Choke
February 8th, 2016 by Elma Jane

The U.S. House of Representatives voted to end the Obama administration’s Operation Choke Point.

The vote was 250-169, which represented a group of all Republicans and 10 Democrats voting to revoke the law.

Operation Choke Point, which began in 2013, leveraged the government’s regulatory power over merchant banks, acquirers and payment processors, forcing them to drop clients engaged in industries like payday lending, firearms and other high-risk sectors especially online like gambling and adult entertainment.

In a statement by U.S. House Rep. Luetkemeyer, the first step has been taken to ensure that federal banking agencies can no longer compel financial or payment institutions from offering financial services to licensed, legally-operating businesses that has been a target not because of potential wrongdoing, but purely on personal and political motivations and without due process.

 

Posted in Best Practices for Merchants Tagged with: , , , , , ,

September 16th, 2014 by Elma Jane

Card-not-present merchants are battling increasingly frequent friendly fraud. That type of fraud..The I don’t recognize or I didn’t do it dispute. This occurs when a cardholder makes a purchase, receives the goods or services and initiates a chargeback on the order claiming he or she did not authorize the transaction.

This problem can potentially cripple merchants because of the legitimate nature of the transactions, making it difficult to prove the cardholder is being dishonest. The issuer typically sides with the cardholder, leaving merchants with the cost of goods or services rendered as well as chargeback fees and the time and resources wasted on fighting the chargeback.

Visa recently changed the rules and expanded the scope of what is considered compelling evidence for disputing and representing chargeback for this reason code. The changes included allowing additional types of evidence, added chargeback reason codes and a requirement that issuers attempt to contact the cardholder when a merchant provides compelling evidence.

The changes give acquirers and merchants additional opportunities to resolve disputes. They also mean that cardholders have a better chance to resolve a dispute with the information provided by the merchant. Finally, they provide issuers with clarity on when a dispute should go to pre-arbitration as opposed to arbitration.

Visa has also made other changes to ease the burden on merchants, including allowing merchants to provide compelling evidence to support the position that the charge was not fraudulent, and requiring issuers to a pre-arbitration notice before proceeding to arbitration, which reduces the risk to the merchant when representing fraud reason codes.

The new “Compelling Evidence” rule change does not remedy chargebacks but brings important changes for both issuers and merchants. Merchants can provide information in an attempt to prove the cardholder received goods or services, or participated in or benefited from the transaction. Issuers must initiate pre-arbitration before filing for arbitration. That gives merchants an opportunity to accept liability before incurring arbitration costs, and Visa will be using information from compelling evidence disputes to revise policies and improve the chargeback process

Visa made those changes to reduce the required documentation and streamline the dispute resolution process. While the changes benefit merchants, acquirers and issuers, merchants in particular will benefit with the retrieval request elimination, a simplified dispute resolution process, and reduced time, resources and costs related to the back-office and fraud management. The flexibility in the new rules and the elimination of chargebacks from cards that were electronically read and followed correct acceptance procedures will simplify the process and reduce costs.

Sometimes, an efficient process for total chargeback management requires expertise or in-depth intelligence that may not be available in-house. The rules surrounding chargeback dispute resolution are numerous and ever-changing, and many merchants simply do not have the staffing to keep up in a cost-effective and efficient way. Chargebacks are a way of life for CNP merchants; however, by working with a respected third-party vendor, they can maximize their options without breaking the bank.

Reason Code 83 (Fraud Card-Not-Present) occurs when an issuer receives a complaint from the cardholder related to a CNP transaction. The cardholder claims he or she did not authorize the transaction or that the order was charged to a fictitious account number without approval.

The newest changes to Reason Code 83, a chargeback management protocol, offer merchants a streamlined approach to fighting chargebacks and will ultimately reduce back-office handling and fraud management costs. Independent sales organizations and sales agents who understand chargeback reason codes and their effect on chargeback rates can teach merchants how to prevent chargebacks before they become an issue and successfully represent those that they can’t prevent.

