My wife has a small company that accepts credit cards. As the parent comment points out, the credit cards want to push liability for fraud onto the merchants. This has two aspects
- First, the physical card: Chip and pin is standard here, which would be fine, but don't think your fees go down when they hand you the liability. My wife has, to my knowledge, never had a case a fraud in 20 years, but that doesn't matter either. Mastercard/Visa are completely in collusion, there is no competition, they can demand whatever fees they want.
- Second, the Internet: I wrote her first web-shops, including the payment processing. This has become completely impossible. The credit card companies impose ever more impossible rules. Ultimately, if you handle credit card numbers electronically, they began insisting on quarterly audits of your IT infrastructure. We used an ISP - so they were going to insist on auditing the ISP infrastructure. Our ISP was - shockingly - actually ok with this, but the whole nightmare just got too complicated. In the end, the rules appear to be nothing but a way of forcing you to use their approved payment processors - yet another way to suck money out of merchants.
Will some Internet payment service please, please spring up and actually give Mastercard/Visa some real competition? Paypal has been largely co-opted, Bitcoin is a joke - we need something that your average Joe can and will use. So far, nothing...