May 6th, 2014 by Elma Jane
Boston-based Loop has released its LoopWallet app for storing magnetic-stripe cards on smartphones and using them in contactless payments at regular POS terminals.
Loop is a Level One PCI certified payment provider. Its technology has applications for turning loyalty cards into contactless cards and can also be used to generate dynamic card data every time a payment is made, preventing the creation of cloned cards.
The Loop Fob contains a microprocessor and magnetic induction loop and can be used without a phone, in which case payment would be taken from a designated card.
Mag-stripe cards for payment, gift, loyalty, ID or membership are read by the Loop Fob, a small audio jack magnetic-stripe reader, and then card data is encrypted and stored on the user’s smartphone. The LoopWallet app allows users to view their cards and select the one they wish to use.
To make a payment at the point of sale, the phone sends a signal, using Loop’s Magnetic Secure Transmission technology. MST emulates the signal generated when a mag-stripe card is swiped across a POS terminal’s read head. The signal is received by any mag-stripe card reader without requiring modifications to the POS terminal or processing system.
The free LoopWallet App for iOS 7 is available in the Apple App Store, with an Android version planned for release in April 2014. The app is only available to U.S. consumers.
.
Posted in Best Practices for Merchants, Credit card Processing, Digital Wallet Privacy, Electronic Payments, EMV EuroPay MasterCard Visa Tagged with: contactless, mag-stripe readers, magnetic stripe, mobile wallet, PCI
February 20th, 2014 by Elma Jane
Android-iPhone-Credit-Card-Reader
Several options exist for mobile credit card processing.
Credit card processing on iPhone/ipad/Android/BlackBerry or Tablets – Using NTC’s portable credit card readers, merchants can now swipe credit cards on iPad or Android tablet devices. NTC’s Virtual Merchant solution allows users to download a secure application to interfere your smartphone with our merchant account services seamlessly. The application and credit card processing data on the carriers network or a WiFi connection to the internet.
NTC’s MagTek Bullet Swipe Credit Card Reader for Android Phones and Tablets.
Using any Android 2.2. or higher device you can process credit card transactions securely to the smartphone via Bluetooth and utilize wireless devices internet connection (WiFi or Carrier) to send the credit card processing data encrypted for processing approval.
Security anywhere. With the BulleT Secure Credit Card Reader Authenticator (SCRA), security comes with the flexibility and portability of a Bluetooth wireless interface. Small enough to fit into the palm of your hand, the BulleT enables secure wireless communications with a PC or mobile phone using the popular Bluetooth interface. Not only does the BulleT encrypt card data from the moment the card is swiped, but it also enables card authentication to immediately detect counterfeit or altered cards.
Ideal for merchant services accounts and financial institutions’’ mobile credit card processing, NTC’s BulleT offers MagnaSafe credit card processing security features with the convenience of a Bluetooth interface. This powerful combination assures credit card data protection, transaction security and convenience needed to secure mobile credit card processing with strong encryption and 2-factor authentication. The BulleT is specifically designed to leverage the existing magnetic stripe credit card reader as a secure token empowering cardholders with the freedom and confidence of knowing that their credit card transactions are secure and protected anytime, anywhere. Android Credit Card Swipe Reader for Android Phones and Tablets on your wireless mobile merchant account.
NTC’s MagTek iDynamo Credit Card processing swipe reader for iPhone and Ipad.
Credit card processing on an iPhone has never been easier. Simply attach NTC’s iDynamo card reader to your iPhone or iPad device, install our Virtual Merchant software from the App Store and you’re ready to go. Take advantage of lower credit card processing rates by processing swiped transactions instead of keying the credit card in later and get paid faster. From the company that leads with Security from the Inside MagTek has done it again with the iDynamo, a secure card reader authenticator (SCRA) designed to work with the iPhone and iPad. The iDynamo offers MagnasafeTM security and delivers open standards encryptions with simple, yet proven DUKPT key management, immediate tokenization of card data and MagnePrint card authentication to maximize data protection and prevent the use of counterfeit cards. Mobile merchants can now leverage the power of their iPhone/iPod Touch products without the worries of handling or storing sensitive card data at any time. Ideal for wireless mobile merchant accounts and mobile credit card processing, the iDynamo offers MagneSafe security features combined with the power of iPhone and iPod Touch products. This powerful combination assures convenience and cost savings, while maximizing credit card data protection and credit card transaction security from the moment the card is swiped all the way to authorization. No other credit card reader beats the protection offered by a MagnaSafe product.
