MasterCard SecureCode is a greedy, bad, poor, sucky, irritating, failure prone piece of shit. Ah…that feels a little better.
Recently, I visited the website for Toys-R-Us to purchase a baby gift for my friend. She had registered there. I was excited looking through the gifts, choosing ones that I wanted to be associated with like a cool baby sling and a music play toy. So I headed off to the checkout part of their website to purchase them all. After a needlessly lengthy process (remember, I have 13 years of Microsoft experience specializing in web UIs), I finally got to the part where it will charge my MasterCard.
Suddenly, I was presented with a screen with USAA’s branding asking for my MasterCard SecureCode. I had no idea what it was. I wasn’t told ahead about it. There was little information on the screen. I didn’t know if I would loose my gifts chosen. It was having problems because my spam security software detected it was doing suspicious cross-domain things. I guessed a few times by typing in codes and finally gave up.
I called USAA because that screen had the USAA logo on it. They explained to me that the retailer was requiring it and USAA had no part in it. I told USAA I read the Terms of Use for the SecureCode and that I didn’t want a SecureCode and I deny it. They said I could do that but then I couldn’t purchase. I asked to escalate the issue and they transfered me to the SecureCode department. Which turned out to be MasterCard and not USAA. I hung up.
After doing more research, here’s what I figured out. MasterCard has a new online feature called SecureCode. It adds an additional burden of authentication for using a MasterCard online. Not all retailers or host banks support the feature. Both retailer and host bank must support the feature before the customer is presented with the screen to enter the code. Therefore, USAA lied when they said they have no part of it. Phone representative ignorance is no excuse; especially when I escalate it.
Forcing customers to remember codes and passwords is troublesome. There has to be some incentive for it. In this scenario there is zero incentive. There is only benefit for the host bank and MasterCard. Consumers are protected, by law, from illegitimate charges. They are only responsible for the first $50. MasterCard goes one step further and won’t hold you responsible for unauthorized purchases in a store, over the telephone, or online. So I, for example, don’t give a rats ass if someone uses my credit card illegitimately. I’ll pay nothing and get a new card.
Now look at it from the perspective of USAA and MasterCard. Both of them already have their profit models designed to account for this illegal card use. Just like they have customer bankruptcy built in. In Q3 of 2007, MasterCard International made a net of $314 million dollars; well on their way to make ONE BILLION dollars this year. They have huge banks of people and computers looking at spending patterns to catch illegitimate use. All of this is built into their profit model. One potential of this burdensome SecureCode layer is to reduce this illegitimate usage. Therefore, reducing their built-in losses which leads to increased income. And guess what…they are not going to reduce customer fees or interest rates. Instead, they will pocket this extra income for themselves. Greedy fucking bastards.
So MasterCard SecureCode helps the host bank and MasterCard make more money. It doesn’t help customers.
I sent USAA a written complaint about the scenario. Here’s what they said.
Dear Mr. Phurrough,
Thank you for your e-mail regarding MasterCard SecureCode. Please be advised that the merchant has chosen to participate in this program.
MasterCard SecureCode is a service from MasterCard and USAA Savings Bank that provides greater peace of mind when you shop online by providing added protection against unauthorized use of your enrolled card. For this reason, you must register and set up a SecureCode to make online purchases with this merchant.
Once you’ve registered and created a SecureCode, each time you make an online purchase at a participating merchant, a window will pop up asking for your SecureCode, just like using a PIN at the ATM. When you correctly enter your SecureCode, USAA Savings Bank confirms that you are the authorized cardholder and your purchase is completed. No SecureCode, no confirmation, no purchase.
If you do not wish to enroll in SecureCode, then you may want to consider making your purchases by phone.
We appreciate your business and the opportunity to be of assistance.
If you need further assistance, please contact us by e-mail using the ‘Contact Us’ feature at usaa.com.
Thank you,
USAA
“Pease of mind” my ass. Bull shit. So I replied back challenging their misleading “piece of mind” marketing message. Warning them that it will reduce my use of MasterCard online and that if forced I will choose a simple password which makes SecureCode useless. They replied:
Thank you for your e-mail regarding MasterCard SecureCode. We understand your opinions on this matter however; certain merchants have signed up for this online security feature. Therefore; if you are prompted to use the SecureCode feature while performing online purchasing it is at the request of the Merchant and not USAA. We are not able to make the merchant change the way they wish to accept payments therefore; we suggest that you contact the merchant if you have any additional issues.
The poor e-mail representative is really unprepared to enter into a discussion. It looks like I’m being fed prepared-ahead-of-time answers. They don’t understand that if USAA didn’t implement SecureCode, then none of this would be a problem. Since I was on a ranting roll, I sent a reply including specific quotes from the MasterCard SecureCode website saying that either USAA or MasterCard is now misleading me in written material.
Some additional feedback which requires no reply. At http://www.mastercardsecurecode.com/ it clearly indicates that it’s the “financial institution” which enables this horrible feature. Direct quotes are:
“A private code known only to you and your bank, your SecureCode enhances your existing MasterCard account by protecting you against unauthorized use of your card when shopping online at participating online retailers.”
and
“Please note that while many financial institutions offer SecureCode, not all offer this service. New institutions are being added often.”
So either Mastercard or USAA is misleading me. One of you choose to enable this feature. Not the merchant. If this feature wasn’t on my USAA mastercard, then I wouldn’t have this horrible experience regardless of the merchant.
They replied:
Thank you for your e-mail expressing your concern regarding MasterCard SecureCode. We apologize for any confusion caused; unfortunately this service was introduced and is offered by MasterCard. Feedback from concerned cardholders is essential to our continuing efforts to improve service. Your comments have been forwarded to the appropriate area.
In the end, I purchased the baby gifts for my friend. I gave in. Oh…but I have the simplest SecureCode possible. If I have illegitimate charges, I’ll pay zero dollars and USAA/Mastercard will pick up everything.
I remember now. Two weeks ago, a photographer was in Nowhere Bar. I’m talking with friends and then suddenly we’re posing for a shot. In the first, I was out of fame. Duh…I’m tall. So he asked me to scoot down. But rather than smartly bent my knees, I instead leaned my head down. Finally asked for spelling of my name to potentially be in HX magazine. HX is also known as Homo Xtra, the Totally Biased, Politically Incorrect Party Paper, the hottest guide to gay nightlife and culture in New York City.
