May 11th, 2017 by Elma Jane
Three Domain Secure (3-D Secure)
Visa is announcing a global plan to support 3-D Secure 2.0 to help protect e-commerce transactions.
3-D Secure (3DS) – stands for Three-Domain Secure. A messaging protocol to enable consumers to authenticate themselves with their card issuer when making card-not-present (CNP) e-commerce purchases. 3DS is an additional security layer that will help prevent unauthorized CNP transactions and protects the merchant from CNP exposure to fraud.
The three domains consist of:
The merchant/acquirer domain
Issuer domain
the interoperability domain (payment systems)
The purpose of the 3DS protocol within the payments community is to facilitate the exchange of data between the merchant, cardholder and card issuer. The objective is to benefit each of these parties by providing the ability to authenticate cardholders during a CNP e-commerce purchase, reducing fraud.
Visa currently offers its 3-D Secure service through the Verified by Visa program, which supports the existing 3-D Secure 1.0 specifications for consumer authentication.
Visa anticipates that early adoption of 3-D Secure 2.0 will begin in the second half of 2017.
Merchants that authenticate transactions using 3-D Secure are generally protected from issuer card-not-present fraud-related chargeback claims,1 and this rule will extend to merchant-attempted 3-D Secure 2.0 transactions after 12 April 2019, the global program activation date.
For Electronic Payment Set Up go to NationalTransaction.Com or call now 888-996-2273!
Posted in Best Practices for Merchants Tagged with: card, card-not-present, cnp, data, e-commerce, electronic payment, merchant, payment, Security, transactions
January 31st, 2017 by Elma Jane
Selecting a Payment Provider
Selecting electronic payments provider for your business is critical. NTC believes that the process starts with an honest assessment of your business and the types of credit card processing options it requires. (Retail or e-commerce, Card Present or Card-Not-Present)
Card present transaction is the most common type of account. Card-Not-Present (CNP) is a different type of account if you run a MOTO (mail order telephone order) or Internet operation.
Here are some points to keep in mind in selecting your electronic payments provider:
Referrals from fellow business owners and checking out payment providers online.
Evaluate products and services as well as cost to determine which electronic payments provider offers the biggest savings for your business.
Make sure the deals you’re considering include all the features and services you need and none that you won’t use.
Keep upgrade options in mind.
Look for 24/365 support and discuss customer service support.
Read the fine print in your contract.
The merchant account provider’s reputation is important, so find out how long they’ve been in business and their reputation in the industry.
NTC has over 20 years’ of Bankcard History. Helping businesses of all sizes for over 25 years in the industry. Call us now 888-996-2273 and tell us all about your business needs and requirements and we’ll put together a package of products and services that will best serve your credit card processing needs. There are a variety of solutions, so it’s important to focus in on those that directly address your needs.
Posted in Best Practices for Merchants Tagged with: cnp, credit card, customer, e-commerce, electronic payments, internet, merchant account, online, payment provider, payments, retail, transaction
April 20th, 2016 by Elma Jane
ECS: An Electronic Mode Of Funds Transfer From One Bank Account To Another
- Paper check conversion
- Debit Processing
- Automated Returns Management
- Reporting: Merchant Connect, ACS Standard and Custom Files, Enquire and Corporate Management Reports
- Monthly Statement
- Risk Services: Verification, Conversion
- Image
ACH E-CHECK: Uses Bank Routing and Account Number In a CNP Environment.
- Card-Not-Present e-Processing of ACH Debit
- Known Relationship B/Consumer and Business
- NOT for Ecommerce “Sale of Goods and Services”
- Debit Processing
- Automated Returns Management
- Reporting: Merchant Connect, ACS Standard and Custom Files, Enquire and Corporate Management Reports
- Monthly Statement
- Risk Services: Verification, Conversion
- No Image
Posted in Best Practices for Merchants, e-commerce & m-commerce Tagged with: account, ACS, bank, card-not-present, cnp, consumer, debit, ecommerce, ECS, merchant, risk, services
April 11th, 2016 by Elma Jane
Card-not-present fraud is projected to worsen. However, 3D secure technology has made progress and is gaining more and more adoption.