Posted in Best Practices for Merchants, EMV EuroPay MasterCard Visa, Visa MasterCard American Express Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

August 8th, 2014 by Elma Jane

Visa Inc., the global leader in payments, is helping U.S. fuel retailers prevent credit and debit card fraud at the pump with intelligent analytics that identify higher-risk transactions that may be fraudulent. Visa Transaction Advisor uses sophisticated analytics based on the breadth and scale of VisaNet data to flag the riskiest transactions by working with fuel companies to understand their needs, creating a new service that builds on Visa’s predictive analytics capabilities, providing fuel merchants with more intelligence to prevent fraud and improve their bottom line. While global fraud rates across the Visa payment system remain near historic lows, less than 6 cents for every $100 transacted – fuel pumps can be targets for criminals because they are often self-service terminals. The new solution, Visa Transaction Advisor (VTA), enables merchants to use real-time authorization risk scores to identify transactions that could involve lost, stolen or counterfeit cards. A pilot test of the new service showed a 23 percent reduction in the rate of fraudulent transactions – all without costly infrastructure upgrades or disruption of the customer experience.

How It Works

After a cardholder inserts the card at the pump, Visa analyzes multiple data sets such as past transactions, whether the account has been involved in a data compromise and nearly 500 other pieces of data to create a risk score. This allows merchants to identify those transactions with a higher risk of fraud and perform further cardholder authentication before gas is pumped. The time and costs associated with resolving fraudulent transactions can be substantial for both merchants and financial institutions and inconvenient for cardholders, which is one of the reasons why fraud prevention is critical. Visa’s solution is easy to implement, using existing message fields and formats as well as pump software or hardware to ensure minimal impact to merchants and acquirers. Several fuel merchants who piloted the technology over the last several months noticed a decrease in fraud, without negatively impacting their consumers’ experience. VTA as a tool help mitigate fraudulent transactions. A 23 percent reduction in the rate of fraudulent chargebacks during a pilot program in Los Angeles. This was done with minimal impact to the customer experience, making secure payment at the pump as convenient as possible. Providing fuel to millions of customers each month through approximately 15,000 service stations in the United States, said US Credit Card Operations Manager, from Shell, considering new solutions and technology it has to have a clear business benefit, be customer-centric and easy to implement. With no infrastructure investment, testing VTA as part of proactive fraud prevention tool-set to better identify fraudulent card activity earlier in the transaction cycle, without inconveniencing customers.

Visa Transaction Advisor is available to merchants through participating U.S. acquirers. Visa has partnered with Vantiv and is also working with other acquirers to offer the service to its fuel clients. Ease of implementation is a critical requirement whenever talking about a new merchant service. Visa Transaction Advisor builds on existing payment infrastructure, is easy to implement and flexible enough to allow customization by merchants.

 

Posted in Credit Card Security, EMV EuroPay MasterCard Visa, Visa MasterCard American Express Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , ,

November 15th, 2013 by Elma Jane

November 7, 2013 –  Payment Card Industry (PCI) Council’s recent acceptance of the world’s first Point-To-Point Encryption-validated solution is great news for both acquirers and merchants, and will aid in reducing merchant scope and increasing business security worldwide. If your P2PE know-how is a little spotty, here are the basics.

What is P2PE?

Point-To-Point Encryption (P2PE) is the combination of hardware and processes that encrypts customer credit/debit card data from the point of interaction until it reaches a merchant solution provider’s environment for processing. Because card data is immediately encrypted as the card is swiped (or dipped), it prevents clear-text information from residing on the payment environment. Encrypted card data is then transferred to, decrypted by, and processed through the solution provider processor who is the sole holder of the decryption key.

In a POS environment, merchants often store decryption keys on their backend servers. Bad idea. If a cybercriminal hacks into that environment, they not only have access to the encrypted card numbers, but the decryption key as well. Hacker jackpot. Many question the difference between P2PE and typical point of sale (POS) encryption.

