Category: Credit card Processing

Mar
03
2014
March 3rd, 2014 by Elma Jane

A solution for mobile commerce will be needed eventually, whether you’re an ecommerce merchant or you run a brick-and-mortar shop.

There are mobile payment platforms for digital wallets, smartphone apps with card-reader attachments, and services that provide alternative billing options. Here is a list of mobile payment solutions.

Boku enables your customers to charge their purchases directly to their mobile bill using just their mobile number. No credit card information, bank accounts or registration required. The Boku payment option can be added to a website, mobile site, or app. Price: Contact Boku for pricing.

Intuit GoPayment  is a mobile credit card processing app from Intuit. It accepts all credit cards and can record cash or check payments. Intuit GoPayment transactions sync with QuickBooks and Intuit point-of-sale products. Intuit GoPayment works with iOS and Android devices and provides a free reader. Price: $12.95 per month and 1.75 percent per swipe, or 2.75 percent per swipe and 3.75 per keyed transaction.

iPayment MobilePay is a mobile payment solution from Flagship Merchant Services and ROAMpay. The service accepts all major cards and can record cash transactions. To help build your customer database, the app completes customer address fields for published landlines. The app can handle taxes, tips, and can record transactions offline. You can use the service month-to-month. The app and the reader are free. Price: $7.95 per month; Each transaction costs $0.19 plus a swipe fee maximum of 1.58 percent, or a key fee between 1.36 and 2.56 percent.

ISIS mobile commerce platform enables brick-and-mortar stores to collect payments (via an NFC terminal) from the mobile devices of their customers. Provide your customers with a simplified checkout process through the contactless transmission of payments, offers, and loyalty integrated in one simple tap. Price: Isis does not charge for payment transactions in the Isis Mobile Wallet. Payment transaction fees will not be increased by working with Isis.

LevelUp is mobile payment system that uses QR codes on smartphones to process transactions. Use LevelUp with a scanner through your POS system, or use a standalone scanner with a mobile device. You can also enter the transaction through the LevelUp Merchant App, using your smartphone’s camera to read the customer’s QR Code and entering the amount to complete the transaction. LevelUp also provides tools to utilize customer data. Price: LevelUp charges a 2 percent per transaction fee. Scanner is $50; tablet is $200.

MCX is a mobile application in development by a group of large retail merchants. Details on the solution are vague, but MCX is intended to offer a customizable platform that will be available through virtually any smartphone. MCX’s owner-members include a list of merchants in the big-box, convenience, drug, fuel, grocery, quick- and full-service dining, specialty-retail, and travel categories. Price: To be determined.

mPowa is a mobile payment app to process credit and debit card transactions, and record cash and check sales. mPowa will soon launch its PowaPIN chip and PIN reader for the EMV (“Europay, MasterCard, and Visa”) card standard. (Developed in Europe, EMV utilizes a chip embedded in a credit card, rather than a magnetic strip.) The EMV standard is likely to gain footing to combat credit card fraud. mPowa is a good solution for merchants with a global presence. Price: 2.95 percent per transactions, or .25 percent or $0.40 per transaction when used as a current processor’s point-of-sale system.

PayAnywhere is a solution to accept payments from your smartphone or tablet with a reader. It features an automatic tax calculation based on your current location, discounts and tips, inventories with product images and data, and more. Bilingual for English and Spanish users. PayAnywhere provides a free credit card reader and free app, available for iOS and Android. Price: 2.69 percent per swipe, 3.49 percent plus $0.19 per keyed transaction.

PayPal Here gives you a variety of options for accepting payments, including credit cards, PayPal, check, record cash payments, or invoice. With PayPal Here, you can itemize sales totals, calculate tax, offer discounts, accept tips, and manage payment email notifications. Available for iOS and Android. The app and reader are free. Price: 2.75 percent per swipe and 3.5 percent plus $0.15 per manually-entered transaction.

Square is a simple approach to mobile credit card processing. Square provides a free point of sale app and a free credit card reader for iPhones and iPads. Square offers a selection of tools to track sales, taxes, top-purchasing customers, and more. Square’s pricing is on the higher end, but with no monthly fee Square may be a good fit if you have infrequent mobile transactions. Price: 2.75 percent per swipe and 3.5 percent plus $0.15 per manually-entered transaction.