How can e-Commerce merchants avoid CNP fraud?
Here are other ways to make card-not-present transaction safe:
Biometrics – Using Fingerprint Scans and Facial Recognition or Selfie. To validate the identity of the consumer.
Challenge Questions – Such as listing your father’s middle name or a fact known only to the consumer is an effectively added layer of security.
Location Data – Another way to fight against fraud is location data and the use of IP addresses to certify the location and identity of the consumer making the transaction.
Outsource Your Payment Platform – Payments pages hosted by a reputable payment service provider are much more secure.
One-time Passwords – During the checkout process, there will be a window to enter a one-time password which the consumer receives a text message on his/her mobile phone. The consumer enters the password within a short time frame to authenticate the transaction. This solution is especially effective against cyber criminals who steal credentials.
For your payment services needs, give us a call at 888-996-2273
Posted in Best Practices for Merchants, Credit Card Security, e-commerce & m-commerce Tagged with: 3D Secure, biometrics, card-not-present, cnp, consumer, data, e-commerce, fraud, merchants, payment, Security, service provider, technology, transaction
November 13th, 2015 by Elma Jane
It’s important for merchants to understand the basic of how a credit card terminal works. It is the channel through which the process flows and the merchants can choose the right one for their processing needs, whether they use a point-of-sale (POS) countertop model, a cardreader that attaches to a smartphone or mobile device, a sleek handheld version for wireless processing or a virtual terminal for e-commerce transactions.
A credit card terminal’s function is to retrieve the account data stored on the payment card’s EMV microchip or a magnetic stripe and pass it along to the payment processing company (also known as merchant account provider).
For card-not-present (CNP) – mail order, telephone order and online transactions – the merchant enters the information manually using a keypad on the terminal, or the e-commerce shopper enters it on the website’s payment page. The back half of the process remains the same.
The actual data transmission goes from the terminal through a phoneline or Internet connection to a Payment Processing Company, which routes it to the bank that issued the credit card for authorization.
In card-present transactions where the card and cardholder are physically present, the card is connected to the reader housed in the POS terminal. The data is captured and transmitted electronically to the merchant account provider, who handles the authorization process with the issuing bank and credit card networks.
A POS retail terminal with a phone or Internet connection works best in a traditional retail setting that deals exclusively in card present transactions. For a business with a mobile sales, a mobile credit card processing option like Virtual Merchant Converge Mobile relies on a downloadable app to transform a smartphone or tablet into a credit card terminal equipped with a USB cardreader.
Wireless Terminals are compact, allowing you to accept credit cards in the field without relying on a phone connection. If you process debit cards, you’ll need a PIN pad in addition to your terminal so cardholders can enter their personal identification number to complete the sale.
Selecting the right terminal for your credit card processing needs depends largely on the type of business you run and the sorts of transactions you process. Terminals are highly specialized and provide different services. At National Transaction we offer a broad range of terminals with NFC (near field communication) Capability to accept Apple Pay, Android Pay and other NFC/Contactless payment transactions at your business. An informed business decision benefits your bottom line. Start accepting credit cards today with National Transaction.
Posted in Best Practices for Merchants, Credit card Processing, e-commerce & m-commerce, EMV EuroPay MasterCard Visa, Mobile Point of Sale, Point of Sale Tagged with: Android Pay, Apple Pay, card-not-present, card-present transactions, cardholder, cardreader, cnp, contactless payment, Converge Mobile, credit card, credit card networks, credit card terminal, debit cards, e-commerce, EMV, magnetic stripe, mail order, merchant account provider, merchants, microchip, mobile credit card processing, mobile device, Near Field Communication, nfc, online transactions, payment processing company, PIN pad, point of sale, POS, POS terminal, smartphone, telephone order, virtual merchant, virtual terminal, wireless processing
October 16th, 2015 by Elma Jane
With the EMV liability shift that takes effect in October 2015, how much you’ll be affected depends on how you process credit card payments.
