FINA Committee Meeting
Notices of Meeting include information about the subject matter to be examined by the committee and date, time and place of the meeting, as well as a list of any witnesses scheduled to appear. The Evidence is the edited and revised transcript of what is said before a committee. The Minutes of Proceedings are the official record of the business conducted by the committee at a sitting.
For an advanced search, use Publication Search tool.
If you have any questions or comments regarding the accessibility of this publication, please contact us at accessible@parl.gc.ca.
Standing Committee on Finance
|
l |
|
l |
|
EVIDENCE
Thursday, February 27, 2014
[Recorded by Electronic Apparatus]
[English]
I call this meeting to order. This is meeting 21 of the Standing Committee on Finance.
Our orders of the day, pursuant to Standing Order 108(2), are for a study of emerging digital payment systems.
I want to welcome our guests here this afternoon. We're very pleased to have five presenters here this afternoon.
From the Canadian Bankers Association we have the vice-president, Mr. Darren Hannah. Welcome.
From the Financial Consumer Agency of Canada we have the commissioner, in her first appearance as commissioner before the committee, Ms. Lucie Tedesco. Welcome.
From the Retail Council of Canada we have Mr. David Wilkes, senior VP. Welcome to you as well.
From the Canadian Federation of Independent Business we have Ms. Corinne Pohlmann, the senior vice-president for national affairs.
From SecureKey Technologies Inc., we have the executive VP, Mr. Hugh Cumming. Thank you so much for being with us.
You each have five minutes for an opening statement, and then we'll have questions from members. We'll proceed in the order given, and we'll start with Mr. Hannah, please.
Mr. Chair, I'm very pleased to be here today representing the Canadian Bankers Association and our 60 members, which include domestic banks, foreign bank subsidiaries, and foreign bank branches operating in Canada. I welcome the opportunity to speak about emerging digital payments systems in Canada and to highlight the banking industry's work in this area and what we see as some of the key public policy considerations for decision-makers.
There is no question that the payments ecosystem is experiencing a surge of innovation in Canada and around the world. Innovation is especially evident in the area of retail payments, with the proliferation of web-based payment technologies and near-field communication, or NFC, applications.
In Canada banks are at the forefront of creating a modern and efficient payments experience for consumers and merchants. The principal innovation in retail payments since 2010 has been the wide rollout of NFC technology to facilitate contactless credit card and debit card transactions at the point of sale. The rollout has been among the most extensive in the world. Approximately 10% of all credit card transactions are now done through NFC.
With the recent data showing that more than half of Canadians own a smartphone, we see further opportunity for growth in mobile wallets and mobile payments, offering Canadians an additional choice that is efficient, secure, and convenient.
To facilitate the adoption of mobile payments in Canada for the benefit of consumers and businesses, Canadian banks and credit unions worked together to develop the Canadian NFC mobile payments reference model, which is a set of agreed-upon principles for mobile payments. Several mobile wallets have been launched by banks using this model.
Among other things, the model specifies the need for, first, data security, which is the essential foundation for any payments system and product, and second, consumer control over what type of payment they use and how they access it. The model is also built around the use of existing technologies, such as contactless payment terminals. This will provide merchants with a seamless opportunity to take advantage of these technologies using the systems that are already in place for debit and credit card acceptance.
The payments ecosystem involves the coordination of many parties to function effectively. It's our objective that providing early clarity on the design of systems that enable mobile payments will help build efficiencies into the future deployment of those systems in Canada.
Innovation in the payments system must be encouraged, but not without sufficient safeguards to ensure the safety of consumers and the stability of the current payments system. As this committee knows, rapid growth and innovation in digital payments has resulted in a much more fractured payments market, with new entrants and competitors offering novel payment solutions that are attractive to consumers. The emergence of this shadow payments system presents a variety of risks to Canadian consumers and to the security of the payments system, particularly in the context of consumer protection, consumer disclosure, data protection, and system stability.
This is especially evident in e-commerce and online payments, for which consumers can store their credit card and debit card credentials in digital wallets or load funds into online accounts for subsequent payments. Many of these solutions leverage existing payment clearing and settlement systems and credit card networks in the exchange of funds and payments data.
The banking industry has undertaken some analysis of these issues with a view to understanding their impacts and what is needed to address them, thereby encouraging debate and discussion.
As a result of this, we've come to a view that there is a strong case for implementing regulatory measures for shadow payments systems that would achieve three main objectives. One, it would ensure that consumers are properly informed about the payments services being offered. Two, payments service providers would be held to prudential and operational standards and thresholds to minimize the likelihood of a service provider causing harm to consumers and others in the payments system. Three, consumers would have access to some form of recourse should there be a failure to deliver the payments services as agreed.
The banking industry is proud to be an integral part of the evolution of Canada's strong payments system. Banks support an open, competitive, and innovative digital payments system that promotes consumer confidence and focuses on the safety and soundness of the broader payments system.
I look forward to your questions.
Good afternoon, and thank you for inviting the Financial Consumer Agency of Canada to participate in this interesting and important discussion.
Your interest in studying digital payments is most welcome and timely to those of us who work on financial consumer issues.
Before I describe our research into this emerging area, I would like to give you a brief overview of our agency. The federal government created the FCAC in 2001 to provide financial information to consumers and to oversee the market conduct of banks and other federally regulated financial institutions.
[Translation]
Since then, our mandate has expanded to include responsibility for advancing Canadians' financial literacy.
[English]
In addition, we were recently given the mandate of conducting research to monitor and evaluate emerging trends and issues that may impact consumers of financial products and services.
Last December we released a research report entitled, “Mobile Payments and Consumer Protection in Canada”. This report explores the emerging technology of mobile payments and assesses the extent to which financial consumers in Canada are protected in using them. For your perusal, you have been provided with the report's executive summary, which includes a link to the report in its entirety.
Mobile payment is made with a smartphone or another mobile device instead of a more traditional payment method, such as cash, credit, or debit. Many of the current and future offerings will allow consumers to use credit and debit cards as a source of funds for their mobile payments. This topic is of particular interest to us, considering that Canadian consumers and the Canadian market are recognized internationally as being well positioned for the successful adoption of mobile payments.
Our report concludes that while mobile payments offer great conveniences and benefits, they also pose potential risks to consumers.
[Translation]
Currently, consumer protection obligations vary based on the underlying source of funds, as well as the type of service provider offering the m-payment service, and that applies to disclosure, dispute resolution and redress mechanisms, and protection against fraud and misuse of assets.
[English]
There are also emerging consumer protection risks, including that malware and other malicious software may present risks of identity theft and fraud. In addition, mobile service providers may sell their user data to third parties, who may use this data to target advertise—this practice is known as profiling—based on behavioural and geographical information.
One of the associated risks here is that there is a potential to market harmful products to vulnerable consumers, including children. As a result, there is a need for educational materials to help consumers learn more about mobile payments, not only to inform their decision-making but also to provide them with measures that they can take to minimize their exposure to risk. FCAC is currently developing such materials, which should be available on its website later this spring.
Our research also identified some lessons learned from jurisdictions that have high rates of user adoption. For instance, the number of stakeholders involved in mobile payment transactions may increase the level of confusion and complexity related to dispute resolution and redress. This has been identified as yet another potential risk to consumers.
In response, jurisdictions such as South Korea have enacted legislation that attributes ultimate responsibility to the financial institution for handling dispute and redress, regardless of which service provider is responsible for the error. For its part, the OECD is promoting the creation of minimum protection standards to be applied uniformly across mobile payment systems.
[Translation]
It will be important to monitor the business practices of suppliers to understand whether, and to what degree, the uneven consumer protection framework is problematic for consumers.
[English]
FCAC will continue to monitor the evolution of these payments and will encourage Canadians to learn more about their rights and responsibilities when they are making mobile payments through the information that we will make available to them.
[Translation]
Thank you. I look forward to answering any questions you may have on the subject.
Ms. Tedesco, thank you for your presentation.
[English]
Next will be Mr. Wilkes, please, from the Retail Council of Canada.
Good afternoon, and thank you, Mr. Chairman. I appreciate the opportunity to present to you and your committee today.
As many of you will know, the RCC's, Retail Council of Canada's members are small and large businesses across the country and represent more than 45,000 storefronts of all retail formats, including general merchandise, grocery, specialty retail, independent stores, and online merchants.
The payments landscape has been a major area of focus for RCC for many years. In that regard we applaud the government's efforts to ensure that retailers and their customers have choice in the payment methods accepted in their stores, and we applaud the recent commitment to lower costs associated with payment acceptance that was announced in the recent budget.
