Fraud. Chargebacks. Losses. These words strike fear in the hearts of
every ISO, acquirer and processor. To protect themselves from the evil
of criminal merchants, payment-processing organizations look to a
myriad of weapons. One such weapon is MATCH.
MasterCard introduced this program back in 1987 to help bankcard
issuing and processing companies determine whether to sign up a
merchant. It was intended to function as one of many tools to be
utilized against fraudulent merchants. At that time, it was called
“Combined Terminated Merchant File” as a joint venture with Visa. In
1995, that joint venture ended and the system was re-invented as
“Member Alert To Control High Risk (Merchants)” or MATCH. Why did Visa
pull out? It was all about access, or lack thereof. Since this
database resided on MasterCard’s system, it created unavoidable delays
in usage from Visa’s point-of-entry. Attempts to rectify the situation
were futile and Visa bowed out, giving MasterCard the go ahead to run
Designed to provide acquirers with the ability to develop or enhance
risk information, MATCH is a database containing the names of merchants
that have defrauded the industry. Association members and processors
utilize this database to check for merchants who, for one reason or
another, created issues within the system and were terminated by an
ISO, processor or member. As a result, their business name appears in
MATCH as a reference point for others to be wary or outright avoid
doing business with them.
How does the data get into the system? According to a member of
MasterCard’s legal department, when an acquirer terminates a merchant
and a certain condition exists, such as excessive chargebacks, the
acquirer is obligated to report that merchant to the MATCH file.
It is important to note that those certain conditions have evolved
since MATCH first came into the industry. Going back 10 years, reasons
for reporting merchants were subjective in definition. At that time,
MasterCard didn’t clearly define what conditions needed to be reported.
As a result, the system was used for more broad issues. Merchants
who had small numbers of chargebacks but were interpreted by their
acquirers as more than met their internal standards, found themselves
in the MATCH system. About four or five years ago, MasterCard
re-examined its policies and quantified them. Now, if an acquirer
reports a merchant at the time of termination, it is because the
chargebacks-to-sales ratio is in excess of a percentage clearly defined
in MasterCard’s rules and regulations. The end result, MATCH has become
more objective…but not the final word.
One obvious flaw in this system is the fact that there is no back up in
place if acquirers don’t send in accurate merchant information. MATCH
is only as good as the data it receives.
It is also important to point out that MATCH is not an open file to the
industry. MasterCard has proprietary ownership over it and only allows
association members to access the data.
How does access occur? An acquirer will send in a merchant name
through its processor or member bank. That name is then passed on to
MasterCard where internal staff run it through the MATCH file to see
what comes out—either a possible match or no match. The results of
that run are delivered back to the processor and/or member bank who
then forward it back to the originating acquirer.
MasterCard’s legal rep is quick to point out that the results of the
MATCH run are fed back not as gospel but as a simple statement that
this is what information was in MATCH regarding the name submitted. In
essence, the acquirer is on its own. MasterCard can’t guarantee that
the information is even related to that particular merchant and
emphasizes the acquirer to use it to its own ability. MasterCard
specifically disclaims any warranty of accuracy or fitness of
information. MasterCard stresses that site inspections, business
license checks, principal checks through Dunn & Bradstreet, inventory
checks and prior relationship checks are what each ISO and processor
should initiate when signing up a merchant–in addition to a MATCH
The question then arises as to who holds the liability regarding
boarding undesirable merchants.
Since MasterCard is structured legally with banks as its members and
those banks have their own agent relationship with ISOs and processors,
MasterCard looks to its members for liability and responsibility.
This particular issue of liability and responsibility has caused a
number of unfortunate situations amongst ISOs and processors. Take for
example, the recent dispute between Global Payments and Money Tree
Money Tree started to see an unusually high volume of chargebacks with
a handful of merchants and became concerned that something wasn’t
right. During the course of their internal investigation, they
contacted the suspect merchants, examined transactions and inquired of
Global to recheck if these merchants had been successfully run through
MATCH. As is the case with all ISOs, Money Tree is not granted access
to the MATCH file and thus had to rely on its processor to successfully
make the MATCH request. If MATCH sends back a red flag, the processor
should then inform its ISO partner.
