September 15th, 2016 by Elma Jane
Storing credit card data for recurring billing are discouraged.
But many feels storing is necessary in order to facilitate recurring payments.
Using a third party vault provider to store credit card data for recurring billing is the best way.
It helps reduce or eliminate the need for electronically stored cardholder data while still maintaining current business processes.
For recurring billing a token can be use, by utilizing a vault. The risk is removed from your possession.
Modern payment gateways allow card tokenization.
Any business that storing data needs to review and follow PCI DSS requirement in order for the electronic storage of cardholder data to be PCI compliant.
On the primary account number, an appropriate encryption will be applied. In this situation, the numbers in the electronic file should be encrypted either at the column level, file level or disk level.
Posted in Best Practices for Merchants, Credit Card Security Tagged with: billing, cardholder, credit card, data, payment gateways, payments, PCI, recurring, token, tokenization
August 9th, 2016 by Elma Jane
Businesses are discouraged from storing credit card data, but many feel the practice is necessary in order to facilitate recurring payments. Merchants that need to store credit card data are doing it for recurring billing.
Using a third party vault provider is the best way to store credit card data for recurring billing, it helps reduce or eliminate the need for electronically stored cardholder data while still maintaining current business processes. The risk of storing card data is removed from your possession and you are given back a token that can be used for the purpose of recurring billing, by utilizing a vault. Modern payment gateways allow card tokenization.
Any business that storing data via hard copy needs to review and follow PCI DSS requirement in order for the electronic storage of cardholder data to be PCI compliant. Appropriate encryption must be applied to the PAN (primary account number). In this situation, the numbers in the electronic file should be encrypted either at the column level, file level or disk level.
Posted in Best Practices for Merchants, Payment Card Industry PCI Security, Travel Agency Agents Tagged with: cardholder, credit card, data, merchants, payment gateways, payments, PCI, provider, tokenization
September 24th, 2014 by Elma Jane
The CVV Number (Card Verification Value) on your credit card or debit card is a 3 digit number on VISA, MasterCard and Discover branded credit and debit cards. On your American Express branded credit or debit card it is a 4 digit numeric code.
The codes have different names:
American Express – CID or unique card code.
Debit Card – CSC or card security code.
Discover – card identification number (CID)
Master Card – card validation code (CVC2)
Visa – card verification value (CVV2)
CVV numbers are NOT your card’s secret PIN (Personal Identification Number).
You should never enter your PIN number when asked to provide your CVV. (PIN numbers allow you to use your credit or debit card at an ATM or when making an in-person purchase with your debit card or a cash advance with any credit card.)
Types of security codes:
CVC1 or CVV1, is encoded on track-2 of the magnetic stripe of the card and used for card present transactions. The purpose of the code is to verify that a payment card is actually in the hand of the merchant. This code is automatically retrieved when the magnetic stripe of a card is swiped on a point-of-sale (card present) device and is verified by the issuer. A limitation is that if the entire card has been duplicated and the magnetic stripe copied, then the code is still valid.
The most cited, is CVV2 or CVC2. This code is often sought by merchants for card not present transactions occurring by mail or fax or over the telephone or Internet. In some countries in Western Europe, card issuers require a merchant to obtain the code when the cardholder is not present in person.
Contactless card and chip cards may supply their own codes generated electronically, such as iCVV or Dynamic CVV.
Code Location:
The card security code is typically the last three or four digits printed, not embossed like the card number, on the signature strip on the back of the card. On American Express cards, the card security code is the four digits printed (not embossed) on the front towards the right. The card security code is not encoded on the magnetic stripe but is printed flat.
American Express cards have a four-digit code printed on the front side of the card above the number.
MasterCard, Visa, Diners Club, Discover, and JCB credit and debit cards have a three-digit card security code. The code is the final group of numbers printed on the back signature panel of the card.
New North American MasterCard and Visa cards feature the code in a separate panel to the right of the signature strip. This has been done to prevent overwriting of the numbers by signing the card.
Benefits when it comes to security:
As a security measure, merchants who require the CVV2 for card not present payment card transactions are required by the card issuer not to store the CVV2 once the individual transaction is authorized and completed. This way, if a database of transactions is compromised, the CVV2 is not included, and the stolen card numbers are less useful. Virtual Terminals and payment gateways do not store the CVV2 code, therefore employees and customer service representatives with access to these web-based payment interfaces who otherwise have access to complete card numbers, expiration dates, and other information still lack the CVV2 code.
