Oct
30
2015
October 30th, 2015 by Elma Jane

This is a question we encounter on a daily basis. Travel environments are unique in that your transactions are usually keyed, there is almost always a delayed delivery period, large ticket transactions are not uncommon since one cardholder may be paying for multiple tickets, they tend to be seasonal, with peak season months generating an unusual spike in their “average” monthly volume, and chargeback’s pose a potential threat by travelers who are unable to complete their trip. Combine even a few of these factors together and you have cause for a reserve, or even account termination.

Being a part of a MO/TO (Mail Order/Telephone Order) or Keyed environment carries an increased risk of potential fraud or unauthorized use of a credit card. Since the credit card and cardholder are not present at the time of the transaction, the merchant has a limited ability to ensure the card is not being misused or that the proper AVS (address Verification Service) information is provided. NTC stresses the use of Credit Card authorization forms in order to obtain the correct credit card number, expiration date, billing address, and signature of the cardholder.

Travel merchants tend to have periods of increased volume based on peak travel seasons, whereas most other industries tend to have the same average monthly volume every month. This can generate spikes in volume on the merchant account that can trigger security concerns with the processor. Helping the merchant to analyze their volume trends and reporting the trends to the underwriters helps eliminate the security concerns when these spikes occur.

Large transactions which exceed the average sale amount for the merchant account can also trigger security concerns. Merchants who do not inform their merchant processor of large transactions prior to charging the credit cards can trigger security concerns and cause funding delays and reserve holds. Educating and clearly communicating with the merchant how to handle large tickets, volume spikes, and group bookings, prevents reserves, funding delays and/or other merchant account issues.

Another concern from the underwriters is the delayed delivery time frame. Delayed Delivery refers to the amount of time between accepting a credit card payment (whether a deposit or full purchase) and the time the cardholder travels. The client’s credit card is billed and the travel agent is paid however, the trip the travel agent was paid for doesn’t generally take place for 2 to 3 months. This leaves a lot of time for things to change, and should the client not travel for some reason, the first thing they do if the travel agent does not issue a refund, is claim a chargeback. NTC offers quite a few tips that can help protect the travel agent from chargeback situations.

Most merchants do not realize that merchant processors carry a financial risk on merchant accounts, and normally fund merchants prior to receiving payment from the client’s bank. Essentially, a merchant account is an unsecured loan. The merchant runs a transaction and at the end of the day they settle their batch. Generally the merchant will receive the funds for that batch in their bank account within 2 business days even though the travel arrangements the client paid for do not take place right away.

Here at National Transaction Corp, we specialize in understanding what makes your transactions, as a travel agent, unique in how they affect your merchant account. Educating the merchant and ensuring they have a good understanding of what makes travel merchant account high risk, is one of our specialties. We have established a special relationship with our underwriting department which facilitates our ability to approve your high risk travel merchant account.

Contact your travel merchant account specialist at NTC today.

Mark Fravel
National Transaction Corp
Founder and President
888-996-2273

 

 

Posted in Best Practices for Merchants, Travel Agency Agents Tagged with: , , , , , , , , , , , , , ,

Oct
20
2015
E-Pay
October 20th, 2015 by Elma Jane

We’ve covered  a lot about EMV, but what about improving security for online and Card-Not-Present transactions? That’s where 3-D Secure comes in.

3-D Secure allows a card holder to authenticate himself while making an online payment.

In a traditional credit card transaction, a payment request is presented to the issuing bank for authorization. The Issuing bank authorizes the transaction based solely on the funds available to the card holder.

With card present, the magnetic strip on the card can be read and a signature collected. This process has now been largely superseded by Chip and PIN which gives the card holder the opportunity to identify himself via a secret PIN code.

An E-commerce transaction is conducted online, without the possibility to access the card physically. Un-authorized usage and fraud are therefore more likely.

3-D Secure allows transactions to be conducted in safety online, greatly reducing the risk of fraud and chargebacks.

How 3-D Secure Works?

When a payment request arrives at the merchant or payment gateway, the Merchant Plug In (MPI) component is activated. The MPI talks to Visa or MasterCard to check if the card is enrolled for 3-D Secure. If the card is not enrolled, this means that either the bank that issued the card is not yet supporting 3-D Secure or it means that the card holder has not yet been registered for the service. If the card is enrolled, the MPI will redirect the card holder to the 3-D Secure authentication web page for the issuing bank; the card holder will then identify himself. The MPI will evaluate the reply from the bank and, if successful, allow the transaction to proceed for authorization. The transaction could still fail for lack of funds or other reasons but is more likely to be approved because of the authentication.

3-D Secure allows 3 domains to work together.

Domain 1: The card holder has the peace of mind that his card is not used without his authorization.

Domain 2: Merchants are protected from fraud and can provide the product and service without delay or extra costs.

Domain 3: Banks see that the transaction has been authenticated and are more likely to approve the transaction, to the convenience of the card holder.

Implementation of 3-D Secure:

Visa is called Verified by Visa.

MasterCard is called Secure Code.

Amex is called SafeKey.

JCB is called J/Secure.

