Category: EMV EuroPay MasterCard Visa

Security
October 19th, 2015 by Elma Jane

Small merchants don’t consider themselves at risk for a cyberattack. But Cybercriminals thrive on data about employees, customers, bank accounts and many other types of information any small business would carry, with fewer resources than large firms, small businesses are especially at risk for attacks.

Here are Steps to find out to make your business more cybersecure:

Employ best practices on payment cards – Credit card companies are now shifting from magnetic-strip payment cards to safer, more secure chip card EMV Technology. Are you ready for the shift? Now is the time, you should work with your banks and processors to ensure you’re using the most trusted and validated anti-fraud services. You may also have additional security obligations pursuant to agreements with your bank or processor. You should isolate payment systems from other, less secure programs and don’t use the same computer to process payments and surf the Internet.

Educate employees about cyberthreats – Educate your employers about online threats and how to protect your organization’s data, including safe use of social networking sites.

Protect against viruses, spyware, and other malicious code – Make sure all of your organization’s computers are equipped with antivirus software and antispyware and update regularly. Such software is readily available online from a variety of vendors. All software vendors regularly provide patches and updates to their products to correct security problems and improve functionality. Configure all software to install such updates automatically.

Require employees to use strong passwords and to change them often – Consider implementing multifactor authentication that requires additional information beyond a password to gain entry. Check with your vendors that handle sensitive data, especially financial institutions, to see if they offer multifactor authentication for your account.

Secure your networks – Safeguard your Internet connection by using a firewall and encrypting information.  If you have a Wi-Fi network, make sure it is secure and hidden. To hide your Wi-Fi network, set up your wireless access point or router so it does not broadcast the network name, known as the Service Set Identifier (SSID). Password protect access to the router.

No one can guarantee your safety from a cyberattack, appropriate planning makes a big difference. By using these tips and resources, you can help promote the safety of your employees, customers, and the future success of your small business.

Posted in Best Practices for Merchants, Credit Card Security, EMV EuroPay MasterCard Visa Tagged with: , , , , , , , , , ,

EMV
October 16th, 2015 by Elma Jane

With the EMV liability shift that takes effect in October 2015, how much you’ll be affected depends on how you process credit card payments.

For Card Present Transactions

If you use POS hardware or terminal that you need to swipe the credit card, then you’ll be facing the same EMV environment as retailers. October 1st is the start of the liability shift for fraudulent charges made with the card present transactions. The party who hasn’t made an investment in EMV security features will be liable.

For the card issuer, they need to invest in EMV security features, that’s why they came out with the chip cards, where all credit and debit cards have this security chips that are harder to counterfeit than magnetic strips.

For the merchant, they need to invest in EMV capable terminals or POS hardware that can take advantage of the card’s security chip.

If both parties have made the investment, then liability will be resolved in a similar manner to how it was before the shift. However, if only one party has adopted EMV technology, the party that didn’t make the investment will be held liable.

For Card Not Present Transaction (CNP)

If you process credit cards online, over the phone, or through an online payment gateway integrated, the new EMV standards won’t directly change the way you do business. You’ll still be processing EMV cards based on the customer’s credit card number.

Chances are Card-Not-Present transactions will experience an increase in fraud. Because of the EMV-technology in the Card Present Transaction, fraudster will likely turn their attention to the next target which is CNP,

but payment gateways and banks concerned about the vulnerabilities, will begin to adopt new standards to minimize their exposure.

If you’re processing CNP transactions stay up-to-date on the newest security developments, online security standards find more effective ways to navigate the new credit card security frontier.

 

 

 

Posted in Best Practices for Merchants, Credit Card Reader Terminal, Credit Card Security, EMV EuroPay MasterCard Visa, Mail Order Telephone Order, Point of Sale Tagged with: , , , , , , , , , , , ,

October 16th, 2015 by Elma Jane

U.S. customers with the Ingenico iSC250 may now process EMV chip card transactions for Visa, MasterCard, American Express and Discover, (as well as mag stripe and contactless, including mobile wallet payments). For customers using the Ingenico iSC250, please make sure you have downloaded the latest version of ConvergeConnect and enabled EMV chip cards in Converge. Go to the Converge login page to download the software update or start the update process from their Windows system tray. If you do not have the Ingenico iSC250 but want to upgrade to process chip card transactions, give us a call at 888-996-2273 for more information.

Posted in Best Practices for Merchants, EMV EuroPay MasterCard Visa Tagged with: , ,

NTC
October 15th, 2015 by Elma Jane

There are numbers of guidelines issued for accepting card payments, and merchants are expected to understand them all. To avoid issues down the road know a few basic rules in order to keep your business going without being penalized.

There’s a lot of ways to process a credit card: In-store, online, and by phone. There’s also different ways to pay and different brands of cards.

In-store and Card-not-present policies.

In-Store Policies:

  • Always verify that the person presenting the card is the cardholder
  • Ask for a 2nd ID for comparison
  • Cards are non-transferable, cardholder MUST be present for purchase
  • Compare the signature on the back of the card with that of the person who presents the card
  • Inspect the card to confirm that it’s not visibly altered or mutilated
  • Validate the card’s expiration date

Online/Phone Payment Policies: Card-not-present transactions

  • Card account number
  • Card billing address
  • CID (3 digits on back of card OR 4 on the front)
  • Card expiration date
  • Card member’s home or billing telephone number
  • Card member name (as it appears on the Card)

Rules for Visa, MasterCard and Amex that merchants need to know:

  • Never store cardholder data on any systems to help minimize the risk of fraud and protect your business from potential chargebacks.

Complying with Federal Laws, State Laws and PCI

  • A merchant should be familiar with and abide by Federal Laws regarding accepting credit cards. The Fair Credit Reporting Act is the federal law that establishes the foundation of consumer credit rights. This law regulates the collection and use of consumer credit information by merchants.
  • Check state laws on the use of consumer credit information and accepting credit cards. Not all states have additional laws that regulate credit card practices, but some (such as California) prohibit merchants from requesting/requiring a customer to provide any personal information (like their address or telephone number) on any form involved with their credit card transaction. So, it is advised that merchants inquire about further information in their particular state.
  • The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that all companies processing, storing, or transmitting credit card information uphold a secure environment. These rules essentially apply to any merchant that has a Merchant ID (MID). If you are a merchant that accepts credit card payments, you are required to comply with the PCI Data Security Standard, large or small businesses.

EMV Liability Shift Set By Visa and MasterCard as of October 1st

U.S. banks and credit card companies are now using the EMV (Europay, MasterCard, and Visa) technology. The EMV liability shift for fraud carried out in physical stores with counterfeit cards belongs to the merchant if it has not yet upgraded its POS system to accept EMV-enabled chip cards. While issuers absorb losses under card-network rules, that burden will shift to acquirers in cases where the fraud occurs at merchants unprepared for EMV.

It’s good to know every aspect of your business. The above guidelines are part of a business that every merchants should be familiar with. The main reason for these rules is to protect your business and keep your customer’s payment card data safe and secure.

To start accepting more credit cards give us a call now at 888-996-2273. We have the latest terminals that’s EMV/NFC capable.

 

 

Posted in Best Practices for Merchants, Credit Card Security, EMV EuroPay MasterCard Visa, Payment Card Industry PCI Security Tagged with: , , , , , , , , , , , , , , , , , ,

EMV
October 8th, 2015 by Elma Jane

Rules have changed in regards to swiping credit cards October 1st, 2015 with the EMV Liability Shift; which may not cause much concern for most consumers, but for merchants.

EMV compliance isn’t a legal requirement. However, if you’re a merchant that accepts credit cards in-person, then you need to find out whether you’re meeting the EMV Standard. The new rule for the liability shift applies October 1st, regardless of the size or type of business. 

What Is EMV Standard?

EMV stands for EuroPay, MasterCard, and Visa, the three companies that originally created the standard.

The EMV Shift is to provide enhanced security and prevent fraudulent activity with credit cards. Updated equipment is also necessary for processing the new computerized cards, and unfortunately, the responsibility of securing up-to-date hardware falls on the merchant.

Since card evolves more instead of cash in our society, fraud and data breaches is on the increase, and now a common occurrence. Adapting new technology is therefore necessary. A hassle for many merchants, but there are actually benefits from all parties involved in a credit card transaction.

Data shows that fraud decreases dramatically when EMV Standards are implemented In Europe. The region has experienced an 80% reduction in credit card fraud, while the USA has seen a 47% increase by NOT implementing EMV standards.

