Apr
15
2014
April 15th, 2014 by Elma Jane

Amsterdam, Netherlands-based Cardis has been piloting its technology in Europe with Raiffeisen Bank in Austria and Sberbank in Russia. They are now focused on the U.S., as this is the fastest growing mobile payments market in the world, where there’s a huge opportunity. Integration of technology with a large U.S. processor and with a major U.S. retail brand, which will be launching a mobile site and mobile app using Cardis solution.

Cardis International is planning an April launch in the U.S. for its technology, which enables merchants to accept low-value contactless or mobile payments without incurring high processing charges. Cardis is able to bring down the processing cost of low-value payments, the company said, by aggregating multiple transactions into a single payment.

The problem

Contactless card and NFC-based mobile payments are typically for low amounts, and yet still use a card processing infrastructure that was designed 40 years ago when the average credit card transaction was $100.

Traditional card processing systems require each transaction to be individually processed through the payment system, including authorization, clearing and settlement. The resulting variable costs of processing each transaction are independent of the transaction amount and too high for low-value payments, particularly in low-margin industries such as quick-service restaurants. QSR restaurants often have a 3 percent profit margin, yet, for low-value contactless payments, the processing cost could be as high as 6-7 percent of the transaction value.

Mobile and contactless cards offer consumers a convenient form factor. But they don’t solve the problem that low-value card payments are very expensive for merchants.

As an ever-increasing percentage of transactions have become cashless, card processing fees have become a significant cost. Costs that are based on the number of transactions, rather than their value. With average per person expenditures of $5 or under, feels each swipe fee much more than a business where customers spend $50 or more. But not accepting credit/debit cards for low-value transactions isn’t an option as many of customers don’t carry cash anymore.

Aggregation

Cardis’ solution is to act as an aggregator of low-value payments, sending a single batched transaction through to a processor instead of multiple low-value transactions. As there is no per transaction processing of individual low-value purchases, the cost-per-transaction is significantly reduced.

Cardis provides its technology as a software plug-in to payment service providers for contact-based and contactless card payments, mobile wallet transactions and NFC payments.

There are two models. For card payments, it will aggregate multiple purchases by an individual cardholder at a single merchant on a post-paid basis up to a specific amount, for example $20. To guarantee payment to the merchant, since the aggregated transaction is processed at a later date, it will pre-authorize an amount, for example $15, the first time the customer makes a purchase at that merchant.

Alternatively, merchants can opt for Cardis’ prepaid system. This involves the consumer setting up a prepaid account hosted by Cardis’ sponsoring bank that is topped up via ACH (automated clearing house) transfers. Using the Cardis prepaid account on a smartphone provides the digital equivalent to cash.

With its post-paid solution, merchants will save 30-50 percent per transaction compared to conventional card processing fees, while its prepaid solution saves merchants 80 percent per transaction. With the post-paid solution, it will only aggregate a customer’s purchases at a single specific merchant. But, as the prepaid solution aggregates the customer’s purchases across multiple merchants, this enables to offer a much lower processing fee to the merchant.

Cardis provides an audit trail enabling consumers to track individual transactions that are aggregated using its technology. Consumers don’t lose any of their card protection rights and guarantees by agreeing to let a merchant aggregate their payments through Cardis. They can always charge back any disputed transactions.

Cardis sees opportunities for digital content providers such as online music stores and games providers to use its aggregation technology. It can integrate solution with existing digital wallets.

Raiffeisen

In 2012, Austria’s Raiffeisen Bank launched a pilot of Cardis technology for NFC-based Visa V Pay debit card payments in partnership with Visa Europe. Raiffeisen’s MobileCard mobile payment product uses a secure element stored on an NFC-enabled MicroSD card inserted in a mobile phone. Although Cardis supports secure elements stored on SIM cards as well as on MicroSD cards and on the cloud, Raiffeisen opted for MicroSD cards, as this is an easier solution to implement.

Raiffeisen cardholders participating in the pilot use MobileCard on average three times a week, with an average transaction value of ($5.70). Merchants accepting MobileCard are seeing 40 percent to 70 percent lower merchant processing fees for an average transaction value of  ($5.43) to ($13.60).

Spindle

In October 2013, Spindle, a U.S. mobile commerce company, signed an agreement with Multi-max, a manufacturer of vending machines for mid-size and small offices throughout North America, Europe and Asia. Spindle will integrate its MeNetwork mobile commerce technology into Multi-max’s line of K-Cup vending machines for rollout across the U.S.

