Sep
29
2016
MerchantConnect
September 29th, 2016 by Elma Jane

MerchantConnect is a great tool for merchants because it contains all the information that a merchant needs to manage their electronic payment activity. Furthermore, it’s fast, easy and secure!

  • Merchant can either view or update account information and make changes.
  • Find copies of statements.
  • Furthermore find valuable products and services to help merchant with their business.

View recent deposits and other information about account activity including:

  • Batch Details
  • Chargeback
  • Retrieval Status
  • Deposit History

The merchant can also find news and information to help manage payments at your business. Learn how to:

  • Best Qualify Transactions
  • Reduce Risk
  • Manage Chargebacks
  • Find reference guides to help operate your payment terminal

The merchant can also utilize the BIN Lookup when you need to inquire about which bank issued a particular card. Simply enter the first six digits on the card and you will receive the information on the issuing bank, including contact information.

If you need a to set-up an account and want to use this tool give us a call at 888-996-2273  

Posted in Best Practices for Merchants, Electronic Check Services, Electronic Payments Tagged with: , , , , , , , ,

May
17
2016
Risk
May 17th, 2016 by Elma Jane

Businesses run the risk of fraud, but some are more likely to be targeted than others.

Simply being aware that you are operating at a higher risk than normal and putting up your defenses can help you protect your business from online fraud.

By learning more about the types of online fraud, you could experience what to do if you expect a fraudulent transaction. You can also mitigate your risk, even if you sell high-risk items to high-risk customers.

 

 

 

Posted in Best Practices for Merchants, Travel Agency Agents Tagged with: , , , , ,

Apr
20
2016
ECS
April 20th, 2016 by Elma Jane

ECS: An Electronic Mode Of Funds Transfer From One Bank Account To Another

  • Paper check conversion
  • Debit Processing
  • Automated Returns Management
  • Reporting: Merchant Connect, ACS Standard and Custom Files, Enquire and Corporate Management Reports
  • Monthly Statement
  • Risk Services: Verification, Conversion
  • Image

ACH E-CHECK: Uses Bank Routing and Account Number In a CNP Environment.

  • Card-Not-Present e-Processing of ACH Debit
  • Known Relationship B/Consumer and Business
  • NOT for Ecommerce “Sale of Goods and Services”
  • Debit Processing
  • Automated Returns Management
  • Reporting: Merchant Connect, ACS Standard and Custom Files, Enquire and Corporate Management Reports
  • Monthly Statement
  • Risk Services: Verification, Conversion
  • No Image

 

Posted in Best Practices for Merchants, e-commerce & m-commerce Tagged with: , , , , , , , , , , ,

Mar
16
2016
Travel
March 16th, 2016 by Elma Jane

More and more travel agents and tour operators are working in a card-not-present transaction that opens the door to travel agency credit card fraud. Travel Agencies are among the highest-risk merchants, as far as credit card processors are concerned. The reason is more likely the dispute and chargeback transactions.

So what should you do, whether you have just started your travel agency or have been in business for years to reduce risk?   

First, understand the potential liability associated with selling airfares online before you even apply for a merchant account. Understanding risk exposure will help travel agency take adequate steps to minimize losses associated with chargebacks.

A good example is an airline sales agent. A travel agency or a tour operator merchant account may be liable for the entire amount of an airline ticket, if it is successfully disputed by a customer or if it was purchased with a stolen credit card.

To reduce risk, you will need to set up card acceptance policies and procedures to address the following issues:

  1. Authorization requests approved by an issuer. In most cases, airlines are liable for card-not-present transaction fraud, even when they were approved by the card issuer, because authorization approval is not a proof that the legitimate cardholder is making the purchase, nor is it a guarantee of payment.
  2. As a travel agency, your organization may not necessarily be a Visa or MasterCard merchant, subject to the Credit Card Associations’ rules and regulations. In most fraud-related transactions, the airline transfers liability to the travel agency it has partnered with as part of the contractual agreement. In such cases, your organization will bear the full financial responsibility.

Selecting a payment processor is a big step, choose one with experience in working with travel agencies and other high-risk merchants. Your processor must be able to assist you with your fraud prevention procedures.

Check out National Transaction Corp. we are the travel experts when it comes to electronic payments for travel agencies! Give us a call now at 888-996-2273 or visit us at www.nationaltransaction.com

 

 

 

Posted in Best Practices for Merchants, Travel Agency Agents Tagged with: , , , , , , , , , , , , , , , , ,

Sep
23
2014
September 23rd, 2014 by Elma Jane

Home Depot, US retail chain says that 56 million payment cards are at risk following a malware-laden cyber-attack on eftpos tills across its stores in the US and Canada.

