September 17th, 2014 by Elma Jane
Commuters using the London tube network can now tap their contactless bank cards on the ticket barriers to pay for their journeys, further displacing cash on the capital’s transit system.
Fares are cheaper than cash, with users being charged adult pay as you go fares and benefiting from daily and Monday to Sunday fare capping. Customers without bank cards will continue to benefit from cheaper fares through Transport for London’s Oyster card.
This is not the end of Oyster and it’s not the end of cash, but it is a significant dent in the market for cash.
The move follows the abolition of cash on London’s buses and covers all tube, overground, DLR, tram and National Rail services that accept Oyster.
The shift to contactless has future-proofed the capital’s transit system for up-and-coming innovations in payments. You can already use your mobile phones to make your payments and tap and go through the tube turnstiles, and in the future it will open up many other connected devices as well, whether that’s smart wristbands or smart watches.
An incredible response to the launch of contactless payments on London Buses with nearly 19 million Visa contactless journeys made since it launched in 2012. Today’s launch will be another major boost to contactless usage leading to the three-fold increase expected in the next year. To coincide with the rollout, Londoners are invited to sign up for 10,000 free bPay contactless payments bands. Its wearable device will let commuters pay for their journeys with a wave of their wrists and help avoid card clash.
Posted in Best Practices for Merchants Tagged with: bank, card clash, cards, contactless bank cards, contactless payments, customers, devices, mobile, mobile phones, network, payments, phones, smart watches, smart wristbands, Visa contactless journeys, wearable device
September 17th, 2014 by Elma Jane
Host Card Emulation (HCE) offers virtual payment card issuers the promise of removing dependencies on secure element issuers such as mobile network operators (MNOs). HCE allows issuers to run the payment application in the operating system (OS) environment of the smart phone, so the issuing bank does not depend on a secure element issuer. This means lower barriers to entry and potentially a boost to the NFC ecosystem in general. The issuer will have to deal with the absence of a hardware secure element, since the OS environment itself cannot offer equivalent security. The issuer must mitigate risk using software based techniques, to reduce the risk of an attack. Considering that the risk is based on probability of an attack times the impact of an attack, mitigation measures will generally be geared towards minimizing either one of those.
To reduce the probability of an attack, various software based methods are available. The most obvious one in this category is to move part of the hardware secure element’s functionality from the device to the cloud (thus creating a cloud based secure element). This effectively means that valuable assets are not stored in the easily accessible device, but in the cloud. Secondly, user and hardware verification methods can be implemented. The mobile application itself can be secured with software based technologies.
Should an attack occur, several approaches exist for mitigating the Impact of such an attack. On an application level, it is straightforward to impose transaction constraints (allowing low value and/or a limited number of transactions per timeframe, geographical limitations). But the most characteristic risk mitigation method associated with HCE is to devaluate the assets that are contained by the mobile app, that is to tokenize such assets. Tokenization is based on replacing valuable assets with something that has no value to an attacker, and for which the relation to the valuable asset is established only in the cloud. Since the token itself has no value to the attacker it may be stored in the mobile app. The principle of tokenization is leveraged in the cloud based payments specifications which are (or will soon be) issued by the different card schemes such as Visa and MasterCard.
HCE gives the issuer complete autonomy in defining and implementing the payment application and required risk mitigations (of course within the boundaries set by the schemes). However, the hardware based security approach allowed for a strict separation between the issuance of the mobile payment application on one hand and the transactions performed with that application on the other hand. For the technology and operations related to the issuance, a bank had the option of outsourcing it to a third party (a Trusted Service Manager). From the payment transaction processing perspective, there would be negligible impact and it would practically be business as usual for the bank.
This is quite different for HCE-based approaches. As a consequence of tokenization, the issuance and transaction domains become entangled. The platform involved in generating the tokens, which constitute payment credentials and are therefore related to the issuance domain, is also involved in the transaction authorization.
HCE is offering autonomy to the banks because it brings independence of secure element issuers. But this comes at a cost, namely the full insourcing of all related technologies and systems. Outsourcing becomes less of an option, largely due to the entanglement of the issuance and transaction validation processes, as a result of tokenization.
Posted in Best Practices for Merchants, Credit Card Security, EMV EuroPay MasterCard Visa, Near Field Communication, Visa MasterCard American Express Tagged with: (MNOs), (OS), assets, bank, card, card issuers, cloud, cloud based payments, cloud based secure element, cloud-based, hardware secure element, Host Card Emulation (HCE), issuing bank, MasterCard, mobile, mobile app, mobile application, mobile network operators, mobile payment, mobile payment application, nfc, operating system, payment application, payment transaction, payments, platform, risk, secure element, smart phone, software, software based technologies, token, tokenization, transaction, virtual payment, visa
September 16th, 2014 by Elma Jane
When plastic cards become digital tokens, they become virtual. So how do you say that the Card is Present or Not Present. The legendary regulatory difference that the cards industry has relied on to differentiate between interchange fees for Card Present and Card Not Present transactions.
Apple secured Card Present preferential rates for transactions acquired by iTunes on the basis that the card’s legitimacy is verified with the issuer at the time of registration and the token minimizes probability of fraud. If an API call to the issuing bank is sufficient to say that the Card is Present, who is to say that the same logic can’t apply to online merchants who also verify the authenticity of Cards on File when they tokenize them? How can one arbitrarily say that the transaction processed with token from an online merchant is Card Not Present, but the one processed with Apple Pay is Card Present even though both might have made the same API call to the bank to verify the card’s validity?
In the Apple case, a physical picture of the card is taken and used to verify that the person registering the card has it. It is not that hard for an online merchant to verify that the Card on File converted as a token does belong to the person performing an online transaction.
As we move towards chip and pin the card present merchants will spend substantial money upgrading their hardware and POS systems. That expense will be offset by that savings in losses due to fraud. MOTO and e-commerce transactions ( card NOT present ) will always have a higher cost because the nature of processing is NON face to face transactions. Of course the fraud and losses are higher when the card is manually entered or given to someone over the phone……Face to face will always have the lowest cost per transaction because it is usually the final step in the sale. Restaurants are low risk because you had the transaction AFTER you eat. If there is a dispute it happens before the merchant even sees the credit card.
In the long run, as cards become digital and virtual through tokens, we are all going to wonder if card is present or not present. May be some will say. Card is a ghost.
Posted in Best Practices for Merchants, Credit card Processing, EMV EuroPay MasterCard Visa, Visa MasterCard American Express Tagged with: (POS) systems, API call, Apple secured Card Present, bank, Card Not Present transactions, card present, card present merchants, cards, cards industry, chip, credit-card, digital and virtual, digital tokens, e-commerce transactions, fees, fraud, hardware, industry, interchange, interchange fees, issuer, issuing bank, low risk, Merchant's, moto, NON face to face transactions, online, online merchants, online transaction, PIN, Processing, Rates, token, transactions
September 11th, 2014 by Elma Jane
Every year Americans take more than 59 million trips abroad. Yet many of us don’t know which questions to ask regarding the use of credit cards. Before you hit the road, let your card issuer know where and when you’ll be traveling, so it doesn’t mistake those overseas charges with fraudulent activity. Start asking some questions below:
Does my card charge a foreign transaction fee? Because these fees can run as high as 3% and can be quite costly.
Does my card have an EMV chip? A smart chip widely used in Europe and other places. Contact your credit card provider and see if they can provide you at no cost a chip-and-PIN card if you don’t already have one. Most of the card companies are moving this way, but typically you have to request it.
Does my card offer any travel perks? You may want to inquire about additional coverage your card may provide you when you’re abroad such as insurance for accidents, lost luggage or auto collision.
How can I get cash overseas? Reach out to the bank or credit card provider and find out what relationships they have in the local market you’re traveling to. This will be helpful for avoiding ATM fees. Additionally, if you need to access cash from your credit card, they’ll be very helpful if you do it through a banking institution that has a relationship with your provider.
Will my card be accepted at my destination? Thirty to sixty days before traveling contact your bank or credit card provider and ask some important questions. Find out if their card is going to be accepted or if there will be any restrictions for it to be used abroad.
The best thing to do is to have a plan before you travel. Know how to minimize your fees and protect your credit cards. Then you can enjoy your adventure.
Posted in Uncategorized Tagged with: atm, ATM fees, bank, banking, banking institution, card, card issuer, chip, Chip and PIN, chip-and-PIN card, credit card provider, credit cards, EMV, EMV chip, fee, fees, foreign transaction fee, institution, PIN, provider, transaction, transaction fee, travel
September 8th, 2014 by Elma Jane
One of the greatest mistake any merchants can do is deciding to lease or rent a credit card terminal rather than getting one for FREE. While the practice of leasing has declined in recent years in the US it is all they are doing in Canada whether the merchant is renting from a bank or leasing from a sales rep. In both the US and Canada some sales reps will still strive and persuade you that leasing is the perfect choice for you. You’re not obliged to pay any cash up front, or You’re assured a substitute terminal if yours breaks. Those selling statements may sound decent, but they’re not. A terminal lease will end up costing you hundreds, if not thousands of dollars more than what it’s worth. With the fees you’ll end up disbursing to lease a terminal, you could buy that same terminal in a matter of months. If you lease a terminal you could also be forced to buy equipment insurance, which is an additional expense. You may even have to give back the terminal at the end of your lease!
Why Purchasing a Credit Card Terminal is a Good Choice
A terminal lease brings with it a 48 month lease contract. That is a lengthy time to be giving for a terminal that doesn’t cost more than $300 today. Why not just buy one entirely? The cost of the purchase is absolutely tax deductible. Even if you can’t come up with the money to pay cash for your terminal, you can just put it on a business credit card. The interest given is still tax deductible, and let’s says you have a 19 percent credit card rate, if you pay the same amount of $/month toward your credit card balance that you would have paid toward your lease, you’ll have the terminal paid off in less than a year. That’s a savings that can be better channelled into budding and growing your company.
FREE Credit Card Terminal
For those of you, who feels that because of the ever changing technology, they do not want to continue buying new terminals, there are FREE Terminals offers all across Canada. So, with your FREE terminals, there is no out of pocket set up expense and your current processing rate can be the same or reduced significantly. If your terminal breaks or if there is a better technology that develops, the company automatically ships to you at no charge an upgraded terminal. So, if you can’t buy one, see if your credit card processor will give you one for FREE.
If you’re stuck in a lease, you most likely won’t able to end the contract. A lease term is usually 48 months, so you’ll have to look up when that term terminates before you can leave without a consequence. As an alternative, do your own research and analyze the total expense of leasing vs. purchasing. Better yet, strongly consider the benefits of not having to worry about anything, at one point is that FREE terminal usually has $25 minimum expense to the merchant. Mom taught you there was no free lunch didn’t she? If you decide to return the FREE terminal, you may find a RETURN EQUIPMENT FEE or an EARLY RETURN FEE of that FREE EQUIPMENT.
Posted in Best Practices for Merchants, Credit Card Reader Terminal Tagged with: bank, card, cash, credit, credit card processor, credit card terminal, credit-card, fees, Merchant's, processor, tax, terminal
September 5th, 2014 by Elma Jane
A cup of coffee, a pack of chewing gum., a newspaper at the airport. For even the smallest, most casual purchase, credit cards and debit cards are replacing cash as the preferred form of payment. One in three usually uses a credit card or a debit card for in-person purchases of less than $5. Eleven percent prefer credit cards, 22% debit cards and 65% cash, but the generational divide is striking. A slight majority (51 percent) of consumers 18-29 prefer plastic to cash, the only age group to do so. A preference for cash becomes stronger in each advancing age bracket, until at age 65-plus, 82 percent prefer cash.
Survey conducted by landline and cellphone found that: Credit cards and debit cards are used more frequently for small purchases by those employed full time (42%) or part time (34%) than for the unemployed (23%). People with children are more likely to use the cards for small purchases (41%) than those without children (30%), perhaps because parents have less time to wait around for change. Income doesn’t seem to be much of a differentiator, except for those near the bottom of the scale. A combined 38% of those making $75,000 or more preferred plastic for small purchases, compared with 43 percent of those making $50,000 to $74,900, 32% of those earning $30,000 to $49,900 and only 23% percent of those making less than $30,000.
Politically, we’ve finally found something on which we all can agree. Thirty percent of Democrats and a nearly identical 28% of Republicans favor credit cards or debit cards rather than cash for small purchases. Interestingly, those describing themselves as politically independent also were more independent from cash, 40% of them prefer plastic for such transactions.
The casual use of plastic is moving steadily through age brackets and already has a firm grip not only on millennials, but also increasingly on Gen Xers. Crunched another way, the data show that if you’re 49 or younger, you’re almost as likely to pay for a $5 purchase with plastic as you are to pay with cash. Fifty two percent prefer cash, 46% prefer debit or credit cards. Now, if you’re 50 or older, you’re still somewhat unlikely to pay for a $5 purchase with plastic. Seventy seven percent still prefer cash, with 21% reaching for debit cards or credit cards. Those who graduated from or attended college are significantly more comfortable than others with using plastic for small purchases.
