Category: Best Practices for Merchants

How to SetUp A Merchant Account

Setting up a merchant account.

• First find a Merchant Service Provider.
• Then setup your Business Profile.

Put together your business profile so you can start applying for a merchant account. There are questions that you’ll need to answer, that way merchant account providers have an idea of how they should setup your account.

Some of the questions are:

• Is your business seasonal? For Travel Company it is seasonal, there will be high and low volume. NTC works with  seasonal downtime.
• How do you intend to accept payments? Different business models require different methods of accepting payments. If you’re doing face to face transaction and have physical location then you need a credit card terminal. If you process checks, then you need Electronic Check and ACH Transfers. For e-Commerce shopping carts, wireless/mobile, you can check out our Converge Virtual Merchant and NTC e-Pay.
• How much volume do you plan on processing? Merchant account providers are going to want to know how much sales volume you plan on processing per month. New in the business – give just an estimate average of how much you’ll be processing (per month), within the first 6-months of operation. Been in the business – you’ll already have this number ready.
• What will be your average ticket price?

Example:

Total Sales Revenue = $150,000
Total Number of Sales = 500                                                                                               150,000/500 = $300 (Average Ticket Price)

If you need to setup an account give us a call now at 888-996-2273 or go to www.nationaltransaction.com to know more about our services.    

 

 

Posted in Best Practices for Merchants, e-commerce & m-commerce Tagged with: ach, Converge, credit card terminal, e-commerce, Electronic Check, merchant account, merchant service provider, NTC e-Pay, payments, Travel Company, virtual merchant

Understanding Card-Not-Present Fraud and How To Avoid It

Credit card fraud is much more difficult to prevent in a card-not-present transaction. In a face-to-face setting the merchant can inspect the card to ensure that it is valid and can verify that the cardholder is an authorized user on the account. None of these actions can be performed when the payment is submitted online or accepted by phone. As we moved in adopting EMV Technology, majority of fraud is going to migrate away from counterfeit and stolen cards towards the card-not-present transaction as happened in other countries.

A combination of best practices and fraud prevention tools can provide card-not-present merchants with strong fraud prevention capabilities.

Steps to avoid fraud and protect your business for a card-not-present transaction:

• Email Verification: Send a message to the email address provided by the customer requesting that the customer verify the email address is correct, you can ensure that the email is associated with the other information provided.   
• Maintain PCI compliance:All merchants accepting card payments are now required to be compliant with the requirements of the PCI DSS (Payment Card Industry Data Standard) which sets the rules for data security management, policies, procedures, network architecture, software design and other protective measures.
• Security Code Verification. Requesting the three digit security code on the back of a credit card. Visa (CVV2), MasterCard (CVC 2) and Discover (CID) cards, and the 4-digit numbers located on the front of American Express (CID) cards. Card Security Codes help verify that the customer is in a physical possession of a valid card during a card-not-present transaction.
• Use an Address Verification Service (AVS): Enables you to compare the billing address provided by your customer with the billing address on the card issuer’s file before processing a transaction. AVS is good protection against card information obtained through means like phishing and malware because fraudster might not know the billing address.
• Use 3D Secure Service: MasterCard and Verified by Visa enable cardholders to authenticate themselves to their card issuers through the use of personal passwords they create when they register their cards with the programs. The liability of any fraudulent charges through the 3D service is picked up by the issuer, not the merchant.
• Verify the phone number and transaction information.Prior to shipping your products, call the phone number provided by the customer and verify the transaction information. Criminals may be unable to verify such information, because in their haste to max out the credit line before the fraud is discovered, they often order at random and do not keep records.

 

 

 

Posted in Best Practices for Merchants, e-commerce & m-commerce, Mail Order Telephone Order, Payment Card Industry PCI Security, Travel Agency Agents Tagged with: American Express, card-not-present, card-security, cardholder, cnp, credit card, Discover, EMV, MasterCard, merchant, Payment Card Industry, payments, PCI, visa

PCI Compliance Levels, Description and Validation Requirements.

In order to maintain some sort of order within PCI Compliance, VISA and MasterCard have created 4 risk levels that will apply to any particular business, for determining the risk level of a merchant.

Merchant Level	Description	Validation Requirements
Level 1	Merchants processing over 6 million Visa transactions annually (all channels) or Global merchants identified as Level 1 by any Visa region.	Annual Report on Compliance (ROC) by Qualified Security Assessor (QSA) or internal auditor if signed by officer of the company. Quarterly network scan by Approved Scan Vendor (ASV). Attestation of Compliance Form.
Level 2	Merchants processing 1 million to 6 million Visa transactions annually (all channels).	Annual Self-Assessment Questionnaire (SAQ). Quarterly network scan by ASV.Attestation of Compliance Form.
Level 3	Merchants processing 20,000 to 1 million Visa e-commerce transactions annually.	Annual Self-Assessment Questionnaire (SAQ). Quarterly network scan by ASV. Attestation of Compliance Form.
Level 4	Merchants processing less than 20,000 Visa e-commerce transactions annually and all other merchants processing up to 1 million Visa transactions annually.	Annual SAQ recommended. Quarterly network scan by ASV if applicable. Compliance validation requirements set by acquirer.