The new liability rules took effect on October 1st in the US, and any party that has not yet implemented EMV-compliant machines might now be liable for fraud committed with counterfeit chip cards. Note that this liability shift only applies to in-person transactions. Phone order and web order transactions will be dealt with as they always were.

For Merchants, it means you’ll eventually need to get new equipment for processing credit cards payments in-person (unless you’ve already done so not too long ago, as nearly all POS terminals sold in the USA nowadays are EMV compliant). For most business owners, it’s a good idea to implement the new system sooner rather than later.

Step to take as a Merchant Until you get your EMV equipment

  • Ask for an official ID from customers whose credit card you process.
  • Conduct some research to see which EMV system would be best for your business.
  • Start shopping around for new payment processing options that are EMV compliant. 

If you already have a machine that can process chip cards, you’re fully EMV-compliant.

If you don’t accept any in-person payments, then you’re all set.

If you do accept in-person payments and you do not have a chip card machine, chances are you’ll be fine for a little while. But those of you with a high risk of encountering a fake card (if you are a high-volume business with a large average ticket, for instance) should probably upgrade soon.

Fraudsters are going to be taking advantage of businesses that haven’t upgraded so it’s a great time to switch!

Check out NTC’s EMV/NFC Capable Terminal!  

 

Posted in Best Practices for Merchants, Credit Card Reader Terminal, Credit Card Security, EMV EuroPay MasterCard Visa, Point of Sale Tagged with: , , , , , , , , , , , , ,

Best Practices For Merchants
October 6th, 2015 by Elma Jane

If you accept credit cards and don’t know what EMV is here is what you need to know.

EMV stands for Europay, MasterCard and Visa. A credit card that had a chip embedded in it is an EMV. EMV Cards have been standard in Europe for more than 10 years because they’re more secure than magnetic stripe cards. Magnetic stripe cards doesn’t change, it has static data, which makes them easy to clone. The chip embedded card makes it more difficult and costly to counterfeit because the data that is transmitted changes each time the card is read. This means less fraud.

Liability Shift rules set by Visa and MasterCard as of October 1st. The liability for fraud carried out in physical stores with counterfeit cards belongs to the merchant if it has not yet upgraded its POS system to accept EMV-enabled chip cards.

  • Calculate your risk – Consider the cost of replacing your point-of-sale (POS) terminal vs. potential risk. Whether you replace it now or at a later time, eventually all businesses will have to replace their POS terminals.
  • Educate your staff – Educated employees translate to better-educated customers. Merchants can help customers better understand this change and what it means for them.
  • Upgrade your POS system – Consider using an EMV compliant credit-card reader on a wireless device for an ultra-secure mobile solution. This is also a chance to upgrade other options, such as near field communication NFC technology, which lets consumers use their mobile devices to make payments at the point of sale.

National Transaction Terminals with EMV and NFC (near field communication) Capability To accept Apple Pay, Android Pay and other NFC Transactions at your business. You will need to adopt point-of-sale devices with NFC/contactless readers. 

National Transaction offer a range of options to suite your specific needs.

If you’re using Virtual Merchant Mobile now called Converge please contact our office at 888-996-2273 to know your options.  

Posted in Best Practices for Merchants, Credit Card Reader Terminal, Credit Card Security, EMV EuroPay MasterCard Visa Tagged with: , , , , , , , , , , , , , , , , ,

EMV
October 1st, 2015 by Elma Jane

The day the payments industry has pointed to for several years arrives today, a turning point in the U.S.‘s migration to EMV chip-and-PIN cards.

Rules set by Visa and MasterCard as of today, the liability for fraud carried out in physical stores with counterfeit cards belongs to the merchant if it has not yet upgraded its POS system to accept EMV-enabled chip cards. Banks will be issuing EMV Chip Cards.

An enormous change, as everyone learns to deal with the new technology that requires consumers to insert their cards and leave them in the store machines throughout a payment transaction, rather than swipe.

In a recent survey, less than a third of merchants overall have invested in EMV-compliant technology, and one study said 80 percent of small and midsize merchants have not upgraded their systems as of today’s liability shift.

Issuers are claiming to be more prepared than merchants, but according to the Smart Card Alliance, around 200 million chip cards have been issued to U.S. cardholders. That, however, is less than 17 percent of the approximately 1.2 billion payment cards in circulation.