A combined 39% of those with college degrees prefer debit cards (21%) or credit cards (18%) over cash (59%). Only 16% of those who have not attended college usually use debit cards for purchases of less than $5, along with only 6 percent who prefer credit cards for that purpose.
The trend is clear. Regardless of some differences in magnitude based on demographic factors, plastic is replacing cash as the currency of choice even for small purchases. Plastic use will increase for small purchases, both for debit and credit cards.
Why the shift to cards There are many reasons:
Technological advancements at the point of sale have made it just as fast to pay by plastic as by cash. Rewards have become a common feature of credit cards, with two out of three credit cards offering rewards, encouraging rewards chasing. Debit cards, with their balances available instantly and online have largely replaced paper checks and tedious manual records.
Financial institutions have spent decades persuading consumers to use and merchants to accept cards universally. Small purchases represent particularly appropriate uses of a debit card, assuming you don’t get carried away and overdraw the card-linked bank account. Why keep going to the bank and then carry cash if you don’t have to? Moving away from cash and moving toward using cards for even small purchases is more convenient.
Debit cards are everywhere already, but because their use can’t be reported to the credit bureaus and thus, they don’t build credit, they should only be used as a matter of convenience. People who frequently use credit cards for small, casual purchases also could overdo it, but probably not to a great degree. It would take a lot of lattes to send someone into credit counseling or bankruptcy court. In truth, we like the idea of using credit cards frequently for small, manageable expenses. This gives users the benefit of an active credit history, but leaves them with monthly bills that are small enough to pay off in full, so they don’t have to pay any interest. It’s getting to the point where, if I’m out and about, I’m using plastic the whole time. It’s just so much easier.
Posted in Best Practices for Merchants Tagged with: account, bank, bank account, bankruptcy, bills, cards, cash, cellphone, credit, credit counseling, credit history, data, debit cards, financial, financial institutions, Merchant's, payment, transactions
September 4th, 2014 by Elma Jane
The move to mobile point of sale (mobile POS) is radically changing the face of customer interactions and payments, as both customers and merchants grow increasingly comfortable with the concept of mobile payments. In the current, crowded marketplace most mobile payment solutions are not compatible with each other. Instead of unifying the payment experience they create islands separated by technology or usage that are tailored to individual providers in the market. Multiple devices are currently needed in-store to process different payment types and the challenge is how they can make payments unified in such a way that only one device is needed in store.
The use of cash by customers also adds a level of complication to the mobile POS story. The removal of IDM terminals, removal of customer queues and ability for customers to simply walk up and pay an assistant or to leave a store and have their bank card automatically debited certainly suits the expectations of customers today, however a large number of customers still use traditional cash methods to pay for goods and services. A number of stores that have gone down the route of implementing mobile POS now have a problem dealing with cash because the wandering shop assistants and personal shoppers can only accept card or web-based payment options. The future for mobile POS has potential to be bright, a dominant player will have to emerge in the market. This will break down the technology barriers and usage barriers between different players. The success to mobile POS lies in the payment process being truly unified with one device in one place and very seamless workflow. This will be very complicated thing to achieve, there have been a lot of attempts and a lot of false starts in the history of mobile POS. MPOS will be the future. Five years from now people will be amazed that they did transactions with landlines. NO child will ever see a telephone with a cord attached. Never a popcorn on top of the stove since we developed microwave ovens. Technology changes, and we are slow to adopt new stuff. Once we change we don’t know how we did without it.
Posted in Best Practices for Merchants, Mobile Payments, Mobile Point of Sale, Point of Sale, Smartphone Tagged with: bank, card, cash, customer, devices, IDM terminals, Merchant's, mobile, mobile point of sale, MPOS, payment solutions, payment types, payments, point of sale, POS, provider's, services, technology, terminals, web-based payment
August 28th, 2014 by Elma Jane
The new ECB regulation, which came into force earlier this month, covers large-value and retail payment systems in the euro area operated by both central banks and private entities. The aim is to promote the smooth operation of safe and efficient payment systems through strong management of legal, credit, liquidity, operational, general business, custody, and investment risks. In identifying systemically important payment systems, the ECB looked at the value of payments settled, market share, cross-border relevance and provision of services to other infrastructures. If a system is deemed to meet at least two of these four criteria it makes the list.
Target2 – operated by the Eurosystem.
Euro1 and Step2-T – both run by EBA Clearing.
Core(Fr) – French bank joint initiative, have been identified.
