“How a new credit card code could help stop mass shootings” – ABC News By: Keith Finch

Visa HQ via Getty Images

Spoiler Alert: It won’t. It can’t. It can only build general purchaser and regional purchaser data, which is super useful for the credit card companies, but not for stopping mass shootings. But hey, if they can pretend to help while get something useful out of it, why wouldn’t they?

Thank you for reading this post, don't forget to follow and signup for notifications!

Think about it.

The false positive rate on NICS for flagging non-prohibited buyers is high. Very high. The subset of proceeds who then turn out to commit a criminal attack of any kind, of which a mass shooting is a tiny further subset, is even more miniscule. Additionally we have to filter by ‘time to event from purchase’, and that additional chaotic variably basically turns it into staring at a crystal ball and hoping. We are now talking about successfully flagging a tiny subset of proceeds from the NICS system, who are going onto commit a mass casualty attack, who also somehow have an identifiable purchase habit that is different than a typical firearm consumer.

So what is the media portraying this code as?

Code offers “significant” new tool for identifying shooters, one advocate said.

If by shooters you mean anyone who owns a gun and possibly shoots, yep. It will certainly provide consumer data.

A gunman in Aurora, Colorado, who killed 12 people in a mass shooting at a movie theater, in 2012, legally acquired weapons and ammunition using a credit card.

And a background check.

So did a shooter in Orlando, Florida, in 2016, who killed 49 people at a nightclub. After a shooting at a music festival in Las Vegas, in 2017, which left 59 dead, police found credit cards on the countertop in the shooter’s hotel room.

And background checks. Let’s not pretend the FBI didn’t flag Pulse or Mandalay Bay because they didn’t have a credit card receipt (and the Mandalay Bay shooter was stacked with firearms and the income to support the purchases) but that a credit card processor itself could absolutely flag “unusual” purchase behavior?

Unusual comparative to what? Firearms are big purchases, and niche purchases, meaning that in most income brackets there isn’t a pattern to compare against for even their own behavior to monitor for a change. That means a company would have to match it against the few identified behaviors of prior shooters, assuming there are identifiable behaviors at all. We’ll see the sample size below.

I know the current meme is don’t sell a Daniel Defense and an EOTech to a rail thin white kid, but that isn’t a patterned behavior/biographic combo that Visa can just be like, “NO, BLOCK!”

In recent years, gun reform advocates and some lawmakers have called on credit card companies and banks to bolster their tracking and reporting of unusual purchase activity tied to firearms in the hopes that it would help authorities identify potential mass shooters before they carry out attacks.

Hope? Oh, you mean like a thought combined with a prayer? Is there any evidence that their (mass shooters) purchase history is different enough to be usable is a flaggable metric?

Late last week, major credit companies took a step that could allow them to do just that. Visa, Mastercard and American Express announced plans to use a specific code for categorizing credit and debit card purchases made at gun stores.

Which is a fantastic way to collect and file consumer purchase data and better service a large and profitable market space. It is not in any way confirming that there is a purchase pattern to be found?

The move follows a decision from the International Organization for Standardization, or ISO, a group that makes guidelines for such transactions, which said on Friday that it would create the unique code that allows gun stores to mark credit and debit card purchases.

Gun reform advocates applauded the step,

Because they’re stupid and were told this was a good thing.

No, seriously.

They don’t comprehend consumer data collection practices for marketing and services and they don’t understand the data anomaly that they are praising as being findable with this change. I’d hazard a guess that the odds of using this to find and stop a mass shooter and finding another planet in our solar system a roughly the same.

while gun rights groups, such as the National Rifle Association, condemned it.

As we would expect, it can be used as an invasive way to collect information and information can be used to abuse the consumer, especially by government. The credit card companies have no significant reason to abuse the consumer, they want that consumer healthy, happy, and spending. The government has no such restraint on the misuse of that purchase data and can bring pressure onto the credit card companies to “do something about gun violence” via regulatory influence.

Experts told ABC News the move may help authorities intervene before a mass shooting, but its effectiveness depends on how banks and credit card companies implement the new tool.

May help” is not confidence inspiring, especially given the needle in a stack of needles type of data pull we are talking about here. If we compiled all the purchase history of anyone who committed an atrocity with their otherwise legally purchased firearm would we have any data to work with?

This gushing review seems to assume their is a magic purchase habit that will trip a censor and send the authorities in hot pursuit, as if firearm purchasers don’t vary from occasional to continuous across various types, income brackets, and preferences. There are people who purchase dozens of firearms and accessories in a given year and will get bored, sell them, and do it again. What purchase behavior are we trying to isolate?

Buys an AR?

A little broad and probably not very useful considering it is the nation’s most popular rifle. I can’t count how many I’ve bought to be honest. A dozen? Two? Buys a case of ammo? Good luck with that, you’ll just be flagging every serious trainee and competitor around the nation over and over and over again. Sub-optimally unhelpful.

Nothing about making a special code for gun stores in transactions history is set to give us mass shooter data, it will generate loads of consumer data which credit card companies will love to better tailor products and make more money though.

Here’s how the credit card code works and what happens next:

Sure, enlighten me ABC.

What do credit cards have to do with mass shootings?

I’m sure this will be good.

Many mass shooters have legally purchased weapons and ammunition using credit or debit cards.

Ah, so nothing.

I bet they also drove or rode in a motor vehicle, bought food or drink with a credit card, and breathed air.

Between 2007 and 2018, there were 13 mass shootings that killed 10 or more people, the New York Times found. Of those 13 shootings, the killers financed their attacks with credit cards in eight of them, the Times said.

Data shows just how many people have credit cards, and more specifically how many Americans have credit cards. 70% of the United States population carries a credit card, with 34% of Americans carrying 3 or more cards.

83% of U.S. adults currently have at least one credit card. That means 26.5% more people now have credit cards in the U.S now than they did just five years ago in 2017.

So the number of attackers who financed their attack via credit is lower than the national average of adults who have a credit card. Cool.

It remains unclear whether the credit cards found in the hotel room of the Las Vegas shooter were used to purchase guns, since government officials have not disclosed how the guns were purchased, beyond saying that some were bought with cash and some online, the Times reported.

So we don’t even know if a credit card was involved in this massacre for certain. We just suspect it was because both online purchases and hotel rooms are usually credit card transactions.

The new purchase code will help banks and law enforcement discover unusual purchases,

How? What is the unusual purchase behavior we found in the 8 examples we have that is even moderately indicative, losely correlative, or possibly causative as a pre-attack indicator? What behavior? What is the mass shooter purchase? Do they all always pay for expedited shipping? What is the magic indicator?

and provide an additional means for identifying and stopping potential attackers before a mass shooting, said Adam Skaggs, chief counsel and policy director of the Giffords Law Center to Prevent Gun Violence.

What data are you basing this on!? Or are you just saying it because anything you can do to segregate gun owner behaviors is considered positive in your book?

We have 8 examples in the last decade and according to every model I can pull we would need 30, at minimum, to begin to have a prayer of pulling a useful clue out of the havoc. That isn’t saying there is something to find, it is saying we need 22 more events where credit cards were used to purchase the massacre tools before we could even look with anything approximating hope for any information.

“It’s significant,” Skaggs told ABC News. “This creates a tool that will allow suspicious activity around illegal gun trafficking and around mass shootings to be detected and flagged to the authorities.”

Will it? We know this from the grand total of 8 examples we have in 10 years? That we can pull a pattern of illegal gun trafficking around mass shooters? The mass shooters who purchased guns legally mind you, because they had no NICS flagged disqualifiers prior to their attack. We can track their illegal gun trafficking after the legal and NICS cleared purchases? We got all that from 8 mass shooting examples…


How does the new credit card code work?

Nearly every category of a retailer in the U.S. has a code, called a merchant category code, or MCC, that marks each credit card transaction. For instance, purchases at grocery stores, movie theaters, and hair salons each carry a different code.

Typical consumer information filing stuff. Retailers also track your purchase history so they can better sell to you from their catalog by showing you the items you’ve been interested in and items purchasers similar to you have also been interested in. Seriously folks a gun store code has been a smart idea for a long time.

Until late last week, sellers of guns and other gun-related products shared a code with sporting goods stores.

Which, while useful, is overly broad for good consumer data collection since the person who buys a Glock as a concealed carry piece is not always interested in kayaks.

“There was no way to tell whether somebody spent a thousand dollars on guns and ammo or on soccer balls and hockey sticks,” Skaggs said.

Until now!

Now, credit and debit card transactions at gun sellers will carry a unique code that marks them as such.

Which benefits who the most? Oh! Yeah! The credit card companies hoping to better market to the consumer base.

Gun advocates hope the new code will push banks to report some gun purchases, since a law passed in the aftermath of the Sept. 11 attacks requires the banks to alert authorities to suspicious transaction activity. For example, banks use algorithms to flag unusual activity that may indicate money laundering or human trafficking, Skaggs said.

And we are back to defining what the red flag behavior is. The assumption by ABC and the mentally mediocre Skaggs here seems to be that that Visa, American Express, and Mastercard already know this magic behavior of the deranged killer. They just needed this code in order to act on it for some reason…


It remains unclear if and how credit card companies and banks will apply a standard that deems some gun-related purchases worthy of flagging, especially when the code only shows that a purchase was made at a gun seller but not the products that were purchased, said Kevin Sullivan, a former fraud investigator with the New York Police and founder of the Anti-Money Laundering Training Academy.