 

 

Posted in Credit card Processing, Credit Card Reader Terminal, Credit Card Security, Digital Wallet Privacy, e-commerce & m-commerce, Electronic Check Services, Electronic Payments, EMV EuroPay MasterCard Visa, Financial Services, Internet Payment Gateway, Mail Order Telephone Order, Mobile Payments, Mobile Point of Sale, Near Field Communication, Point of Sale, Small Business Improvement, Smartphone, Visa MasterCard American Express Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Feb
24
2014
February 24th, 2014 by Elma Jane

When someone asks what business you are in, how do you typically respond?

For many online sellers, the answer is likely I sell (name of the product), I’m an ecommerce merchant or I’m an online retailer.

Make the focus of your business your customers and its value proposition, not the fact that you sell online. It’s time to simply answer the question of what business you are in with a response that is more or less, “I am a (distributor, retailer, reseller) of (name your products) for (name your market).”

Back then, most business owners who sold products online described themselves as “ecommerce businesses” or “online retailers,” to differentiate from brick-and-mortar or catalog retailers. Most operated their own pure-play online stores. Some sold products on eBay. Amazon’s marketplace was mostly comprised of larger retailers. There’s an evolution in how e-commerce owners describe themselves.

Today, you will still hear many online sellers describe themselves as “ecommerce businesses” or “online retailers.” But, in 2014, those terms don’t really apply. Whatever you sell, you are delivering a set of products to meet the needs of a specific market. “Ecommerce” or “online retailing” is simply a technology and a sales channel.

There is now no difference between “ecommerce” and “commerce.” It’s time to get rid of the “e” in ecommerce. Most businesses participate in ecommerce in some fashion. You engage your customers in many different channels — your own e-commerce site, brick-and-mortar, online marketplaces. Regardless, you and virtually every other B-to-C or B-to-B company are selling goods to customers across those channels.

Why Worry about Labels?

Today, commerce is multichannel and highly competitive. It’s done online, on the phone, face-to-face, and on desktop, mobile, and tablet devices. Make sure your business has an omnichannel strategy, so your shoppers can find you. Make sure the information about your company and products is consistent regardless of the channel. Focus on whom your prospective customers are, what they want to buy, and how much they are willing to pay.

Business owners should think strategically. Part of strategic thinking is focusing on the bigger picture, such as having the right products and ensuring that your buyers can find them.

 Omnichannel Focus

Think about omnichannel commerce every day. Get your brand and products in front of your target customers regardless of where they are shopping. Below are some things to consider to facilitate an omnichannel strategy.

Chat and phone. If you don’t offer online chat or take phone orders, consider doing so.

Marketplaces. If you aren’t selling your products in marketplaces outside of your own online store, consider doing so.

Mobile. If you don’t have a mobile strategy, you need one.

Payment options. If you only take credit cards for payments on your website, add alternative payments like PayPal, Google Wallet, or Amazon Payments.

Social media. If you don’t have a social media presence, your market share is likely declining.

Customer Focus

Twenty-five years ago, if you asked a brick-and-mortar retailer or a catalog vendor what business she was in, she would likely respond as, say, “jewelry retailer,” “men’s clothing store,” “a department store,” or “hardware store.” She knew her target customer niche, how to reach them, and what products they wanted to buy. Those businesses that did the best job of (a) matching products to the consumer, (b) offering low prices, and (c) utilizing the right distribution likely won most of the business.

It’s time to get back to that focus. It’s more challenging than it used to be because the purchase cycles are far more complex than in 2002. There is no longer a straight path from identifying the need to research to purchase. Consumers typically identify a need and purchase intent, research products, research prices, research products further, conduct social media research, and then purchase a product and demand instant gratification and free shipping.

To be successful in 2014, commerce – not just ecommerce – requires the following.

Emphasize your value proposition. Regardless of how a shopper finds you, be sure he can quickly find out that you are a leading retailer of products in your market. Being clear on what your business is will also help establish trust with your shoppers.

Execute the 4 Ps of sales and marketing – “product,” “price,” “promotion,” and “place.”

First, make sure you know your target customers and what problems they are trying to solve or the need that you fulfill with your products. Know their demographics, their buying cycles, price tolerance, and where they research and shop.

Know your competitors.

Posted in Credit card Processing, Digital Wallet Privacy, e-commerce & m-commerce, Electronic Payments, Internet Payment Gateway, Mail Order Telephone Order, Mobile Payments, Small Business Improvement, Smartphone Tagged with: , , , , , , , , , , , , , , , , , , ,

Feb
21
2014
February 21st, 2014 by Elma Jane
QR Code for National Transaction Corporation

NationalTransaction.com QR Code

Emerging economies, such as the BRIC countries and the next layer of emerging markets, are seeing particularly fast growth of alternative payments, said Kevin Dallas, chief product and marketing officer for e-commerce at WorldPay. This means the complexity of the payment landscape will increase further. Merchants will need to ensure they understand diverging regional and sector trends in preferred methods of payment.

In three years alternative payments will eclipse credit card payments as the dominant way to pay online, according to a report yesterday from London-based e-commerce processor WorldPay. In Your Global Guide to Alternative Payments (Second Edition), WorldPay found card payments online, which accounted for 57 percent of transactions in 2012, will fall to 41 percent in 2017. Alternative payment methods (defined by the report as anything other than credit or debit cards including bank transfers, direct debits, e-wallets, mobile, COD and others) will rise to 59 percent of online transactions in the next three years. Part of the reason is the preferred payment methods in some of the fastest growing e-commerce markets are not cards.

The report predicts e-wallet transactions alone will equal the number of credit card transactions online at 41 percent, becoming the most popular method of paying online globally by 2017. Currently, PayPal is the most popular alternative payment method in the world with a market share of 57 percent. China’s Alipay is second at 20 percent.

Posted in Credit card Processing, Digital Wallet Privacy, e-commerce & m-commerce, Electronic Payments, Internet Payment Gateway, Mobile Payments, Mobile Point of Sale, Near Field Communication, Visa MasterCard American Express Tagged with: , , , , , , , , , , , , , , , , , , ,

Feb
20
2014
February 20th, 2014 by Elma Jane
Android-iPhone-Credit-Card-Reader

Android-iPhone-Credit-Card-Reader

Several options exist for mobile credit card processing.

Credit card processing on iPhone/ipad/Android/BlackBerry or Tablets – Using NTC’s portable credit card readers, merchants can now swipe credit cards on iPad or Android tablet devices. NTC’s Virtual Merchant solution allows users to download a secure application to interfere your smartphone with our merchant account services seamlessly. The application and credit card processing data on the carriers network or a WiFi connection to the internet.

NTC’s MagTek Bullet Swipe Credit Card Reader for Android Phones and Tablets.

Using any Android 2.2. or higher device you can process credit card transactions securely to the smartphone via Bluetooth and utilize wireless devices internet connection (WiFi or Carrier) to send the credit card processing data encrypted for processing approval.

Security anywhere. With the BulleT Secure Credit Card Reader Authenticator (SCRA), security comes with the flexibility and portability of a Bluetooth wireless interface. Small enough to fit into the palm of your hand, the BulleT enables secure wireless communications with a PC or mobile phone using the popular Bluetooth interface. Not only does the BulleT encrypt card data from the moment the card is swiped, but it also enables card authentication to immediately detect counterfeit or altered cards.

Ideal for merchant services accounts and financial institutions’’ mobile credit card processing, NTC’s BulleT offers MagnaSafe credit card processing security features with the convenience of a Bluetooth interface. This powerful combination assures credit card data protection, transaction security and convenience needed to secure mobile credit card processing with strong encryption and 2-factor authentication. The BulleT is specifically designed to leverage the existing magnetic stripe credit card reader as a secure token empowering cardholders with the freedom and confidence of knowing that their credit card transactions are secure and protected anytime, anywhere. Android Credit Card Swipe Reader for Android Phones and Tablets on your wireless mobile merchant account.

 

NTC’s MagTek iDynamo Credit Card processing swipe reader for iPhone and Ipad.