The investigation into a possible breach began on September 2nd,Tuesday morning, immediately after Home Depot received reports from its banking partners and law enforcement that criminals may have breached its systems.

According to Home Depot’s security partners, the malware had not been seen previously in other attacks.
Criminals used unique, custom-built malware to evade detection. The cyber-attack is estimated to have put payment card information at risk for approximately 56 million unique payment cards, after lurking in the company’s eftpos tills for four months between April and September.

While the breach has been seen as a further proof-point in the US push to adopt Chip and PIN at the point-of-sale, the fact that the outbreak also hit the home improvement chain’s Canadian stores, where the EMV standard has been implemented, leaves pause for thought. Nonetheless, the retailer has committed to installing 85,000 PIN pads at its US outlets, well ahead of the national 2015 deadline.

Home Depot has set aside $65 million to cover the cost to investigate the data breach, provide credit monitoring services to its customers, increase call center staffing, and pay legal and professional services. Approximately $27 million of the projected outlay will be covered by the company’s insurance.

Posted in Best Practices for Merchants, EMV EuroPay MasterCard Visa, Point of Sale Tagged with: , , , , , , , , , , , , , , , , , , ,

Sep
17
2014
September 17th, 2014 by Elma Jane

Host Card Emulation (HCE) offers virtual payment card issuers the promise of removing dependencies on secure element issuers such as mobile network operators (MNOs). HCE allows issuers to run the payment application in the operating system (OS) environment of the smart phone, so the issuing bank does not depend on a secure element issuer. This means lower barriers to entry and potentially a boost to the NFC ecosystem in general. The issuer will have to deal with the absence of a hardware secure element, since the OS environment itself cannot offer equivalent security. The issuer must mitigate risk using software based techniques, to reduce the risk of an attack. Considering that the risk is based on probability of an attack times the impact of an attack, mitigation measures will generally be geared towards minimizing either one of those.

To reduce the probability of an attack, various software based methods are available. The most obvious one in this category is to move part of the hardware secure element’s functionality from the device to the cloud (thus creating a cloud based secure element). This effectively means that valuable assets are not stored in the easily accessible device, but in the cloud. Secondly, user and hardware verification methods can be implemented. The mobile application itself can be secured with software based technologies.

Should an attack occur, several approaches exist for mitigating the Impact of such an attack. On an application level, it is straightforward to impose transaction constraints (allowing low value and/or a limited number of transactions per timeframe, geographical limitations). But the most characteristic risk mitigation method associated with HCE is to devaluate the assets that are contained by the mobile app, that is to tokenize such assets. Tokenization is based on replacing valuable assets with something that has no value to an attacker, and for which the relation to the valuable asset is established only in the cloud. Since the token itself has no value to the attacker it may be stored in the mobile app. The principle of tokenization is leveraged in the cloud based payments specifications which are (or will soon be) issued by the different card schemes such as Visa and MasterCard.

HCE gives the issuer complete autonomy in defining and implementing the payment application and required risk mitigations (of course within the boundaries set by the schemes). However, the hardware based security approach allowed for a strict separation between the issuance of the mobile payment application on one hand and the transactions performed with that application on the other hand. For the technology and operations related to the issuance, a bank had the option of outsourcing it to a third party (a Trusted Service Manager). From the payment transaction processing perspective, there would be negligible impact and it would practically be business as usual for the bank.

This is quite different for HCE-based approaches. As a consequence of tokenization, the issuance and transaction domains become entangled. The platform involved in generating the tokens, which constitute payment credentials and are therefore related to the issuance domain, is also involved in the transaction authorization.

HCE is offering autonomy to the banks because it brings independence of secure element issuers. But this comes at a cost, namely the full insourcing of all related technologies and systems. Outsourcing becomes less of an option, largely due to the entanglement of the issuance and transaction validation processes, as a result of tokenization.

 

Posted in Best Practices for Merchants, Credit Card Security, EMV EuroPay MasterCard Visa, Near Field Communication, Visa MasterCard American Express Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Sep
16
2014
September 16th, 2014 by Elma Jane

Card-not-present merchants are battling increasingly frequent friendly fraud. That type of fraud..The I don’t recognize or I didn’t do it dispute. This occurs when a cardholder makes a purchase, receives the goods or services and initiates a chargeback on the order claiming he or she did not authorize the transaction.

