Cash is king
Who knows what the payment intermediaries will one day decide is verboten
Mastercard and Visa have reportedly put a block on payment processing services for some anonymisation and virtual private network (VPN) services. However, the move appears to be restricted to payments made to five consumer-focused VPN and anonymisation services though a single payment processor in Sweden, rather than a more …
For blocking VPN traffic!
Yet companies in their very own back gardens are essentially doing exactly the same via indirect means.. whether this requirement is dictated by the RIAA, FAST etc its about time western governments start practising what they preach and protecting the rights of their own citizens by stepping in and sticking it to VISA et al!
Nobody has blocked VPN traffic. Not even the VPN traffic from these services has been blocked.
The payment card companies have prevented people using their cards to buy services from a small number of companies that they suspect (with some good reason, by the way) to be instrumental in the collection and distribution of stolen card details. Like it or not, but they're free to make this choice.
Nobody is stopping you from using any of the many other anonymisation services out there, or from starting your own. And nobody is closing those Swedish services either. All that is being "denied" to you is the convenience of paying for those particular services using a credit card (an easily traceable instrument, incidentally).
I think the situation in a regime like China may be slightly more serious than this...
> Perspective, please
Wait a minute, why do the credit card companies get to make this call?
Should they be able to block payments without any legal process?
If so, then they can mortally wound service companies (and others) on a whim.
This is not how it should work. To be allowed to block payments they should have to go through a legal process and allow the parties involved to fight their case. Only if they win that, should they be allowed to block payements. They should not have this power to wield how they like, answering or even just ignoring, any questions until later.
Because VISA et al, a private companies that offer to sell ( get that word? ) you a service. You want to use VISA services, you pay them a "kickback" fee for being able to be paid quickly and easily. As a customer of a company, the company ( VISA ) have every right to refuse to sell or offer you their services.
Same as if I go in the local TESCO, it's private property, private company they have every right to refuse to me service and can if they like have me ejected for tresspass if they feel so inclined. It would be bad PR if I've done nothing wrong but they have every right to do it.
For the record, yes it reeks of pressure from some "globalised" higher authority who are trying to get VISA to do their dirty work rather than come out in the open and get these services shut down, if that's their ultimate goal.
if I go in the local TESCO, it's private property, private company they have every right to refuse to me service
no. you have obviously no clue. If Tesco refused to serve you because you're black arguing that they're privat and can choose their customers, would you understand your error ? Said otherwise, if a company advertises a product or service, and they do deliver that product or service to some customers, they can't refuse you that same service without judicial justification.
In Europe, that is. Visa and MasterCard ar US companies, where the rule of law doesn't apply, the one with the bigger purse writes the rules. BTW, is there a European credit card company ?
But nobody said anything about being ejected from Tesco for being black until you tried that little trick. But Tesco in that example would have every right to ask you to leave if you've been caught stealing from them on repeated occasions, or if you harassed other customers, or damaged their shop.
" Said otherwise, if a company advertises a product or service, and they do deliver that product or service to some customers, they can't refuse you that same service without judicial justification."
I hope you don't work as an IT contractor if that's how shaky your understanding of contract law is. The card companies' advertising is an invitation to treat, not an offer. Their offer, when it is made, is made subject to terms that are entirely of their choice. You decide to accept those terms or not. If you don't accept, and they want your business, they can revise their offer. That's all there is to it. All ongoing service contracts will reserve the right for either party to change the terms later, so if they decide that you're too much hassle as a customer, they can drop you.
"Hassle" means lots of things, but my guess is that a high incidence of stolen cards being used for service payment is the most likely reason why this happened. After all, who's going to be dumb enough to use their own card to purchase an anonymous connection?
In any case, VISA has put the blame for this back at the acquirer service, Payson: "[VISA Europe] has not been involved in this matter in any way, and has not made any such stipulations to Payson or to any other organisation.” (http://torrentfreak.com/mastercard-and-visa-start-banning-vpn-providers-130703/) Maybe, but I'm guessing that Payson just got fed up of administering all the chargebacks and called it quits.