The reason P2PE is arguably the most secure way to process is because merchants don’t have access to decryption keys. If a hacker breaches a merchant using a validated P2PE solution, he/she will only recover a long string of useless encrypted card numbers with no way to decode them.

Why use P2PE?

Basically, P2PE increases data security and has the ability to make a merchant’s job of reaching PCI compliance easier. The main point of using a P2PE-valiated solution is to significantly lessen the scope of security efforts through PCI Data Security Standard (DSS) requirement and P2PE Self-Assessment Questionnaire (SAQ) reduction. Compared to the 80+ questions required of mainstream merchant SAQs, the P2PE-HW SAQ only requires merchants to answer 18 questions.

Are all P2PE solutions created equal?

Answer is no. Many P2PE solution vendors claim their solution reduces scope, but in order for a merchant to qualify, they must select only P2PE-validated solutions listed on the PCI Council’s website.

To get P2PE solutions and applications listed on the approved website, solution provider processors must go through a rigorous testing process performed by a qualified P2PE Qualified Security Assessor (QSA). P2PE QSAs help entities thorough the 210-page document of P2PE requirements, testing procedures, and controls required to keep cardholder data secure – a task which only a few companies in the world can do.

As of this post, the only P2PE hardware solution approved by the PCI Council is European Payment Services’ (EPS) Total Care P2PE solution, validated by P2PE QSA SecurityMetrics. A number of other P2PE solutions are currently undergoing the review process and will be added to the list once approved.

Posted in Best Practices for Merchants, Credit card Processing, Credit Card Security, Electronic Payments, Merchant Services Account, Payment Card Industry PCI Security, Point of Sale, Visa MasterCard American Express Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

October 29th, 2013 by Elma Jane

Three dimensions merchants must look for in a payment system PSP and ISO:

1. Ability to adapt and customize the solution.

2. Solutions that support broad range of payment methods.

3. Supports a full set of different channels and devices.

Difference between a PSP and ISO in the payments ecosystem? Online and Mobile Payments:

There are two types of merchant service providers and not all service providers are made equal, Processors and Resellers:

Resellers are known in the industry as Independent Sales Organizations (ISO’s) and/or Merchant Service Providers (MSP’s).

1) Resellers or ISOs – ISOs resell the products or services of one or multiple processors. They can also develop their own or aggregate other value added products and services. ISO’s range from a little sketchy to best in class providers.

2) Processors – Also known as Acquirers, processors are distinguished by their ability to actually process a transaction. To be a processor, a company must have the technical capability to receive transaction data from a merchant via a telephone line or the internet and then communicate with the appropriate financial institutions to approve or decline transactions. Processors must also be able to settle completed transactions through financial institutions in order to deposit funds into the merchant’s bank account.

Processors can be banks or non-banks. While processors do maintain a direct sales force of their own, they primarily work through ISOs to acquire and maintain their merchant base. A processor’s business model is really one of economies of scale. They’re volume shops. They essentially outsource the sales function to ISOs. The processing industry is highly concentrated with the top five processors maintaining over 70% of all transaction volume.

Types of ISOs: 

1. Banks – Banks of all shapes and sizes are ISOs. Banks entered into the merchant services business because it was a natural fit with their product and service offerings. It’s a way to increase revenue per customer. Most, but not all banks, will private label the services so that it’s difficult to distinguish whether they are a processor or ISO. The benefit of working with a bank is that you can consolidate your financial services. The drawback is, the you usually get out of the box solutions and service.

2. Non-banks – These types of ISOs range from some of the most dynamic and capable providers to firms who don’t represent the industry very well.

Industry Dynamics – There are a few dynamics that make the industry landscape quite interesting. First, there are very barriers to entry due to the lack of certifications, licenses, and capital requirements. Secondly, there really is no active regulatory body that oversees and enforces acceptable practices. So naturally, with these two market conditions, merchants need to be mindful and thorough in selecting a provider.