Credit card processing on an iPhone has never been easier. Simply attach NTC’s  iDynamo card reader to your iPhone or iPad device, install our Virtual Merchant software from the App Store and you’re ready to go. Take advantage of lower credit card processing rates by processing swiped transactions instead of  keying the credit card in later and get paid faster. From the company that leads with Security from the Inside MagTek has done it again with the iDynamo, a secure card reader authenticator (SCRA) designed to work with the iPhone and iPad. The iDynamo offers MagnasafeTM security and delivers open standards encryptions with simple, yet proven DUKPT key management, immediate tokenization of card data and MagnePrint card authentication to maximize data protection and prevent the use of counterfeit cards. Mobile merchants can now leverage the power of their iPhone/iPod Touch products without the worries of handling or storing sensitive card data at any time. Ideal for wireless mobile merchant accounts and mobile credit card processing, the iDynamo offers MagneSafe security features combined with the power of iPhone and iPod Touch products. This powerful combination assures convenience and cost savings, while maximizing credit card data protection and credit card transaction security from the moment the card is swiped all the way to authorization. No other credit card reader beats the protection offered by a MagnaSafe product.

Other credit card devices claim to encrypt data in the reader. NTC’s iDynamo encrypts the data inside the read head, closest to the magnetic stripe and offers additional credit card security layers with immediate tokenization of card data and MagnePrint card authentication. This layered approach to security far exceeds the protection of encryption by itself, decreases the scope of PCI compliance, and reduces fraud.

NTC’s  iDynamo is rugged and affordable, so it not only withstands real world use, it performs to the high standards set by MagTek as the leader in magnetic credit card swipe reading products for nearly 40 years.

Posted in Credit card Processing, Credit Card Reader Terminal, Credit Card Security, Digital Wallet Privacy, e-commerce & m-commerce, Electronic Payments, Internet Payment Gateway, Merchant Services Account, Mobile Payments, Mobile Point of Sale, Payment Card Industry PCI Security, Smartphone Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Feb
18
2014
February 18th, 2014 by Elma Jane

For Ecommerce Testing, Clarify Conversion Goals

Before you can start any testing on your ecommerce site, you need to clarify your goals. Setting the right goals is the first step to making any improvements. There’s a saying, “Whatever you measure grows.” So, make sure you measure the right thing.

Goals may seem like the obvious part. After all, you already know you want more sales, right? But there’s more to goal setting than just deciding to try and increase your sales.

The Goals Waterfall

Your goals for your conversion-optimization tests should flow from your marketing goals, which ultimately flow from the organization’s overall goals and strategy.

Business Goals – Marketing Goals – Conversation Optimization Goals.

The goals from optimization testing should follow from a company’s overall goals and strategy

Your business goals should determine your website goals, which should be prioritized to determine your leading conversion optimization goal.

The conversion optimization goal for any test should be selected based on how well it supports the website’s goals. This is often an area where there’s confusion about what are the priority metrics to improve. Don’t get off track by following website goals that don’t support marketing goals.

 

Prioritize Goals

Most sites will have several key goals, so you’ll need to prioritize them. You can do this in three steps.

Rank your goals in terms of their relative value to your business:

Assigning values to goals. The values don’t have to be absolutely accurate revenue-producing numbers to begin. Pick a median goal on your list, and assign it an arbitrary amount, and then estimate the relative value of goals above and below it.

Estimating actual goal values. Now, to get even better results, you can refine these relative numbers with whatever hard data you have, such as average order value, lifetime value of a customer, or the close rate and value your sales team sees when following up on quote requests. Don’t worry about 100 percent accuracy. It’s better to start testing with relatively firm numbers than to delay until everything’s perfect.

 Priority          Goal

1                 Product Sale

2                 Quote Request

3                 Whitepaper Download

4                 Blog Comment

5                 Social-Media Profile Activity

 Tracking Your Goals

Once you’ve identified your most important conversion goal for your experiment, make sure you track it. Goals are a crucial part of your web analytics setup. If you don’t have keys goals in place, you’re missing out on half the value of your various reports.

That means translating your testing goal into a technical goal trigger that will be tracked by the analytics and testing tools you’re using. The goal you track must be represented by a specific action the visitor takes on the website, like a button click or a visit to a page. Think about an action on the site that the visitors will do only once they have completed the goal.