With respect to mobile payments, I would like to outline some key areas of concern to the retail community, in particular, operation complexity, the cost of implementation, consumer and merchant choice, and expressed acceptance or consent.
First, let me deal with operational complexity. We are witnessing many trials and tests, but little is being done to ensure collaboration of all stakeholders in the payment supply chain and there is very little discussion about industry-wide standardization. In the short term we believe the technology is likely to diverge before it converges, and this lack of standardization could make the emergence of mobile payments messy for the consumer and inefficient for retailers.
To address this issue, RCC recommends that the government be tasked with ensuring that a standardized platform be defined for mobile applications in Canada.
Second, I will discuss cost. As retailers we have a responsibility to roll out and support technology that makes lives more convenient in a way that does not add additional unnecessary cost into the system. Containment of cost is vital for both consumer prices and retailers' bottom lines.
All payments must be treated the same regardless of the form in which they are made, whether it is by a plastic card or a mobile smartphone. Simply changing the form, in our opinion, cannot be a reason for increasing costs.
Let me give you a specific example. Let's take the card-present versus card-not-present situation. In a traditional payment, the consumer's credit card is either present at the point of sale, or it is not present, as in the case of online shopping in which you key in the number, or in telephone shopping or mail ordering. In the card-not-present case, retailers pay a higher cost to the credit card networks because of the potential for increased fraud and inconvenience for the processor.
Those situations don't exist in a mobile environment, and we really encourage the government to take a strong look. We recommend that mobile payments be treated as a card-present application rather than a card-not-present one. RCC asks the committee to recommend that mobile payments be treated in this way and that this be reflected in an updated payments code of conduct.
The final two areas I'll talk about are consumer and merchant choice.
Regarding consumer choice, it is our view that consumers should be given a range of payment options at the point of sale, regardless of whether they're using a physical or a mobile wallet. RCC strongly believes that networks, issuers, or processors should not set default settings for payments. The only party who should make that choice is the consumer. Again, we encourage the committee to recommend that these options must be set by consumers and that this be reflected in an updated code of conduct.
Not only is it vital that consumers be provided choice when considering mobile payment options, but so also should merchants be. Our final recommendation, Mr. Chair, is that retailers must have the ability to decide to accept mobile payments and that their acceptance not be implied or deemed simply because the retailer is accepting another form of payment, such as the tap and go form. The responsibility to decide whether to accept any form of payment, including mobile, must rest solely with the retailer, and this condition, requirement, or right must be reflected in updates to the payments code of conduct.
I too thank you for the opportunity to address the committee. I also look forward to your questions and the discussion on what is a vital topic for the retail industry.
As you may know, CFIB is a not-for-profit non-partisan organization representing more than 109,000 small and medium-size independent businesses across Canada. I will be walking you through a slide deck that I hope you have in front of you.
There's no doubt that payment systems, especially credit card-specific payments, have been a touchy subject for merchants of all sizes, but especially for smaller merchants, who often feel powerless against large payment networks because they feel they have little choice but to accept the terms of payment and technology imposed on them.
While they always have the option of not accepting credit cards, this is very difficult for some sectors, such as retail and hospitality, which could simply not operate without providing their customers with the option of paying by credit or debit, as you see on slide 2.
On slide 2 you can also see that cheques remain the top form of payments among all types of small and medium-size businesses. In fact, Canada has been slow in adopting e-invoicing and payment solutions, particularly at the business-to-business level.
The good news is that most entrepreneurs see the benefits of moving to electronic forms of invoicing, payment, and acceptance but have limited options that are user friendly and affordable. Our hope is that some of these emerging digital solutions will start to address this gap in the Canadian payments market.
As you'll see on slide 3, despite the abundance of businesses accepting credit cards, if given a choice of which payment type to accept, very few even among those in the retail and hospitality sectors would choose to accept credit cards, citing the cost as the biggest factor in that decision.
We welcomed the credit and debit card code of conduct in 2010, as it served to save low-cost in-store debit in Canada and provided merchants with a small degree of power in their dealings with the industry, but with all kinds of emerging digital technologies now entering the market, the code must be updated to address them.
Digital payments may offer some advantages to merchants and customers; they also hold the potential to create significant problems and drive up costs. There will soon be many more competitors in the market, including many non-traditional players, each with their own system and fee structure. The result may be additional confusion, complexity, and lack of clarity, especially for smaller merchants trying to balance consumer demand with their own cost to process those payments.
Unfortunately, the hasty and unfair introduction of premium credit cards in Canada served to reduce the trust Canadian merchants have in their payments industry. More recent merchant fee increases and plans to add another level of premium cards into the Canadian market have only added to the growing mistrust. As a result, small firms struggle to believe that the introduction of digital payments will not usher in significantly higher fees following an initial introductory period.
This skepticism is apparent in slide 5, where merchants are asked to rate the current fees associated with each type of credit card. Most feel that Interac debit fees are fair or good, and a majority also find that fees associated with regular credit cards are at least fair, underlining that many merchants accept that there should be a cost associated with the service.
It is in regard to premium credit cards that most are stating that fees are poor, because from a merchant's perspective, there is little additional value for the extra fees they are paying to accept them.
Even more concerning is a lack of transparency. As you can see on slide 6, almost three-quarters of respondents said that it was somewhat or very difficult to understand their credit card fees. Our concern is that this will only become more complex when adding digital payments.
While we understand that currently there is no difference between the fees associated with digital payments and current credit card rates, we find it hard to believe that this scenario will be maintained in the long run, for the simple reason that additional players, such as telecommunication companies, are now involved. As you can imagine, the level of trust that small businesses have for major telecom companies is not much better than it is for credit card companies. Bringing these two industries together does not give small business much comfort that their costs will not increase in the future.
One solution is to quickly update the credit card code of conduct to include new provisions that allow some power to merchants when it comes to emerging digital technologies. We were pleased to hear reference in both the throne speech and the recent budget to making further changes to the code to improve fairness and transparency and help lower credit card acceptance costs for merchants.
These code improvements must include provisions that require payment networks to obtain express written consent for each digital product they put out, even if it is at the same fee as other forms of payment. We understand that industry players will not want to go back to merchants each time a new technology, a new payment option, or a new feature of a wallet is introduced. However, merchants have very few powers other than the ability to choose the payment options they offer. That is why express written consent is absolutely vital to ensure that there is a degree of fairness in the system.
CFIB believes that there are only two parties in making a transaction: the merchant and the consumer. Only merchants should be able to decide which forms of payment they wish to offer, and only consumers should be able to decide by which method they will pay. All payment methods, apps, and technologies should be set to respect the wishes of these two parties, and default settings should not be allowed.
With the proliferation of new players who will enter the payments market, including telecommunications and technology companies, ensuring that the code effectively covers all these players is essential.
A formal and accessible dispute resolution process must be implemented. The current mandate of the FCAC allows it to review complaints for information only and does not provide advice or relief to small business owners. A proper dispute mechanism should have the power to require resolution to specific problems.
Finally, as I mentioned, there is a gap in the Canadian payments market around B to B, business-to-business, transactions and somewhat around business-to-government and government-to-business transactions for smaller businesses. We would encourage emerging digital payment technologies to start filling that gap with potential solutions that are affordable, accessible, transparent, user friendly, and secure, and that allow tracking for record keeping.
Thank you.
Thank you very much for your presentation, Ms. Pohlmann.
We'll now hear from Mr. Cumming from SecureKey Technologies.
Thank you very much, everyone.
I'll speak briefly about SecureKey. We provide authentication and identity solutions in working with banks and governments. I have a brief PowerPoint presentation to give us some perspective on the future of digital commerce.
First of all, I'd like to start with the challenge. Consumers must identify themselves today on every channel in order to achieve continuity in the experience online. Whether mobile or web, the identity challenge is even greater. Merchants must ask users to create a new user name, password, or other token to make repeat visits easier to grow their relationships. This creates separate log-in passwords for each retailer and creates frustration and abandonment risk.
Unlike in the physical world where one credential or a credit or debit card works at multiple retailers, each online site has a dedicated approach. If online and in-store experiences are to converge, users must be able to replicate the one credential to many retailer relations. In short, consumers need to be able to bring their own credentials. We call this BYOC. Our challenge is to ultimately enable consumers to visit their favourite retailers using credentials that they remember and trust.