This problem can potentially cripple merchants because of the legitimate nature of the transactions, making it difficult to prove the cardholder is being dishonest. The issuer typically sides with the cardholder, leaving merchants with the cost of goods or services rendered as well as chargeback fees and the time and resources wasted on fighting the chargeback.

Visa recently changed the rules and expanded the scope of what is considered compelling evidence for disputing and representing chargeback for this reason code. The changes included allowing additional types of evidence, added chargeback reason codes and a requirement that issuers attempt to contact the cardholder when a merchant provides compelling evidence.

The changes give acquirers and merchants additional opportunities to resolve disputes. They also mean that cardholders have a better chance to resolve a dispute with the information provided by the merchant. Finally, they provide issuers with clarity on when a dispute should go to pre-arbitration as opposed to arbitration.

Visa has also made other changes to ease the burden on merchants, including allowing merchants to provide compelling evidence to support the position that the charge was not fraudulent, and requiring issuers to a pre-arbitration notice before proceeding to arbitration, which reduces the risk to the merchant when representing fraud reason codes.

The new “Compelling Evidence” rule change does not remedy chargebacks but brings important changes for both issuers and merchants. Merchants can provide information in an attempt to prove the cardholder received goods or services, or participated in or benefited from the transaction. Issuers must initiate pre-arbitration before filing for arbitration. That gives merchants an opportunity to accept liability before incurring arbitration costs, and Visa will be using information from compelling evidence disputes to revise policies and improve the chargeback process

Visa made those changes to reduce the required documentation and streamline the dispute resolution process. While the changes benefit merchants, acquirers and issuers, merchants in particular will benefit with the retrieval request elimination, a simplified dispute resolution process, and reduced time, resources and costs related to the back-office and fraud management. The flexibility in the new rules and the elimination of chargebacks from cards that were electronically read and followed correct acceptance procedures will simplify the process and reduce costs.

Sometimes, an efficient process for total chargeback management requires expertise or in-depth intelligence that may not be available in-house. The rules surrounding chargeback dispute resolution are numerous and ever-changing, and many merchants simply do not have the staffing to keep up in a cost-effective and efficient way. Chargebacks are a way of life for CNP merchants; however, by working with a respected third-party vendor, they can maximize their options without breaking the bank.

Reason Code 83 (Fraud Card-Not-Present) occurs when an issuer receives a complaint from the cardholder related to a CNP transaction. The cardholder claims he or she did not authorize the transaction or that the order was charged to a fictitious account number without approval.

The newest changes to Reason Code 83, a chargeback management protocol, offer merchants a streamlined approach to fighting chargebacks and will ultimately reduce back-office handling and fraud management costs. Independent sales organizations and sales agents who understand chargeback reason codes and their effect on chargeback rates can teach merchants how to prevent chargebacks before they become an issue and successfully represent those that they can’t prevent.

Posted in Best Practices for Merchants, EMV EuroPay MasterCard Visa, Visa MasterCard American Express Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Aug
29
2014
August 29th, 2014 by Elma Jane

Merchant_Account_Type

High risk credit card processing is electronic payment processing for businesses deemed as HIGH RISK by the MERCHANT SERVICES INDUSTRY

The high risk segment of payment processing has become more important as banks and ISO’s have begun to tighten up their credit restrictions and underwriting policies. Businesses are classified as high risk primarily because of their product or service and the way they go to market. In merchant services, risk is related to CHARGEBACKS or customer disputes.

The more likely a business to have chargebacks, the higher risk the business. For instance, online businesses selling a weight loss product through a free trial offer, is more likely to have chargebacks than a retail store selling the same weight loss product.

Merchants are often unaware their business falls into the high risk category when they first start shopping for a merchant account. Getting a high risk merchant account can be difficult.

These providers have more stringent requirements and the application process is longer compared to traditional merchant account providers.

High risk businesses should expect to pay higher rates and fees for payment processing services. As a general rule of thumb, merchants should count on paying at least more than a traditional merchant account. Most high risk merchant accounts also require a contract of at least 18 months, whereas low risk providers offer accounts without cancellation fees or contracts.

ROLLING RESERVES are also a big part of high risk credit card processing. Most high risk merchants have some sort of rolling reserve placed on the account, especially new accounts without any processing history. A Reserve refers to an account where a percentage of the funds from transactions are held in reserve to cover against any chargebacks or fees that the processor may not be able to collect from the merchant. This is similar to a security deposit, but merchants don’t have to pay it up front. Reserves are a pain point for many small high risk merchants, but they are definitely necessary and without them, processors would not accept any high risk merchants at all.

What Businesses Are High Risk?