The key is that it should be an action as close to revenue as possible. So, if your goal is to sell a product, you should track a post-sale thank you page as the goal trigger. (If you also accept phone orders, you may need to tackle some advanced tracking techniques to get reliable test results.)

Goals with values attached to them, as explained above, are the only way to find your most valuable visitors, they’re crucial for effective conversion optimization testing.

Be sure to set up ecommerce revenue tracking as well. Increasing average order value can be just as effective as boosting your sales conversion rate, and you’ll want to be able to include that in your results analysis.

A Single Goal

Web analytics tools can provide a ton of information, and it’s not uncommon for e-commerce sites to have a handful of key performance indicators. Example, you may track time on page and the add-to-cart rate, but when it comes to conversion optimization A/B testing, it’s important to focus on only the revenue-producing goals or goals for each test. Always make sure you are tracking revenue for each test variation. Otherwise, you could pick a conversion rate winner that inadvertently sells lower-value products.

Track revenue-producing goals for your A/B tests, but those other goals are still useful too. While not all web analytics goals are the best for A/B testing, they still may be helpful to generate hypotheses and explore new testing opportunities.

By paying attention to secondary goals, you can discover new testing avenues that help you get even more value from your ecommerce website.

Track as many goals and actions as you can with your web analytics tools so you can be free to explore your visitors’ behavior. Within web analytics is where you can do freeform exploration to generate ideas or hypotheses for your A/B tests. Then, validate those ideas through revenue-tracking controlled tests.

Posted in Best Practices for Merchants, Credit card Processing, Small Business Improvement Tagged with: , , , , , , , , , , , , , , , , , , , , , ,

Feb
18
2014
February 18th, 2014 by Elma Jane

Payment Tokenization Standards

Tokenization is the process of replacing a traditional card account number with a unique payment token that is restricted in how it can be used with a specific device, merchant, transaction type or channel. When using tokenization, merchants and digital wallet operators do not need to store card account numbers; instead they are able to store payment tokens that can only be used for their designated purpose. The tokenization process happens in the background in a manner that is expected to be invisible to the consumer.

EMVCo – which is collectively owned by American Express, Discover, JCB, MasterCard, UnionPay and Visa – has announced that it is expanding its scope to lead the payments industry’s work to standardize payment tokenization. EMVCo says that the new specification will help provide the payments community with a consistent, secure and interoperable environment to make digital payments when using a mobile handset, tablet, personal computer or other smart device.

Key elements of EMVCo’s work include adding new data fields to provide richer industry information about the transaction, which will improve transaction efficiency and enhance the consumer and merchant payment experience by helping to prevent fraudulent card account use. EMVCo will also create a consistent approach to identify and verify the valid use of a token during payment processing including authorization, capture, clearing and settlement.

EMVCo’s announcement follows an earlier joint announcement from MasterCard, Visa and American Express that proposed an initial framework for industry collaboration to standardize payment tokenization. EMVCo says it will now build on this framework with collective input from all of its members and the industry as a whole.

Posted in Credit card Processing, Credit Card Reader Terminal, Credit Card Security, Digital Wallet Privacy, Electronic Payments, Financial Services, Payment Card Industry PCI Security, Visa MasterCard American Express Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Feb
17
2014
February 17th, 2014 by Elma Jane

Facts about Chargeback

Merchants know chargebacks are bad, but many aren’t aware of simple facts that can help them better understand and guard against fraud accordingly.

Do you know which month is the worst for fraud charge backs?

which transaction amounts are the most likely to be disputed?

or which U.S. states are the biggest offenders?

If not, a Big Data fraud science firm – will help you prepare for a smoother 2014.

Facts you’ll learn: 

The most common fraudulent chargeback amount.

The day of the week when chargebacks are most likely to occur.

The time of year charge backs are most likely to occur.

49% of all fraudulent chargebacks happen after 60 days or more from date of purchase.

$1,000 is the most common attempted unauthorized sales amount (followed by $2,500, $2,000, $1,500 and $5,000).

11% of all fraudulent transactions fall under the Merchant category “Code of 7299”.

Services. The word most often found in registered fictitious names for fraudulent merchant accounts is “Services”.

Wednesday Is the day of the week when the most chargebacks (19%) occur.