Online approaches today are being done in silos and are handled by each organization differently across channels, creating different experiences and outcomes, forcing users to create new passwords at each site and to download new mobile apps. Passwords get reused from site to site, so when Joe's Flowers gets hacked, we hear in the news that it was Facebook, but in reality it was the weaker site that allowed the password to be compromised.
The PCI has set standards on payment-card data, but has not created interoperability in allowing merchants to exchange data. The experience and degree of data protection varies with each implementation and is a card-centric experience rather than a user-centric experience. These silos result in gaps that have exposed consumers to social engineering and other threats, resulting in fraud and other losses.
Cross-channel credentials require a crisp identity. Consumers expect consistent experiences. A converged approach to digital identity where consumers can use their credentials across channels and organizational boundaries eliminates friction and fraud. What if I could use my TD credential at Canadian Tire or my Shoppers Drug Mart log-in at Costco? What if I could do this without losing the ability to share attributes in my control and without limiting my ability to have a relationship with those organizations that I choose?
An example of this in action is the work that SecureKey is doing in Canada. Consumers are using their existing bank and telco credentials to access over a hundred government applications. It is a user-centric experience that enforces strong authentication while enforcing blinding properties to prevent leakage of privacy information. In Canada alone over a million people use this system today. It's a great proof-point that this idea of bringing your own credential is appealing to consumers.
Let's talk about how this transition to a user-centric approach can be applied to payments. The old-world approach was effectively a walled garden. The credit card was dominant. The data ran over the credit card's network. Every participant—the bank, the merchant, the acquirer—participated according to rules governed and controlled by the credit card industry. Now we're moving away from homogenous dedicated networks toward a great diversity of networks and ecosystem participants.
Payments now travel through many parties on shared networks. Digital and mobile wallets are proliferating. Bell, Rogers, Telus, RBC, TD, and CIBC have recently announced mobile payment strategies. Each is using different approaches, different technologies, and different approaches to security and risk. In addition, the online world has brought together new competitors that have capitalized on the disruption. Over 120 million people today use PayPal for online checkout. Amazon is the world's largest e-tailer, with over 100 million users.
A lack of standards has resulted in many high-profile breaches, most notably in the U.S. due to scale, exposing tens of millions of credit cardholders to fraudsters. The market needs a better standard for consumer data security. In shifting away from individual merchant-owned repositories and providing an on-demand framework for merchants to access consumer data from trusted sources—banks, issuers, digital wallets, or identity attributes—an open-identity ecosystem is the foundation.
Governments can help by paving the way to clarify rules of engagement surrounding an online equivalent to the know your customer practices used by banks, creating the open-identity and payment ecosystem where users are centric to the model, enabling how they authenticate, what happens to attributes, which devices they use, and creating auditability and traceability.
Just as the Internet was disruptive to payment brands, the smartphone is disruptive to the payment process. The smartphone enables a new model that is user-centric.
This model enables extensible trust networks that let users mix and match between authentication credentials and payment brands. Strong and open authentication standards take advantage of mobile devices and secure hardware and dedicated channels for the consumer. Privacy is a core component. The user has control over when and what data is shared.
In short, what this amounts to for consumers is agency. Instead of being a passive consumer of the technology, they are an active participant in the next payment network.
Finally, here are some of the things that we believe are required for a success in evolving payments technologies: user choice and convenience supporting multiple channels and converged approaches; thinking about online, in-store, and person-to-person payments as a single way of communicating; being conscious about the trend of bring your own device involving the consumer at the root of consumer identity; open standards; security; privacy; industry mandate for broad acceptance; and a supportive framework for regulation.
Thank you.
Thank you very much, Mr. Cumming, for your presentation.
We'll begin members' rounds. These are five-minute rounds.
Monsieur Thibeault, s'il vous plaît .
Thank you to the witnesses for being here today. With only five minutes, I'll get right into it. If I cut you off, I do apologize ahead of time. I have only a short amount of time to get a lot of questions in.
I'd like to start with you, Ms. Tedesco. It's in relation to a comment that was made at last Tuesday's meeting by Professor Jacques St-Amant. He stated that the voluntary code of conduct for credit and debit is not legally enforceable.
Given that the Financial Consumer Agency of Canada is responsible for administering the voluntary code, do you agree with this analysis? How does the FCAC monitor breaches of the code?
In terms of our supervisory role at the FCAC, we typically supervise according to the legislation and to the voluntary codes of conducts that are entered into by the industry. In terms of the credit and debit code, all of the payment card network operators are signatory to this code and agree to abide by the code. We monitor compliance with this code.
In the event that we find some issues in terms of their compliance with the code, then we report those breaches of compliance to the Minister of Finance. The Minister of Finance then has the opportunity to decide what he will do. If he finds that the problems are too prevalent, he can regulate at that point.
Okay.
We have other member organizations, such as the Canadian Chamber of Commerce, asking that the voluntary code become mandatory, or things along those lines. Have you thought about whether, if this were mandatory, there would be fines involved, or things along those lines?
Have you found any instances of the code being breached at the moment or over the last little while? If so, are you able to share some of those details with the committee?
I won't go into specifics here, but I'd be pleased to provide some specifics. Certainly with the new code of conduct, these were organizations that were not supervised previously, so this has been quite a learning experience for them. By and large, however, the level of adherence to the code is very high. If any breaches are found, they are very quickly rectified.
We've found that the industry has been very open to being supervised by the FCAC and has acted quickly in terms of remedying some of the breaches if there have been some.
Thank you.
Ms. Pohlmann, in relation to the Competition Tribunal's decision this summer relating to some of the anti-competitive practices of the credit card companies, what was CFIB's reaction to the decision to punt it back to Parliament?
We were disappointed. we had hoped to see some resolution to those issues. While the Competition Tribunal decided that there was something to this effect, they decided that they were not the body to actually deal with it, that it should go back to the government.
We've been working hard on trying to convince the government to make additions to the code of conduct and update it to include things like allowing...or to just getting rid of honour all cards rules, even allowing some limited surcharging, not beyond, of course, what the merchants themselves pay to accept credit cards.
Thank you.
It is good news to hear that the government may be acting on this.
There was some language in the budget, so I think that is exciting for everyone around this table.
Also, were there some serious concerns relating to co-badging? I don't want to get into what co-badging is—we understand it—but were there some concerns with co-badging?
Certainly, we want to make sure that we don't see Interac, debit, and Visa, for example, on the same debit card, unless there's a distinctiveness such that one is not going to take over from the other one. We want to make sure that this stays strictly separate in terms of allowing.... We have no problem with Visa or MasterCard getting into other lines, such as mobile or debit, but we want to make sure that they do it on their own terms, with their own cards, or mobile payments or whatever, and not on the backs of other entities within Canada.
Thanks to our witnesses for being here today.
The advancement of mobile payments technology and usage seems to be a win-win-win situation. You have the payment networks which have less paperwork. They're using less paper and they also have less administration as a result. You have merchants who also have less paperwork, less paper usage, and less administration. Then you have the consumers who have greater convenience and ease of payment.
My question is for the Financial Consumer Agency of Canada. Who stands to benefit most from this new technology in mobile payments?
Well, as a consumer, I can say that this is certainly convenient for consumers, and it can arguably be convenient for merchants, but with all those benefits and conveniences come risks. In our research paper, we've identified six key risks that can arise out of the use of mobile payments and going to mobile technology.
Your suggestions are really to mitigate those risks. If we turn the clock back in time to 50 or 60 years ago when credit cards first came out—I think Diners Club might have been the first—and people had that little piece of plastic, they must have been very concerned about risks at that time as well. Those have been mitigated over time.
Actually, the risks now are a lot more complex than they were perhaps, because when we're talking about mobile payments, more players are involved. The number of players makes it more complex, particularly for consumers in understanding their rights and responsibilities and where they should address their complaints. We see that as a potential risk to consumers.
Thank you.
My next question is for the Retail Council.
Will the savings by merchants as a result of mobile payment technology be passed along to consumers?
Certainly, a competitive landscape ensures any savings are passed along to the consumers. I think we've seen that in some of the tariff relief that has been introduced by the government, to draw an analogy. But some of our concerns are.... Indeed, there may be savings resulting from the ones that you outline, Mr. Saxton, but we want to ensure that additional costs don't creep in.
I've mentioned the way the payment is treated: to ensure that it's treated as a card-present transaction, not a card-not-present transaction, because there's an additional charge that is put in to the retailer when it is a card-not-present transaction. Depending on the type of card and the network the retailer is using, that can be an additional charge of anywhere from 10% to 18% if the mobile payment is indeed treated as a card-not-present transaction.