As mentioned earlier, businesses are usually classified as high risk due to the product or service they offer, however merchants with severely damaged credit or a recent bankruptcy can also be considered high risk. Below are just of the few common high risk merchant categories:

Adult Websites

Cigars & Pipe Tobacco Online

Collection Agencies

Credit Repair

Debt Consolidation

E-Books & Software

Electronic Cigarettes

Firearms – Online

High Ticket & High Volume

Medical Marijuana Dispensaries

Multi Level Marketing & Business Opportunities

Nutraceuticals like weight loss supplements, cleansers etc.

Penny Auctions

Sports Betting Advice

Ticket Brokers – Online Tickets

TMF Merchants

Travel & Timeshare

Unfortunately this list is growing and some credit card processing companies even classify any start up Internet business, that doesn’t have extensive financials to be high risk. With the recent economic recession in the United States, there has been an increase in these start up Internet ventures. People are either looking to supplement their income or start their own business instead of looking for work.

How To Protect Your Business

Accepting credit cards is the single most important part of most online businesses. Unfortunately, many successful businesses go under after having their merchant account shut down. High risk merchants should always be cognizant of their merchant account and pay attention to chargeback percentages. Below are some tips for high risk merchants looking for payment processing solutions.

Be Upfront: Make sure your processor knows exactly what you sell and how you market the product/service. If they don’t accept your business type, keep shopping for a new merchant account provider. Many merchants will try to fly under the radar by not revealing all their products or fully disclose their marketing methods to the processor. This is a bad move, the processor will eventually find out the details about your business. This is usually from doing an audit on your transactions and contacting your customers.

Negotiate Every 3 Months: Credit card processing companies underwrite applications based on previous processing history. If there is no previous history, the account is riskier and the terms offered are usually more expensive and restrictive. You can always re-negotiate your rates, reserves and other contract terms with your current processor. Once they have 3 months of history to evaluate, they may be able to offer you a better deal. Three months of history is the magic number for most processors. If you applied without the previous history and were declined, there is a chance the same processor will approve your application if you provide 3 months of previous statements.

Prepare For The Worst: All high risk merchants should keep at least 2 active merchant accounts, from different providers. You never know when underwriting guidelines might change, or you may have an influx of chargebacks. Having a backup account or even multiple back up accounts is a good idea. Many high risk providers offer a load balancing gateway, which allows for multiple merchant accounts to be integrated into one payment gateway. This way you can spread transactions across multiple accounts, through one shopping cart/gateway.

 

Posted in Best Practices for Merchants Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

May
08
2014
May 8th, 2014 by Elma Jane

The complexity derives from PCI’s Data Security Standards (DSS), which include up to 13 requirements that specify the framework for a secure payment environment for companies that process, store or transmit credit card transactions.

Make PCI DSS Assessment Easier  

Training and educating employees. Technical employees should obtain any certifications or training classes necessary so that they can operate and monitor the security control set in place. Non-technical employees must be trained on general security awareness practices such as password protection, spotting phishing attacks and recognizing social engineering. All the security controls and policies in the world will provide no protection if employees do not know how to operate the tools in a secure manner. Likewise, the strongest 42-character password with special characters, numbers, mixed case, etc. is utterly broken if an employee writes it on a sticky note attached to their monitor.

For an organization to effectively manage its own risk, it must complete a detailed risk analysis on its own environment. Risk analysis goal is to determine the threats and vulnerabilities to services performed and assets for the organization. As part of a risk assessment, organization should define critical assets including hardware, software, and sensitive information and then determine risk levels for those components. This in turn allows the organization to determine priorities for reducing risk. It is important to note that risks should be prioritized for systems that will be in-scope for PCI DSS and then other company systems and networks.

Once the risk assessment has been completed the organization should have a much clearer view of its security threats and risks and can begin determining the security posture of the organization. Policies and procedures form the foundation of any security program and comprise a large percentage of the PCI DSS requirements. Business leaders and department heads should be armed with the PCI DSS requirements and the results of the risk analysis to establish detailed security policies and procedures that address the requirements but are tailored to business processes and security controls within the organization.

Building upon the foundation of security policies, the committee of business leaders and department heads should now review the PCI DSS requirements in detail and discuss any potential compliance gaps and establish a remediation plan for closing those gaps. This is where it is important to have the full support of business leaders who can authorize necessary funds and manpower to implement any remediation activities.

This is also the time to schedule the required annual penetration testing. These are typically performed by third parties, but is not required to be performed by third parties, and can take some time to schedule, perform, and remediate (if necessary). The results of a PCI DSS assessment will be delayed until the penetration test is completed so now is the time to schedule the test.

