Whenever you swipe your credit card, you probably think the merchant submits the transaction information to the credit card company which floats you a short-term loan and sends the money to the merchant. You cut your credit card company a check at the end of the month and that's all there is to it.
The process isn't that simple. In reality, the merchant submits the transaction data to a payment processor, which submits the transaction to your credit card company, which then passes that information to the issuing bank. The money flows back down that chain to the merchant with everyone taking a cut along the way.
That's a simplified explanation of what occurs when you use a credit card. Each transaction is usually "touched" a minimum of 12 times over as long as a 24-hour period.
Every party involved maintains a database of those transactions, providing ample opportunities for hackers to gain access to card information. That's precisely what befell Global Payments (GPN), a credit card payment processor.
Global Payments recently reported that in early March, hackers gained access to information on an estimated 1.5 million credit cards, triggering an almost 15 percent sell-off in the company's share price over the following weeks.
The stock now trades at just 12.3 times forward earnings-compared to a five-year average of almost 16 times- and just 2.8 times price-to-book, versus an average of almost 4 times.
That's hardly surprising considering that when Heartland Payment Systems (HPY) experienced a data breach in 2008, it ultimately cost the company about $140 million to upgrade its security systems and pay related legal claims.
However, there are major differences between the two data breaches. In Heartland's case about 130 million credit cards were compromised and personal information on cardholders also was accessed.
Global Payments' breach involved 1.5 million cards and no data besides credit card numbers and expiration dates were compromised. Although the investigation into the incident isn't yet complete, Global Payments' financial liability should be minimal.
Stock market investing requires us to identify when the market is mispricing current events. In this case, I believe the market's mispricing of the breach is an opportunity to pick up Global Payments shares at a steep discount. The firm primarily serves small and midsized merchants, a market largely ignored by larger payment processors.
Global Payments faces relatively weak competition for its core customers, allowing it to maintain extremely favorable pricing structures.
In its fiscal second quarter ending in November, Global Payments acquired a portfolio of 9,000 U.S. e-commerce merchants from CyberSource, a provider of electronic-payment solutions owned by Visa (V).
The acquisition helped fuel a 12 percent increase in revenue and a 21 percent increase in profits in the quarter and provides a base from which Global Payments can push earnings even higher.
E-commerce is booming, on track to account for approximately 11 percent of all U.S. retail sales by 2015.
Much of this e-commerce growth derives from "power shoppers," elite consumers who annually outspend 90 percent of their peers online by making bigger and more frequent purchases.
China in particular is experiencing a boom in e-commerce. Global Payments has aggressively expanded its e-commerce operations in China, a market that accounted for about 7 percent of the firm's revenues in its fiscal 2011.
According to the Chinese Ministry of Industry and Information Technology, China's e-commerce market is expected to grow to almost USD3 trillion by 2015. Global Payments' exposure to the vast Chinese market is expected to help it grow revenues by about 18 percent next year, despite its data breach.
The general trend away from cash and checks also favors Global Payments. Electronic transactions have grown to account for two-thirds of all payments made in the U.S., as society becomes increasingly cashless. Growth stocks such as Global Payments should benefit from this trend.