According to Lance Maiss, attorney for Money Tree, Global denied any
knowledge of a match for the merchants in question. Money Tree
persisted and gained temporary access to MATCH and obtained reports
that they allege showed that nine merchants were on MATCH prior to
their being boarded. Money Tree accused Global of never having run
these merchants through MATCH, or if they had, never informing Money
Tree of the results. The bottom line according to Money Tree, was, had
they had those reports, they never would have signed up those
merchants. As a result, Money Tree incurred six figure hits and sued
On the other side of the table are the facts according to Global. Jim
Kelly, CFO for Global Payments, weighed in on the dispute. He contends
that the settlement was in payment of a billing issue and not a MATCH
“There is a lot of focus on the MATCH system as way to root out fraud
and merchants that have had problems in the past,” says Kelly. “It is
not a fool proof system. It is a means of sharing information.
Merchants try to cover their tracks. MasterCard does not indemnify you
if you found that XYZ Company was not in the system at the time of
boarding and then popped up later.”
When Money Tree argued that Global never told them of any matches
found, Global retaliated by saying they had no evidence that the system
ever ran a MATCH check. Global argued that Money Tree never prompted
the MATCH inquiry to occur. A classic case of he said, he said!
This difference of opinion is evident in the many exchanges Transaction
World had with both sides. The final judgment is a matter of public
record. The months of discussions leading up to that judgment do not
need to be detailed in this article. Basically, after a year of
legalese, document exchanges and heated meetings, the two parties
decided to settle out of court. This past November, Money Tree was
“We settled out of court for financial reasons, time element and the
difficulty in obtaining information needed to prevail,” says Maiss.
“MasterCard was very difficult to deal with in getting the facts about
MATCH. It wasn’t a typical settlement but an agreement was reached
between the parties.”
Based upon contracts he has seen between ISOs and processors, Maiss
stresses that very clearly defined obligations, responsibilities and
duties be set forth in ISO/processor agreements as to risk issues,
especially relative to MATCH. Additionally he believes that if ISOs
had limited access to MATCH, these types of losses could be avoided.
As CEO of Money Tree, Mitch Lau echoes that sentiment and feels it was
important to pursue this matter. He sees it as a moral victory and
contends that his company is not alone in this plight.
“I talked with a number of other ISOs who claimed they were taking hits
as well because of the failings of the process,” says Lau. “The MATCH
system was never designed for ISOs, but we take the most risk. I think
its workings need to be distributed away from the members to the
organizations that are taking all the risks.”
“MATCH is an information data base that is used by parties to keep
track of merchants that we need to stay away from,” says Kelly.
“Ultimately whether you are an ISO or processor or member, the
liability falls back to you. ISOs are very successful at what they do.
They are balancing economics of adding new business with the risk
associated with that. I’m sure they can figure out that balance,
factor it into their operation and achieve success. They have to do
their due diligence. MATCH is not an insurance plan. ISOs are not
purchasing a policy that insures them against losses. They must use a
lot of tools of which MATCH is just one. In hindsight, if the ISO does
the right underwriting, they will find the information. We use MATCH
in concert with many other traditional underwriting tools. ISOs are
hanging too much on this one system.”
With all the changes in the industry with third parties selling
bankcards as well as ISOs and processors needing accurate information,
does MATCH ultimately meet their needs? Fundamentally, MATCH has not
changed since its inception. The most significant change was taking
subjective list reasons and turning them into objective list reasons.
It operates largely as it did in 1987 with the most notable difference
being that American Express is now a participant in MATCH. According
to MasterCard’s legal representative, AMEX found it to be an attractive
and worthwhile tool for their merchants and joined forces with
MasterCard about the same time MATCH requirements were quantified.
MasterCard’s legal rep also stated that no changes are in the works to
MATCH. It will stand as is, at least for the present time. That means
that ISOs and processors must not rely solely on MATCH to check out a
merchant. MasterCard’s message is clear—use MATCH for the purpose that
it was intended, i.e. one more tool in their counter-fraud measures
tool belt. Don’t rely on it for more than that, but don’t stay away
from it either. MATCH is one more arrow in your quiver and if you use
it in that way, it will be a valuable arrow. It doesn’t excuse all
other pre-signing activities in which a competitive professional
organization should engage.