At this point the organization is ready for a full-scale PCI DSS assessment and can now enter a maintenance mode where periodic internal audits occur and regular committee meetings are held to perform risk assessments and update policies, procedures, and security controls as necessary to respond to an ever changing threat landscape. PCI DSS must become integrated into the everyday operation of the organization so that the organization remains secure and to ease the burden of the annual assessments.

Payment Card Industry (PCI) compliance assessment is a major task for any size organization, but you can make it easier.

 

Posted in Best Practices for Merchants, Credit Card Security, Payment Card Industry PCI Security Tagged with: , , , , , , , , , , , , , , , , , , , , , , , ,

Dec
19
2013
December 19th, 2013 by Elma Jane

NTC’s BIG DATA

Improving Collection and Analytics tools to Create Value from Relevant Data.

Big data is a popular term used to describe the exponential growth and availability of data, both structured and unstructured. And big data may be as important to business…and society… as the Internet has become. Why? More data may lead to more accurate analyses. More accurate analyses may lead to more confident decision making, and better decisions can mean greater operational efficiencies, cost reductions and reduced risk.

With NTC Virtual Merchant product, it captures email addresses at the Point-of-Sale (POS) into a database to assist merchants and consumer stay connected, and for future Marketing.

In understanding Big Data For Merchants, NTC’s President Mark Fravel, provided a general overview of how online merchants can use Big Data. Large amounts of seemingly random data from many sources…can be used to create competitive advantages.

Necessity of Analytical Tools

Collecting Big Data is the easy part. Storing, organizing, and analyzing it is much more complex. One seam of data that several experts identify as a particularly rich, emerging source of information can be as diverse as CRM software, AdWords, and your own website. Mobile communications, including text messages and social media posts such as Facebook and Twitter. Making sense of it can be overwhelming without analytical tools. These tools facilitate the examination of large amounts of different types of data to reveal hidden patterns and correlations that are not otherwise easily discernible.

A good example is NTC, they could analyze data on visitor browsing patterns, login counts, phone calls, and responses to promotions…they can monitor to eliminate what isn’t working and focus on what does. Some of the off-the-shelf analytic solutions are so finely tuned, they can tell a vendor whether it needs to offer a 25 percent discount or if a 15 percent discount will suffice for a particular customer.

Association rule learning is another analytics method that is a good fit with Big Data. This could be, for example, a shopping cart analysis, in which a merchant can determine which products are frequently bought together and use this information for marketing purposes.

Uses of Big Data Analytics:

Big Data can be most useful in analyzing a customer’s shopping and purchasing experience, which can help a merchant in the following four ways.

Become more efficient by alerting you to merchandising efforts that are ineffective, and products that are not selling.

Encourage more purchases by presenting existing customers with complementary items to what they’ve purchased previously.

Enhance inventory management by eliminating slow-moving items and increasing the supply of fast-moving merchandise.

Example: A top marketing executive at a sizable U.S. retailer recently found herself perplexed by the sales reports she was getting. A major competitor was steadily gaining market share across a range of profitable segments. Despite a counterpunch that combined online promotions with merchandising improvements, her company kept losing ground….The competitor had made massive investments in its ability to collect, integrate, and analyze data from each store and every sales unit and had used this ability to run myriad real-world experiments. At the same time, it had linked this information to suppliers’ databases, making it possible to adjust prices in real time, to reorder hot-selling items automatically, and to shift items from store to store easily. By constantly testing, bundling, synthesizing, and making information instantly available across the organization…the rival company had become a different, far nimbler type of business.

Increase conversion rates by better identification of successful sales transactions.

Is Big Data Analysis Affordable?

NTC Data Storage is also a good alternative for small ecommerce merchants because it is relatively inexpensive and is scalable it can expand as data requirements grow.

Relying on data-driven decision-making is crucial in industries in which profit margins are slim. Amazon, which earns increasingly thin profit margins, is one of the most effective users of data analytics. As more Big Data solutions for small online businesses come to market and more online merchants incorporate Big Data into their business tool set, employing Big Data will become a necessity for all Merchants.

Using data wisely has the potential to boost margins and increase conversions for online merchants, and investors are banking on it.

This is Big Data for NTC we know WHO, WHAT,WHEN, AND WHERE a purchase took place. 

Posted in Best Practices for Merchants, Credit card Processing, e-commerce & m-commerce, Electronic Payments, Internet Payment Gateway, Mobile Payments, Mobile Point of Sale, Point of Sale, Visa MasterCard American Express Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Next Articles »