What is clear is that today does not represent the end of the journey. The lack of preparedness at the physical point of sale, however, may be beneficial for card-not-present merchants.

Over the past few months, the mainstream media has awoken to the fact that implementing EMV does not mean fraud will disappear. Fraudsters quickly adapted to the difficulty of counterfeiting cards by attacking Card-Not-Present channels, where a chip has no effect.

In other markets, fraud migrated quite rapidly to card-not-present channels. It is necessary on e-commerce merchants to protect themselves with an array of tools, like device authentication, one-time passwords, randomized PIN pad and biometrics. Fraud mitigation tools like data analytics, address and CVV verification, 3D secure and tokenization. These services should be available from their merchant acquirer processor or gateway.

There should be a gradual reduction in card fraud over the next 12-18 months in spite of the delays in this country’s EMV migration. It’s going to take time for the technology to be adopted.

U.S. Merchants’ overall relative lack of preparedness for EMV may give e-commerce and mobile merchants time they didn’t think they would have to explore the options.

Sophisticated authentication technologies such as biometrics will help increase the security of card transactions. Device-based verification could be easily incorporated in an EMV transaction.

Banks have expressed interest more in using the phone as a biometrics. It’s all going to depend on what is the most convenient way to access your funds. The nice thing about biometrics is it’s meant to enable more convenience and stronger security.

 

Posted in Best Practices for Merchants, e-commerce & m-commerce, EMV EuroPay MasterCard Visa, Mobile Payments, Mobile Point of Sale, Point of Sale Tagged with: , , , , , , , , , , , , , , , , ,

Terminal
September 24th, 2015 by Elma Jane

If you accept credit cards and don’t know what EMV is here is what you need to know.

EMV stands for Europay, MasterCard and Visa. A credit card that had a chip embedded in it is an EMV. EMV Cards have been standard in Europe for more than 10 years because they’re more secure than magnetic stripe cards. Magnetic stripe cards doesn’t change, it has static data, which makes them easy to clone. The chip embedded card makes it more difficult and costly to counterfeit because the data that is transmitted changes each time the card is read. This means less fraud.

Questions to ask to help you decide about terminal upgrade.

  • Calculate your risk – Consider the cost of replacing your point-of-sale (POS) terminal vs. potential risk. Whether you replace it now or at a later time, eventually all businesses will have to replace their POS terminals.
  • Educate your staff – Educated employees translate to better-educated customers. Merchants can help customers better understand this change and what it means for them.
  • Upgrade your POS system – Consider using an EMV compliant credit-card reader on a wireless device for an ultra-secure mobile solution. This is also a chance to upgrade other options, such as near field communication NFC technology, which lets consumers use their mobile devices to make payments at the point of sale.

 

 

Posted in Best Practices for Merchants, Credit Card Reader Terminal, Credit Card Security, EMV EuroPay MasterCard Visa, Mobile Point of Sale, Near Field Communication, Point of Sale Tagged with: , , , , , , , , , , , , , , , ,

EMV
August 13th, 2015 by Elma Jane

The credit card processing industry, have been working towards including EMV technology in all of the point of sale systems.

Many processors have sent out EMV capable devices that will need to be adjusted before they can start accepting EMV card transactions.

See which category you fall into so you are prepared when October 1 rolls around.

First, check and see if your credit card machine has the slot to accept EMV cards (it’s either a slot in front, or on the top of, the unit). If you don’t, you need to contact your processors or sales agent to update your equipment .

If you do have the slot for EMV cards, you’ll need to contact National Transaction to see if your EMV capable machine has been enabled to accept EMV cards.

What is the difference between EMV capable and EMV enabled?

  • EMV Capable – EMV capable means that your credit card machine is equipped with the hardware (i.e. the slot) and has the capability to do a transaction, but first you’ll have to update the application to enable you to process the cards.                                                 At National Transaction, we have a support specialist to assist you with step-by-step instructions to switch your credit card Point-of-Sale System, from EMV capable to EMV enabled.
  • EMV Enabled – When your machine is EMV enabled, your terminal is ready to accept EMV transactions.                                                                                                               According to MasterCard, 73 percent of consumers say owning a chip card would encourage them to use their card more often. In addition, 75 percent of consumers expect to use their chip card at the merchants where they shop today.                     Keeping these numbers in mind, it only makes sense to equip your business with an EMV enabled credit card POS system.