For Card Present Transactions
If you use POS hardware or terminal that you need to swipe the credit card, then you’ll be facing the same EMV environment as retailers. October 1st is the start of the liability shift for fraudulent charges made with the card present transactions. The party who hasn’t made an investment in EMV security features will be liable.
For the card issuer, they need to invest in EMV security features, that’s why they came out with the chip cards, where all credit and debit cards have this security chips that are harder to counterfeit than magnetic strips.
For the merchant, they need to invest in EMV capable terminals or POS hardware that can take advantage of the card’s security chip.
If both parties have made the investment, then liability will be resolved in a similar manner to how it was before the shift. However, if only one party has adopted EMV technology, the party that didn’t make the investment will be held liable.
For Card Not Present Transaction (CNP)
If you process credit cards online, over the phone, or through an online payment gateway integrated, the new EMV standards won’t directly change the way you do business. You’ll still be processing EMV cards based on the customer’s credit card number.
Chances are Card-Not-Present transactions will experience an increase in fraud. Because of the EMV-technology in the Card Present Transaction, fraudster will likely turn their attention to the next target which is CNP,
but payment gateways and banks concerned about the vulnerabilities, will begin to adopt new standards to minimize their exposure.
If you’re processing CNP transactions stay up-to-date on the newest security developments, online security standards find more effective ways to navigate the new credit card security frontier.
Posted in Best Practices for Merchants, Credit Card Reader Terminal, Credit Card Security, EMV EuroPay MasterCard Visa, Mail Order Telephone Order, Point of Sale Tagged with: banks, Card Not Present Transaction, card-present transactions, chip cards, cnp, credit card, debit cards, EMV, merchant, payment gateway, payments, POS, terminal
October 9th, 2015 by Elma Jane
Credit card fraud is much more difficult to prevent in a card-not-present transaction. In a face-to-face setting the merchant can inspect the card to ensure that it is valid and can verify that the cardholder is an authorized user on the account. None of these actions can be performed when the payment is submitted online or accepted by phone. As we moved in adopting EMV Technology, majority of fraud is going to migrate away from counterfeit and stolen cards towards the card-not-present transaction as happened in other countries.
A combination of best practices and fraud prevention tools can provide card-not-present merchants with strong fraud prevention capabilities.
Steps to avoid fraud and protect your business for a card-not-present transaction:
- Email Verification: Send a message to the email address provided by the customer requesting that the customer verify the email address is correct, you can ensure that the email is associated with the other information provided.
- Maintain PCI compliance:All merchants accepting card payments are now required to be compliant with the requirements of the PCI DSS (Payment Card Industry Data Standard) which sets the rules for data security management, policies, procedures, network architecture, software design and other protective measures.
- Security Code Verification. Requesting the three digit security code on the back of a credit card. Visa (CVV2), MasterCard (CVC 2) and Discover (CID) cards, and the 4-digit numbers located on the front of American Express (CID) cards. Card Security Codes help verify that the customer is in a physical possession of a valid card during a card-not-present transaction.
- Use an Address Verification Service (AVS): Enables you to compare the billing address provided by your customer with the billing address on the card issuer’s file before processing a transaction. AVS is good protection against card information obtained through means like phishing and malware because fraudster might not know the billing address.
- Use 3D Secure Service: MasterCard and Verified by Visa enable cardholders to authenticate themselves to their card issuers through the use of personal passwords they create when they register their cards with the programs. The liability of any fraudulent charges through the 3D service is picked up by the issuer, not the merchant.
- Verify the phone number and transaction information.Prior to shipping your products, call the phone number provided by the customer and verify the transaction information. Criminals may be unable to verify such information, because in their haste to max out the credit line before the fraud is discovered, they often order at random and do not keep records.