 

Posted in Best Practices for Merchants, Credit Card Security, e-commerce & m-commerce, Payment Card Industry PCI Security Tagged with: MasterCard, merchant, PCI Compliance, visa

Meeting EMV Standard

Rules have changed in regards to swiping credit cards October 1^st, 2015 with the EMV Liability Shift; which may not cause much concern for most consumers, but for merchants.

EMV compliance isn’t a legal requirement. However, if you’re a merchant that accepts credit cards in-person, then you need to find out whether you’re meeting the EMV Standard. The new rule for the liability shift applies October 1^st, regardless of the size or type of business. 

What Is EMV Standard?

EMV stands for EuroPay, MasterCard, and Visa, the three companies that originally created the standard.

The EMV Shift is to provide enhanced security and prevent fraudulent activity with credit cards. Updated equipment is also necessary for processing the new computerized cards, and unfortunately, the responsibility of securing up-to-date hardware falls on the merchant.

Since card evolves more instead of cash in our society, fraud and data breaches is on the increase, and now a common occurrence. Adapting new technology is therefore necessary. A hassle for many merchants, but there are actually benefits from all parties involved in a credit card transaction.

Data shows that fraud decreases dramatically when EMV Standards are implemented In Europe. The region has experienced an 80% reduction in credit card fraud, while the USA has seen a 47% increase by NOT implementing EMV standards.

The new liability rules took effect on October 1st in the US, and any party that has not yet implemented EMV-compliant machines might now be liable for fraud committed with counterfeit chip cards. Note that this liability shift only applies to in-person transactions. Phone order and web order transactions will be dealt with as they always were.

For Merchants, it means you’ll eventually need to get new equipment for processing credit cards payments in-person (unless you’ve already done so not too long ago, as nearly all POS terminals sold in the USA nowadays are EMV compliant). For most business owners, it’s a good idea to implement the new system sooner rather than later.

Step to take as a Merchant Until you get your EMV equipment

• Ask for an official ID from customers whose credit card you process.
• Conduct some research to see which EMV system would be best for your business.
• Start shopping around for new payment processing options that are EMV compliant. 

If you already have a machine that can process chip cards, you’re fully EMV-compliant.

If you don’t accept any in-person payments, then you’re all set.

If you do accept in-person payments and you do not have a chip card machine, chances are you’ll be fine for a little while. But those of you with a high risk of encountering a fake card (if you are a high-volume business with a large average ticket, for instance) should probably upgrade soon.

Fraudsters are going to be taking advantage of businesses that haven’t upgraded so it’s a great time to switch!

Check out NTC’s EMV/NFC Capable Terminal!  

 

Posted in Best Practices for Merchants, Credit Card Reader Terminal, Credit Card Security, EMV EuroPay MasterCard Visa, Point of Sale Tagged with: chip cards, credit card transaction, credit cards, credit cards payments, EMV, EMV equipment, EuroPay, high risk, MasterCard, merchants, nfc, payment processing, POS terminals, visa

EMV Liability Shift and Terminal Upgrade

If you accept credit cards and don’t know what EMV is here is what you need to know.

EMV stands for Europay, MasterCard and Visa. A credit card that had a chip embedded in it is an EMV. EMV Cards have been standard in Europe for more than 10 years because they’re more secure than magnetic stripe cards. Magnetic stripe cards doesn’t change, it has static data, which makes them easy to clone. The chip embedded card makes it more difficult and costly to counterfeit because the data that is transmitted changes each time the card is read. This means less fraud.

Liability Shift rules set by Visa and MasterCard as of October 1st. The liability for fraud carried out in physical stores with counterfeit cards belongs to the merchant if it has not yet upgraded its POS system to accept EMV-enabled chip cards.

• Calculate your risk – Consider the cost of replacing your point-of-sale (POS) terminal vs. potential risk. Whether you replace it now or at a later time, eventually all businesses will have to replace their POS terminals.
• Educate your staff – Educated employees translate to better-educated customers. Merchants can help customers better understand this change and what it means for them.
• Upgrade your POS system – Consider using an EMV compliant credit-card reader on a wireless device for an ultra-secure mobile solution. This is also a chance to upgrade other options, such as near field communication NFC technology, which lets consumers use their mobile devices to make payments at the point of sale.