What makes EMV technology so important?

EMV is a global payment system that adds a microprocessor chip into credit cards and debit cards, and reduces the chance a transaction is being made with a stolen or copied credit card. Unlike traditional magnetic-stripe cards, anytime you use an EMV card, the chip in the card creates a unique transaction sequence that can’t be replicated. Because the number will never be valid again, it makes it hard for hackers to fake these cards. If they attempt to use the copied EMV card, the transaction would be denied.

The rollout of EMV technology is ongoing, but even with the October 1 deadline, it’s estimated that only 70 percent of credit cards and 40 percent of debit cards in the U.S. will support EMV. Despite these numbers, that doesn’t mean you shouldn’t update your equipment.

Following the deadline, card present fraud liability will shift to whoever is the least EMV compliant party in a fraudulent transaction.

Make sure that’s not you!

 

 

Posted in Best Practices for Merchants, Credit card Processing, Credit Card Reader Terminal, Credit Card Security, EMV EuroPay MasterCard Visa, Point of Sale Tagged with: , , , , , , , , , , , , , , , , ,

July 30th, 2015 by Elma Jane

Converge Powers Potential          Converge Logo

Over the next several weeks, we’ll focus on a series of topics to hopefully provide a better understanding of the payment capabilities

Converge can bring you customers. In this article, we’ll zoom in on the card-present product enhancements of Converge first, including bringing EMV and mobile wallet capabilities to in-person payments, and ultimately VirtualMerchant Mobile later this year.

converge graphics

New Peripherals Added to Converge – Ingenico iSC250 and Star                                 Micronics TSP650II Printer

Ingenico iSC250 Signature-Capture PIN Pad – is a signature-capture PIN pad offering the ability to accept PIN-based transactions, like debit card and Electronic Benefit Transfer (EBT), as well as EMV chip card and mobile wallet payments.

The iSC250 will initially ship EMV-capable meaning it’s physically configured with a slot to accept an EMV chip card, but it does not yet have the EMV application to process a chip card transaction.

A simple download process later in the year will allow customers to accept chip cards. The good news is customers can accept NFC contactless payments right away, including Apple Pay and Google Wallet.

Key features of the Ingenico iSC250 include:

  • EMV-capable smart card reader to support EMV chip cards; EMV-enabled with a download later in the year
  • NFC-enabled for contactless cards and Apple Pay and Google Wallet mobile wallets
  • Magnetic stripe capture for all standard mag stripe cards
  • Encryption technology to help secure cardholder data at point of entry and throughout the payment network
  • Signature Area Display for signature capture with electronic stylus
  • Bright color 4.3″ display and backlit key pad for ease of use

Star Micronics TSP650III:

In addition to the new iSC250PIN pad, a new USB printer were also added to the lineup of Converge supported peripherals, the Star Micronics TSP650II receipt printer. Now customers have two options for thermal receipt printing!

ConvergeConnect Makes Device Setup a Snap

A new peripheral and device management software called ConvergeConnect to make it easier for your customers to setup their devices quickly as well as add additional peripherals as their business needs grow. It will be the go-forward device management application, and we’ll be able to bring more and more EMV and NFC devices to market faster, giving our customers even more in-store payment processing options.

Legacy peripherals, like magnetic stripe card readers, check imagers and the Epson ReadyPrint T20 printer will continue to be managed using the Device Assistant.

Customers may have to use both ConvergeConnect and Device Assistant depending on their peripheral configuration.

A new Peripheral Device Installation and Setup Guide was developed to help customers install and manage their peripherals for both applications.

Converge Mobile with EMV on the Horizon

Work continues on the new VirtualMerchant Mobile app to be branded as Converge Mobile, and releasing the Ingenico iCMP in the third quarter. The Ingenico iCMP accepts EMV and NFC transactions, including contactless cards and mobile wallets, like Apple Pay. Stay tuned as more information becomes available.

Posted in Best Practices for Merchants, Credit Card Reader Terminal, EMV EuroPay MasterCard Visa, Mobile Payments, Near Field Communication Tagged with: , , , , , , , , , , , , , , , , , ,