Posted in Best Practices for Merchants, e-commerce & m-commerce, Mail Order Telephone Order, Payment Card Industry PCI Security, Travel Agency Agents Tagged with: American Express, card-not-present, card-security, cardholder, cnp, credit card, Discover, EMV, MasterCard, merchant, Payment Card Industry, payments, PCI, visa
September 8th, 2015 by Elma Jane
A card not present transaction (CNP, MO/TO, Mail Order / Telephone Order, MOTOEC) is a payment card transaction made where the cardholder does not or cannot physically present the card for a merchant’s visual examination at the time that an order is given and payment effected, such as for mail-order transactions by mail or fax, or over the telephone or Internet.
The Card Associations created this term to help identify these Transactions, because CNP situations tend to be where the majority of fraudulent activity occurs; it is difficult for a merchant to verify that the actual cardholder is indeed authorizing a purchase.
The card security code system has been set up to reduce the incidence of credit card fraud arising from CNP.
Types of Security codes:
CVC1 or CVV1, encoded on track 2 of the magnetic stripe of the card and used for card present transactions. The purpose of the code is to verify that a payment card is actually in the hand of the merchant. This code is automatically retrieved when the magnetic stripe of a card is swiped on a point-of-sale (card present) device and is verified by the issuer. A limitation is that if the entire card has been duplicated and the magnetic stripe copied, then the code is still valid.
The most cited, is CVV2 or CVC2. This code is often sought by merchants for Card Not Present Transactions occurring by mail, fax, telephone or Internet. In some countries in Western Europe, card issuers require a merchant to obtain the code when the cardholder is not present in person.
Contactless cards and chip cards may supply their own electronically-generated codes, such as iCVV or Dynamic CVV.
Code Location
The card security code is typically the last three or four digits printed, not embossed like the card number, on the signature strip on the back of the card.
American Express Cards have a four-digit code printed on the front side of the card above the number.
Diners Club, Discover, JCB, MasterCard, and Visa Credit and Debit Cards have a three-digit card security code. The code is the final group of numbers printed on the back signature panel of the card.
For Merchant Account Setup give us a call at 888-996-2273 or visit our website www.nationaltransaction.com
Posted in Best Practices for Merchants Tagged with: card transaction, card-not-present, cardholder, chip cards, cnp, contactless cards, credit card, debit cards, magnetic stripe, merchant, moto, security code
September 16th, 2014 by Elma Jane
Card-not-present merchants are battling increasingly frequent friendly fraud. That type of fraud..The I don’t recognize or I didn’t do it dispute. This occurs when a cardholder makes a purchase, receives the goods or services and initiates a chargeback on the order claiming he or she did not authorize the transaction.
This problem can potentially cripple merchants because of the legitimate nature of the transactions, making it difficult to prove the cardholder is being dishonest. The issuer typically sides with the cardholder, leaving merchants with the cost of goods or services rendered as well as chargeback fees and the time and resources wasted on fighting the chargeback.
Visa recently changed the rules and expanded the scope of what is considered compelling evidence for disputing and representing chargeback for this reason code. The changes included allowing additional types of evidence, added chargeback reason codes and a requirement that issuers attempt to contact the cardholder when a merchant provides compelling evidence.
The changes give acquirers and merchants additional opportunities to resolve disputes. They also mean that cardholders have a better chance to resolve a dispute with the information provided by the merchant. Finally, they provide issuers with clarity on when a dispute should go to pre-arbitration as opposed to arbitration.
Visa has also made other changes to ease the burden on merchants, including allowing merchants to provide compelling evidence to support the position that the charge was not fraudulent, and requiring issuers to a pre-arbitration notice before proceeding to arbitration, which reduces the risk to the merchant when representing fraud reason codes.
The new “Compelling Evidence” rule change does not remedy chargebacks but brings important changes for both issuers and merchants. Merchants can provide information in an attempt to prove the cardholder received goods or services, or participated in or benefited from the transaction. Issuers must initiate pre-arbitration before filing for arbitration. That gives merchants an opportunity to accept liability before incurring arbitration costs, and Visa will be using information from compelling evidence disputes to revise policies and improve the chargeback process
Visa made those changes to reduce the required documentation and streamline the dispute resolution process. While the changes benefit merchants, acquirers and issuers, merchants in particular will benefit with the retrieval request elimination, a simplified dispute resolution process, and reduced time, resources and costs related to the back-office and fraud management. The flexibility in the new rules and the elimination of chargebacks from cards that were electronically read and followed correct acceptance procedures will simplify the process and reduce costs.
