Lets talk about Verified by Visa for a minute. Ever heard of it? I hope not – because if you have, you’ve likely had the same lousy experience that I have had in dealing with it.
Verified by Visa is a system meant to “help protect you against online fraud”. Basically it adds a password that you need to enter when making a purchase with your Visa credit card.
They may think its a good idea to give us this “unique service”, but really, its not. Why? Well for one, it seems to me that its not for you, its for them. In the unlikely event that someone steals your credit card information, Visa already protects you from unauthorized transactions! They will pay you back if this ever happens, and already have a slew of security measures to prevent and fix stuff like this. So, you are already protected. It seems that to reduce the odds that they will have to reimburse you, they are asking you to remember a new password and enter it every time you make a purchase “at participating online stores”.
“Unique service” indeed.
Additionally, since the Verified by Visa program is in effect for only a fraction of the transactions you’ll make, the odds that you’ll use it very often area quite low. I’ve spent tens of thousands of dollars in online transactions over the past few years and have only used it twice – both of which have been within the past few months. If I take their recommendation create a unique password for my Verified by Visa account, and don’t write it down, its unlikely I’m going to remember the password when I want to make a purchase. Then I’ll need to go through the pain of resetting my password. And believe me, its a pain. I’ve had to go through it once already.
And the cherry on top: in my experience, the Verified by Visa user experience is so poor, that it makes me feel like my information is being stolen while I’m signing up for it! The user experience seems to be managed by the vendor, so the experience can be awful. Allow me to share my own experience:
First, I went to a website with the intention of purchasing airline tickets for my wife and I. I ran my search, selected my flight, and proceeded to the checkout process.
Second, I entered my contact info, which takes extra time since I must be extra careful to get things correct – – – due to the exorbitant fees charged by airlines when you need to correct a mistake on an airline ticket.
Third, I entered my CC info and clicked “submit”
Then, unexpectedly (because usually step 3 is the final step), I’m redirected to a new screen that tells me that I’m required to enroll in Verified by Visa in order to complete the transaction. Woah, wait, what!? What is Verified by Visa? and why didn’t they tell me this before I started the process? I called my bank long ago and told them I’d be living overseas, and I’ve made many international transactions up to this point, so I don’t understand the point for this new security feature.
If I click “Back”, all of my information will likely be lost and I’ll have to start over again. Seems like I either have to exit the page and go to another site, or continue on. And also, I’ve already hit “submit”, so I wonder if my credit card has already been charged. But I sure don’t want to enroll is some weird thing. Why do I have to enroll in this? I’ve made hundreds of secure transactions without needing this…and the URL is “secure2.arcot.com”…ummm, who are they? I wasn’t on their website to begin with. They are saying they want this to be secure and they are trying to help me…but this seems like a very sketchy way to do it. I feel like I’m being led down a dark alley by a man with a pearly white grin and a black coat who wants to sell me a life insurance policy. It sounds good…but I get the feeling that something fishy is going on…
Then I realize something else: they are asking for ALL of my credit card information: name on card, signature panel code, expiration date, PLUS my zip code, the last 4 digits of my social security number, and my email address! Are you kidding me? Sounds like just the type of information someone would need in order to rip me off.
Awesome, so I’m been redirected from a site that I barely know, to a completely new, sketchy-looking URL, and being asked to give a bunch of personal information to enroll in a program I don’t want. Not to mention the webpage has the look and feel of a webpage that some hacker would whip up in 40 minutes. Nice.
I don’t know what’s worse, thinking I don’t need extra protection from online purchase fraud, or actually signing up for extra protection through a website that looks like its sole purpose is to steal my identity.
Visa, Wells Fargo – – – please explain yourselves.
And self, please explain yourself. Why did you go ahead and enroll in this again? The mere fact of writing this post has made me question why I actually went through with it.
Whilst I agree that the user experience of Verified by Visa is poor (the redirected URL, the unexpected final “final” step and unfamiliar third party interferences etc), I think it is a necessary step. Maybe Verified by Visa isn’t so common in the US but in the UK it’s on 99.9% of the websites that I use for making online purchases. It’s part of the eBay/PayPal setup, Amazon, easyJet and then even the smaller online retailers. Given that it’s so common, UK websites have actually made steps to properly implement Verified by Visa into the checkout process. People are only protected on fraudulent transactions made with their credit cards (in the UK, not sure what US legislation is). For those that use their debit cards online, the protection is rather insignificant. Verified by Visa, a service which is used frequently by British online shoppers (therefore it’s a password that we’re familiar with) is a necessary step to prevent fraud. Somebody could nick my debit card and try to make a purchase but then they are stumped at the Verified by Visa stage (in the UK an account can only be reset through the bank itself, therefore one would need the internet banking login details or telephone banking details to make changes). As someone that doesn’t use a credit card and therefore doesn’t have the protection from fraudulent transactions that comes with such a piece of plastic, I am very grateful that Verified by Visa not only protects my online transactions in the UK, but also Europe-wide.
Great points Ethan. Thanks for your insight.
I am definitely a fan of security. While I have some additional thoughts and opinions on whether or not this type of security is a good thing, my main complaint is the incredibly poor user experience in this case. Wonderful that it has been implemented well in many other instances, but I feel that with such a service there should be requirements of a good UX when it is implemented.
Do you think it could be wise to only implement Verified by Visa for debit cards and not for credit cards?
Happened to me for a Mastercard while I was buying airline tickets. But when I went back to the airline website and used a Visa card, it went through with no problems. Must be hackers intercepting these transactions!