Certainly in the current environment of a card-not-present transaction where the chip and PIN are not used, that is indeed why there is that premium. We understand that, and we recognize there is that need. But in a mobile environment where there is not that same risk, where there is not the same risk for the payment not to be an authentic one from the individual user, we do not believe that the risks associated and encompassed by the card-not-present charge would transfer to the mobile environment and indeed should not be there.
Thank you very much.
My next question is for the Canadian Bankers Association.
We've heard from the banks regarding their mobile banking initiatives. My question for you is, do you know what the credit unions are doing to embrace this new technology?
Certainly we watch them, but I don't want to speak on their behalf. They were involved in the development of the mobile reference model, along with banks, to try to come up with a harmonized guideline around mobile wallets, but I don't know what sorts of offerings they've come out with. I haven't seen any. There may be some, but I'd certainly invite you to speak with them directly on that.
Thanks, Chair.
My next question is for the CFIB.
How is the voluntary code of conduct being received? Do you see benefits coming from that?
It was well received when first introduced. It did at least provide some very limited powers to merchants at the time. We do believe it needs to be updated today with these new technologies coming in. In fact they are already in the market, and there are no protections right now for them in that regard. We do believe there are other elements that need to be looked at more closely, such as eliminating honour all cards rules and surcharging. We believe it's an evolving document that has to continue to evolve as the industry changes, and then it will continue to be a valuable tool for merchants.
[Translation]
Thank you, Mr. Chair.
[English]
I am here to replace a colleague who is on paternity leave. I'm not very familiar with this, and my questions may or may not be very relevant, but we'll see.
[Translation]
Thank you to the witnesses for being here today.
[English]
First, I have a question for the Canadian Bankers Association. Presumably if a client of yours gets into the mobile payment method, that would be part of their accounts in whatever bank they deal with. Is that correct?
If I'm making a mobile payment and I choose to take my credit card and my credentials and load them onto my mobile phone and make a transaction using my mobile phone and NFC technology, that is treated the same way as if I'm making it with my card. The zero liability still applies.
What I'm getting to is whether that would involve people whose accounts have to be given to the Americans because of FATCA. Would such payments be included in this shared information?
Just to be clear, if I'm doing mobile banking, that's just another mechanism for me to access my account. It shows up as an account transaction.
I won't go too far down on FATCA, but in the case of FATCA, you're talking about whether or not there's actually any income earned on this as opposed to simply a transaction.
If we're talking about transactions, those are not directly related to FATCA. FATCA relates to income that's earned or accrued.
I understand that, but in determining that, doesn't all of the information on the accounts that clients have with you have to be supplied?
It has nothing to do with whether or not it's mobile; it really has to do with whether or not you're talking about income.
I hope this will be determined, Mr. Chairman. I think it would be useful.
[Translation]
Does provincial and territorial legislation on digital commerce apply to digital wallets?
Actually, our research report found that, for the purpose of consumer protection, it would be beneficial to establish minimum consumer protection standards for all m-payment sources.
Given that, as a federal agency, we don't have jurisdiction over some industries, the different jurisdictional authorities would have to work together.
The first is uneven consumer protection. A number of players have a hand in that area, but they aren't all subject to the same obligations when it comes to consumer protection. So introducing consistency is important.
The second risk we identified has to do with the consumer protection principle that consumers should have access to dispute resolution and redress mechanisms. That is an important component to include.
[English]
Mr. Wilkes, with regard to the card-present versus card-not-present transactions, the fees for card-not-present transactions are higher. You say these are the fees that are now being applied to mobile transactions?
That's what we want to ensure. Right now, as mobile penetrates the market, what we're calling for is an update to the code of conduct to indicate that mobile payments would be treated as card-present, not—
Are you suggesting that the fees currently being applied are the equivalent of card-not-present fees?
At the present time, the members have expressed concern that we don't migrate into that card-not-present arena.
As to how they're being applied right now, I'd have to get back to you on that.
Welcome to our witnesses. I have a couple of questions.
Ms. Pohlmann, I'd like clarification on one of the points in your PowerPoint. Under “Update Credit and Debit Card of Conduct to cover emerging digital payments including”, you have three points, and your second point begins “Full consumer and merchant choice...”.
When we talk about choice, we believe that the merchant should have full choice to choose which forms of payment they accept—
Yes, or that they will be willing to provide, and consumers should have the choice of what they will use to actually pay.
Our concern is default payments. With mobile technology, there is the capacity for, say, Visa wallet to make sure that the card that shows up on the consumer's mobile wallet is the Visa card first, which is the highest-priced card that the merchant accepts. They should not be able to do that. They should allow the consumer to decide whether or not they want to use their debit or whatever. At the same time, it should be up to the merchant to decide whether or not they accept Visa credit cards but not Visa mobile. They should be able to make that choice.
Okay, because I think that's what it comes to. If you have full consumer and merchant choice....
It's just semantics, but I'm still shaking my head over it. It would seem to me that it's almost a case of agree to disagree; like, if I can have a credit card and you have the choice not to accept it, that's fine, but the two are not compatible.
No, and I'm not suggesting that they would be negotiating with the consumer. The choice for the merchant is the negotiation with the credit card companies so that they have a choice, i.e., that they will accept the credit card but not the mobile version of that credit card, or that they will accept debit but not credit.
That's what I'm saying. I'm not suggesting that they will tell the consumer....
They can influence the consumer and say, “Hey, if you don't mind, do you have maybe a debit card instead of a credit card? That would help me out.” If the consumer says no, they'll probably just say, “Fine, I'll take your credit card.”
These are the types of things that we'd like to see merchants—
Okay. I think we've beaten this one to death. Thank you.
On the card-present and the card-not-present transactions and the 10% to 18% extra fee on that transaction, Mr. Wilkes, do we have any hard numbers on the amount of fraud that's being covered here? Is it 10% to 18% fraud? Is this fee reasonable, in your opinion, or is it exorbitant?
The point we're expressing on the difference in fees is that we recognize that in those environments that are not secure there is an increased risk associated with those. But we believe that the associated risk does not transfer into a mobile environment, so because it is an authenticated payment and because there is security associated with the mobile phone, that should be treated as a card-present transaction, where you put in your PIN when you have a chip card, as opposed to whether it's being keyed in on the pad.
I think the point that the merchant community is making is that the risk associated with mobile is similar to, if not the same as, the risk with a chip and PIN card, and as a result the charges for that type of transaction should be similar.
I think most of us here would agree with that, absolutely.
I still have a question on the card-not-present transaction and the 10% and 18%. If you're buying something over the phone because you didn't want to do it on your computer, and it's a card-not-present transaction, that would incur the 10% to 18% fee absolutely?
Yes, we are not arguing with the fact that there is an increase with the card-not-present transaction, whether it's the examples that I provided in my opening remarks. The point is the one we made earlier.
My original question was, is there any hard data to back up the increase in fees from the credit card companies?
I don't have access to the amount of fraud on credit card transactions. I'm not sure if my colleague does.
I don't have it with me, but we have some data on the CBA website and we can make that available to the committee.
Thank you. If you could provide it to the clerk, the chair will ensure all members get it.
Thank you, Mr. Keddy.
Mr. Rankin, it's your round.
Thank you, witnesses, for being here.
As a proud Canadian, I'm really pleased with the fact that we're world leaders in this mobile payment technology. On the other hand, when Mr. Saxton refers to this as a win-win-win situation, he certainly doesn't talk to the people in my riding, the small businesses, that call it perhaps a win-win-lose situation as far as small businesses are concerned.
Mr. Hannah, I understand that your members offer dozens of different types of credit cards. The Royal Bank, for example, has 17 different cards. With so many cards and so many different interchange fee structures that could be applied, just how can a small business owner reasonably know how much they're going to be charged for a transaction made with one of your member's cards?
That's a good question. I think the question you're getting at is really whether or not I feel as a merchant I'm getting value. I'll separate it into two streams. There's the value stream. First, they can opt for a flat rate, if they want, from their acquirer. They can usually negotiate that or go to a micromerchant firm like Square, where they build in a flat rate. In that case, every card gets charged the same rate. It may be higher in some cases than if you were to go to a mainline merchant acquirer, but—
The premium cards—and I'm sorry for time—the CFIB would seem to suggest if their members' data is accurate, that the premium cards are very unpopular precisely because (a), the fees are so much higher, and (b), they don't know. Usually when the banks come, they say it's not their fault, it's the acquirer's, but isn't it true that the TD says on its website that they are both an issuer and an acquirer, RBC and BMO say they're parent companies of Moneris?
