Visa logo doesn't represent that cards will be protected against fraud

Schuman v. Visa U.S.A., Inc., --- F.Supp.3d ----, 2025 WL 1731795, No. 1:24-cv-666-GHW (S.D.N.Y. Jun. 23, 2025)

This one is interesting both as a fraud warning and as a pronouncement on what reasonable consumers think about the possibility of fraud.

Schuman bought eight Visa-branded gift cards at a CVS, loaded each of them with $500, and gave them to his employees as holiday presents.

Three of the cards, however, had been emptied of funds by scammers before Plaintiff’s employees could use them. The scammers allegedly stole the cards’ funds using a well-known technique called “card draining”: they removed the cards from their packaging on the shelf, recorded the cards’ account numbers, returned the cards to their packaging, and when Plaintiff later loaded money onto the cards, they used the account numbers to quickly make purchases before his employees could. Defendants’ cards, Plaintiff says, are especially susceptible to “card draining” because their flimsy cardboard packaging allows scammers to access the cards inside without enough evidence of tampering to alert a reasonable consumer.

Schuman alleged “that the cards’ prominent display of Visa’s logo gave him the false impression that their funds would be secure from fraud, and that without this peace of mind, he would not have purchased the cards.” The cards’ express warnings regarding tampering and other potential security threats allegedly did not do enough to put him on notice of the potential for “card draining.” There were also allegations of other barcode vulnerabilities (a scammer can attach a barcode to an unsold gift card, leading the consumer to load money onto the scammer’s card), though he didn’t allege that happened to him. He sued under NY’s GBL.

The back of the packaging includes two warnings related to potential tampering by third parties. First, in the top right corner, the packaging states, in capital letters: “IF TAMPER EVIDENT, DO NOT PURCHASE. NO VALUE UNTIL ACTIVATED AT REGISTER.” Second, above the account number associated with the card, the packaging states, in red lettering: “For security purposes, please check that the underlined portion of this number matches the number below.” Visa allegedly knew that its Visa Vanilla cards were susceptible to fraud because scams affecting those cards were “known and widespread.”

But “no reasonable consumer would fail to recognize the possibility that a gift card they bought may be subject to a third-party scam. Nor would one reasonably expect that the Visa logo, standing alone, was a promise that no scam could ever occur.”

“The Visa logo consists simply of the word ‘VISA’—it makes no assertions about the security from the possibility of fraud of the cards or of their packaging.” It didn’t claim that fraud would be prevented, or that if it did occur that Visa would help out in good faith (something plaintiff also said he trusted Visa to do). “No reasonable consumer would expect the allegedly ‘widespread’ practice of third-party scams affecting prepaid cards to somehow not affect one of the industry’s major suppliers.” Other statements from Visa about the importance to Visa of keeping its consumers’ cards secure were, among other things, nonactionable puffery. (These statements included that Visa is “one of the most trusted brands in the world,” that it “protects consumers,” that “security is embedded in everything we do,” and that it “aim[s] to increase transaction approvals so that business can thrive while customers are protected and satisfied.”)  Finally, Visa’s use of specific statements about its commitment to anti-fraud measures “only confirms that the word ‘Visa’ alone does not, in and of itself, include a promise about the cards’ fraud security or the measures Visa takes to combat the possibility of fraud.”

Plaintiff also objected to the failure to warn about specific scams/card draining in particular. The anti-tampering warning didn’t warn consumers of the possibility that a card-drainer may access a card’s account information by tampering with the packaging in a way “that can go unnoticed by the reasonable consumer.” And the red-letter instruction consumers to compare the portion of the card’s barcode number that is visible through a window in the packaging with a number inside the packaging and confirm that they are the same was equally nonmisleading. For omissions, Second Circuit cases read NY law to require that a plaintiff must plausibly plead either that “ ‘the business alone possesses material information that is relevant to the consumer and fail[ed] to provide this information’ or that plaintiffs could not ‘reasonably have obtained the relevant information they now claim the defendant failed to provide.’ ” The latter is the more important standard. Given the allegations of widespread complaints and reporting on card fraud, as well as the warnings on the card itself, plaintiff could reasonably have obtained the relevant omitted information.