One-Third of all fraud chargebacks happen in the fall (September to November).

California Republic is the top state registered by fraudulent businesses, accounting for 14% of chargebacks the U.S. total.

Florida, Texas and New York round out the top four states with 12%, 9% and 7% respectively.

Posted in Best Practices for Merchants, Credit card Processing, Credit Card Security, Electronic Payments, Merchant Services Account, Payment Card Industry PCI Security Tagged with: , , , , , , , ,

Feb
14
2014
February 14th, 2014 by Elma Jane

News from Target, increasing the number of cards compromised to 70 million and the expansion of data loss to mailing and email addresses, phone numbers and names, affirms that we are in a security crisis.

Card data is from a brand and business perspective, the new radioactive material. Add personally identifiable information (PII) to the list of toxic isotopes.

The depressing vulnerabilities these breaches reveal are a result of skilled hackers, the Internet’s lack of inherent security, inadequate protections through misapplied tools or their outright absence. Security is very very hard when it comes to playing defense.

There is a set of new technologies that could, in a combination produce a defense in depth that we have not enjoyed for some time.

Looking at the Age of Context (ACTs)

Age of Context released, a book based on the hundreds of interviews conducted with tech start-up and established company leaders. A wide-ranging survey. They examine what happens when our location and to whom we are connected are combined with the histories of where and when we shop. Result is a very clear picture of our needs, wants and even what we may do next.

Combining the smartphone and the cloud, five Age of Context technologies ACTs, will change how we live, interact, market, sell and navigate through our daily and transactional lives. The five technologies are:

1. Big Data. Ocean of data generated from mobile streams and our online activity, can be examined to develop rich behavioral data sets. This data enables merchants to mold individually targeted marketing messages or to let financial institutions improve risk management at an individual level.

2. Geolocation. Nearly every cell phone is equipped with GPS. Mobile network operators and an array of service providers can now take that data to predict travel patterns, improve advertising efficiency and more.

3. Mobile Devices and Communications. These are aggregation points for cloud-based services, sending to the cloud torrents of very specific data.

4. Sensors. Smartphones, wearables (think Fitbits, smart watches and Google Glass) and other devices are armed with accelerometers, cameras, fingerprint readers and other sensors. Sensors enable highly granular contextual placement. A merchant could know not only which building we are at and the checkout line we are standing in but even which stack of jeans we are perusing.

 

5. Social. Social networks map the relationships between people and the groups they belong to, becoming powerful predictors of behavior, affiliations, likes, dislikes and even health. Their role in risk assessment is already growing.

The many combinations and intersections of these technologies are raising expectations and concerns over what is to come. Everyone has a stake in the outcome: consumers, retailers, major CPG brands, watchdog organizations, regulators, politicians and the likes of Google, Apple, Microsoft, Amazon, eBay / PayPal and the entire payments industry.

We are at the beginning of the process. We should have misgivings about this and as an industry, individuals and as a society, we need to do better with respect to privacy and certainly with respect to relevance.

Provided we can manage privacy permissions we grant and the occasionally creepy sense that someone knows way too much about us, the intersections of these tools should provide more relevant information and services to us than what we have today. Anyone who has sighed at the sight of yet another web ad for a product long since purchased or completely inappropriate to you understands that personalized commerce has a long way to go. That’s part of what the Age of Context technologies promise to provide.

ACTs in Security    

ACTs role in commerce is one albeit essential application. They have the potential to power security services as well, specially authentication and identity-based approaches. We can combine data from two or more of these technologies to generate more accurate and timely risk assessments.

It doesn’t take the use of all five to make improvements. One firm have demonstrated that the correlation of just two data points is useful, it demonstrated that if you can show that a POS transaction took place in the same state as the cardholder’s location then you can improve risk assessment substantially. (based off of triangulated cell phone tower data).

Powerful questions of each technology that ACTs let us ask:

Data – What have I done in the past? Is there a pattern? How does that fit with what I’m doing now?

Geolocation – What building am I in? Is it where the transaction should be? Which direction am I going in or am I running away?

Mobile – Where does device typically operate? How’s the device configured? Is the current profile consistent with the past?