Processors versus ISOs In comparing the two, ISOs offer all of the products and services that processors do (because they are reselling) but processors can’t always offer the same products and services as ISOs. This is because ISOs can resell for multiple processors and can either develop their own technologies or aggregate solutions from other providers. ISOs have largely been the most successful creators of value-added services. ISO’s also tend to be smaller, which usually (but not always) leads to better customer service.

Processors are usually a safer bet for newer merchants that are still learning about the industry. Most still maintain what consider less-than-upfront pricing practices, but with their services it is less common to hear about some of the more serious problems that merchants encounter when they deal with the wrong ISO. As for price, in most cases, there really is very little to no difference. I argue, and fully disclose my vested interest, that in nearly any situation a best in class, non-bank ISO can provide more value than a processor.

Posted in Best Practices for Merchants, Credit card Processing, Electronic Payments, Financial Services, Mail Order Telephone Order, Merchant Services Account, Visa MasterCard American Express Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

October 17th, 2013 by Elma Jane

National Transaction Corporation’s services will work with any existing (Non Proprietary) Terminal. NTC can reprogram an existing terminal as well as service and provide supplies for any terminal.

Below are the following Terminals and Model Type:

1. Hypercom – They produce electronic payment processing hardware and software for a wide range of industries. In 2009 Hypercom co-founded founding the Secure POS (Point Of Sale) Vendor Alliance, a non profit organization created by Hypercom, Ingenico and VeriFone to increase awareness of and improve payment industry security. Hypercom entered into a merger agreement with VeriFone, which closed August 4th, 2011.

Hypercom Machines: T7P –  T7Plus –  T4100 – T4210 – T4220 IP Terminal. For Precise Detail of the machines please check our website. www.nationaltransaction.com

 2. Ingenico – is a leading provider of payment solutions, with over 20 million terminals deployed in more than 125 countries. Ingenico is a worldwide company, whose business is to provide the technology involved in secure electronic transactions.  Its traditional business is based around the manufacture of point of sale payment terminals, but it now also includes complete payment solutions and related services. In 2008, after the merging with SAGEM Sécurité, Ingenico decided to close its historical R&D centre in Barcelona. This centre has developed Ingenico’s most successful family of EFTPOS (Electronic funds transfer point of sale). More than three million units sold worldwide in 2007. Ingenico acquired German payment processor Easycash in 2009. In 2011, Ingenico integrated Pennies, The electronic charity box, into one of their market leading mobile Chip and PIN payment terminals, allowing retailers to ‘switch on’ the Pennies solution so their customers can add a micro-donation to their bill when paying by card. As of 2012, over 15 million Ingenico terminals are deployed across 125 countries, with the Ingenico Aqua 50 being their best selling POS (Point Of Sale) terminal.

Ingenico Terminals: iPP220 – iPP320USB – iCT220 PIN Pad – iCT250 CounterTop – Agua PCI – i5100 Dial – i7780 HandHeld i778oM – i7780 Versatile Base – 7770 Intel Base. For Precise Detail of the terminal please check our website. www.nationaltransaction.com

 3. VeriFone – is a global provider of technology for electronic payment transactions an international producer and designer of electronic payment solutions and value-added services at the POS (Point Of Sale). VeriFone provides merchant-operated, consumer-facing and self-service payment systems for the financial, retail, travel & hospitality, petroleum, government and healthcare industries. The company’s solutions are utilized by merchants, processors and acquirers in developed and emerging economies worldwide.

VeriFone Models: OMNI 3730LE/VX510LE N – OMNI 3750 4MEG DUAL COM – VX 510 6 MB DUAL COM 12MB – VX570 DUAL COM 6MB WITH SMART CARD – VX610 CDMA (AVAILABLE FOR SPRINT AND VERIZONE). For Precise Detail of the models please check our website. www.nationaltransaction.com

 

Posted in Credit card Processing, Credit Card Reader Terminal, Credit Card Security, Electronic Payments, Near Field Communication, Point of Sale Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,