The MeNetwork solution will incorporate all card-based payment acceptance services, as well as mobile marketing services. Spindle’s partner Cardis will provide low-value payment processing services for purchases at K-Cup vending machines.

Posted in Credit card Processing, Credit Card Security, Digital Wallet Privacy, e-commerce & m-commerce, Electronic Payments, Gift & Loyalty Card Processing, Internet Payment Gateway, Mobile Payments, Mobile Point of Sale, Near Field Communication, Payment Card Industry PCI Security, Smartphone, smartSD Cards, Visa MasterCard American Express Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Nov
22
2013
November 22nd, 2013 by Admin

As we move to smartphones and tablets as payment methods security and privacy concerns are a real issue. With recent NSA leaks shedding light on our data and the access others have to it, we have to consider security, privacy and health implications. This year alone e-commerce transactions on smartphones and tablets during the holiday season are set to grow by 15%. Although tablets, not smartphones will drive the bulk of that growth, smartphones are set to overtake mobile-commerce payments over the next 5 years. Tablet payments in the U.S. alone are expecting to reach $26 billion in transactions. Currently tablets are more convenient for m-commerce due to their size, but as far as the future of electronic payment processing, smartphones are where it’s at.

The smart merchant sees this coming and realizes frictionless transactions increase sales. The more comfortable and less complicated a transaction is for a customer, the better. Smartphones, tablets, PCs, laptops and more can already process electronic transactions from credit and debit cards, gift cards, electronic checks and more. Money movement is easier than ever and more convenient than cash. Cash is king however in situations where internet connectivity and power are an issue. In India for example, a poor electric grid makes power outages a common occurrence. During natural disasters, when resources are badly needed, power outages or severed internet communications mean no electronic transactions can be processed. So physical currency remains a must, in the future we may see payment technology evolve to where digital money like crypto currency (BitCoin) may be stored on the device itself similar to having cash. As these electronic payment systems evolve, merchants need to position themselves to accept what their market prefers to transact with.

The smart citizen also sees this coming and has concerns that things like a National ID program being established may compromise their privacy.
As an extreme example of electronic transactions, a nightclub in Spain used subdermally implanted RFID chips in a woman that allowed patrons to pay for food and beverages without a credit card.

Posted in e-commerce & m-commerce, Electronic Check Services, Electronic Payments, Gift & Loyalty Card Processing, Merchant Services Account, Near Field Communication, Smartphone Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Nov
15
2013
November 15th, 2013 by Elma Jane

November 7, 2013 –  Payment Card Industry (PCI) Council’s recent acceptance of the world’s first Point-To-Point Encryption-validated solution is great news for both acquirers and merchants, and will aid in reducing merchant scope and increasing business security worldwide. If your P2PE know-how is a little spotty, here are the basics.

What is P2PE?

Point-To-Point Encryption (P2PE) is the combination of hardware and processes that encrypts customer credit/debit card data from the point of interaction until it reaches a merchant solution provider’s environment for processing. Because card data is immediately encrypted as the card is swiped (or dipped), it prevents clear-text information from residing on the payment environment. Encrypted card data is then transferred to, decrypted by, and processed through the solution provider processor who is the sole holder of the decryption key.

In a POS environment, merchants often store decryption keys on their backend servers. Bad idea. If a cybercriminal hacks into that environment, they not only have access to the encrypted card numbers, but the decryption key as well. Hacker jackpot. Many question the difference between P2PE and typical point of sale (POS) encryption.

The reason P2PE is arguably the most secure way to process is because merchants don’t have access to decryption keys. If a hacker breaches a merchant using a validated P2PE solution, he/she will only recover a long string of useless encrypted card numbers with no way to decode them.

Why use P2PE?

Basically, P2PE increases data security and has the ability to make a merchant’s job of reaching PCI compliance easier. The main point of using a P2PE-valiated solution is to significantly lessen the scope of security efforts through PCI Data Security Standard (DSS) requirement and P2PE Self-Assessment Questionnaire (SAQ) reduction. Compared to the 80+ questions required of mainstream merchant SAQs, the P2PE-HW SAQ only requires merchants to answer 18 questions.

Are all P2PE solutions created equal?

Answer is no. Many P2PE solution vendors claim their solution reduces scope, but in order for a merchant to qualify, they must select only P2PE-validated solutions listed on the PCI Council’s website.

