credit card security and codes
Data portability is an essential prerequisite to a fair & competitive marketplace

I’ve been at the forefront of electronic payments and credit card processing for fuel dealers for the last two decades, most notably leading the charge that opened access for the entire heating fuels industry to participate in the MasterCard Utility program.

I’m writing today to highlight a disturbing trend you need to be aware of, and I urge you and the industry as a whole to immediately advocate for your interests to ensure a level playing field that enables credit card data portability.

Most — if not all — oil and propane companies just assume when signing up with a payment vendor and/or voluntarily choosing to run their customers’ credit card transactions through their payment provider that all will go smoothly. And it’s true that this is often the case. But what you don’t know is that the actual data associated with the credit/debit cards is owned by the payment provider and/or the gateway company, not you. But what does that mean to you at the end of the day?


Consider this recent scenario when Nick Warren, president of Arrow Fuel, a second-generation, family-run energy company located in Seekonk, Massachusetts, decided to switch payment providers because the additional efficiencies and cost savings derived from a new, updated platform was just too appealing to pass up. This is what he had to say:

“I’ve spent the past five years updating our company’s technology in pursuit of a better customer experience and more efficient back-office operations. The last piece of that puzzle was streamlining our credit card processing. Over the last 13 years we have accumulated thousands of stored credit card tokens with two separate processing companies. The task of migrating my customers’ data to our new processing company has proved to be harder than finding qualified oil drivers.

I was told by one of my processing providers it would cost me thousands of dollars to rescue my own credit data and send it to my new payment provider. To say the least, I was bewildered to hear this, as later I discovered it’s my data and I should have the right to transfer it in a secure PCI-compliant manner to any payment provider of my choice.

The situation was so unpleasant, out of principal I choose to no longer communicate with my outgoing processor, leaving my team with the arduous task of entering cardholder data for thousands of customers instead of negotiating with a company that was not acting in good faith.

As a business owner, I view it necessary for me to put trust into my vendor relationships to run my business effectively. But when a vendor acts in a self-serving manner because they were going to lose a customer, enough is enough. I am in the heating oil business, and my biggest blind spot is thinking other vendors would service their customers the same way we do. As a result, I was probably more naive than I should have been, which ended up costing me a lot of aggravation and stress.”

These types of unfortunate scenarios have been happening more and more, and I have been receiving frequent phone calls from retail fuel dealers and vendors regarding credit card data and the right to port the information to a new vendor of choice. In many cases, I’m hearing all kinds of prohibitive posturing by payment providers who are unnecessarily complicating the process and, in some situations, charging exorbitant fees as a means of restricting dealer choice.

This is disturbing and an unethical business practice. Healthy client/vendor relationships are built on a foundation of trust, and it is paramount that the client’s best interests are always the No. 1 priority of the payment vendor. I would be remiss not to interject that there are many professional payment providers that adhere to their client’s wishes, remain cooperative and assist in the data transfer process while ensuring it is conducted in a secure manner that is compliant with the payment card industry and properly protects the client’s credit card data.

It is imperative that all payment providers put their clients first, even if that means politely holding the door for them if they choose to move on. Vendors not acting in the best interest of their clients can wreak havoc, causing unnecessary stress and expense, almost like a ransomware-type scenario forcing the client to buy their way out. Keep in mind we are talking about credit card data that ethically and rightfully belongs to the client in the first place.

The data was entrusted to the payment provider so they could service the client, and now the very same data is being used against them. The inherent conflict of interest breaks the system down, exposing the client if their outgoing service provider transforms into a foe.

As a frame of reference: Back in 2009, to protect consumers, the United States Congress enacted the Credit Card Accountability Responsibility and Disclosure Act. It is a consumer protection law that was enacted to protect consumers from unfair practices by credit card issuers by requiring more transparency in credit card terms and conditions. This included adding limits to charges and interest rates associated with credit card use.

In 2010, Braintree (a leading technologist in the payment space at the time), recognized the issue and addressed the problem by creating the Credit Card Data Portability Initiative. It is an opt-in community of payment providers that agree to allow a merchant to port credit card and other associated information if the merchant decides to move to another provider.

The company’s goal was simple: attract other like-minded professional payment providers to join in and participate for the benefit of not just the client, but the overall payment industry. Payment providers are encouraged to make all terms and conditions available upfront to the client, clearly indicating the payment provider’s willingness to transfer credit card data without incident or unjust fees. This initiative proved quite effective in the world of general credit card processing as it helped minimize vendor lock-in and promote free market principles of fair competition.

Level the Playing Field

All fuel dealers and payment providers need to come together to advocate on behalf of the heating fuel industry. Pledge details are currently being discussed at the state level and will report back soon. As a payment professional advocating for the retail heating fuels, I propose all payment providers pledge to exercise fair business practices that uniformly protect retail fuel dealers’ credit and debit card data and the ability to freely transfer such information.

The Heating Fuel Dealers Credit Card Data Portability Pledge of 2022 personifies the industry’s commitment to standardize professional business practices amongst payment providers while protecting heating fuel dealers. Leveling the playing field creates a competitive marketplace that drives payment innovation and free agency, which are both critical attributes of a healthy market.

Larry Richmond is a cashflow automation specialist and president of Richmond Financial Services. In 2005, he successfully lobbied MasterCard to reclassify home heating retailers into the lower risk utility processing category, resulting in billions of dollars of savings to the industry. To this date, this important watershed accomplishment stands as the single-most significant advancement in fee reductions associated with electronic payments for the heating fuels industry. Richmond can be reached at 617-843-5700, ext. 200, or by email at 


How Strong is Your 2022 Storage Strategy?