

Maintained • USA (National/Federal)

A discussion of different schemes and mechanisms in the US for making payments online and the related legal issues that customers, merchants, and financial institutions engaged in online payments could encounter.

 

 

Contents

 Internet Payment Schemes

 Allocation of Risk in Internet Transactions

 Regulation of Electronic Money Institutions

 Redemption Rights of Electronic Money Holders

 Emergence of Mobile Payment Schemes

Companies and individuals commonly pay for goods and services over the internet through internet payment mechanisms designed to protect their financial data and prevent fraudulent use of their funds. This Note provides an overview of existing internet payment mechanisms and considers the related legal issues around their use. In particular, this Note looks at:

 

• Available internet payment schemes.

• Allocation of risk in internet transactions.

• Regulation of electronic money institutions.

• Emergence of mobile payment systems.

Internet Payment Schemes

There are currently many online payment systems operating on the internet. Many of these systems primarily aim to facilitate online consumer-to-consumer payment transactions (such as Paypal, Venmo, and Authorize.net). Other mechanisms focus on the business-to-business and consumer-to-business payment markets. These are often referred to as bill payment schemes and many have also developed corresponding electronic bill presentment capabilities to provide comprehensive unified electronic bill presentment and payment solutions. Examples of bill payment schemes include:

 

• MasterCard’s Remote Payment Presentment Service (RPPS).

• ePay by Visa.

• PayTrust.

• MyCheckFree.

• Quicken Bill Pay.

• Choice Pay.

• Xpress Bill Pay.

• BBVA Compass.

• MSN Bill Pay.

Allocation of Risk in Internet Transactions

Generally, a merchant assumes the risks of accepting credit or debit cards over the internet and consumers assume only minimal risk under certain specific circumstances, as described below. The rules that apply to the allocation of risk and the parties’ respective liabilities arising from contested internet payment transactions are based on the same rules that apply in the case of face-to-face transactions, namely:

 

• For credit card transactions, the federal Truth in Lending Act (15 U.S.C. §§ 1601-1667f) and Regulation Z (12 C.F.R. §§ 226.1-226.59).

• For debit card transactions, the Electronic Fund Transfer Act of 1978 (15 U.S.C. §§ 1693-1693r) and Regulation E (12 C.F.R. §§ 205.1-205.20).

These rules primarily address risk and liability between the card issuer and the consumer (that is, a cardholder). Merchant liability is generally covered in the trader’s agreement with the card associations or with its financial institution, or under more general principles of law.

 

With respect to the relationship between a card issuer and its customers making online payments, card issuers generally may not contest a customer’s claim that a transaction was not authorized, because, as is the case with mail order telephone order (MOTO) transactions, the credit card is not presented to the merchant for inspection at the time of initiating the payment transaction. Thus, the consumer is limited in his ability to control fraud.

 

Decades of practice with MOTO transactions have enabled merchants and card issuers to develop sophisticated security procedures and practices to minimize fraud and error losses. Fraud prevention and error loss procedures have not enjoyed the same success in internet transactions as with MOTO transactions. Cyber attacks against merchants are still prevalent. In response to recent cyber crime, legislative efforts have focused on federal and state laws to create new reporting standards for data breaches and strengthen data security and notification requirements for merchants. As such, the allocation of risk with respect to cyber crime in internet transactions is still evolving.

 

For more information on data breach laws, see Practice Note, Breach Notification.

 

There are different rules for credit and debit cards with respect to how much a consumer can be liable for unauthorized transactions:

 

• A consumer is usually only liable for up to $50 in unauthorized credit card charges made before the consumer gives notice of the possible loss, theft, or unauthorized use of the card (15 U.S.C. § 1643(a)). Many card associations and financial institutions have reduced the $50 limit so that a consumer generally has no liability.

• A consumer potentially has more liability for the unauthorized use of a debit card. A consumer’s liability is limited to $50 if he gives notice of the unauthorized use within two days of learning of the unauthorized use. However, after the two-day period, this amount can rise to $500. There is also the potential for unlimited liability if the consumer does not report the unauthorized use within 60 days and the unauthorized use continues after this date (the unlimited liability relates to losses incurred after the 60-day reporting period has expired) (12 C.F.R. § 205.6).

Based on credit or debit card association rules, agreements between the parties, or other principles of law, under certain circumstances, a card issuer could seek to pass on to the merchant all or part of the liability for unauthorized transactions not otherwise recovered from a consumer.

 

Regulation of Electronic Money Institutions

Existing laws that apply to financial institutions at both federal and state levels generally regulate electronic money institutions. These laws are extremely comprehensive and cover all aspects of the electronic money business, especially where the activities fall under umbrella definitions such as financial services, engaging in the business of banking, or acting as a money services business. Entities seeking to engage in the provision of online payment services need to be concerned at the federal level with at least the following:

 

• Whether the entities may be construed to be a financial institution or money services business under the Bank Secrecy Act (12 U.S.C. §§ 1951-1959) and related Treasury Department regulations.

