MasterCard SecureCode is a Bad Feature; USAA Misleading
MasterCard SecureCode is a greedy, bad, poor, sucky, irritating, failure prone piece of shit. Ah…that feels a little better.
Recently, I visited the website for Toys-R-Us to purchase a baby gift for my friend. She had registered there. I was excited looking through the gifts, choosing ones that I wanted to be associated with like a cool baby sling and a music play toy. So I headed off to the checkout part of their website to purchase them all. After a needlessly lengthy process (remember, I have 13 years of Microsoft experience specializing in web UIs), I finally got to the part where it will charge my MasterCard.
Suddenly, I was presented with a screen with USAA’s branding asking for my MasterCard SecureCode. I had no idea what it was. I wasn’t told ahead about it. There was little information on the screen. I didn’t know if I would loose my gifts chosen. It was having problems because my spam security software detected it was doing suspicious cross-domain things. I guessed a few times by typing in codes and finally gave up.
I called USAA because that screen had the USAA logo on it. They explained to me that the retailer was requiring it and USAA had no part in it. I told USAA I read the Terms of Use for the SecureCode and that I didn’t want a SecureCode and I deny it. They said I could do that but then I couldn’t purchase. I asked to escalate the issue and they transfered me to the SecureCode department. Which turned out to be MasterCard and not USAA. I hung up.
After doing more research, here’s what I figured out. MasterCard has a new online feature called SecureCode. It adds an additional burden of authentication for using a MasterCard online. Not all retailers or host banks support the feature. Both retailer and host bank must support the feature before the customer is presented with the screen to enter the code. Therefore, USAA lied when they said they have no part of it. Phone representative ignorance is no excuse; especially when I escalate it.
Forcing customers to remember codes and passwords is troublesome. There has to be some incentive for it. In this scenario there is zero incentive. There is only benefit for the host bank and MasterCard. Consumers are protected, by law, from illegitimate charges. They are only responsible for the first $50. MasterCard goes one step further and won’t hold you responsible for unauthorized purchases in a store, over the telephone, or online. So I, for example, don’t give a rats ass if someone uses my credit card illegitimately. I’ll pay nothing and get a new card.
Now look at it from the perspective of USAA and MasterCard. Both of them already have their profit models designed to account for this illegal card use. Just like they have customer bankruptcy built in. In Q3 of 2007, MasterCard International made a net of $314 million dollars; well on their way to make ONE BILLION dollars this year. They have huge banks of people and computers looking at spending patterns to catch illegitimate use. All of this is built into their profit model. One potential of this burdensome SecureCode layer is to reduce this illegitimate usage. Therefore, reducing their built-in losses which leads to increased income. And guess what…they are not going to reduce customer fees or interest rates. Instead, they will pocket this extra income for themselves. Greedy fucking bastards.
So MasterCard SecureCode helps the host bank and MasterCard make more money. It doesn’t help customers.
I sent USAA a written complaint about the scenario. Here’s what they said.
Dear Mr. Phurrough,
Thank you for your e-mail regarding MasterCard SecureCode. Please be advised that the merchant has chosen to participate in this program.
MasterCard SecureCode is a service from MasterCard and USAA Savings Bank that provides greater peace of mind when you shop online by providing added protection against unauthorized use of your enrolled card. For this reason, you must register and set up a SecureCode to make online purchases with this merchant.
Once you’ve registered and created a SecureCode, each time you make an online purchase at a participating merchant, a window will pop up asking for your SecureCode, just like using a PIN at the ATM. When you correctly enter your SecureCode, USAA Savings Bank confirms that you are the authorized cardholder and your purchase is completed. No SecureCode, no confirmation, no purchase.
If you do not wish to enroll in SecureCode, then you may want to consider making your purchases by phone.
We appreciate your business and the opportunity to be of assistance.
If you need further assistance, please contact us by e-mail using the ‘Contact Us’ feature at usaa.com.
