Originally Posted by ;11211

by Rophuine (946411) writes: on Friday September 03, @09:21PM (#33471868)

I was a software engineer working in a company which had a similar thing done to it by MasterCard (MC from here on). The circumstances may be similar or vastly different, but the program which triggered it was used mainly by online gambling services, and we provided customers with Maestro/Cirrus branded MCs.

The product was ostensibly a prepaid debit card for travellers. The melt-down started when an MC official at an international event received marketing material for the card, and called the help-desk. He was told all about the benefits of the card, including the ?special? benefits like being able to load gambling winnings onto it and then withdraw them as cash from US ATMs (I should stress that this was a program operated by our client, not by us; we were just the platform.)

It turns out that this is money-laundering. You just aren?t allowed to market that. So our client (who operated the program) was investigated, and then we (who owned the payment platform) were also investigated. While a handful of people were using the program legitimately, the vast majority were using it for its ?special? benefits. MC also found that we should have known about it, and we?d failed to do correct due diligence. The program was shut down immediately, and all cards were de-activated, as its primary purpose was to facilitate money-laundering (we received two hours? warning, and I had a federal police officer standing behind me while I signed in and deactivated the card range). We lost our licence to access the MC network, and MC gave us 30 days to notify customers of legitimate programs and disconnect. We were successful in getting a court order extending this to 180 days.

MC has strict risk guidelines on this sort of thing. The integrity of the network is paramount: illegal money flows are targeted and stamped out vehemently. They would rather risk disconnecting thousands of legitimate cards than risk losing trust in a network which provides for billions of them.

The real problem is that it?s all private enterprise. Our contract with MC gave them all of these powers: if you don?t want to let MC have this sort of power over you, you don?t use their network. There is no right of appeal, especially for international partners (the court?s authority to even grant the time extension for our genuine legal programs was tenuous, and was only enforceable due to MC wanting to be nice to another party in the chain who was subject to Australian law).

I hope this is interesting information. If you want to know how the story ends, join the club: it?s still going. Perhaps you can visit David Tzvetkoff in a US prison and ask him if he knows.

I suppose what it really gets back to is that VISA is probably not doing this to comply with laws. They know that the best money for an organisation their size is to be made in massive, highly-trusted networks which are beyond reproach. They kick anyone off who might give them any kind of a smudge. Not just pr0n, obviously, I'm talking about money-laundering-style smudges. Which is not, of course, to say that this is what ePassporte was doing: there was neither trial nor opportunity to defend when MC came after us. It was "we're on our way, be ready to turn them off in front of a federal police officer when we arrive." They didn't have to prove that our client was doing anything wrong. They didn't have to prove that we should have known about it. They just decided that they were satisfied, end of story. We only got the extension from the court because they found that MC hadn't met the requirements under the contract to terminate with 30 days notice, and they had to fall back to the "we can kick you off just because we don't like the brand of office chairs you buy" 180 days.