Some Canadians have been expressing a feeling of loss of control over their private data.
At a time in which mobile security has been called into question specifically in terms of the use of banking apps, Canadians are facing another potential issue with regards to the protection of their data in relation to their payment cards – both plastic and over their smartphones.
The large banks and credit unions in the country are now creating debit cards under credit card logos.
Certain large examples include the Interac-Visa Debit cards being issued by TD Canada Trust, Scotiabank, Royal Bank (RBC), and CIBC, among others. Prior to this change, the debit cards represented a direct relationship between the bank and the customer. Now, without requiring the consent of the customer, Visa has been brought into the mix.
While the banks have assured consumers that this is a move to help to provide them with greater service availability and acceptance of the cards worldwide, critics have stated that they believe that this is actually a mobile security issue, as Visa and the banks themselves build their efforts for a cashless society and the use of smartphone based payments.
This could mean that consumers in Canada are facing not only a privacy issue, but a mobile security one, as well.
The Privacy Commissioner has now been receiving complaints with respect to the fact that despite a lack of consent by the customer to share private data with Visa, new debit cards featuring the Visa logo were now being issued to them. Moreover, customers who have attempted to request the older pre-Visa version of the debit card have now been directly refused that option.
Also receiving communications and complaints on the matter has been the Executive Correspondent of the Prime Minister, which has acknowledged the matter and has forwarded the complaints to the Finance Minister of Canada, Joe Oliver. At the time of the writing of this article, an response from the Finance Minister’s office had not yet been received.
The Prime Minister’s Executive Correspondent has taken this payment technology issue very seriously.
At the core of this issue is the debate as to whether or not this is a violation of the Personal Information Protection and Electronic Documents Act (PIPEDA), to which all banking institutions are required to adhere. It states that sensitive private data such as an individual’s banking information cannot be shared unless free and informed consent is provided.
In the case of the addition of Visa to the debit cards from Canadian banking institutions, this has clearly not been the case, as all banking customers are being issued these cards even if they have expressly requested not to take part in that relationship.
Consumers in Canada are now expressing concern over the sharing of their personal data and the fact that they do not have any way of knowing exactly what part of their banking information is being shared with Visa, despite the fact that they have not consented to enter into that banking relationship with the company and they are not provided with any alternative to this relationship as every major bank and credit union is participating in the creation of the Interac-Visa debit cards. Critics of the new payment technology partnership have suggested that the only alternative to using these cards is to remain unbanked.
According to Chris M., a Team Member from TD Canada Trust, “We’ve recently switched all our Access Cards to take advantage of Visa Debit, as it offers worldwide acceptance everywhere Visa is accepted, and at over 25000 merchants in Canada who presently accept Visa Debit, with more are being added all the time. It’s a great benefit to our customers and we’re confident that in the long run, it was a great change.”
Back in October, another Team Member, Sonia S, from the same bank stated that “You can request the 13-digit Access Card without the Visa Debit functionality. However, these requests will be evaluated on a case-by-case basis.” It is unclear as to whether or not this opportunity is still being offered to customers, as there have been many reports of frustrated consumers who have reported having this request rejected. An immediate reply from TD Canada Trust with regards to this issue was not available by the time this article was written.
At a time in which the FBI has released a mobile security warning against banking apps, in which a Canadian watchdog, the Canadian Privacy Commissioner, has added its backing to an open letter involving 22 other similar groups from countries around the world requesting better privacy regulations and clarity of personal data collection and usage, it appears as though the payments technology evolution aiming toward mobile payments may be moving faster than the comfort level of Canadians.
This transition to cashless transactions and mobile payments could prove to be an example of some of the struggles that are and will be faced by other nations around the world, and of the many mobile security issues that must be ironed out before consumers will willingly and comfortably adopt these technologies.