Other credit card devices claim to encrypt data in the reader. NTC’s iDynamo encrypts the data inside the read head, closest to the magnetic stripe and offers additional credit card security layers with immediate tokenization of card data and MagnePrint card authentication. This layered approach to security far exceeds the protection of encryption by itself, decreases the scope of PCI compliance, and reduces fraud.
NTC’s iDynamo is rugged and affordable, so it not only withstands real world use, it performs to the high standards set by MagTek as the leader in magnetic credit card swipe reading products for nearly 40 years.
Posted in Credit card Processing, Credit Card Reader Terminal, Credit Card Security, Digital Wallet Privacy, e-commerce & m-commerce, Electronic Payments, Internet Payment Gateway, Merchant Services Account, Mobile Payments, Mobile Point of Sale, Payment Card Industry PCI Security, Smartphone Tagged with: Android, android phones and tablets, authenticator, blackberry, bluetooth, card authentication, credit card processing data, devices, encrypt card data, encrypted, internet, ipad, Iphone, magnetic stripe, magtek bullet, merchant account, merchant services accounts, Merchant's, mobile credit card processing, portable credit card readers, process credit card transactions, processing approval, secure, secure application, secure token, smartphone, swipe credit card reader, swipe credit cards, tablets, transaction security, virtual merchant, wifi, wireless devices internet connection
January 13th, 2014 by Elma Jane
Most of the world has already migrated to EMV chip technology. EMV, as commentators have noted, affects not only hardware and software, but every card payment system, device and application. Looking ahead to the 2015 liability shift, stakeholders who have not made the switch should consider these benefits of EMV.
Rather than focusing on any potential expenses, however, stakeholders should instead consider the important elements they have to gain.
EMV is here.
Benefits of EMV:
Global interoperability – Since most of the world has migrated to EMV, U.S. banks can that transition gain the ability to have their cards used with full EMV security anywhere in the world. Further, merchants benefit from this global interoperability as it allows them to process transactions coming into the U.S. from foreign travelers in the same way as domestic transactions.
Higher security – The latest data indicates that 78 percent of all counterfeit card fraud originates in areas where EMV has not yet been widely implemented, and even the most ardent detractors of EMV admit that EMV is very secure.
All stakeholders, gain a higher level of security than was available through magnetic-stripe technology.
Roadmap to mobile – POS terminals that support contactless EMV will in turn enable mobile EMV on NFC at merchants, meaning merchants can take advantages of all manner of popular payment methods, as well as the latest loyalty, location-based and couponing capabilities of mobile.
Posted in Credit card Processing, Credit Card Security, EMV EuroPay MasterCard Visa, Mobile Payments, Mobile Point of Sale, Near Field Communication, Point of Sale, Smartphone Tagged with: card, card fraud, card payment system, chip, contactless emv, counterfeit, couponing, EMV, interoperability, magnetic stripe, Merchant's, mobile, nfc, payment methods, POS terminals, secure, Security, technology, transactions, transition, travelers
December 5th, 2013 by Elma Jane
Three key benefits mPOS can provide PSPs. mPOS:
1. Maintains A Continuity Of Operations
mPOS solutions also ease the process of accepting and approving payments, according to the white paper. By enabling face-to-face card present transactions, mPOS allows transactions to be conducted in a highly secure manner. Further, once the encrypted transaction data is decrypted securely by the PSP at the payment gateway (with no access granted to the merchant), the onward presentation of the data into the acquiring network is consistent with that used historically for traditional POS terminals.
