Sunday, March 31, 2019

Prepaid debit cards. The other anonymous payments method

When it comes to financial privacy, good old fashioned banknotes and privacy cryptocurrencies like Zcash & Monero get all the attention. But as I recently wrote for the Sound Money Project, let's not forget about prepaid debit cards.

Having written a bunch of posts over the last two years about financial privacy, I recently decided that it was time to step up my own personal financial privacy game. A few months ago I walked into my local pharmacy and bought my first non-reloadable prepaid debit card (i.e. gift card), a Vanilla card.

You've probably seen the rack of prepaid cards near the front of pharmacies and department stores. Some of them are closed-loop cards. They can only be used to buy things at the issuer, say Tim Horton's or Starbucks. But some of them, like my new Vanilla Prepaid card, are open-loop cards. That means they can be used wherever Visa or MasterCard are accepted. In Canada, Vanilla cards are sold in denominations from $25 to $250.

The Vanilla card that I bought doesn't have my name on it, nor did I have to show any ID to buy it. I paid for it in cash. This means that whenever I use my card, my identity won't be associated with the purchase. My card is backed by dollars held in a pooled account at Peoples Trust Company, a Canadian bank. It gives me the right to anonymously route my portion of the pooled funds along the MasterCard network to a retailer who operates a MasterCard terminal.

Given that authorities and banks have spend decades constructing a vast financial surveillance apparatus (the Bank Secrecy Act, FATF, AML, CFT, suspicious transaction reporting etc), it seems odd that this small window for accessing the digital payments system anonymously would have remained intact. To comply with Canadian anti-money laundering requirements, card-issuing banks require that the prepaid card seller (my pharmacy) collect the buyer's personal information if the face value of the card exceeds $1000. For amounts below that, due diligence is waived. The same practice is followed in the U.S. This regulatory exemption is why I didn't have to give up my anonymity when I bought my card.

The idea motivating the sub-$1000 exemption is that small amounts of anonymity can't easily facilitate criminal activity, but larger amounts can. (Note that I can convert my non-reloadable Vanilla card into reloadable format—i.e. a card that I'll be able to add money after the first batch is used up—but I'll have to register and forfeit my information. Only non-reloadable cards below the $1000 cap are exempt from due diligence.)

I'm not obsessed with privacy. I still use my information-laden credit card for a big chunk of my day-to-day purchases. But from time-to-time I want to have the option of shielding my data from outside observers. Cash is good for that. I already use banknotes and coins to pay for about half of my face-to-face purchases. This is usually for the sake of convenience, but sometimes it's because I'd prefer not to give up too many of my personal details to the retailer (especially small shops I've never been to before).

By adding a non-reloadable prepaid debit card to my wallet, I've gained an extra degree of protection. Say that I've used up all of the cash in my wallet, or I need to make a purchase in a place that doesn't accept cash, or I want to buy something online—well, a prepaid gift card offers me a way to make a transaction while still protecting my data.   

Law abiding citizens who are conscious of their financial privacy are a pretty small demographic. Sellers of non-reloadable prepaid cards have much larger markets in mind, specifically: 1) people looking to buy convenient gifts for friends and family or; 2) the unbanked and underbanked, i.e. those who don't have bank accounts or have them but don't use them. By allowing people to buy prepaid cards without identification, those without formal credentials such as driver's licenses, social insurance numbers, or credit scores can still make digital payments. Think the homeless, children and teenagers, immigrants, and refugees.

The post-9/11 brigade of security-at-all-costs zealots would love for regulators to shut the prepaid anonymity window. They worry that terrorists and money launderers will abuse prepaid cards. The anonymous prepaid window has only stayed open because these zealots have been countered by a collection of banking lobbyists who want to keep doing business with the unbanked and politicians who care about the disadvantaged.