Thank you,
USAA
“Pease of mind” my ass. Bull shit. So I replied back challenging their misleading “piece of mind” marketing message. Warning them that it will reduce my use of MasterCard online and that if forced I will choose a simple password which makes SecureCode useless. They replied:
Thank you for your e-mail regarding MasterCard SecureCode. We understand your opinions on this matter however; certain merchants have signed up for this online security feature. Therefore; if you are prompted to use the SecureCode feature while performing online purchasing it is at the request of the Merchant and not USAA. We are not able to make the merchant change the way they wish to accept payments therefore; we suggest that you contact the merchant if you have any additional issues.
The poor e-mail representative is really unprepared to enter into a discussion. It looks like I’m being fed prepared-ahead-of-time answers. They don’t understand that if USAA didn’t implement SecureCode, then none of this would be a problem. Since I was on a ranting roll, I sent a reply including specific quotes from the MasterCard SecureCode website saying that either USAA or MasterCard is now misleading me in written material.
Some additional feedback which requires no reply. At http://www.mastercardsecurecode.com/ it clearly indicates that it’s the “financial institution” which enables this horrible feature. Direct quotes are:
“A private code known only to you and your bank, your SecureCode enhances your existing MasterCard account by protecting you against unauthorized use of your card when shopping online at participating online retailers.”
and
“Please note that while many financial institutions offer SecureCode, not all offer this service. New institutions are being added often.”
So either Mastercard or USAA is misleading me. One of you choose to enable this feature. Not the merchant. If this feature wasn’t on my USAA mastercard, then I wouldn’t have this horrible experience regardless of the merchant.
They replied:
Thank you for your e-mail expressing your concern regarding MasterCard SecureCode. We apologize for any confusion caused; unfortunately this service was introduced and is offered by MasterCard. Feedback from concerned cardholders is essential to our continuing efforts to improve service. Your comments have been forwarded to the appropriate area.
In the end, I purchased the baby gifts for my friend. I gave in. Oh…but I have the simplest SecureCode possible. If I have illegitimate charges, I’ll pay zero dollars and USAA/Mastercard will pick up everything.
Kelle
Interesting…I just purchased a couple of things from their website and when I got to that SecureCode page and I was able to opt out of it, so I didn’t have to set any of that up. Hmmmmm.
Kelle
PS – thanks for going to all that trouble!
xoxo
Robert
Same exact shit with me…. this is the FIRST time EVER I hung up on USAA.
They wash their hands of it, fine.
The retailer pushes it, fine.
But when the USAA operator tells me she has no number to mastercard in order to opt-out or cancel the “Service”, I get wicked pissed. I guess I will have to take out a different card for online purchases.
ring
Same thing happened to me, at toys r us. They lost my business, I decided to pay more for the product at amazon instead.
I think I’d be less irritated if they didn’t spring it on me at the last second before purchasing, after going through the hassle of entering shipping and payment information. I’m not willing to go through extra rigamarole for no personal benefit, only a benefit for them. Instead I bought from a retailer that didn’t force me to jump through hoops.
I sense a decline in toys – r – us’ online revenue. They definitely lost mine.
Richard
Yeah I my bank does not let you opt out either, although the bank I was with before allowed you to opt out. The other day my wife used her card and secure code couldn’t even let you set up the pass code, kept saying information was incorrect, when it wasn’t. Ended up using my card and secure code let me setup my securecode (which was simple too) and today I tried to purchase from another website that uses it and just keeps failing saying information provided is not correct.
This is certainly going to cut down my impulsive buying online…. and if they do not fix my problem… maybe all my buying online will be done.
Todd
USAA gave me the same line when I had an issue with Tigerdirect. I chose another vendor, as I vote with my wallet. They fed me a similar line today when I had my most recent problem. I found it interesting that they said I couldn’t dispute the charge while it was pending. I was also upset that I had to go through 3 different people (even though I fully explained my problem with each person) before I got to someone that could tell me that. Strangely enough, when they transfered me to the customer survery at the end of the call, it said I couldn’t connect. Sorry for the length, but I think others can relate or enjoy:
Please wait while we connect you to a Newegg representative.
Thank you for contacting Newegg. My name is Skylar. How may I assist you today?
Skylar: Hello, how can I help you?
Todd Riggs: Hello, My name is Todd.