@ Kristian Walsh: "Tesco in that example would have every right to ask you to leave if you've been caught stealing from them on repeated occasions"
You confuse things: Pirate-Bay doesn't steal anything from Visa or MasterCard, they offer a service independent of them, but some people accuse PB's customers to use that service for stuff that is illegal in the US (but may-be legal in Sweden !). If anything, some of the customers steal from Hollywood, and some use it for perfectly reasonable and legal purposes.
In this Tesco example, it's as if Visa forbid payment to Tesco because they accused some of the customers to use some of the products purchased there for activities that they disapprove.
I'm not confusing anything, and I don't know where you're dragging in Pirate Bay from. TPB is not an anonymisation service. A selection of Swedish anonymisation services had had their card-payment facilities withdrawn, not TPB.
Anonymisers ARE used for criminal purposes - yes, as well as other, legitimate purposes, but if you think the criminal users aren't a significant fraction, you're deluded. (And to be clear I'm not talking about stuff like peer-to-peer sharing, which is at best a licensing infringement; but undisputed crimes like fraud, illegal pornography, and distribution of stolen personal information). But those criminal users are very likely to use stolen cards to pay for their service. Can you accept this?
Now, the next step needs a little bit of background about how card payment works, so bear with me.
Card payment has many intermediaries. In this case, Payson is an acquirer: a company that takes the card number, puts cash into the merchant's account, and then later asks VISA/Mastercard for the cash (who then ask the card's issuing bank for the cash, and the bank then asks the cardholder for the cash). A company like Payson pays VISA or Mastercard for this service (and charges the merchant more - that's their profit), but the amount they pay depends on how much fraud they have overall, because everyone is insured against fraudulent use of cards (the cardholder can't be expected to pay, and the merchant who has supplied goods or service for that money can't be either: once they comply with the rules the acquirer has given, they're in the clear). Higher fraud means either higher fees from the card companies, or the acquirers having to implement more onerous (and costly) security and reporting procedures, or bearing a higher part of the fraud losses. All are bad for a company like Payson's business.
Okay, so If the company got into this situation, but an internal audit revealed that the bulk of the fraudulent cards came from just five customers, then tossing these overboard fixes the problem at a much lower cost.
No conspiracy theory needed.
Move away from the Internet and into the real world of shops and retailers: here, it's not at all uncommon for merchants to have facilities withdrawn if they accept too many stolen or faked cards. Why is the Internet special? (hint: it's not, you will get your card acceptance service withdrawn if you don't deal with fraud properly)
In the Tesco example, its as if VISA withdrew services to Tesco because a disproportionate number of cards that Tesco presented to them were stolen or fraudulent. (Tesco is, however, a bad example, they're big enough that they talk directly to VISA/Mastercard and the banks, so they find themselves in the role of Payson in this story).
> But nobody said anything about being ejected from Tesco for being black until you tried that little trick. But Tesco in that example would have every right to ask you to leave if you've been caught stealing from them on repeated occasions, or if you harassed other customers, or damaged their shop.
This is more like supermarkets coming together to blacklist people, or at least enough of the supermarkets that it covers over 80% of the market share (which I think is what visa and master card have between them).
The difference with supermarkets is you have some come back and it can end up in court. And if they where found to be in a cartel with other super markets sharing a blacklist, can you imagine the uproar?
@Zolko - There are certain caveats to companies being allowed to serve whomsoever they want, these include not being able to discriminate on age/race/colour/sexuality/etc (except for age restricted products). If they say something along the lines of "we think you've been shoplifting in a bunch of our other stores, you're not coming in, please leave the our premises." That's totally fine, they can't say, "you're too young/black/female/gay, please leave the premises" as this would be discrimination.
They can also prevent you from coming in on a whim, although that would generally be pretty bad PR.
"As a customer of a company, the company ( VISA ) have every right to refuse to sell or offer you their services."
Only if you breach your contract. They cannot just decide to stop your service without good reason - that is effectively abuse of a monopoly position and very illegal in the EU. They could be fined billions if they persist...
> Wait a minute, why do the credit card companies get to make this call?