Uh huh, there is that. You’re just being charged a dollar amount, not tagged that you are buying five AR-15’s. Even if you are buying five AR-15’s, that is probably more common than people assume. Or buying a rifle every month. Or buying two handguns in a month. Or any other variations on higher frequency than X person believes is reasonable, but is actually not all that weird when the data is taken in as a whole, and especially when compared to the purchase histories of killers and/or criminals who passed NICS.

“The bank is aware you shopped at a gun store — now what?” Sullivan told ABC News. “What are the parameters going to be now? What are the lines you’re going to cross?”

Exactly. Mr. Skaggs seems excited over the fact that we’ve effectively changed a color in a spreadsheet from green (for outdoors) to OD green specifically (for guns) but haven’t meaningfully changed the data flow in any other meaningful way.

What are the credit card companies saying?

Late last week major credit card companies said they plan to use the code, including Visa, Mastercard and American Express. The companies did not respond directly to a question about how the new code will be enforced.

Because the answer is won’t. You cannot enforce this, its raw data. If you flag a transaction and block it and get it wrong, you get in hot water. If you let a transaction through and something bad happens, you get in hot water. If you inform the authorities and they do nothing or don’t act fast enough and they blame how little data was in the report, you get in hot water. There is no world in which purchase flags are going to start reporting reliably outside the baseline to stop bad actors.

“Following ISO’s decision to establish a new merchant category code, Visa will proceed with next steps, while ensuring we protect all legal commerce on the Visa network in accordance with our long-standing rules,” Visa told ABC News in a statement.

Similarly, Mastercard said the company would implement the new code as it would for any other category of retailer.

“With ISO approving the proposed MCC, we now turn our focus to how it will be implemented by merchants and their banks as we continue to support lawful purchases on our network while protecting the privacy and decisions of individual cardholders,” Mastercard told ABC News in a statement.

“This is exactly how we would manage the process for any other appropriate MCC, like a bicycle shop or sporting goods store,” the company added.

So literally just raw consumer data with a slightly different number attached to it… neat.

Likewise, American Express told ABC News in a statement that it would move forward with putting the code in place.

“When ISO develops a new Merchant Category Code, we follow our usual business practices and will work with our third-party processors and partners on implementation,” the company said.

“It is important to note that MCC codes are one of many data points that help us understand the industries in which our merchants operate,” the company added. “We are focused on ensuring that we have the right controls in place to meet our regulatory and fiduciary responsibilities, as well as prevent illegal activity on our network.”

How have gun rights groups responded?

The National Rifle Association condemned the new code for credit and debit card transactions at gun stores.


“The ISO’s decision to create a firearm-specific code is nothing more than a capitulation to anti-gun politicians and activists bent on eroding the rights of law-abiding Americans one transaction at a time,” NRA Spokesman Lars Dalseide told ABC News in a statement.

Which will raise funds for them and their ILA. The FPC and other gun rights orgs will be making statements of similar effect say they can continue to fund the actual in process lawsuits against places like New York who are continuing to rage against Bruen.

“This is not about tracking or prevention or any virtuous motivation – it’s about creating a national registry of gun owners,” he added.

Eh… kinda. Again, they’re tracking dollars spent, which they could pretty much do already, and they would then have to tie it to a 4473 to track a purchase. If they’re pulling 4473’s they likely have other actionable data points, or they’re acting extrajudicially which is problematic. But the code doesn’t tag specific guns, just purchases from gun stores. You could buy $500 of coffee from a gun store and it will carry the same code as a $500 pistol.

Skaggs, of the Giffords Law Center to Prevent Gun Violence, rebuked that characterization of the new merchant category code.

Because he’s been a beacon of reliability and reason on this topic.

“There are merchant category codes for bookstores, newspapers and religious institutions,” he said. “Making a contribution to your faith institution on your credit card or purchasing books from a church-affiliated bookstore, those are all coded differently and those are all constitutionally protected rights that are widely practiced and respected in this country.”

“It’s not any different for guns,” he added.

I… I don’t understand what his counterpoint was. There are codes for other things therefore this isn’t an ostracization of gun owners? I suppose that is correct, but you also seem to believe the credit card issuers are going to be able to see which AR-15 purchase is the evil one based on the fact that they bought 11 boxes of ammunition instead of 13 or something like that so… allow me to take that opinion less than seriously.

Just because the gun lobby may be crying a bit of chicken little (that is what lobbyists do, pretty much their entire job actually) doesn’t mean the codes are magic macguffins of anti-crime. They’re merchant codes. Consumer data. It will be used to market you a gun store specific credit card before it produces a single other useable thing from data.