Todd Riggs: I was wondering why you processed my credit card/Order after I declined to be part of your master secure program
Skylar: The order has been processed and shipped out. Here is the UPS tracking number: 1Z04WF350323642485.
Todd Riggs: .com
Todd Riggs: You did not answer my question
Skylar: Because unless you are signed up for that then you can surpass that page.
Skylar: Not everyone has that.
Todd Riggs: I did not finalize my order through your secure master program. I didn’t want to be part of the program and I did not consider my order to be final.
Todd Riggs: I have bought the same items from another vendor, since I had to participate in the mastersecure program.
Todd Riggs: I never received an order finalized page, since I did not complete the master secure program.
Skylar: One moment please.
Todd Riggs: Why would I be required to become part of the master secure program, if you were just going to charge my credit card and ship anyway?
Todd Riggs: That doesn’t make any sense.
Todd Riggs: Is the master secure program just something to be an inconvenience?
Skylar: Because for the customers that have the Verified By Visa or the secure plan through mastercard can do that step. If you are not signed up for it then you can surpass that page.
Skylar: The secure program is through Mastercard not us.
Skylar: That is something that you sign up with them for. If you want the extra protection on your card.
Todd Riggs: It obviously is through you, or at the very least you are a partner, you were the one that said it was required.
Todd Riggs: Do not send the package. I am calling my credit card company and reporting you for making unauthorized charges.
Skylar: Sir, we do not require it. Hence why your order went through.
Todd Riggs: Then why did your web site say I had to do it.
Skylar: I don’t think you understand. But I will void the order for you.
Skylar: Sir, once again. It’s there for the customers who are SIGNED UP FOR IT.
Skylar: Those customers are signed up for that through there credit card company because they want extra protection when ordering online.
Skylar: Not everyone has that on there credit cards.
Todd Riggs: I fully understand, the problem is that, at best, your site is misleading. It said I had to sign up for the program to COMPLETE MY ORDER!
Skylar: That’s why you can surpass the page and continue with the order.
Skylar: Sir, that is not the case.
Skylar: Your order was still made. So you did not have to sign up for it.
Todd Riggs: You can call me a liar if you will, but I was the one who at one time wanted to make the order, but did not want to sign up for this program, so I chose another vendor.
Skylar: Okay, that’s fine.
Skylar: Do you want me to void the order?
Todd Riggs: There was no option to surpass the page, and if there was, I didn’t do it, and my order should not have been finalized
Todd Riggs: Please
Skylar: Actually, the order was shipped out. So you will have to refuse the order and return to sender for a refund. Here is the UPS tracking number:1Z04WF350323642485.
Todd Riggs: I’m calling my credit card company now.
Todd Riggs: You guys should be blacklisted
Skylar: Okay, that’s fine.
Skylar: Is there anything else that I can help you with?
Todd Riggs: No, you obviously don’t understand the problem. I think the only solution will have to be a legal one at this point.
Skylar: Sir, that’s fine.
Skylar: I understand the issue.
Skylar: Thank you and have a wonderful day!
Todd Riggs: Is that suppose to be some sort of smart comment?
Skylar: No, we are required to say goodbye to you and tell you have a good day.
Skylar: It would be ruder to end the chat on you with out a closing statement.
Todd Riggs: Don’t you think that would be pretty difficult for me to have a good day at this point?
Todd Riggs: It is becoming amazingly clear why your company doesn’t have a customer phone number.
Skylar: We do have a customer phone number. It’s on the site.
Skylar: Customer Number:800-390-1119.
Skylar: Is there anything else that I can help you with?
Todd Riggs: It’s obvious that you guys are getting some sort of kick back for every customer you get to sign up for this Secure Master program by fooling them into thinking it is necessary to complete their order.
Todd Riggs: Because obviously it is not required.
Skylar: Sir, you can call your credit card company and ask them about that feature.
Skylar: That is something you do through them.
Todd Riggs: I have called them in the past, when dealing with Tiger Direct. They have told me this is something they don’t require, but is up to the vendor.
Todd Riggs: And I chose not to buy from the, as well. The difference is that when I declined to use the program, they didn’t charge my card.