Normally I would agree with arguments along the lines of "its their service, they can deal with who they like".
However, Visa are a very large player verging on the monopoly.
Refusing to deal with certain customers on these kind of tenuous grounds might be interpreted by some as abuse of a monopoly position.
A business that relies on payment services could be easily crushed by withdrawal of a previously provided service of this nature.
As ever, I think a lot of these things are more complex than would at first seem.
Whilst a shit thing to do, visa and mc are private companies. They can do what they like. Paysafe cards can be bought at your local spar for cash so easily doiable for nearly everyone. I guess you can possibly buy Paysafe cards on your visa if you wish.
Tbh quite a few vpn and usenet services are declined by visa/mc though. Paysafe plus many eu alternatives are used instead
"visa and mc are private companies. They can do what they like. "
Not in the EU the can't. They hold a monopoly position and what they do must be fair and non discriminatory. Collective refusal to provide service like this across multiple companies is also acting as a cartel - and there are very heavy fines for that.
It is interesting to watch these things. There are so many corporations that seem to be wings of the US security agencies that a whole new view of things is opening up.
Snowden tells about snooping > more people think about secure comms > credit card agencies make it difficult to use them. Coincidence? Probably not.
that were they to issue a statement (obviously not a joint statement in view of the 'cartel' allegations) then it would include phrases such as 'it is a part of our terms and conditions (or soon will be) that we can choose who gets to use our services as we are a business and not a right'.
Or some such waffle.
Why if you read the TOS/EULA, they always reserve the right to change them with no notice and it is on you to comply. Why do you think that's in there? To protect you? Hell, exactly how many people even bother to read them? One that I know of, me. [I've reached the point that I run a checklist to tag the unexpected hits and misses instead of actually totaling it all up.]
How strange... Credit/Debit cards provide a very convenient way for 'the man' to identify who (barring stolen cards etc) is using a VPN/anonymisation service.
They may have unwittingly done naive VPN users a service here. Meanwhile the perps and wannabe revolutionaries will proceed to use harder to trace payment methods.
Another small boot in the nuts of surveillance society, bravo VISA/MC Sweden !
In a lot of cases what we want to keep secret is not our identities but the content of our communications.
Actual individual bad buys, their communications can be monitored on their computers, before the traffic enters the VPN tunnel. There are certainly enough security holes in every single operating system capable of connecting to the internet that can be used. Plus they can visit the actual computer and install whatever they want.
Mass surveillance is not to watch known bad guys.
Mass surveillance is to watch the rest of us.
"...turns out to be the biggest snooping monster ever. I'm afraid it's getting worse than the post-WWII communist control freak states ever were."
No. In some senses the internet (because there's still quite a bit more of it that is not "The Web") is neutral.
It's just a medium but the suppliers of that medium and what you watch on that medium have realised there is great value in your data.
And remember it's your data they are taking, not theirs.
If you believe in the positive view people will wake up to that fact. Google would not make the profits it does if it had to pay users to profile them every time they searched. Some would accept the spying, some would not, but everyone would be aware that it was happening.
Some people already are and this suggests some people afraid that awareness could spread.
This "data fetishism" must be recognized as the disease of warped minds that it is.
Illegal porn, dodgy pills and dangerous goods don't have the RIAA and MPAA chasing them down with a large axe.
I suspect this is more about the links (real or otherwise) to TPB than about VPN providers, although other VPN providers may be on the chopping block next (e.g. some USENET news providers include a VPN in the price of their some of their products)
"Illegal porn, dodgy pills and dangerous goods don't have the RIAA and MPAA chasing them down with a large axe"
Well no, a music publisher's organisation and a film studios association generally wouldn't involve itself in policing of pharmaceutical regulation or child abuse... In much the same way that I wouldn't immediately call FACT if I found an suspicious device under my car one morning.
"...I wouldn't immediately call FACT if I found an suspicious device under my car one morning..."
Then you ought to - and request that they drive your vehicle, but point out the suspicious device only when you're a long way away...
Boom - well, it couldn't happen to nicer arseholes, could it?
Biting the hand that feeds IT © 1998–2019