The Payment Card Industry Data Security Standard (PCI DSS) also prohibits the storage of CSC (and other sensitive authorization data) post transaction authorization. This applies globally to anyone who stores, processes or transmits card holder data. Since the CSC is not contained on the magnetic stripe of the card, it is not typically included in the transaction when the card is used face to face at a merchant. However, some merchants in North America require the code. For American Express cards, this has been an invariable practice (for card not present transactions) in European Union (EU) states like Ireland and the United Kingdom since the start of 2005. This provides a level of protection to the bank/cardholder, in that a fraudulent merchant or employee cannot simply capture the magnetic stripe details of a card and use them later for card not present purchases over the phone, mail order or Internet. To do this, a merchant or its employee would also have to note the CVV2 visually and record it, which is more likely to arouse the cardholder’s suspicion.
Supplying the CSC code in a transaction is intended to verify that the customer has the card in their possession. Knowledge of the code proves that the customer has seen the card, or has seen a record made by somebody who saw the card.
Posted in Best Practices for Merchants, EMV EuroPay MasterCard Visa, Point of Sale, Visa MasterCard American Express Tagged with: (Card Verification Value), (CVC2), American Express, atm, authorization data, bank/cardholder, card holder data, card identification number, card issuers, Card Not Present transactions, card number, card numbers, card security code, card validation code, card-not-present, card-present transactions, cardholder, cards, cash advance, chip cards, CID, code, Contactless card, credit, credit-card, CSC, customer, customer service, CVC1, CVV Number, CVV1, CVV2, Data Security Standard, debit, debit card, debit cards, device, Diners Club, Discover, fax, gateways, iCVV or Dynamic CVV, individual transaction, internet, issuer, JCB credit, magnetic stripe, mail, MasterCard, merchant, payment card, Payment Card Industry, payment card transactions, payment gateways, PCI-DSS, Personal Identification Number, PIN, point of sale, post transaction authorization, security codes, telephone, terminals, unique card code, virtual terminals, visa, web-based payment
January 6th, 2014 by Elma Jane
It can be difficult for travel agencies to choose a merchant services provider. The credit card processing industry generally categorizes travel agents as a high risk business type due to the fact that most travel agency transactions take place long before the actual product or service is delivered to the customer. This leaves travel merchants open to chargebacks and other payment disputes, which are costly procedures that deter many merchant services providers from offering travel merchant accounts.
National Transaction Corporation is one of the travel merchant account providers and credit card processors to provide high risk merchant services for travel agents. Most providers are geared toward e-commerce business types, although some offer options for traditional travel credit card processing. National Transaction Corporation (nationaltransaction.com) is a Coral Springs, FL-based, NTC’s member bank is US Bank Minneapolis, MN; that offers high risk travel agent merchant accounts. NTC’s credit card processing, no holds on funding, integration with Trams, Sabre, and ARC business solutions, and payment gateways for e-commerce travel merchants. National Transaction Corporation’s parent company Elavon, has a grade of “C” award. The Better Business Bureau (BBB) currently grants National Transaction Corporation an “A+” grade, citing only one complaint in the last three years.
Posted in Credit card Processing, e-commerce & m-commerce, Electronic Payments, Internet Payment Gateway, Merchant Services Account, Travel Agency Agents Tagged with: chargebacks, credit card processing, e-commerce, high risk, merchant services provider, no holds funding, payment disputes, payment gateways, provider's, transactions, travel agencies, travel agency, travel agents, travel merchant account, travel merchants
Travel online is an industry that has seen heavy activity as mobile users employ their tablet or smartphones booking their travel destinations. Now travel agency agents are looking to up the ante with more innovative mobile options like ticketless travel. Many last minute patrons are turning to their mobile devices and the agencies m-commerce site to place their bookings and that trend is growing. Therefore it makes sense that the hotel and hospitality industry are looking to whet that appetite. Marriott is looking to fulfill this by making their e-commerce site more m-commerce friendly as well as adding features for travelers that have already booked hotel rooms with them. Read more of this article »
Posted in Mobile Payments Tagged with: Airlines, Hotel Businesses, m-commerce, Mobile Apps, Mobile Check, mobile commerce, Mobile Devices, payment gateways, Smartphones, Travel Online
Be with NTC & enjoy the full benefits of our Merchant Credit Card Processing Services with high levels of service and security. You can enjoy from e-commerce payment gateways to retail and restaurant solutions, business-to-business processing capabilities to electronic invoicing, NTC is offering an appropriate cost-effective merchant credit card processing services that are very fast, secure and easy to integrate. We honor getting your small business up and running smoothly. NTC always helps you get the lowest rates, so that you can save your money safely. Read more of this article »
Posted in Uncategorized Tagged with: Credit Card Processing Services, e-commerce, Merchant Credit Card, payment gateways