There seems to be a lack of responsibility, where the banks say the problem's with the acquirers, but the banks own the acquirers in some cases, and we have a bit of a mess as far as small businesses are concerned. There's nowhere to go.
I'll start by saying that I think there has already been some questioning in prior discussions about the relationship between the merchant and the acquirers. I'm not going to go over that ground. You've covered that.
As you mentioned, there are a number of competitors in that market. A couple of them are related to banks; several are not. There's a lot of competition and there's new competition entering the market all the time.
To your question about the authority, the power of merchants, the ability of merchants to negotiate, the code of conduct that was created by the government gives merchants additional rights and clarity around pricing, the exact point you're talking about. They get clear pricing information and they get the right to opt out of contracts if prices go up. That was given to them in the code. It's enforced through the FCAC and the commissioner's guidance that has come out around these measures.
Thank you.
Ms. Pohlmann of the Canadian Federation of Independent Business, I have a question in a similar vein.
David Robinson of Rogers appeared before this committee on Tuesday. When asked how they plan on generating revenue with their mobile payments technology, this is what he said, “We do charge the issuer for the service of secure distribution, storage, and support of their payment cards on our infrastructure.” When asked how those fees were visible with the transaction, he said, “I have no visibility whatsoever to the transactional fees that are charged between the merchant acquirer and the merchant, none whatsoever.”
So, briefly, we were told there were no fees, then that there were some fees, and then that they're hidden from anybody. Is this the kind of hidden fees that get added through the payment chain that small businesses are already burdened with? Are they afraid that even more of this will happen in the future with this mobile technology?
Yes, certainly I think there is a lot of fear, given what we saw with premium cards initially in 2008. Now that we have another player entering the mix, a telecommunications company, we know that's how they are making their piece of the pie. Right now, our understanding is that's being absorbed by the issuers, but there's going to come a point when I believe everybody will want to go back to the model where they're each getting their share of the revenues coming from the merchant. We find it really hard to believe. We feel as if right now it's a way to get into the market and over time, those fees will start going up because they simply have to start making sure that this next other player in this industry is also getting paid to the same degree that the banks and the acquirers and the networks are.
So you've added that you expect there should be the change you seek in this voluntary code, because of this confusion, complexity, and lack of clarity that could drive up the cost for the merchants in the future. I presume you see that as a consequence of the new mobile payment technology.
Yes, and history has shown us that.... We've seen this play before, and I think the trust is not there that this will not happen in the future, so we want to make sure the protections are in place.
Thank you to our witnesses for being here today. We've had another number of interesting presentations.
Mr. Wilkes, I'd like to start with you. I want to talk about the cost of complexity, a piece that you mentioned, and then there were the barriers to entry, the standard platform, and those types of things.
In our first meeting, we were discussing the barriers to entry. Because of the security that's required and other types of things, not just anybody is going to be able to enter this market, because there's a certain barrier to entry just on that. What I'd like to ask is, when you talk about the standard platform, how would you see that happening? I can see there would be a certain number of players in. I can't imagine that we're going to have a big, diverse group in, because of those barriers to entry, so how would you see that standardization happening?
I think indeed a role the government has is to ensure that. Let me give you an example. With iPhones, you can make web-based transactions on them right now, but you can't make mobile transactions on them. You have probably the biggest player in the smartphone arena and you don't have the ability to make a mobile transaction. What we're very concerned about is that we're going to have, as I mentioned in my opening remarks, various proprietary solutions. What that's going to do is add complexity.
My colleague here indicated that you may have a variety of different payment passwords, and so on and so forth. What we are very concerned about is that as you get additional platforms involved, as you get an Android platform, as you get a BlackBerry platform, as you get an iPhone platform, you're going to have a variety of ways in which these payments occur. You're going to have confusion within the marketplace, and you're going to have inefficiencies that, from a retailer or merchant perspective, only add cost.
We believe, as we have seen in other payment technologies, for example, with the chip and PIN, where MasterCard and Visa have come together with a similar or same platform on that, this should be a mandate that is asked for by the government in order to ensure standardization and efficiency in the mobile arena.
Okay. I'll carry on to my next question. I want to pick up on the complexity and a little bit on the comments on the business-to-business side. It was brought up in the last meeting as well that we're really behind on the business-to-business side of this as well.
Ms. Pohlmann, you said that the platforms facilitate the electronic payment solutions. I'd like to understand how. I'm assuming you mean that government would do that or that someone would facilitate this. How do you facilitate that? That's a huge market entry issue as well, because you want to have players in that. Your big business-to-business players, like the SAPs and the Oracles, are in that game. How do your small businesses get there and do you facilitate that?
That's an excellent question. Not only is the business-to-business part slow in developing, but so are the business-to-government and government-to-business parts. Perhaps government can play a role in building a system within payments to government that can help spearhead or drive a bit of this innovation, right?
That doesn't say it doesn't exist right now. It does. It's just that right now it's inaccessible to smaller firms, so how do we make sure that those types of business-to-business transactions can be made more accessible to small firms?
Again, I'm hesitant to suggest that government does anything that is directly intervening, but I do think that part of the solution might be to see if government can look at their own ways they interact with business, because through taxation, businesses have to pay government by cheque all the time. Perhaps there are methods or means there that can be used to drive innovation in the private sector as well.
I don't know, but these are things I'm throwing out there. It's definitely a growing issue. There's a real demand among small businesses and a frustration that when they try to use the systems that are already out there, those systems are really not accessible to them because of cost or infrastructure requirements.
Who are some of the major players in this now who might create opportunities?
The typical one right now is that you pay your bills online, right? You can pay your electricity bill and all of that online. A lot of small businesses would love to have that as an option so that they can pay each other, but to set up a system like that is very expensive for a small business to do, because you have to do it with each separate bank. You have to pay each bank a separate fee. It's quite complicated and difficult to do.
If there were some way we could have an Interac for business-to-business transactions, that would be great. Somewhere where they can automatically just flow funds from one account to another by electronic and very quick means, and in a low-cost way, would be ideal.
As a small-business owner, I have been able to make payments through my bank through the CRA, so I've been able to do some of that, but it can be a little bit clunky.
I hear what you're saying.
[Translation]
Thank you, Mr. Chair.
I would also like to thank the witnesses for being with us today as part of this fascinating study.
My first question is for Ms. Pohlmann and Mr. Wilkes.
Do you think the fees associated with online payments and card-not-present transactions might discourage your members from creating transaction-based Web sites or adopting new technologies, or cause them to refuse such forms of payment altogether? Are they refusing to implement these systems because of the costs associated with them?
[English]
Yes. We recently did some work around the payments system. We have a whole report around Canadian payments and small businesses.
One of the questions we asked was what the biggest obstacles were for merchants in accepting or receiving electronic payments. Number one was cost. It was simply down to the extra cost to set it up and to deal with the security issues around it. Obviously, once you have a card-not-present situation, you're also dealing with higher costs. Then, if you have premium cards on top of that, it is a bit of a barrier.
For very small firms it is one of the reasons.... They may have websites, but they're not necessarily transacting online, as a result.
I would add to that.
My short answer also would be yes. In addition, one of the challenges our members are concerned about and are talking to us about is that right now Interac is not issued by all banks in a mobile form. If you don't have what is in many cases the preferred option of paying, which is Interac in a mobile environment, there are concerns that the costs and the transactions will migrate to higher, more expensive credit card options. This is something that members are concerned about and that will prevent, in my opinion, full adoption.
[Translation]
Thank you.
My second question is for Mr. Cumming, Ms. Tedesco and Mr. Hannah.
Do you think a mandatory system that would alert stakeholders of data breaches could reduce the risk of identify theft or fraud, while strengthening the confidence of consumers wanting to use these new payment methods?
Do you think a mandatory system that would alert stakeholders of data breaches could reduce the risk of identify theft or fraud, while strengthening the confidence of consumers wanting to make mobile or electronic payments?
That is another risk we identified in our research. Just-in-time disclosure, as it is called, is one possible approach. It is a system whereby consumers would be alerted immediately prior to private information being collected. Consumers would be asked for their consent if the device was attempting to record their personal information.
When a data breach has occurred and a company's security system has been compromised, should the consumer in question be alerted, given that they could be a victim of identify theft?
[English]
I have a couple of comments on the question.
One is just around this whole notion of a user-centric model. I think that the mobile device creates an interesting opportunity for capturing that kind of consent at the point of interaction with the merchant. That is an important point. There aren't clear rules around what that would actually mean.