Sensors – Where am I standing? What am I looking at? Is this my typical walking gait? What is my heart rate and temperature?

 

Social – Am I a real person? Who am I connected to? What is their reputation?

Knowing just a fraction of the answers to these questions places the customer’s transaction origination, the profiles of the devices used to initiate that transaction and the merchant location into a precise context. The result should improve payment security.

More payments security firms are making use of data signals from non-payment sources, going beyond the traditional approach of assessing risk based primarily on payment data. One firm have added social data to improve fraud detection for ecommerce payment risk scoring. Another firm, calling its approach Social Biometrics, evaluates the authenticity of social profiles across multiple social networks including Facebook, Google+, LinkedIn, Twitter and email with the goal of identifying bogus profiles. These tools are of course attractive to ecommerce merchants and others employing social sign on to simplify site registration. That ability to ferret out bogus accounts supports payment fraud detection as well.

This triangulation of information is what creates notion of context. Apply it to security. If you can add the cardholder’s current location based on mobile GPS to the access device’s digital fingerprint to the payment card, to the time of the day when she typically shops, then the risk becomes negligible. Such precise contextual information could pave the way for the retirement of the distinction between card present and card-not-present transactions to generate a card-holder-present status to guide risk decision-making.

Sales First, Then Security        

The use of ACT generated and derived signals will be based on the anticipated return for the investment. Merchants and financial institutions are more willing to pay to increase sales than pay for potential cost savings from security services. As a result, the ACTs will impact commerce decision making first-who to display an ad to, who to provide an incentive to.

New Combinations  

Behind the scene, the impact of the ACTs on security will be fascinating and important to watch. From a privacy perspective, the use of the ACTs in security should prove less controversial because their application in security serves the individual, merchant and the community.

Determining the optimal mix of these tools will take time. How different are the risks for QR-code initiated transactions vs. a contactless NFC transaction? What’s the right set of tools to apply in that case? What sensor-generated data will prove useful? Is geolocation sufficient? Will we find social relationships to be strong predictor of payment risk or are these more relevant for lending? And what level of data sharing will the user allow-a question that grows in importance as data generation and consumption is shared more broadly and across organizational boundaries. It will be important for providers of security tools to identify the minimum data for the maximum result.

I expect the ACT’s to generate both a proliferation of tools to choose from and a period of intense competition. The ability to smoothly integrate these disparate tools sets will be a competitive differentiator because the difficulty of deployment for many merchants is as important as cost. Similar APIs would be a start.

Getting More from What We Already Have  

The relying parties in a transaction – consumers, merchants, banks, suppliers – have acquired their own tools to manage those relationships. Multi-factor authentication is one tool kit. Banks, of course issue payment credentials that represent an account and proxy for the card holder herself at the point of sale or online. Financial institutions at account opening perform know your customer work to assure identity and lower risk.

Those siloed efforts are now entering an era where the federated exchange of this user and transactional data is becoming practical. Firms are building tools and the economic models to leverage these novel combinations of established attributes and ACT generated data.

The ACTs are already impacting the evolution of the payments security market. Payment security incumbents, choose just two from the social side, find themselves in an innovation rich period. Done well, society’s security posture could strengthen.

Posted in Best Practices for Merchants, Credit card Processing, Credit Card Security, e-commerce & m-commerce, Electronic Payments, Internet Payment Gateway, Payment Card Industry PCI Security, Point of Sale, Smartphone, Visa MasterCard American Express Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Feb
13
2014
February 13th, 2014 by Elma Jane

How To Target Customers Based on Past Purchase Behavior

One of the best ways to predict how someone will behave in the future is to look at what they’ve done in the past. By tracking a consumer’s past purchasing behavior, marketers can design highly targeted ads based on the specific preferences and tastes of individual customers.

The question, of course, is how to gain access to data about a consumer’s spending history without violating privacy standards. For many marketers, the answer is to partner with a vendor that provides card-linked offers. A survey of 300 marketers found that three-quarters believe card-linking marketing programs will replace existing types of advertising in the years to come – a strong vote of confidence from the very industry vendors are trying to tap.

 Here are tools that marketers can use to gather information about their customers’ past purchasing habits.