The list will be reviewed annually based on updated data. With this regulation, Europe is consolidating international practice for the oversight of Sips into EU law, as with past efforts for other financial market infrastructures, such as the European Market Infrastructure Regulation for the supervision of central counter parties and trade repositories and the ongoing regulatory initiative for central securities depositories.
Posted in Financial Services Tagged with: bank, central banks, credit, data, depositories, financial market, payment, payment systems, retail payment, securities
August 11th, 2014 by Elma Jane
Tokenization technology has been available to keep payment card and personal data safer for several years, but it’s never had the attention it’s getting now in the wake of high-profile breaches. Still, merchants especially smaller ones haven’t necessarily caught on to the hacking threat or how tools such as tokenization limit exposure. That gap in understanding places ISOs and agents in an important place in the security mix, it’s their job to get the word out to merchants about the need for tokenization. That can begin with explaining what it is.
The biggest challenge that ISOs will see and are seeing, is this lack of awareness of these threats that are impacting that business sector. Data breaches are happening at small businesses, and even if merchants get past the point of accepting that they are at risk, they have no clue what to do next. Tokenization converts payment card account numbers into unique identification symbols for storage or for transactions through payment mechanisms such as mobile wallets. It’s complex and not enough ISOs understand it, even though it represents a potential revenue-producer and the industry as a whole is confused over tokenization standards and how to deploy and govern them.
ISOs presenting tokenization to merchants should echo what security experts and the Payment Card Industry Security Council often say about the technology. It’s a needed layer of security to complement EMV cards. EMV takes care of the card-present counterfeit fraud problem, while tokenization deters hackers from pilfering data from a payment network database. The Target data breach during the 2013 holiday shopping season haunts the payments industry. If Target’s card data had been tokenized, it would have been worthless to the criminals who stole it. It wouldn’t have stopped malware access to the database, but it would been as though criminals breaking into a bank vault found, instead of piles of cash, poker chips that only an authorized user could cash at a specific bank.
A database full of tokens has no value to criminals on the black market, which reduces risk for merchants. Unfortunately, the small merchants have not accepted the idea or the reality and fact, that there is malware attacking their point of sale and they are being exposed. That’s why ISOs should determine the level of need for tokenization in their markets. It is always the responsibility of those who are interacting with the merchant to have the knowledge for the market segment they are in. If you are selling to dry cleaners, you probably don’t need to know much about tokenization, but if you are selling to recurring billing or e-commerce merchants, you probably need a lot more knowledge about it.
Tokenization is critical for some applications in payments. Any sort of recurring billing that stores card information should be leveraging some form of tokenization. Whether the revenue stream comes directly from tokenization services or it is bundled into the overall payment acceptance product is not the most important factor. The point is that it’s an important value to the merchant to be able to tokenize the card number in recurring billing, but ISOs sell tokenization products against a confusing backdrop of standards developed for different forms of tokenization. EMVCo, which the card brands own, establishes guidelines for EMV chip-based smart card use. It’s working on standards for “payment” tokenization with the Clearing House, which establishes payment systems for financial institutions. Both entities were working on separate standards until The Clearing House joined EMVCo’s tokenization working group to determine similarities and determine whether one standard could cover the needs of banks and merchants.
Posted in Best Practices for Merchants Tagged with: account numbers, bank, billing, card, card brands, card number, card present, Clearing House, data, data breaches, database, e-commerce, EMV, emvco, fraud, ISOs, Malware, Merchant's, mobile wallets, network, payment, Payment Card Industry, Security, smart card, target, tokenization, transactions
July 21st, 2014 by Elma Jane
European authorities dismantled a Romanian-dominated cybercrime network that used a host of tactics to steal more than EUR2 million. As a direct result of the excellent cooperation and outstanding work by police officers and prosecutors from Romania, France and other European countries, a key criminal network has been successfully taken down this week.
Hundreds of police in Romania and France, backed by the European Cybercrime Centre, carried out raids on 177 addresses, interrogating 115 people and detaining 65. Those held are suspected of participating in sophisticated electronic payment crimes, using malware to take over and gain access to computers used by money transfer services all over Europe. They are also accused of stealing card data through skimming, money laundering and drug trafficking.Proceeds of the crimes were invested in different types of property, deposited in bank accounts or transferred electronically, says the EC3. Large sums of money, luxury vehicles and IT equipment were seized during the raids.
Posted in Uncategorized Tagged with: accounts, bank, bank accounts, card, card data, cybercrime, data, electronic payment, host, Malware, money transfer, network, payment
