The Coming October Purchase Alert Mandate


Last October’s mandate was more of a liability shift related to the implementation of EMV at the physical point of sale. This October’s mandate is really a mandate.

Effective Oct. 14, 2016, any bank that issues a Visa-branded card must give cardholders the option to register for alerts related to any transaction processed by Visa, Interlink and Plus. The deadline for MasterCard issuers not subject to the Visa requirement is April 21, 2017.

Anonymous prepaid cards are excluded. Commercial card purchase alerts are excluded for Visa issuers at this time and MasterCard will require an opt-in for holders of its small business cards.

Rachna Ahlawat, EVP at Ondot Systems, told Karen Webster in a live discussion about the variety of ways in which issuers can comply with the new mandate that’s not only about reducing fraud, but also increasing consumer confidence that the networks believe will translate into greater usage of the cards.

The Purchase Alert Mandate Nuts and Bolts

The purchase alert roadmap being built by card networks is aimed at helping cardholders become more proactive in their purchases, which has the potential to bring benefits to the entire payment ecosystem and deliver value to issuers and cardholders.

Ahlawat said that along with the alerts mandate, networks have been very vocal that this is setting a stage for a roadmap that will accommodate a variety of new, related innovations.

While issuers are required to make this alert service available, it will still be up to cardholders to opt-in to receive them. The baseline service is via email delivery, which is free. There is an option to also provide alerts via SMS. For Visa, the charge to issuers is $.01 per alert.

There are a number of ways that an issuer can comply.

Issuers may develop their own purchase alert solution using the network-branded solution, or use a third party to provide the service on their behalf.

Issuers will be opted into the network branded solution unless they notify the card brands that they plan to build their own solution or work with a third party that satisfies their alert requirements, e.g. fraud-only alerts do not suffice.

For issuers using the Visa-branded solution, cardholders will be directed to the Visa hosted enrollment site to enroll their eligible cards and to set their alert preferences.  There they can elect to enroll in email and/or SMS notifications, depending on the options that the issuer supports. By default, the Visa site will provide all enrolled cardholders with access to both email and SMS text message alerts. Issuers can opt-out of SMS text message alerts to avoid the cost associated with that features — a $0.01 charge to the Bank Identification Number (BIN) associated with every SMS message.


According to Ahlawat, data show that 41 percent of U.S. adults would like to proactively engage in managing their cards and card spend. Enabling better controls and alerts is one way issuers can help cardholders do that – transforming the relationship from reactive to proactive.

Though purchase alerts can be instrumental in driving cardholder engagement, Ahlawat suggested that issuers not look at purchase alerts in isolation.

They can be the best way to start the contextual conversation,” she explained, noting that as fewer people go to bank branches, that mobile may be the “way to go” for digital banking services today.

Though it’s easy to think of alerts as just relating to card activity or potential fraud, they can also serve as an effective and compelling channel to engage cardholders with other offers or services.

However, the context of the message as well as consumer preferences are so important because “more isn’t necessarily better,” Ahlawat emphasized, especially when it comes to text message communications, “but meaningful is what makes it interesting to cardholders,” she added.

Ahlawat described the importance of context as “different strokes for different folks,” meaning issuers must focus on only sending what is useful so cardholders don’t tune out alerts altogether.


One of the biggest draws to transaction alerts is the ability to curtail fraud in its tracks. In fact, a Visa study found that cardholders that subscribed to alerts experienced 40 percent less fraud.

Research shows that nearly 15 percent of cardholders experience a card decline, but under 5 percent of cardholders actually experience card fraud.

Ahlawat said the increased use of controls and alerts for transactions can help not only reduce misuse of cards but also the occurrence of “false positives.” She explained that one of the most compelling advantages (and returns on investment) when it comes to fraud prevention is the ability to know the location of a cardholder, something that an SMS-based alert offers consumers and issuers.

“Already having the last known location of the user on the server allows issuers, in real-time, to correlate and allow a transaction which otherwise would have been declined because they suspected fraud,” Ahlawat explained.

Cardholders knowing that there is increased security due to the alerts put in place surrounding their transactions can also feel better about using those cards.

This confidence, Ahlawat said, results in an additional 3 to 5 transactions/month because cardholders know that they’ll get an alert if an unauthorized transaction takes place. Similarly, they also have the ability to proactively set the right controls to prevent that from happening in the first place.


Ahlawat made it clear that alerts drive action.

For consumers who choose to opt-in, a great deal of value is seen in alerts related to location and being able to know when card transactions are being made where they are not. Also, with the migration of fraud to online channels as a result of EMV, Ahlawat said cardholders are also turning to alerts to keep them informed about eCommerce purchases.

But there are significant considerations issuers must also keep in mind when it comes to cardholder alerts.

For issuers, Ahlawat believes that there is a benefit when the issuer’s brand is attached to the alert – it only reinforces that relationship with that consumer.

“Alerts when done right and with the right amount of information actually help reduce the service cost,” Ahlawat explained, pointing out that to avoid cardholder confusion, issuers need to ensure they have the same visibility into alerts and transaction as the cardholders themselves do.

The consolidation of alerts from multiple sources and converting them into a single user interface or message with the action that the cardholder can take is also a key consideration for issuers, Ahlawat said.

“Any solution that delivers alerts for all types of transactions, in real-time with the issuer brand name not only lets the issuer meet the network requirements, but gives issuers control over the end user experience,” she added.