Latest Payments News: Uber Hits Back At Subscription Trap Lawsuit Filed By FTC, and more

Catch up on some of the stories our payments compliance analysts have covered lately, and stay up-to-date on the latest news.

Uber Hits Back At Subscription Trap Lawsuit Filed By FTC

Uber has denied allegations that it engaged in deceptive practices and ran subscription traps filed in a lawsuit by the US Federal Trade Commission (FTC).

The regulator alleged the rideshare and delivery company charged consumers for its Uber One subscription service without their consent, failed to deliver promised savings and made it difficult for users to cancel the service despite its “cancel anytime” promises in the suit filed on April 21.

FTC chairman Andrew N Ferguson said Americans were tired of getting signed up for unwanted subscriptions that seemed impossible to cancel.

Ferguson said: “The Trump-Vance FTC is fighting back on behalf of the American people.”

He added: “We’re alleging that Uber not only deceived consumers about their subscriptions, but also made it unreasonably difficult for customers to cancel.”

The watchdog said Uber’s deceptive billing and cancellation practices violate the FTC Act and Restore Online Shoppers’ Confidence Act and applied to the US District Court for the Northern District of California for a permanent injunction to "prevent future violations" of those laws, as well as financial and other reliefs.

Chile Consults On EU-Inspired SCA Requirements

Chile has taken a page from the EU’s playbook, with its new rules on payment security and authentication clearing taking inspiration from the revised Payment Services Directive (PSD2).

Chile’s financial regulator has moved to bolster the country’s standards for digital payment security, with a consultation on the matter open until May 5.

The Comisión para el Mercado Financiero (CMF) is seeking feedback on new rules that would introduce mandatory strong customer authentication (SCA) for a wide range of electronic payments.

The proposal closely mirrors the EU’s PSD2, which an English translation of the consultation says “was mainly considered”, including its requirement for two-factor authentication in high-risk transactions.

As well as PSD2, the CMF has also cited international standards from the US National Institute of Standards and Technology (NIST) and technical guidelines from the European Banking Authority (EBA) to justify its approach.

Singapore And Hong Kong Double Down On Cyber Resilience As Threats Escalate

Banking and finance hubs Singapore and Hong Kong have simultaneously pushed for higher standards in the financial sector when it comes to cyber resilience.

Financial regulators in the two jurisdictions have unveiled a series of new measures aimed at strengthening cyber resilience across the banking and financial sectors, as digital threats grow in sophistication and complexity across borders.

In Singapore, the Monetary Authority of Singapore (MAS) convened its Cyber and Technology Resilience Experts (CTREX) Panel for the first time on April 16.

The panel, formed in August 2024, brings together international experts, including representatives from Microsoft, Google and HSBC, to assess emerging cyber and technology risks and issue recommendations for strategies that can improve the resilience of Singapore’s financial system.

At its inaugural meeting, the CTREX Panel called for a more service-centric approach to operational resilience.

It urged financial institutions to view service disruptions from the customer’s perspective, moving beyond scripted disaster recovery exercises by incorporating unscripted elements into drills to better simulate real-world crises.

The panel also emphasised that financial firms need to better manage supply chain and software risks by maintaining detailed inventories of their IT components and third-party dependencies.

Looking ahead to a post-quantum security environment, CTREX recommended that institutions begin inventorying their cryptographic systems in order to prioritise the replacement of those vulnerable to quantum attacks — an issue that has also been highlighted elsewhere, including by the European Payments Council.

It also raised concerns about the rising sophistication of digital financial scams, encouraging banks to deploy artificial intelligence (AI) tools for fraud detection, adopt phishing-resistant authentication, share intelligence across the industry and expand customer education efforts.

Complaints About Payment Services Drop Sharply In Lithuania, According To Central Bank

The Bank of Lithuania has reported a dramatic decline in complaints related to payment services, with the number of grievances dropping nearly threefold in 2024.

The central bank received a total of 812 complaints last year, compared with 1,408 in 2023, a significant drop that it says is down to improved supervisory efforts.

According to the Bank of Lithuania, complaints about payment services accounted for 62 percent of all grievances, followed by insurance at 14 percent and lending at 12 percent.

Meanwhile, among financial service providers, banks attracted the highest share of complaints, 41 percent, followed by electronic money institutions at 23 percent and insurers at 13 percent.

“Consumer complaints help to clarify shortcomings in financial services. We aim to draw the attention of financial market participants to them and ensure that problems are resolved,” said Vaidas Cibas, director of the financial market supervision department at the Bank of Lithuania.

“Last year, we started applying a risk-based complaint handling model,” he continued. “This allows us to focus on the most problematic areas and effectively seek solutions. This practice has paid off; last year we recorded a significant decrease in complaints.”

US Regulators Fine Discover $250m Over Interchange Fee Misclassification

The Federal Reserve and Federal Deposit Insurance Corporation (FDIC) have fined Discover a total of $250m for overcharging merchants on the same day its acquisition by Capital One was approved.

The agencies issued separate consent orders on Friday (April 18), with the Federal Reserve fining Discover $100m and the FDIC imposing a fine of $150m.

The Federal Reserve said it had identified “significant deficiencies” in Discover Financial Services (DFS) and Discover Network’s practices in the classification and assessment of interchange fees for Discover Bank credit cards.

Between 2007 and 2023, Discover Bank, a subsidiary of DFS, offered both “consumer” credit cards and “commercial” credit cards, which typically had higher interchange fees.

However, the Fed order said, it misclassified nearly all consumer cards as commercial ones.

In a statement, the FDIC said: “For approximately 17 years, the bank misclassified millions of consumer credit cards as commercial, resulting in higher interchange fees for transactions processed on the Discover network.”

It added: “As a result of the bank’s misclassification, merchants were overcharged over $1 billion in interchange fees when accepting payments with the misclassified credit cards.”

DFS must submit a plan to strengthen its risk management procedure and internal controls related to the Discover Card Interchange Fee Practices within 60 days, the Fed order said.

It must also distribute at least $1.25bn to adversely affected customers as part of a restitution plan, the FDIC said.

In a statement to Vixio, Discover said it "has been working with regulators to resolve the card misclassification issue and today’s announcements by the Federal Reserve and FDIC highlight the significant progress we’ve made toward resolving this issue.”

‍

Want to know more?

‍Request a demo with one of our experts today to gain full access to the stories we cover - and much more - and start learning how you can make compliance a competitive advantage for your organisation.