Credit Union On-Line Inc. serves about 25 credit unions and is the only service bureau devoted to Fiserv's XP2 system. Its largest client, $594 million RTN FCU in its hometown of Waltham, Mass., turned to CUOL for help after CUNA Mutual required credit unions to include expiration dates and CVV values on ATM and debit cards.
In RTN's case, that meant canceling and reissuing cards for about 6,600 members, according to Chris White, the 38,000-member credit union's senior vice president of operations.
CUOL responded by licensing a software add-on to the XP2 system that automates the blocking of existing cards, obtains a file from the switch provider (Elan, in this case), and communicates between the host and switch databases to automatically authorize and reissue a new card.
That eliminates the need to go into each individual account, flag and block the old number, input the 16-digit new number and an expiration date, and then send out the new plastic.
"It takes an average of three to five minutes per member to do this kind of work manually, which small credit unions can do if they have only a relatively few cards to deal with but not those with thousands of accounts," said Barbara Lowman, CUOL's chief operating officer.
"Streamlining this process relieves the burden on the staff and reduces the amount of time a member has to go without a debit card," she said. "I know I'm dead in the water without mine. I don't know about you, but I almost never use cash anymore and having to go without my debit card for very long would make me think about changing financial institutions."
White added, "This was manual intervention we did not have to do. Otherwise, quite simply, we would not have been able to do it. We would not have been able to queue and manually capture like that for 6,600 cards."
Another feature of the automation that White particularly liked was "the fact that the program allows members to use their existing PINs. That's really huge."
The card switch was accompanied by a letter to members alerting them to what happened, and there was more to it on the front end, too-"a lot of legwork," as White described it. Included was some machinations with the technology.
Lowman said, "The trick was getting the file from the switch in the format we needed. That took a little back and forth, but once we had the right file and the right program, it took us only a couple hours to issue those 6,600 cards."
Of course, all this didn't apply to the credit union's credit card accounts, since they already had expiration dates. So do Visa and MasterCard debit cards. And because RTN's situation didn't involve a breach, "to our members it really wasn't a big deal because they just got this new card and didn't know much more about it. And now they're on automatic renewal. It's when you have to suddenly shut off an old card and there's no new one there that you get complaints," White said.
Breaches such as Heartland Payment Systems' also can be addressed with the automated solution at CUOL, Lowman said. "It's the same process. You have to capture the original cards so the potential fraudulent activity stops, and then you have to issue replacement cards. And you have to do it quickly because you can't leave compromised cards out there, and you also can't leave members without access to their money."
While ATM card fraud problems are infrequent, credit card problems aren't, White added. He said his credit union had over 400 cards affected by the Heartland breach, which prompted RTN to go to CUOL for help.
If only a few cards are affected, the CU does it manually.
"We now get two or three alerts a week from Visa, usually only involving one or two cards," White said.
"Fraud is changing the way we do our everyday business," he said, agreeing with Lowman that "it's become the 9/11 of the credit union industry."