The second is really about how to reduce risk in a connected world. Part of it is not requiring every participant, in order to gain the benefit of these kinds of interactions, to have to maintain and house personal and sensitive data. That is really where risk is created, at the end points when data is not properly secured. By creating an environment wherein that data never leaves the protection of where it was created, you can reduce risk in the overall network.
I have just one point. Currently it's the case that if you have a card and the issuer identifies or thinks that your card is compromised, they are going to reach out and contact you.
[Translation]
I agree, banks will often do that, but I was wondering more about sectors that don't adopt the latest technology.
This is for the SecureKey Technologies representative, but Ms. Pohlmann or Mr. Wilkes may want to respond as well.
In your view, are companies knowledgeable enough on how to build highly secure payment systems?
[English]
No. That would definitely be one of the bigger barriers, and they fear it very much, because they know there are lots of security rules and privacy rules, and that they are going to be liable if it's not done correctly. I would say it's a big area.
Thank you to all the witnesses for being here today.
I have a battery of questions that I'm just going to ask all of you in no particular order, but I do want to start with this.
Ms. Pohlmann, I'm looking at the various slides, and I see on page 2, under “Retail Hospitality” that businesses are set up to accept various forms of payment, and 98% accept cash. You have a very big sample size of 8,209. Who are the 2% that don't accept cash?
Yes.
Okay, on page 3, I see, under “All sectors”, that 35% prefer cheque, and 22% prefer debit cards, so there's a 13% variance there. Wouldn't you consider debit to be a more secure form of payment than a cheque?
Remember that particular chart refers to all sectors of the economy, so that includes manufacturing and all those others that do business-to-business transactions. For them, cheques become an important tool for record-keeping purposes. It's also far easier to have a chequebook than it is to set up a whole debit system if you're not really a business that's going to use that.
Okay, good.
Have you ever surveyed your members with regard to the cost of default for cheques? Is that a big problem with many of your members?
We did ask that question in a recent survey regarding the various payment systems, credit card, debit card, cheque, as well as cash, though not so much. We asked what percentage of the transactions had been returned to them, and it was lower for cheques than it was for, say, credit cards. I can't remember the exact numbers, but I can get you that information. From our members' perspective, it was less likely that they would have a cheque returned than that a credit card transaction would be returned. There could be a charge-back or a bounce-back or something could happen so that the credit card transaction would not go through. In their experience, it is more likely that would happen than that a cheque would bounce.
That's interesting.
I just throw this out to all of you, and if any of you have any information on this, it would be very helpful for me. Are you aware of any studies that have ever been done with a control group of people who use just cash, say, versus a group that uses the new technology? If they've been given the same amount of money, who would spend that money more quickly, the people with the cash or the people with the mobile payment?
Mr. Adler, actually something we have identified, which we intend to do research on, is the behavioural impact that mobile payments will have on consumers.
No? Okay.
Can any of you speak to the social benefit of mobile banking? I've seen that using an iPhone, you can take a picture of a cheque and you can deposit it into your account. My wife does it.
Absolutely. The advantage of mobile banking is the convenience. People like to be able to use their mobile devices and conduct their transactions wherever they want. Increasingly they can.
We've seen remarkable uptick in the usage and the adoption rate of mobile banking. When we first surveyed the public and asked about mobile banking in 2010, only about 5% of people had done it. Within two years that was up to 20%, and that was in 2012. By 2014, now, I suspect it is beyond that.
If you look out into the future at the next generation of customers.... I look at my son who is 11 years old and goes to a local middle school in Mississauga where every child has a smartphone, every child expects to do everything with their smartphone, and that's what they're going to expect in the future. That is the next generation of consumers.
Also there is the social benefit for seniors and people with disabilities. I see endless possibilities with this.
Mr. Cumming, you're being ignored quite a bit. Let me just throw a question at you. How competitive is your business?
There is really just a tremendous amount of innovation that has occurred in the last three to five years in the payment space, and there are a lot of organizations pushing the edges, including their traditional payment networks. It's a highly competitive environment, but it's also one where people are working together to try to create solutions and get at some of the problems that were raised here.
Ultimately, there is one consumer and the merchant wants something very simple. The feedback we have received as we've pushed some of those edges ourselves is that it needs to fit into how they're doing business today. It needs to be simple and represent a value for them, and the market is still deciding what that ultimately will look like.
Thank you all for being here and participating in what could be described as a fascinating subject, especially for those of us who are having trouble still figuring out BlackBerrys. We see the new technology that's been displayed here. It's quite remarkable.
Ms. Tedesco, you touched with Mr. Adler on the subject of whether or not people spend more money. I would suspect it is quite a bit more.
Ms. Pohlmann, I think we've had this discussion as well before, and I think we're still members of your organization at home. There's the ability to pay now for what normally in the past.... If you had cash in your pocket you'd look and you'd say, “We can't go out for dinner. I have $20 left and that has to last me for the rest of the week.” Hasn't this changed the whole culture that we live in?
I guess that's two things. I sympathize with your members because I'm one of those members. By the same token, I recognize that so many of those things they rail against, so many of those things we railed against really have made business that much easier.
As the first thing, I'll ask you to comment on that a bit.
Could you suggest whether or not some of the huge debt being incurred by the Canadian family is possibly a result of an immature populace that's moving into this new electronic age?
Ms. Pohlmann first.
There is no doubt that credit cards, debit cards, electronic payments have improved the lot for many retailers. There is no doubt. That has made it a lot more convenient for them. They are more guaranteed to get paid. There are all kinds of advantages.
You can see even in the data I showed you today that they have no issue paying fees for regular payment credit cards. They see those as fair. They understand there is a cost for that service. Where it becomes an issue is when they start feeling like they're paying for a lot of it, and they're getting nothing extra in value for the extra fees they are paying on top of that. That is the difference. I'm not suggesting that mobile payments or credit cards or other types of payments are not going to be good for business. They are. It's just how much in fees they have to pay. That's the question.
Everybody is in the same boat, and ultimately it's the consumer who pays, so it's going to be passed on to the consumer.
Absolutely, it ultimately is going to be. They just feel they have no power in that relationship as it is. They feel they have to offer it, so they have to pay the fees; they can't negotiate, and it's a kind of situation where they are the takers. They have no other ability to do anything but take it.
I will just add that I wouldn't be able to point to the exact research, but I remember reading some research on that exact topic that says the further a consumer gets away from paying cash, the easier it is for the consumer to spend, or the more likely it will be that the consumer will spend.
What we're going to try to do is conduct the research to test that hypothesis.
Mr. Wilkes, it looks like you want to jump in. I don't know whom I should direct this to, but the unguided hand is a marvellous thing. Sometimes if you want a great exercise, you can just look at any specific organization or any marketing that's out there and see how the whole thing has transcended. Nobody has directed this thing but it's just created an incredible industry. I look at this as an excellent example.
Do you have a handle on, does anybody have a handle on, how much of this has resulted in more jobs and more expertise that we can export to other countries? Does anybody have an idea about that?
I believe Global Payments did a study on exactly that question. They looked at the growth, the amount of additional GDP that electronic payments have created, the amount of additional spend that it has created. I don't have it with me, but we can certainly provide it to the committee.
Carrying on where I left off with Ms. Pohlmann. We were talking about co-badging. I believe it was in response to a question by one my colleagues across the floor, but you were talking about how there is concern that the mobile payment will have the Visa premium card as the primary, again taking away the choice of the consumer. Is that part of the co-badging piece and part of the concern with automatically going to the most expensive one?
Yes, it's the idea that defaults can probably easily be put into the file name. As some around this table have said, they're still trying to figure out their BlackBerrys. If you can download an app that automatically puts the highest price card at the top and you as a consumer are not really sure how to change the default, suddenly that becomes the card the merchant has to accept if they want your business. That's the piece we want to make sure is clear: that default cannot be there. It's up to the consumer to make the choice, and it has to be an easy choice.
The concerns we have are similar, that the default must be set by the customer. The phone can't come loaded with the higher cost of the premium cards.
I think co-badging is a bit of a different issue within the mobile environment because, as I mentioned, Interac Flash is not currently issued by all the banks. Therefore the co-badging that was protected in a voluntary code ensured that Interac would have a stand-alone platform. I think we're the envy of the world with the debit system that we have, and we commend the protection of the Interac system.