National Transaction Terminals with EMV and NFC (near field communication) Capability To accept Apple Pay, Android Pay and other NFC Transactions at your business. You will need to adopt point-of-sale devices with NFC/contactless readers. 

National Transaction offer a range of options to suite your specific needs.

If you’re using Virtual Merchant Mobile now called Converge please contact our office at 888-996-2273 to know your options.  

Posted in Best Practices for Merchants, Credit Card Reader Terminal, Credit Card Security, EMV EuroPay MasterCard Visa Tagged with: Android Pay, Apple Pay, chip cards, contactless readers, Converge, credit cards, EMV, EuroPay, magnetic stripe, MasterCard, merchants, Near Field Communication, nfc, payments, POS, terminal, Virtual Merchant Mobile, visa

CountryBred and NTC’s ePay (Electronic Invoicing)

 

Dear National Transaction Corporation IT Department,

It is with great pleasure that I write about our wonderful experience with National Transaction Corporation and more specifically with John Barbieri and the e-invoicing product. The tool will streamline our payment processing and make our booking process as a tour operation company exponentially more client friendly. We have already used the system to successfully receive payment from prospective clients literally days after sending them a proposal, instead of waiting weeks for them to fill out, sign and fax in a credit card authorization form. John tailored the system to be fully branded from our company colors to adding custom fields to fit our business needs. I would highly recommend the e-invoicing system for any business looking to streamling their credit card processing and invoicing system.

 

Warmest regards,

Marco A. Marano

CEO, CountryBred

Posted in Best Practices for Merchants, nationaltransaction.com

Big Moment is Today Are you EMV Ready?

The day the payments industry has pointed to for several years arrives today, a turning point in the U.S.‘s migration to EMV chip-and-PIN cards.

Rules set by Visa and MasterCard as of today, the liability for fraud carried out in physical stores with counterfeit cards belongs to the merchant if it has not yet upgraded its POS system to accept EMV-enabled chip cards. Banks will be issuing EMV Chip Cards.

An enormous change, as everyone learns to deal with the new technology that requires consumers to insert their cards and leave them in the store machines throughout a payment transaction, rather than swipe.

In a recent survey, less than a third of merchants overall have invested in EMV-compliant technology, and one study said 80 percent of small and midsize merchants have not upgraded their systems as of today’s liability shift.

Issuers are claiming to be more prepared than merchants, but according to the Smart Card Alliance, around 200 million chip cards have been issued to U.S. cardholders. That, however, is less than 17 percent of the approximately 1.2 billion payment cards in circulation.

What is clear is that today does not represent the end of the journey. The lack of preparedness at the physical point of sale, however, may be beneficial for card-not-present merchants.

Over the past few months, the mainstream media has awoken to the fact that implementing EMV does not mean fraud will disappear. Fraudsters quickly adapted to the difficulty of counterfeiting cards by attacking Card-Not-Present channels, where a chip has no effect.

In other markets, fraud migrated quite rapidly to card-not-present channels. It is necessary on e-commerce merchants to protect themselves with an array of tools, like device authentication, one-time passwords, randomized PIN pad and biometrics. Fraud mitigation tools like data analytics, address and CVV verification, 3D secure and tokenization. These services should be available from their merchant acquirer processor or gateway.

There should be a gradual reduction in card fraud over the next 12-18 months in spite of the delays in this country’s EMV migration. It’s going to take time for the technology to be adopted.

U.S. Merchants’ overall relative lack of preparedness for EMV may give e-commerce and mobile merchants time they didn’t think they would have to explore the options.

Sophisticated authentication technologies such as biometrics will help increase the security of card transactions. Device-based verification could be easily incorporated in an EMV transaction.

Banks have expressed interest more in using the phone as a biometrics. It’s all going to depend on what is the most convenient way to access your funds. The nice thing about biometrics is it’s meant to enable more convenience and stronger security.

 

Posted in Best Practices for Merchants, e-commerce & m-commerce, EMV EuroPay MasterCard Visa, Mobile Payments, Mobile Point of Sale, Point of Sale Tagged with: banks, biometrics, card fraud, card-not-present, chip cards, chip-and-PIN cards, e-commerce, EMV, gateway, merchant acquirer, merchants, mobile merchants, payments industry, point of sale, POS system, processor, tokenization, Visa and MasterCard

Competing for Dominance in Mobile Payments Technology

 

There are three contenders competing for dominance in mobile payments.

NFC – or near-field communication, is a contactless data transfer system similar to RFID. When two NFC-enabled devices come into range, you can transfer data from one to the other (such as bringing a phone in range of a credit card terminal).

