Businesses will no longer be able to accept cards: key to the measure that aims to avoid fraud and bring the “posnet” closer to the customer

A resolution of the Ministry of Commerce published in the Official Bulletin has ordered that companies bring electronic payment terminals, called “posnet”, closer to the customer, so that the user never lose sight of your credit or debit card during the transaction. The measure is mandatory for all companies in the country and provides for 180 days of compliance.

In Argentina it is very common for businesses, especially restaurants and bars, to ask for a credit or debit card along with your DNI and the user loses sight of their documentation at the time of payment. This is dangerous because the information about plastic May be copied for use without permission of the owner.

The new regulations respond to a demand from various industries pushing for the protection of personal data and protection against possible theft of personal information and fraud.

“The main risk involved with this practice was that they would take photos of the person’s ID and ID card to later make purchases in this person’s name. There are other types of fraud that could be committed, such as cloning cards, making additional payments or charges, identity theft, and even selling customer information,” explained Agustín Merlo, an independent cybersecurity researcher .

“Resolution 87, which appeared in the Official Gazette and signed by the Secretary of Commerce, Pablo Lavigne, implies a public policy that places Argentina at the level of what happens in other countries in the world. This is, that the consumer is not deprived of his card of credit or debit at the time of the purchase of a good or service”, he developed in dialogue with Clarion Fernando Blanco Muiño, Undersecretary of Consumer Defense and Commercial Loyalty.

“This is based on the amount of electronic fraud reported and recorded and has to do with the loss of control the consumer has in our country. With this measure we try to substantially reduce electronic fraud, which in Argentina it is four times higher indicators of other economies,” the official continued.

“The intention is to lower this level of fraud and generate a new consumer and commercial culture: on the one hand, that the consumer knows that he must ask for the POSNET at the time of payment; on the other, that the merchant knows that he has to make it available to the availability of the consumer,” he concluded.

The resolution establishes an adjustment period of 180 days from its entry into force for companies to “adapt customer support services as established”. Although news had circulated in some media and social networks that the DNI would also be stopped, this was not published in the resolution.

The context and what changes now

One of the main promoters of this measure was Daniel Monastersky, a lawyer specializing in cybercrime and data protection.

“Until this Monday, when the customer wanted to pay by credit or debit card, there were two possibilities open: either they brought the POS to the table, or They took your cards and, most likely, your ID too. This bad practice has already been questioned by us who defend the care and protection of personal data”, explained the specialist to this medium.

Monastersky insisted on this question for a long time. “About two years ago, already tired of dealing with shopkeepers and waiters, I promised myself to carry out an initiative to generate change. From my Twitter account and personal social networks I have carried out this campaign called “Join the POS” and continuously throughout this time I have tried to raise people’s awareness of this issue,” he continued.

“A few weeks ago the nation’s Ministry of Commerce contacted me by telephone to inform me of the initiative it would become a resolution of that organization,” he added.

In this context, the resolution specifies that “all commercial establishments that accept credit, purchase or debit cards to carry out their commercial transactions pursuant to article 1 of law no. 25.065 and its amendments, and operate with electronic device terminals for the payment of the operations carried out (data acquisition terminals or “POS”), must make them available to the consumer in such a way that, at no time, the latter loses control or is deprived of your card, not even momentarily. until the operation is completely completed”.

If this mechanic is not followed, they warn, there will be sanctions for traders.

A complicated implementation

There are two issues to consider with this new resolution. The first concerns implementation, which can present some logistical problems. This is because the two major brands that operate payment terminals in the country, Fiserv and Payway, have devices designed in such a way that the person viewing the information is the seller: Posnet and Lapos.

This is not the case everywhere: in the United States, for example, the terminals are usually in a box and facing the customer. “When you initiate a transaction with a chip, magnetic stripe or contactless, First you have to swipe the card, then enter the amount and then the installments. The problem is that the consumer has no way of seeing the amount he is being charged, nor the number of installments in which he pays, which is very specific to Argentina, a country that adopted quotas a long time ago. for over 30 years as a regional and global leader. And the way the process was implemented does not take these steps into account”, warned economist Ariel Setton, a specialist in payment methods.

Somehow, 100% transparency has not yet been implemented. “That said, it is possible to carry out a transaction in which the consumer does not lose sight of the card at any time, but this does not imply that the consumer can have absolute or complete visibility to approve the transaction“, addition.

The second point to take into consideration is that of DNI. “The display of the DNI is made explicit by the Credit Card Law, which requires that the seller must always verify the identity of the buyer. This does not mean that the buyer takes the document. But the document will continue to be required, it does not change with the resolution”Setton explained.

“Beyond the fact that the regulations do not mention the DNI because this would require legislative reform, it is essential to take advantage of it so that The cultural change in terms of data protection comes from all citizens. Let no one manipulate or store our document. The card law is clear and only serves the purpose of verifying the identity of the card holder,” adds Monastersky.

In this context, what is concrete is that, after the new resolution, the user will be able to “ask for compliance, not hand over the credit or debit card because the regulation is already in force and merchants will have 180 days to adapt to it ”, concluded the lawyer.

And that, he added, could mean “buying the posnets they need in case they need more devices or upgrading them” to bring them closer to the customer or, as Setton warned, starting to use devices that allow the consumer to know the whole process and record how much is paid and in how many installments.