Sometimes, an efficient process for total chargeback management requires expertise or in-depth intelligence that may not be available in-house. The rules surrounding chargeback dispute resolution are numerous and ever-changing, and many merchants simply do not have the staffing to keep up in a cost-effective and efficient way. Chargebacks are a way of life for CNP merchants; however, by working with a respected third-party vendor, they can maximize their options without breaking the bank.
Reason Code 83 (Fraud Card-Not-Present) occurs when an issuer receives a complaint from the cardholder related to a CNP transaction. The cardholder claims he or she did not authorize the transaction or that the order was charged to a fictitious account number without approval.
The newest changes to Reason Code 83, a chargeback management protocol, offer merchants a streamlined approach to fighting chargebacks and will ultimately reduce back-office handling and fraud management costs. Independent sales organizations and sales agents who understand chargeback reason codes and their effect on chargeback rates can teach merchants how to prevent chargebacks before they become an issue and successfully represent those that they can’t prevent.
Posted in Best Practices for Merchants, EMV EuroPay MasterCard Visa, Visa MasterCard American Express Tagged with: account, account number, acquirers, agents, Back Office, card, card holder, card-not-present, Card-not-present merchants, cardholder, cards, chargeback, chargeback fees, chargeback rates, cnp, CNP merchants, CNP transaction, fees, fraud, fraud management, Independent sales, independent sales organizations, issuer, management protocol, Merchant's, organizations, protocol, purchase, Rates, resolution, resolution process, resources, risk, sales agents, services, transaction, visa
October 31st, 2013 by Elma Jane
While credit card processors and retailers have made strides to combat credit card fraud, it is still rampant across the U.S. In fact, credit card fraud jumped 17 percent between January, 2011, and September, 2012, according to the most recent data from the FICO Falcon Fraud Manager Consortium.
Debit cards obviously have better safeguard measures in place, since debit card fraud rose less than 1 percent between January, 2011, and September, 2012. Plus, the average fraud loss per compromised account fell by 3 percent.
Card-not-present (CNP) fraud is the biggest challenge by far, accounting for 47 percent of all credit card fraud. CNP fraud – which includes payments via the internet, mail and phone – grew 25 percent over the two-year period. So, where the problems with credit cards lie.
Unfortunately, CNP fraud may get worse before it gets better, in FICO’s Banking Analytics Blog. This problem may even intensify as the US moves away from magnetic stripe and toward EMV [chip] card technology. In other countries adopting chip-based authentication technology, we’ve seen counterfeit fraud decline, but as a counterbalance, fraudsters often ramp up efforts around CNP fraud.
However, there was a glimmer of light in the credit card fraud fiasco. While card fraud attempts rose, the average loss per compromised account dropped 10 percent. Plus, the ratio of fraud to non-fraud spending remained constant. “In other words, the volume of card fraud increased proportionally to the volume of consumer credit card spending.
Even though many retailers have implemented successful fraud prevention programs, Visa provides retailers with the warning signs for CNP fraud, including:
Multiple cards used from a single IP address. Orders made up of “big ticket” items. Orders that include several of the same item. Shipping to an international address. Transactions with similar account numbers.
Posted in Digital Wallet Privacy, EMV EuroPay MasterCard Visa, Mail Order Telephone Order, Payment Card Industry PCI Security Tagged with: account, analytics, authentication, banking, big ticket, card-not-present, chip card, chip-based, cnp, counterfeit, credit-card, debit cards, EMV, fraud, fraudsters, international, internet, magnetic stripe, mail, non-fraud, orders, payments, phone, prevent, processors, retailers, safeguard, spending, transactions, visa