NFC is found in a lot of phones, especially the flagship devices from Samsung, LG, and Sony. Apple finally jumped into the NFC game in 2014, and Google relaunched its mobile payments service as Android Pay in 2015. Samsung also launched its own app, aptly named Samsung Pay, in 2015.

NFC is a safe method for payments. Sensitive data is stored in a secure element, either built into the SIM card of a phone or placed in a separate chip. In most cases, retailers never actually see your card or bank account data.

QR Codes – or quick-response codes, have the sort of ubiquity that NFC lacks. They work a bit like your standard bar codes, except that instead of relying on one-dimensional analog scanning, they are digital. That means that with a QR code reader app, your smartphone’s camera can be temporarily converted into a scanner. QR codes can embed way more information than your standard bar codes, which gives them the power to do things like open mobile sites, direct you to YouTube Videos, and even enable you to complete mobile payments.

iBeacon – is an Apple-developed technology that uses Bluetooth Low-Energy (BLE, or sometimes also called Bluetooth Smart). Unlike the other two types of technology, it’s really still in the developmental stages. While it can be used for mobile payments, at the moment the biggest application for iBeacon is actually as proximity alert or geo-fence that can go where GPS doesn’t.

It works like this: iBeacon units are set up throughout a building (such as a department store). When someone with an iBeacon-enabled device comes into range of those beacons, they transmit information. Some of the ways this technology could be used would be to transmit mobile coupons or other special offers, to guide customers throughout the store by department, or even to help them find specific items on a shopping list.

NFC devices need to be within 8 inches (though 2 inches is really most effective). iBeacons, on the other hand, have a range of 50 meters, or about 165 feet.

For payments, iBeacons would work nearly the same as NFC: the phone would wirelessly transmit payment information to the terminal or beacon via Bluetooth.

It’s also worth noting that while iBeacons are Apple technology, they are not exclusive to iOS devices. The phone just needs to have Bluetooth Smart and the appropriate app.

Samsung announced its own version of the iBeacon, called Proximity, at its 2014 developer conference in November. it works the same way as iBeacons, but rather than going through an app, Proximity works directly with the phone’s hardware.

 

 

Posted in Best Practices for Merchants, Mobile Payments, Mobile Point of Sale, Smartphone Tagged with: Android Pay, Apple, bank, card, credit card terminal, google, iBeacon, LG, Mobile Payments, Near Field Communication, nfc, payments, qr codes, Samsung, Samsung Pay, Sony

National Transaction Terminals with NFC (near field communication) Capability

National Transaction Terminals with NFC (near field communication) Capability to accept Apple Pay, Android Pay and other NFC payment transactions at your business. You will need to adopt point-of-sale devices with NFC/Contactless readers.

National Transaction offer a range of options to suite your specific needs.  

Give us a call now! 1-888-996-2273 or go to www.nationaltransaction.com

Posted in Best Practices for Merchants, Credit card Processing, Credit Card Reader Terminal, Credit Card Security, Mobile Point of Sale, Near Field Communication, Point of Sale, Smartphone Tagged with: Android Pay, Apple Pay, contactless readers, Near Field Communication, nfc, payment, point of sale

Questions to ask to help you decide about terminal upgrade

If you accept credit cards and don’t know what EMV is here is what you need to know.

EMV stands for Europay, MasterCard and Visa. A credit card that had a chip embedded in it is an EMV. EMV Cards have been standard in Europe for more than 10 years because they’re more secure than magnetic stripe cards. Magnetic stripe cards doesn’t change, it has static data, which makes them easy to clone. The chip embedded card makes it more difficult and costly to counterfeit because the data that is transmitted changes each time the card is read. This means less fraud.

Questions to ask to help you decide about terminal upgrade.

• Calculate your risk – Consider the cost of replacing your point-of-sale (POS) terminal vs. potential risk. Whether you replace it now or at a later time, eventually all businesses will have to replace their POS terminals.
• Educate your staff – Educated employees translate to better-educated customers. Merchants can help customers better understand this change and what it means for them.
• Upgrade your POS system – Consider using an EMV compliant credit-card reader on a wireless device for an ultra-secure mobile solution. This is also a chance to upgrade other options, such as near field communication NFC technology, which lets consumers use their mobile devices to make payments at the point of sale.

 

 

Posted in Best Practices for Merchants, Credit Card Reader Terminal, Credit Card Security, EMV EuroPay MasterCard Visa, Mobile Point of Sale, Near Field Communication, Point of Sale Tagged with: chip, credit card reader, credit cards, data, EMV, emv cards, EuroPay, magnetic stripe cards, MasterCard, merchants, Mobile Devices, Near Field Communication, nfc, payments, point of sale, POS terminal, visa