2. Simplifies Merchant Support
Thales suggests the biggest benefit to PSPs is that mPOS reduces the variety of costs PSPs need to cover to support merchants, cutting expenses related to equipment, security and PCI DSS compliance. This, the white paper says, allows PSPs that utilize mPOS to better allocate resources toward handling higher transaction volumes and acquiring business.
3. Supports Both Magnetic Stripe and EMV Cards
Another benefit to PSPs is that mPOS, despite its recent entrance to the market, is already widely available. The white paper explains that since the mPOS revolution quickly migrated from the U.S. abroad, mPOS solutions now exist to serve the unique needs of both markets. While this means challenges for merchants operating globally, PSPs benefit from being able to address the needs of merchants who want to opt for any and all available market solutions.
Much has been said about the recent explosion of the mobile point-of-sale (mPOS) market and how micromerchants are driving this payments revolution. But, what this story doesn’t communicate effectively is that small merchants aren’t the only stakeholders benefiting from the ongoing mPOS migration.
Payment service providers (PSPs) are another member of the mPOS value chain that can gain flexibility and security through these solutions, new research from data protection solution provider Thales suggests.
“Both merchants and PSPs have operational and logistical issues with traditional POS terminals associated mainly with the highly controlled and certified environment in which they must be used,” Thales writes in its latest white paper on the topic, “mPOS: Secure Mobile Card Acceptance.”
The 27-page white paper provides an extensive overview of the ongoing POS revolution, explaining how mPOS can reduce friction and costs for merchants, illustrating how the technology works step-by-step and highlighting the roles that each stakeholder plays along the value chain.
Posted in Electronic Payments, Mobile Payments, Mobile Point of Sale, Payment Card Industry PCI Security, Point of Sale, Smartphone Tagged with: acceptance, acquiring network, card present, compliance, decrypted, DSS, emv cards, encrypted, face-to-face, magnetic stripe, merchant, micromerchants, migration, mobile card, mobile point of sale, MPOS, payment gateway, payment service providers, payments, PCI, POS, psps, secure, securely, Security, terminals, transactions
December 2nd, 2013 by Elma Jane
Europay, Mastercard, and Visa (EMV) standards. Considered safer and widely used across Europe and other nations, the chip-based cards require insertion of the card into a terminal for the duration of a transaction, a break here from our traditional swipe-and-buy behavior. That’s just one way in which EMV changes things here… but it’s not the only way, nor is it the most important way. By way of reminder, October 2015 is the date by which all restaurants and other merchants are due to have implemented these standards, or potentially be liable for counterfeit fraud, which primarily reflects a shift from magnetic-stripe credit cards to chip cards.
The main driver in the EMV migration is card-related financial fraud. As an example, and traditionally, card fraud in the United Kingdom has always been considerably higher than here in the States, primarily because the U.K. previously used offline card authorization as opposed to the online card methodology used here. As losses due to fraud rose steadily in Europe, despite the best efforts of global law enforcement agencies to reduce it, the pressure to find a solution built around some alternative authentication strategy mounted. From this concern, EMV was born.
Is it working? Recent statistics from the European Central Bank (ECB) revealed that, despite growing card usage, fraud in the Single Euro Payments Area (SEPA) – a mature EMV territory that includes all 28 members of the European Union, Finland, Iceland , Liechenstein, Monaco and Norway, – fell 7.6% between 2007 and 2011. This decline is underpinned by a slowdown in the growth of ATM fraud as well as a 24% drop in fraud carried out at point of sale terminals. The 2008 Canadian roll-out of Chip and PIN had a dramatic impact on fraud there. Card Skimming had accounted for losses totaling $142 million, but that figure dropped to $38.5 million in 2009, according to figures provided by the Interac Association. Some critics point to the fact that most of this decrease comes in the form of face-to-face card fraud, and that criminals merely shift their focus onto some other area that is less anti-fraud focused. Still, there are positive gains and as technologies improve, more successes are sure to follow.
