EBT Users Deserve Data Rights

Over the past few years, many of us have watched our bank and credit cards lose their magnetic strips and transition to chips and the ability to “tap to pay.” We’re used to being able to check our balances at any time to monitor our balance, check for suspicious transactions, analyze our spending, or transfer funds. While convenient,  these features also increase the security and protection of our finances. 

The Consumer Financial Protection Bureau (CFPB) is currently exploring how to strengthen the data rights and protections for the services that back many of those conveniences under Section 1033 of the Consumer Financial Protection Act, commonly known as the Dodd-Frank Act. Currently the draft rule considers “financial institutions offering deposit accounts, credit cards, digital wallets, prepaid cards, and other transaction accounts to set up secure methods, like APIs, for data sharing.”  These consumer products are currently defined under Regulation E and Regulation Z, and the rule making proposals ask if the CFPB should “also consider covering payment account providers that are not Regulation E financial institutions as presently defined, such as providers of government benefit accounts used to distribute needs-based benefits programs?”

We believe the answer is a resounding yes. For people receiving Supplemental Nutrition Assistance Program (SNAP), Special Supplemental Nutrition Program for Women, Infants, and Children (WIC), and Temporary Assistance for Needy Families (TANF) benefits, funds are typically distributed on electronic benefit transfer (EBT) cards. In 2021, SNAP supported  41.5 million enrollees and with a total of $113.8 billion distributed — a new record due to expanded pandemic aid. While EBT was a technological innovation when it was launched in 1984 — with an electronic record of every transaction and easier distribution of benefits — the technology has since stalled out and not kept up with other consumer products. 

Currently, EBT cards still have magnetic strips, and it can be very challenging for benefits recipients to check their balance due to a lack of secure and robust data infrastructure. Additionally, “skimming and cloning” — where information and funds are stolen via card readers — has become a top threat to benefits recipients, with federal agencies issuing tools and resources for state agencies, advocacy organizations calling for better practices, and states conducting outreach to increase awareness and safety among beneficiaries. Historically, there has also been no recourse for EBT users who are the victim of skimming. In fact, federal and state policies have forbidden any reimbursement. Thankfully, Congress has taken action in the most recent omnibus package to include a section on EBT benefit fraud protection, which calls for increased security measures, investigation into how and where fraud is being committed, and the replacement of benefits on a limited basis. 

However, there is still more that can be done to improve the data rights and experience for EBT users. We hope that by including EBT in the 1033 rule, the CFPB will foster needed innovation, healthy competition amongst vendors, and benefits for users, as well as the ability for EBT technology to play in the envisioned decentralized, open ecosystem. 

Ultimately, EBT users deserve the same class of service and protection as users of other consumer financial products. They should have access to their data and the ability to utilize third-party services to view and analyze their data, whether for scanning for fraudulent transactions or managing their financial outlook. Security should be ingrained from the start with services like APIs for accessing their data. And there should be good uptime and availability of data, with no limitations on how or when they can access it.