Posted in Best Practices for Merchants, e-commerce & m-commerce, Internet Payment Gateway Tagged with: , , , , , , , , , , , , , , , , , ,

Sep
14
2015
September 14th, 2015 by Elma Jane

The security rules for fraud liability of credit and debit cards will change in the United States, starting October 1, 2015.

The new security rules would prompt major plastic card brands like MasterCard and Visa to upgrade their magnetic stripe based cards to more modern and secure chip technology based cards.

Credit and debit card fraud amount in the U.S. reached around $11.27 billion, in 2012.

With the new rules, any financial institution and payment processing merchant who would not upgrade their cards to chip technology would be held responsible for any committed fraud with their cards instead of their customers. This new rule would effectively transfer the liability in case of a fraud from the consumer to the least secure card provider. The rule specifically says that liability will fall on the bank or retailer with the least secure technology.

If the bank has not given you a new chip card, and you use your magnetic swipe card and there’s resulting fraud, the bank will be responsible for that.

All merchants who do not offer payment terminals that support chip based cards would be held liable for any fraud committed on their premises as well, from October 1. The new rules say that if the card is chip based and the merchants fail to offer a chip based terminal, and a fraud is committed, they would be held liable instead of the card holder.

With chip based cards, the customer would need to insert their card inside a chip enabled payment terminal while making a purchase. Then, they need to confirm the amount and enter a private pin to verify their identity. The customer would also sign for the purchase like using a regular magnetic card.

Besides MasterCard, Visa has already rolled out the new chip based terminals in the U.S. under its Zero Liability Policy.

The chip based cards are more secure compared to the old magnetic technology. That is one of the reasons why the new rules are promoting the chip based technology over the 55 years old magnetic cards.

Not all merchants have to replace their old magnetic terminals and it is still an optional decision, but industry analysts think that the shift of liability in case of fraud from consumers to financial institutions and merchants would likely prompt them to start using chip based technology.

 

Posted in Best Practices for Merchants, Credit Card Security Tagged with: , , , , , , , , ,

Sep
16
2014
September 16th, 2014 by Elma Jane

Card-not-present merchants are battling increasingly frequent friendly fraud. That type of fraud..The I don’t recognize or I didn’t do it dispute. This occurs when a cardholder makes a purchase, receives the goods or services and initiates a chargeback on the order claiming he or she did not authorize the transaction.

This problem can potentially cripple merchants because of the legitimate nature of the transactions, making it difficult to prove the cardholder is being dishonest. The issuer typically sides with the cardholder, leaving merchants with the cost of goods or services rendered as well as chargeback fees and the time and resources wasted on fighting the chargeback.

Visa recently changed the rules and expanded the scope of what is considered compelling evidence for disputing and representing chargeback for this reason code. The changes included allowing additional types of evidence, added chargeback reason codes and a requirement that issuers attempt to contact the cardholder when a merchant provides compelling evidence.

The changes give acquirers and merchants additional opportunities to resolve disputes. They also mean that cardholders have a better chance to resolve a dispute with the information provided by the merchant. Finally, they provide issuers with clarity on when a dispute should go to pre-arbitration as opposed to arbitration.

Visa has also made other changes to ease the burden on merchants, including allowing merchants to provide compelling evidence to support the position that the charge was not fraudulent, and requiring issuers to a pre-arbitration notice before proceeding to arbitration, which reduces the risk to the merchant when representing fraud reason codes.

The new “Compelling Evidence” rule change does not remedy chargebacks but brings important changes for both issuers and merchants. Merchants can provide information in an attempt to prove the cardholder received goods or services, or participated in or benefited from the transaction. Issuers must initiate pre-arbitration before filing for arbitration. That gives merchants an opportunity to accept liability before incurring arbitration costs, and Visa will be using information from compelling evidence disputes to revise policies and improve the chargeback process

Visa made those changes to reduce the required documentation and streamline the dispute resolution process. While the changes benefit merchants, acquirers and issuers, merchants in particular will benefit with the retrieval request elimination, a simplified dispute resolution process, and reduced time, resources and costs related to the back-office and fraud management. The flexibility in the new rules and the elimination of chargebacks from cards that were electronically read and followed correct acceptance procedures will simplify the process and reduce costs.

Sometimes, an efficient process for total chargeback management requires expertise or in-depth intelligence that may not be available in-house. The rules surrounding chargeback dispute resolution are numerous and ever-changing, and many merchants simply do not have the staffing to keep up in a cost-effective and efficient way. Chargebacks are a way of life for CNP merchants; however, by working with a respected third-party vendor, they can maximize their options without breaking the bank.

Reason Code 83 (Fraud Card-Not-Present) occurs when an issuer receives a complaint from the cardholder related to a CNP transaction. The cardholder claims he or she did not authorize the transaction or that the order was charged to a fictitious account number without approval.

The newest changes to Reason Code 83, a chargeback management protocol, offer merchants a streamlined approach to fighting chargebacks and will ultimately reduce back-office handling and fraud management costs. Independent sales organizations and sales agents who understand chargeback reason codes and their effect on chargeback rates can teach merchants how to prevent chargebacks before they become an issue and successfully represent those that they can’t prevent.

Posted in Best Practices for Merchants, EMV EuroPay MasterCard Visa, Visa MasterCard American Express Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,