I'm neither unbanked nor underbanked. I've got several bank accounts that I often use. Nor am I buying these cards as gifts. So I'm not really the target market for non-reloadable debit cards. My ability to get anonymous access the digital payments system is really just a by-product of the wider effort to make it easy for the unbanked to plug in. This is a precarious position for a privacy-conscious individual to be. In the U.S., where only ~93% of the population is banked, the constituency for anonymous prepaid access is relatively large. But in places where the banked population is approaching 100% (Canada, Finland, Germany, Netherlands, Denmark, Belgium, Sweden, UK), there is probably diminishing political support for providing anonymous access to the banking system.

In Europe, for instance, the window for anonymous access to digital payments seems to be closing. When the EU's 4th Anti-money laundering directive was passed in 2015, up to €250 in electronic money (the EU's term for prepaid instruments that reside on a device, say a card or a phone) could be bought without being asked to give up personal information. With the passage of the 5th Anti-money laundering directive in 2018, this amount has been reduced to just €150. And a new ceiling on online purchases of €50 was introduced. As I wrote in my recent Breakermag article, such a tiny amount of anonymity just isn't that useful.

One thing I've noticed about prepaid financial anonymity is that it is expensive. My first Vanilla card had a face value of $25. But I had to pay an onerous $3.95 to activate it. Buying higher value cards defrays this expense, but it still costs $7.50 to activate a card with a face value of $250. That's a 3% levy. Keep in mind that when I use an anonymous prepaid card not only am I paying the activation fee, I am also forgoing 2% cash back that my not-so anonymous credit card would otherwise provide me with.

Think about it this way. Let's say I decide to buy my groceries anonymously using a prepaid card. My $250 only gets me $242.50 worth of goods ($250 less the $7.50 activation fee). With my credit card, I can get $255 worth of food ($250 plus $5 cash back). That's an extra $12.50 in spending power if I decide to go the non-anonymous route. Sure, by using a prepaid card I've prevented my grocery store from being able to collect information about my eating habits. But is the $12.50 I've given up worth it? (Incidentally, this calculation also indicates how costly it is to be unbanked!)

While prepaid anonymity is handicapped by a low ceiling and high fees, the drawbacks don't stop there. Non-reloadable prepaid debit cards are great for buyers who want small amounts of privacy, but they don't help out retailers who want to shield themselves. In a recent article, privacy advocate Timothy May made a great distinction between buyer privacy and seller privacy:    

If someone is selling a controversial product (May uses birth control information as an example), they must always be wary of snitches who make a purchase only to "out" the seller, either by reporting the transaction to the authorities or posting it to social media. Controversy-wary payments providers will quickly cut the seller off. To protect themselves, sellers need a payments method that doesn't leave a paper trail. They also need a payments system from which they can't be censored. Cash is a good example—it doesn't leave a paper trail and is censorship resistant. So are privacy-friendly cryptocurrencies. But prepaid cards don't cut it. The seller can easily be reported to the network and banished.

The last drawback of non-reloadable prepaid debit cards is that they can't be used to make anonymous person-to-person payments. As far as I know, there is no technical reason that I shouldn't be able to use my Vanilla debit card to anonymously send $100 to anyone else with a Visa card, just by inputting their card number and clicking send on a website. In theory, this payment should get pushed across the Visa network.

But there are regulatory reasons that I can't do so. In the U.S., the Financial Crimes Enforcement Network (FinCEN) prohibits anonymous debit cards from offering person-to-person capabilities, and I believe the same rule applies in Canada. Meanwhile, cash and privacy-friendly cryptocurrencies do allow for anonymous person-to-person payments.

In sum, non-reloadable prepaid debit cards allow for a small extension of one's financial privacy. But in an age where the ability to make payments without someone snooping is getting increasingly rare, I suppose we have to take whatever crumbs we can get.


  1. Here in Spain they require you to provide your ID card to buy one, so with prepaid debit cards you're just one regulation away from removing anonymity.

    1. Interesting. The various EU anti-money laundering directives do allow small amounts to be purchased without providing ID. Maybe the Spanish government has instituted its own rules or the retailer where you buy them has decided to clamp down of its own accord?