Provides that after June 30, 2023, a payment card network may not provide to a vendor with whom the holder of a payment card (cardholder) has an automatic payment arrangement the new: (1) payment card number; (2) expiration date; or (3) card verification value code; for a replacement card that is issued to the cardholder after the cardholder's payment card has been lost, stolen, or compromised, unless the payment card network obtains the cardholder's authorization to do so. Provides that a payment card network may obtain the required authorization: (1) before each transfer of new payment card information that is necessitated by a lost, stolen, or compromised payment card; or (2) at the option of the cardholder, as a preauthorization given in advance of any required transfer of new payment card information necessitated by a lost, stolen, or compromised payment card. Prohibits a vendor from storing, after a payment authorization has processed, the card verification value code associated with a cardholder's payment card, as specified in certain regulations adopted by the payment card industry. Provides that this prohibition applies regardless of whether the vendor has entered into an automatic payment arrangement with a cardholder. Provides that a: (1) payment card network; or (2) vendor; that violates these provisions commits a deceptive act that is actionable by the attorney general or by a consumer under the deceptive consumer sales act (act) and is subject to the remedies and penalties set forth in the act.

Statutes affected:
Introduced Senate Bill (S): 24-5-0.5-3