To get P2PE solutions and applications listed on the approved website, solution provider processors must go through a rigorous testing process performed by a qualified P2PE Qualified Security Assessor (QSA). P2PE QSAs help entities thorough the 210-page document of P2PE requirements, testing procedures, and controls required to keep cardholder data secure – a task which only a few companies in the world can do.

As of this post, the only P2PE hardware solution approved by the PCI Council is European Payment Services’ (EPS) Total Care P2PE solution, validated by P2PE QSA SecurityMetrics. A number of other P2PE solutions are currently undergoing the review process and will be added to the list once approved.

Posted in Best Practices for Merchants, Credit card Processing, Credit Card Security, Electronic Payments, Merchant Services Account, Payment Card Industry PCI Security, Point of Sale, Visa MasterCard American Express Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Oct
10
2013
October 10th, 2013 by Elma Jane

There are various payment processing rates that apply to credit and debit card transactions. Visa and MasterCard do not publish their rules and regulations or the payment processing standards required to get the lowest interchange rate. It’s up to credit card processing companies to understand and implement them to their merchants’ benefit. A high downgrade rate may indicate that your processor does not know the standards, or may be reluctant to implement best practices or new rules changes. The application of these rates is based on a variety of factors related to the particular circumstances of the sale and the way the payment is processed, as well as on the type of the card that was used. Typically payments processed in a card-not-present environment (e.g. online or over the phone) are assessed higher processing fees than payments processed in a face-to-face setting. Payments made with regular consumer types of cards are generally processed at lower rates than payments made with rewards, business-to-business or commercial cards. Debit cards are processed at lower interchange rates than credit cards. In order to simplify the pricing for their merchants, the majority of the processing companies have elected to use various tiered pricing models (two-tiered, three-tiered, six-tiered, etc.). There are three general classifications used in the various tiered pricing models:
Qualified Transaction (also referred to as the Swiped Rate) This is the rate charged per each transaction when the card is physically swiped through a credit card terminal. When a transaction is processed in accordance with the rules and standards established in the Payment Processing Agreement, signed by the merchant and the processing bank, and It involves a regular consumer credit card, It is processed at the most favorable rate. This rate is called a “Qualified Rate” and is set in the merchant’s Payment Processing Agreement. The Qualified Rate is set based on the way a merchant will be accepting a majority of their credit cards. For example, for an internet-based merchant, the internet interchange categories will be defined as Qualified, while for a physical retailer only transactions where cards are swiped through a terminal will be Qualified.

Mid-Qualified Transaction This is the rate charged when a transaction is manually keyed-in using AVS – Address Verification Service (card #, expiration date, address, zip code and CVV code all match). When a consumer credit card is keyed into a credit card terminal instead of being swiped or   The cardholder uses a rewards card, business-to-business or another special type of card the transaction is charged a discount rate that is less favorable than the Qualified. This rate is called a “Mid-Qualified Rate.”

Non-Qualified Transaction This is the rate charged when manually keying-in a transaction without using AVS – Address Verification Service. When a special kind of credit card is used (like a rewards card or a business card), or a payment is not processed in accordance with the rules established in the Payment Processing Agreement, or It does not comply with some applicable security requirements.
Qualified Transaction Conditions                                            

One electronic authorization request is made per transaction and the transaction/purchase date is equal to the authorization date.                                                                                                                         The authorization response data must also be included in the transaction settlement.                               The authorization transaction amount must match the settled (deposit) transaction amount.                     The card that is used is not a commercial (business) credit card                                                                 The credit/debit card is present at the time of the transaction, the card’s full magnetic stripe is read by the terminal, and a signature is obtained from the cardholder at the time of the transaction.
The transaction must be authorized and settled under a standard retail industry code.
The transaction must be electronically deposited (batch transmitted) no later than 1 day from transaction/purchase/authorization date.

Mid-Qualified Transaction Conditions
One or more of the Qualified conditions were not met

Non-Qualified Transaction Conditions
One or more of the Qualified conditions were not met, or                                                                               The card that was used was a commercial card without submitting the additional data or:
The transaction was electronically deposited (batch transmitted) greater than 1 day from the authorization date, or:
The transaction was not electronically authorized, or the authorization response data was not included in the transaction settlement.

 

 

 

Posted in Best Practices for Merchants, Credit card Processing, Electronic Payments, Financial Services, Merchant Services Account Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , ,