Strong opinions, weakly held

How Priceline whores out your credit card

Today a Senate staff report prepared for Jay Rockefeller was released that details how “loyalty programs” harvest subscribers by purchasing ads on the “thank you” pages that are displayed after you complete a transaction with various online merchants, many of which you’ve heard of.

These Web loyalty programs, run by Affinion, Webloyalty, and Vertrue, have hauled in $1.4 billion in revenue and paid about $800 billion of that back out for ad placement. The Consumerist has a list of the 88 companies that have earned at least $1 million in this fashion.

Felix Salmon has more on the numbers and the ownership of the firms that are doing the scamming.

Xconomy has a page that illustrates changes Webloyalty made to comply with a settlement in a lawsuit filed against them. You can see how the scams work from the illustration. Basically, when you’re done with your transaction an add is displayed offering you a coupon or a special offer. I’ve seen them many times, but never clicked. When you agree to accept the special offer, you’re enrolled in a “loyalty program” that charges you a monthly fee after 30 days. Because of agreements the merchants have with these other companies, your credit card number is automatically given to the “loyalty” vendor. So people are accepting these offers without reading the fine print and subscribing to a service they don’t want or need. The next thing you now, weird charges are showing up on their credit card bills.

There are other scams, too. For example, Ben Stein makes ads for a “free” credit score reporting service that secretly signs you up for a $29.95 monthly subscription in exchange for accessing the free report. Felix Salmon has been all over this for a few months.

There are active comment threads about this at Hacker News and Metafilter.

Update: For a somewhat unfiltered look at what WebLoyalty promises, check out this page at the Americart site. Americart is a third party shopping cart provider, and one of the “benefits” they offer is free WebLoyalty integration. If you add it, they’ll give you $100 for every 1000 transactions they process, which isn’t a very good deal compared to what you’re getting. Your customers get a $10 discount coupon so long as they sign up for one of WebLoyalty’s insurance programs. I feel gross just having read about it.


  1. The fact that there is virtually no security around credit card charges, debit charges, or phone bill charges is one of those things you hear about and you’re like, how can that actually be the case? I mean if you work with computers you have all this stuff about security hammered into you, and yet the only protection against phantom charges and debits is that you might look at the bill and notice a weird charge showing up. It is pure security through obscurity but using numbers that are available during every credit card transaction and every time you mail a check.

    The credit card companies ought to be freaking out over this kind of thing, since it massively undermines trust in the card system. But of course since it helps their bottom line short-term they couldn’t give a rat’s ass about it.

  2. Oh and this crap is also responsible for much of the “monetization” of community sites like Facebook. What that really means is finding some new way to scam some petty cash out of a bunch of people who aren’t expecting to need to be on the lookout for it.

    I mean really, why not just cut out the middleman and let random companies charge things to our credit cards without even bothering to ask us? That’s pretty much the economic model we’re being asked to swallow here.

    The same scam in another form is the numerous fees added onto your bills for just about everything. I was hoping that a Democratic Congress might get around to banning that practice – “If you say a service is $29.99 a month, you can’t charge $37.42 for it” – but I guess that’s too much to hope for. Hooray for our new scamconomy!

  3. Jacob, you are on a roll!

    Perhaps you’d like this article how one of the big facebook game companies got their start. It really is sickening.


  4. What I found interesting is some users on the Hacker News thread were saying “Caveat Emptor.” I’m happy to evaluate claims, but I find “buyer beware” incredibly disingenuous with active subterfuge.

    I like Bruce Schneier’s opinion here: Make the banks responsible for identity theft and fraud.

    It’s an important security principle: ensure that the person who has the ability to mitigate the risk is responsible for the risk. In this case, the account holders had nothing to do with the security of their account. They could not audit it. They could not improve it. The bank, on the other hand, has the ability to improve security and mitigate the risk, but because they pass the cost on to their customers, they have no incentive to do so. Litigation like this has the potential to fix the externality and improve security.

    Also, didn’t we go through much the same thing with phone bill cramming a few years back?

  5. To clarify on my last point… If card companies and banks are responsible for this sort of fraud, I’m betting merchant agreements will be “clarified” rather quickly and if someone’s insistent on making extracurricular use of someone’s CC number, the host merchant account gets cut off.

    Priceline wouldn’t have much of a business if they can’t take cards, no?

Leave a Reply

Your email address will not be published.


© 2024 rc3.org

Theme by Anders NorenUp ↑