 1. BlueKai: Find prospects based on previous buying habits.

BlueKai offers marketers a third-party marketplace, known as the Audience Data Marketplace, where they can collect data on consumers in their target demographics. One type of data that marketers can collect is past purchasing behavior. Marketers can search for consumers who are likely to buy their products based on their previous spending habits. For example, an electronics brand may search for data about consumers who’ve purchased laptops in the past year. Using this information, marketers are able to create more targeted campaigns that are delivered only to those shoppers in qualified demographics.

 2. Cardlytics: Learn where else your customers shop.

Cardlytics provides advertisers with insight into the purchasing behavior of more than 30 million households. Marketers have the option to target only those buyers who have been active in their sector. Cardlytics tracks where a consumer shops, when they shop, where they live, and how much they spend. For example, a retailer might only collect information about consumers who have spent more than $1,000 at competing businesses in the tri-state area. Using the Cardlytics platform, advertisers can create targeted offers meant to improve loyalty or build stronger customer relationships. Cardlytics offers pay-for-performance pricing.

 3. Cartera: Reward consumers for shopping at retail partners.

Businesses that are looking to improve the effectiveness of their rewards programs can use Cartera’s card-linked platform to gain additional insight into the spending patterns of their top customers. By connecting loyalty programs to their customer’s credit and debit cards, marketers can offer better rewards — including cash back and airline miles. Retailers also have the option to reward consumers for shopping at “complementary merchants.” A few of Cartera’s best-known clients include Best Buy and Charter Communication.

 4. Catalina: Actively pinpoint the shopping behaviors of specific buyers.

Using Catalina’s BuyerVision tool,  marketers are able to target their digital advertising –  including display, video and mobile – based on past purchasing behaviors. Catalina analyzes the in – store purchasing behavior of consumers and matches that data to online behaviors using cookies. For example, a grocery store could send recipe ideas to consumers who have purchased a specific combination of items in the past week. The company says it has access to transactions at more than 30,000 stores, allowing its clients to define their target audiences send mobile ads to more than 70 million households.

 5. Edo Interactive: Target consumers based on competitive spending patterns.

Brands, agencies, and even small businesses can use edo Interactive’s card-linked marketing platform to send targeted offers to consumers based on their competitive spending patterns. The company has partnered with more than 200 banks, giving clients access to information about 200 million consumers. As a result, marketers connect their advertising to in-store purchases and send consumers relevant offers that they’re likely to redeem. Taking it a step further, edo’s Geocommerce feature combines purchase data with location information. Edo operates on a pay-for-performance model, which means marketers only pay when the customers they’ve targeted make purchases at their businesses.

Posted in Best Practices for Merchants, Credit card Processing, Electronic Payments Tagged with: , , , , , , , , , , , , , , , , , ,

Feb
13
2014
February 13th, 2014 by Elma Jane

Core Elements of PCI’s Data Security Standard

This organization provides an international platform for the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection. It is impossible to be involved in the credit card processing industry and not be aware of the PCI Security Standards Council.

As such it is important to be aware of the core elements of the PCI’s Data Security Standard (DSS).

The following are the current fundamental principles and requirements:

Build and Maintain a Secure Network

Requirement a. Install and maintain a firewall configuration to protect cardholder data
Requirement b. Do not use vendor-supplied defaults for system passwords and other security parameters

Implement Strong Access Control Measures

Requirement c. Restrict access to cardholder data by business need-to-know
Requirement d. Assign a unique ID to each person with computer access
Requirement e. Restrict physical access to cardholder data

Maintain a Vulnerability Management Program

Requirement f. Use and regularly update anti-virus software
Requirement g. Develop and maintain secure systems and applications

Maintain an Information Security Policy

Requirement h. Maintain a policy that addresses information security

Protect Cardholder Data

Requirement i. Protect stored cardholder data
Requirement j. Encrypt transmission of cardholder data across open, public networks

Regularly Monitor and Test Networks

Requirement k. Track and monitor all access to network resources and cardholder data
Requirement l. Regularly test security systems and processes

 

Posted in Best Practices for Merchants, Credit card Processing, Credit Card Security, Payment Card Industry PCI Security Tagged with: , , , , , , , , , ,

← Previous Article
Next Articles »