• Whether they comply with registration, reporting, and anti-money laundering program implementation requirements. The Bank Secrecy Act was extensively revised and supplemented by the USA PATRIOT Act (Pub. L. No. 107-56, 115 Stat. 272 (2001)).

• Compliance with financial privacy requirements under the Gramm-Leach-Bliley Act (Pub. L. No. 106-102, 113 Stat. 1338 (1999)) and applicable federal privacy regulations, which give consumers certain rights to protection of personal information . Some states have supplemented the Gramm-Leach-Bliley Act’s financial privacy provisions, so appropriate state laws must be reviewed for recent changes. Examples of applicable federal privacy regulations include:

12 C.F.R. Sections 30.1-30.6 ( Office of the Comptroller of the Currency );

12 C.F.R. Sections 1016.1-1016.17 ( Consumer Financial Protection Bureau );

12 C.F.R. Sections 208.1-208.111, 211.1-211.605 and 225.1-225.200 ( Federal Reserve System );

12 C.F.R. Sections 308.1-308.605, Subpart R and 364.100 and 364.101 ( Federal Deposit Insurance Corporation );

12 C.F.R. Sections 568.1-568.5 and 570.1-570.5 ( Office of Thrift Supervision ); and

16 C.F.R. Sections 313.1-313.18 ( Federal Trade Commission ).

• Compliance with federal laws applying to the particular payment mechanism used, for example:

• the Electronic Fund Transfer Act (electronic fund transfers, such as debit card payments);

• Truth in Lending Act (credit card payments and disclosures to consumers);

Fair Credit Reporting Act (credit reporting); and

• regulations issued under each of the above.

• The Consumer Financial Protection Bureau, which has regulatory and supervisory authority over most federal consumer protection laws.

• Other applicable payment laws, such as:

• state versions of the Uniform Commercial Code (UCC) (especially Article 4A addressing payers, payees, and intervening banks), which governs wire transfers and payment orders;

• the Uniform Money Services Act (generally covering non-depository financial services providers) and relevant state money transmitter laws;

• the National Automated Clearing House Association (NACHA) Operating Rules and Guidelines, which Regulation E and the related Official Staff Commentary treat as legally enforceable; and

• the operating rules, by-laws, and standards, as applicable, of credit card associations (such as Visa and MasterCard) and electronic funds transfer networks (such as Plus, Cirrus, Star, and NYCE).

• Federal and state laws that apply to electronic contracting, including the federal Electronic Signatures in Global and National Commerce Act (E-Sign Act) (15 U.S.C. §§ 7001-7006) and applicable state versions of the Uniform Electronic Transactions Act (see Practice Note, Signature Requirements for an Enforceable Contract).

This is not a comprehensive list. Entities seeking to provide electronic money services should prepare a thorough case-by-case analysis of applicable federal and state laws and regulations, as well as applicable association or network rules and standards.

 

Redemption Rights of Electronic Money Holders

Electronic money refers to money that is exchanged electronically through the internet or computer networks, such as payments made via Paypal. There is no automatic right for electronic money to be redeemed for cash, and whether it may be redeemed depends on the terms on which it was issued.

 

Emergence of Mobile Payment Schemes

The presence of payment schemes for mobile devices is rapidly expanding. Mobile devices can be used as internet browsers, with the functionality of internet payment schemes. However, application-based mobile payment schemes are becoming more popular. Mobile device payment schemes use various underlying mechanisms to transact payment, including, for example:

 

• Using the mobile device to initiate a credit payment.

• Creating a direct transfer to another individual or business through an automated clearing house.

• Debiting a stored value card by scanning a QR code.

• Contacting the mobile carrier directly to perform clearing and settlement.

Both bank and non-bank entities (for example, Google, Amazon, and Paypal) operate in the mobile payment market. The laws and regulations governing internet payment schemes, which vary based on the underlying payment method, are also applicable to mobile payment schemes. Several agencies share supervisory responsibilities for these activities, including the Federal Reserve System, the Federal Deposit Insurance Corporation, the Office of the Comptroller of the Currency, the National Credit Union Association, and the Consumer Financial Protection Bureau. The Federal Trade Commission and the Federal Communications Commission also have some regulatory jurisdiction. As mobile technology evolves, lawmakers and self-regulatory groups will likely consider enacting laws and rules for mobile devices in order to close any gaps in the current regime, protect consumers, and preserve the security of banking and payments systems (see, for example, Legal Update, FTC Issues Mobile Privacy and Security Publications).