We see mobile as a greater risk to Interac because it's not being issued; it's not being offered. Without that option, we may lose the ability for customers to pay with Interac and move to other debit options that are offered by the credit card companies, which by their very nature are much more expensive. We see it even more as an acute problem than the one in the plastic world.
Thank you, Mr. Wilkes.
Mr. Hannah, there was some concern with the Canadian Bankers Association and some of their internal policy relating to mobile payments that seemed to start to skirt around co-badging. Has that been addressed? Are the Canadian Bankers Association and the banks ensuring that co-badging is going to be followed and is being followed?
I think the credit and debit card code that the government has created is abundantly clear on the issue of co-badging. You cannot have competing applications on the card at the same time.
No, I've said there is a code. The code of conduct is abundantly clear. I could read it. It complies with it and is enforced through the FCAC. Institutions have said they follow the code; therefore they follow the code.
Good.
Mr. Wilkes, I asked CFIB earlier in relation to the decision this summer by the Competition Tribunal about the anti-competitive practices. What was RCC's response?
Our council's response was one of confirmation. I think the tribunal did come forward indicating that the business practices currently in the marketplace were having a negative impact on competition. They ruled that in the strict guidelines of what the act currently has they did not have the ability to address them, but we were very encouraged by their call and recommendation, if you will, that these practices be addressed by the Minister of Finance through a legislative approach.
We called it a bit of a silver lining that there was unfortunately not the ability to create change through the act, but there was a recognition of the need for change. We were very pleased to see that the budget of a couple of weeks ago made the commitment to lower cost of payments acceptance, which we believe is a direct correlation to the guidance given by the minister.
Thank you, Mr. Wilkes.
Mr. Hannah, we have CFIB saying that was a disappointment, the RCC saying it was a disappointment, and then the CBA saying this is a win. Especially when we were looking at the release that contact lists, cards, also benefit merchants, make it easier and faster for customers to make purchases.... That's what we're talking about. So we have concerns by, I would say, the two largest small business organizations in the country, and then the banks are also calling this a win. Does the CBA not see there's an issue here, and that it needs to be addressed?
Sure. What we have is the Canadian Federation of Independent Business and the Retail Council of Canada both saying that the tribunal's decision this summer was a disappointment, but the Competition Tribunal decision was touted as a win by the Canadian Bankers Association.
Does the Canadian Bankers Association not see that there's an issue here?
What the tribunal said is that there was no legal issue. It's not a legal issue. What they said is it's a policy question. It's a complex one. It's multi-faceted, so they've asked the government to address it. That's what has happened.
The Canadian Bankers Association doesn't see that the Canadian Federation of Independent Business, the Retail Council of Canada, the Canadian Restaurant and Foodservices Association and retail outlets, all of these organizations see a concern with many of the practices, and so we can understand where they're coming from when they are concerned about mobile payments, because it's the one extra layer.
As I said on Tuesday, I believe, if we put on one more fee, it is like the straw that broke the camel's back. It is important for the CBA to recognize that this isn't just me standing here saying there is an issue. We have the RCC, the CFIB. Are they going to be looking at this, or are we waiting for regulation to come from the government to fix this?
Sure.
I think you're talking about two separate issues. Mobile payment is one issue. The Competition Tribunal was looking at two very distinct legal questions. I understand what you're saying. I'm just saying they are two separate things.
Thank you, Mr. Thibeault.
I'm going to take the next round.
Again, I want to thank you all for coming. It's been a very interesting panel, an interesting discussion.
A number of you have talked about the need for standardization. The RCC called for the government, through the FinPay committee, the advisory committee, to be tasked with ensuring that there be a standardized platform. The CFIB recommended updating the credit and debit card code of conduct.
Ms. Pohlmann, do you support the RCC's recommendation in terms of developing a standardized platform through the FinPay committee?
Reducing complexity is the most important thing, through standardization perhaps. Whether FinPay is the right avenue I don't know. That would be probably the only point of difference between us and the RCC, but at the same time, it's probably the only forum right now that exists where you bring together all the industry players along with government, so it probably would make the most sense.
Mr. Wilkes, with respect to CFIB's recommendation about updating the code of conduct, do you support that recommendation?
We are both looking for the same outcome. We both have potentially different ways of getting there. We had recommended the FinPay committee because it does have all the players around the table and it is mandated to address issues within the payment—
Sorry, Mr. Chair. On whether that gets reflected in an updated code of conduct, we would have no problem with that.
Yes, RCC's recommendation is that the government, through the FinPay committee, be tasked with ensuring that a standardized platform be defined for mobile applications in Canada. That's what I'm asking.
I don't know if it's fair to ask you this question with regard to updating the code of conduct since—
This is something that is led by the Department of Finance, but I understand they are actively working on that currently.
With respect to the first suggestion on standardization, the industry, banks and credit unions have already developed the mobile payments reference model to provide a certain degree of guidance and structure going forward. I'd want to think about what the implications would be of going further than that because I don't want to stifle innovation. At the same time, it's an evolving space. You want to let the market work its way through.
That was the first question. Could you repeat the second one?
The second one is CFIB's recommendation on updating the credit and debit card code of conduct to include emerging digital payments.
In your remarks you talked about the shadow payment system. I think I know who you mean, but who do you mean by that?
Do you want a great example?
The Chair: Sure.
Mr. Darren Hannah: A good example that's in the news right now is Mt.Gox. It's a small firm that started up as a thing to trade—
A voice: Bitcoins.
Mr. Darren Hannah: —exactly—trading cards, and it evolved into the world's biggest bitcoin exchange. People would send money to it, they would buy and sell bitcoins, and they would store them on account. It had $300-million in deposits and then it blew up last week.
It's unclear whether anybody will be able to get any money out of that. There is no consumer recourse, no consumer protection. People are holding up their hands saying, “What do we do?”
Okay.
You talked about the strong case for implementing regulatory measures for the shadow payment system. You also talked about the model you have formulated with the credit unions, but this seems to indicate you are going further beyond that.
Can you flesh out who would actually do the regulation? Do you see legislative measures? I'm assuming you're not saying legislative measures, so who would actually do the regulation, and in what form?
That's an interesting question. Ideally we'd like the federal government to be regulating that space. We want a certain degree of uniformity. Our concern is that right now it is fractured. If you come to a bank, you know that you have the protections of the Bank Act and everything associated with that. If you go outside that to some other institution, it's unclear.
We think it would be reasonable to make sure that everybody, no matter what provider they go to, has a certain level of expectation about solvency, security, customer disclosure, and recourse.
No, through the Bank Act it would only apply to the bank. We want something broader than that. We want something that applies more broadly than just to the bank.
My colleague here is saying that I need to cut myself off.
Voices: Oh, oh!
The Chair: We'll have to continue this discussion. Thank you.
We'll go to Monsieur Bélanger.
My first question is for you, Chair, if I may. Have the credit unions been invited to present before the committee on this matter?
I don't know whether the committee would consider that, because they are quite present throughout the country. Mr. Saxton brought it up, as we just heard. There are the caisses populaires as well.
Another reason, if I may, is that a couple of years ago the Bill and Melinda Gates Foundation gave $8 million or $9 million to Développement international Desjardins to help Africa and Latin America hone their cash transfer system on telephones. I suspect this is something that would be related to payments, because in order to have payments you need credit or cash or something in your mobile apparatus. I don't know if that has been looked at. At the up end of it, how do you account for cash transfers or the ability for a mobile instrument to pay?
I think it would be useful if the committee heard from them. I would just make that suggestion, Mr. Chairman.
I want to go back to the security side of this.
Mr. Cumming, you flashed four names out there, Target being one of them. I hear that 25 million of their customers had their personal information hacked—who knows what has happened to it—and a few others.
Which security recommendation is your priority? Perhaps you could answer that quickly, because I have another question about that for each and every one of you.
First and foremost our belief, since we are talking about mobile, is that mobile has great potential to provide a security framework for consumers in turning security into a user consent model and also unburdening merchants. The Target hack and all those hacks really are part of a response to PCI requirements of the payment networks' requirements of having to maintain sensitive data and an inability to really have standardized ways in which people handle data. That results in large-scale repositories of data behind infrastructure that was never meant to house that kind of information.
Moving away from that I think is important—
I'll stop you there, because I have only a couple of minutes.
The one concern I have, and I think it's shared by many people in North America, not just in Canada, is that when we hear that NSA has gathered information through Google, Apple, and so forth, what's to say the same thing has not happened in our country? There's a double concern here about hackers and safety, and of course about who gets the information that is supplied to banking and other financial institutions.