Part of the reason why the U.S. not embraced EMV sooner is because our fraud problem, while significant, has typically been among the lowest rates in the world among highly developed economically mature countries. Much of that is due to the online authentication methods at work here. Here at home, our online authentication methodology permits authorizations to be done in real-time, thus thwarting a significant percentage of the fraudulent attempts at the point-of-sale, the best place to stop fraud. Our online authentication methods also incorporate multiple fraud and risk parameters as well as advanced neural networks that are ‘built-in’ to the approval process. It’s been a highly effective system that works well, when compared to most alternatives. The effectiveness of our authentication processes has helped fuel the resistance to full EMV adoption here. However, the EMV migration has gained momentum to the point where it is only a matter of time. The truth is that, despite the gains in preventing credit card fraud, and despite the best efforts of EMV’s backers to push acceptance through, global adoption of the EMV standard is still considerably less than 100%.
In England’s old offline authentication method, credit card transactions were gathered together at specific times- typically, at the end of the business day- and then batched over to the card issuers for authorization. It’s a method that gave those committing fraud a significant time lag between the transaction and the authorization, and this time lag contributed greatly to the higher levels of fraudulent activities in England. However, for Europe and for much of the rest of the world, adoption of the EMV technologies changes things dramatically, at least in terms of authentication protocols for both online and offline purchases. During an offline transaction using the EMV chip card, the payment terminal communicates with the integrated circuit chip (ICC), embedded in the payment card. This is a break from the old method which involved using telecommunications to connect with the issuing bank. The ICC / terminal connection enables real-time card authentication, cardholder verification, and payment authorization offline. Alternatively, in an online EMV transaction, the chip generates a cryptogram that is authenticated by the card issuer in real time.
Posted in Electronic Payments, EMV EuroPay MasterCard Visa, Financial Services, Near Field Communication, Payment Card Industry PCI Security, Visa MasterCard American Express Tagged with: authentication, batched, card, card authorization, card-related, chip cards, chip-based, credit cards, cryptogram, EMV, EuroPay, financial, fraud, fraudulent, icc, insertion, integrated, magnetic stripe, MasterCard, Merchant's, networks, online, payment, restaurants, Skimming, standards, swipe-and-buy, terminal, transaction, verification, visa
October 31st, 2013 by Elma Jane
While credit card processors and retailers have made strides to combat credit card fraud, it is still rampant across the U.S. In fact, credit card fraud jumped 17 percent between January, 2011, and September, 2012, according to the most recent data from the FICO Falcon Fraud Manager Consortium.
Debit cards obviously have better safeguard measures in place, since debit card fraud rose less than 1 percent between January, 2011, and September, 2012. Plus, the average fraud loss per compromised account fell by 3 percent.
Card-not-present (CNP) fraud is the biggest challenge by far, accounting for 47 percent of all credit card fraud. CNP fraud – which includes payments via the internet, mail and phone – grew 25 percent over the two-year period. So, where the problems with credit cards lie.
Unfortunately, CNP fraud may get worse before it gets better, in FICO’s Banking Analytics Blog. This problem may even intensify as the US moves away from magnetic stripe and toward EMV [chip] card technology. In other countries adopting chip-based authentication technology, we’ve seen counterfeit fraud decline, but as a counterbalance, fraudsters often ramp up efforts around CNP fraud.
However, there was a glimmer of light in the credit card fraud fiasco. While card fraud attempts rose, the average loss per compromised account dropped 10 percent. Plus, the ratio of fraud to non-fraud spending remained constant. “In other words, the volume of card fraud increased proportionally to the volume of consumer credit card spending.
Even though many retailers have implemented successful fraud prevention programs, Visa provides retailers with the warning signs for CNP fraud, including:
Multiple cards used from a single IP address. Orders made up of “big ticket” items. Orders that include several of the same item. Shipping to an international address. Transactions with similar account numbers.
Posted in Digital Wallet Privacy, EMV EuroPay MasterCard Visa, Mail Order Telephone Order, Payment Card Industry PCI Security Tagged with: account, analytics, authentication, banking, big ticket, card-not-present, chip card, chip-based, cnp, counterfeit, credit-card, debit cards, EMV, fraud, fraudsters, international, internet, magnetic stripe, mail, non-fraud, orders, payments, phone, prevent, processors, retailers, safeguard, spending, transactions, visa