Skylar: Yes, that’s correct. It might ask you to sign up for that on our site but thats a optional choice. That’s why you can surpass the page.
Todd Riggs: That was never an offered option.
Skylar: We let the orders go through still even if you are not signed up for it.
Skylar: Because not all of our customers have it.
Skylar: Sir, your order was made. Hence you got passed that page.
Todd Riggs: How was I suppose to know this exactly?
Todd Riggs: I never received a page that said my order was finalized, otherwise I would not have ordered from another company.
Skylar: Sir, I am not sure how else to explain this to you. If you want more information on the program you can call Mastercard. I have given you all the information already.
Todd Riggs: Why would I think that my order was finalized when I never received the industry standard “order finalized page”
Skylar: I am just stating that the order went through. The email was sent confirming the order.
Skylar: When you skip that page it doesn’t take you to the final page.
Todd Riggs: Here’s an idea, why don’t you just send an order through when someone puts something in their cart then.
Skylar: Sir, is there anything else that I can help you with?
Skylar: I’ve noticed that you have been idle for 3 minutes; would you still like to continue this chat?
Skylar: Thank you for contacting us. However, we have not received a response from you in a timely manner and will be ending this chat session to assist other customers. If you have any further questions please contact us again.
Thanks again for contacting Newegg. Once you know, you Newegg.
Susan
I somehow signed up for SecureCode. I didn’t even know I had! Since I discovered it, I’ve been unable to make purchases on a couple of websites! I have been trying for 3 days to make a purchase on CircuitCity.com, and have been unable to do so. I discovered they participate in SecureCode. I pulled out my notes and typed in the password that I had chosen. I got a page saying there was a problem and to check my credit card information. So, I went back through it, and once again was told there was a problem. I reset the password, and tried again. I did this 6 different times, to no avail. Not once would it accept my password! So, I began a 4 hour search on the web on how to cancel SecureCode. I emailed USAA and asked them how to cancel. They got back to me and told me there was no way to cancel, and that they had reset my password. I tried the new password, and once again was told there was a problem. I reset the password twice more, and not once would the SecureCode accept my password! I kept searching on the web, and found a PDF file with instructions on how to cancel. It wasn’t hard to find, I searched for “how to cancel SecureCode”. So, I went in and canceled it. I still can’t place the order, but figured I’d give it 24 hours, and try again. If I can’t do it online, I’ll try to order over the phone. And you can bet USAA will hear about this again. This is the biggest bunch of **** I’ve seen in my life. A big step backwards. If MasterCard wants to stop internet orders, they are doing a good job of it.
Tom
WTF is this SecureCode stuff. Tried placing an order today on TigerDirect and got stopped by this. What a stupid ‘feature’ to drop on everyone. This will surely hurt USAA, Mastercard, and TigerDirect in the long run. The CEO in charge of this choice needs to have his head examined.
GTM
This same crap has started happening to me. I tried to make a $5 purchase at Boscov’s, shipping to my billing address, and it pulled the Secure Code page up asking for my date of birth! Since being redirected to some unknown-to-me alternate site, I refused, as this is shady. Now I have had the same problem at Newegg as well. USAA used to be a great company, but my experiences have been terrible in the last 5 years.
GTM
I want to add that Todd’s post about newegg is one for the wall. I did enjoy it, from a frustrating, painfully familiar experience way. About the only thing more maddening is trying a similar thing with a call center in India.
RTC
Right on Todd!
Over the last 45 years USAA has changed from a member centric organization to a “for profit” organization. This has accelerated abruptly as a result of the last 2 years. The BOD and corporate officers increasingly place USAA’s interests before those of the members. Customers are still referred to as “Members” in an effort to gain competitive advantage (the words of a senior VP). The real proof of the pudding is that they deny it vehemently. Pretty F’ing sad, isn’t it.
Jack Hunter
Google usaa secure code and you will see a usaa webpage that alerts customers about a “USAA Secure Code” pop-up that is a scam. There is a phone number and an email address to report abuse. Report the secure code pop-up as fraud. That’s what I am doing. What a bad idea this was. I’m not sure it is a grand scam – probably just some moron trying to earn a bonus with his lame IT skills. Good luck all.