The question I wanted to get to is this: Is anyone currently using quantum computing techniques for security? This is directed to anyone.
So you know what I'm talking about.
Mr. Hugh Cumming: I do.
Hon. Mauril Bélanger: Will you be considering that use?
We're looking at a number of things. We work with biometrics and other approaches. The challenge with security is that for it to be effective, it needs to be broadly adopted and well understood, and that's something that makes making changes like this take time.
Is no one else into that at all yet?
A voice: No.
Hon. Mauril Bélanger: Has our financial consumer protection agency been into that as well?
That is one of the risks we raised in our paper. The risks are fraud, misuse, identity theft, and misuse of assets. It's something that's really not within our purview, but we'll be following it.
If I may suggest, you might want to talk to the institute for advanced computing near the University of Waterloo. They are the leaders in this technology. They could probably give you a sense.
I know they are, but they're not a government institute. Whose purview is it within under the government?
I understand that, Mr. Chairman. That wasn't fair. Perhaps it's something the committee may want to consider.
Mr. Chairman, you actually asked the question I was going to ask, but my colleague Mr. Saxton has a different question.
Thanks, Chair.
It's actually along similar lines to Mr. Bélanger's questions for Mr. Cumming regarding security.
Your system is based on a cloud network, or whatever you call it. There seems to be a lot of apprehension among people still today about where that information goes, where that information is stored, whether or not it could be hacked. We've seen a lot of hacking activity coming from Asia, for example.
What can you tell people to give them more confidence that a cloud-based system is safe and secure?
Part of it is that the world has sort of shifted from closed networks where security was very tight to these open networks that are highly interconnected, and that has created a lot of complexity. From a user perspective, I think keeping your organization and organizations that you've established trust with safe is first and foremost the best way to protect that data. People need to be conscious of how they use their data across the Internet. When you send your data to Joe's Flowers, it's not the same as storing it at TD Bank.
When you think about a cloud, the organizations like ours, that have invested in providing security infrastructure through a cloud, spend a lot more time thinking about how to protect that data than do the small independent businesses that also store the same kind of sensitive information.
I believe there have been some large retailers that have been hacked, even recently.
Mr. Hugh Cumming: For sure.
Mr. Andrew Saxton: That sort of goes counter to your argument about small versus large. Large isn't always better. Bigger isn't always better.
It certainly isn't their area of expertise in all cases. I think the Target experience says that it just simply isn't their area of expertise and they're looking at organizations that have addressed the issue for different ways of handling payment data.
I would just say that you may already be using it today, because it connects a number of financial institutions to over 120 Government of Canada applications. Our belief is that the solution is to reduce the number of places where people use credentials, and our briidge.net solution really is about doing that and creating bridges between financial institutions, governments, and consumers in a user-centric identity model.
Thank you, Mr. Saxton.
I want to come back to this briefly with you, Mr. Hannah, and then we'll go to Mr. Rankin's motion.
You do make, it seems to me, a valid argument with respect to the shadow payment system in terms of it needing to be regulated and in terms of the need for an industry-wide standard that would apply to it. Just for clarity, it seems to me that the RCC recommendation that a standardized platform be defined for mobile applications, which I assume would apply to the shadow payment system as well through the FinPay committee, would address the concern you raised about the shadow payment system.
Could I nuance that? I don't think it's quite the same.
When we're talking about concerns in respect of the shadow payment system and the regulatory environment we want, we are concerned that they have sufficient standards for financial strengths. We are concerned that they have sufficient standards for management competence. We are concerned that they have sufficient standards for security and technology, consumer disclosure, and consumer redress. That's I think a different question from that of the technology that effects the transaction from point A to point B. It's a much broader question. Are the two in conflict? I don't know, but they're not quite exactly the same.
I appreciate that clarification.
I want to thank all of our witnesses for being here. I believe that some of you were going to provide some further information. Please ensure it gets to me or the clerk. We will ensure all members get it.
We appreciate your participating in this very interesting study. We will excuse you at this point. We are going to go to a motion by a member. You're free to stay and watch an interesting debate, or you're free to leave, but thank you so much for being here with us today.
Colleagues, we are going to move to a motion by Mr. Rankin. He is going to present his motion.
Thank you, Chair.
I have given notice of this motion. The motion is:
That the Committee invite the Minister of National Revenue and the appropriate officials to appear before the Committee regarding the Supplementary Estimates (C) 2013-2014 on or before March 6, 2014 and that this meeting be televised.
Specifically, Chair, I'd like to discuss the section of the estimates that refers to voted appropriations, “Funding for the implementation and administration of various tax measures announced in the 2012 Federal Budget including Enhancing Transparency and Accountability for Charities...”. This is a horizontal item, which is an allocation of $6.3 million.
As I understand it, the supplementary (C)s refer to money for the investigation of charities, which of course has been the subject of enormous concern in the media and in the public. I believe that it is entirely legitimate to invite the minister to come and address the expenditures in that regard. I understand there may be some procedural concerns with the motion. If that is the case, I'm more than happy to amend the motion to alleviate those procedural concerns, to broaden it, for example, to just ask for a briefing by the minister, or whatever, under Standing Order 108(2).
In any event, without doubt, I think there are serious concerns and questions that arise from recent revelations that a number of the most prominent and respected environmental groups in the country are now being aggressively audited by the Canada Revenue Agency. This was first announced in a budget measure in 2012, when Minister of Natural Resources Oliver touted the $8-million plan to audit charities as cracking down on “environmental and other radical groups” that he claimed were undermining Canada's interests.
On the serious questions about this budgetary expense and about the appropriate use by the CRA of audits, I think Canadians deserve answers, which is why I'm moving this motion today. It's my hope that colleagues will agree with me and vote in favour of that motion.
Thank you, Mr. Rankin. The motion is in order procedurally, by the way.
On the speakers list, we'll go to Mr. Keddy, please.
Thank you, Mr. Chairman.
Mr. Rankin, I appreciate your motion and what you're asking for here. In my understanding—
Mr. Chairman, through you, my understanding is that you are fairly new to this committee, as am I. The process that this committee has followed in the past on supplementary (C)s is that the minister does not appear, and I believe that in the case of national revenue, the minister does not appear on main estimates either.
Again, I'm not looking to support your motion. If you want to make it into another issue beyond your motion on political charities, that's up to you.
Yes, but you can't say “through you” and then address the member directly.
Are there any further comments?
Mr. Rankin.
In response, I think you did say that the motion was in order. Under the Standing Orders of the House of Commons, this committee does have jurisdiction over both the Minister of Finance and the Minister of National Revenue. That's clear in the standing orders.
As I said, if there are concerns about the specificity of the motion, I'm more than happy, of course, to expand it to simply ask the minister to appear and explain these issues of public concern. Canadians have an interest in the accountability of the minister for the actions of the agency.
I'm particularly concerned, as I said in the motion, about the expenditure of money to go after these charities. There are so many other topics I would like to invite the minister to come to talk about, such as tax havens and corruption in the Montreal CRA office. I'm happy to broaden the motion, but it occurred to me that because there is a specific item in the estimates, the appropriation of this money, this $6.3 million for this very purpose, I thought it would be more helpful to be specific than to be general.
Under Standing Order 108(2) this standing committee can request a report on any matter, and I would request that the minister assist us on that study. I'd like to study this issue in detail. If it's not technically appropriate for reasons of precedent to do this as a matter of the supplementary estimates (C), it is still appropriate for us to do it. This is the committee where the minister is to be held to account for actions and expenditures within that agency, so it seemed to me this was the appropriate place to bring forward those concerns.
Okay, I appreciate that.
Your motion is in order, Mr. Rankin, and your motion does deal with inviting the Minister of National Revenue for the supplementary estimates.
[English]
I want to reinforce that if the motion is in order, it is up to the committee to decide whether or not it wishes to invite the minister to appear. Depending on the outcome, Mr. Rankin may want to take other steps.
Mr. Chairman, I ask for a recorded vote.
Hopefully, Mr. Chairman, these will be the last comments on this.
Again, I was not suggesting for a moment that the motion was not in order. Quite frankly, a plethora of questions come out of Mr. Rankin's motion, and I'm surprised that if he's concerned about those issues, he hasn't asked those questions in the House of Commons during question period. But I think we need to deal with the motion in front of us, Mr. Chairman.
I won't take more than a second to say that on many occasions I've asked questions on these very issues I alluded to, and it's the lack of answers that has caused me to come here and ask for us to have the minister appear here to be accountable to the Canadian public.
Publication Explorer
Publication Explorer