code Archives - Payment Processing News
September 24th, 2014 by Elma Jane

The CVV Number (Card Verification Value) on your credit card or debit card is a 3 digit number on VISA, MasterCard and Discover branded credit and debit cards. On your American Express branded credit or debit card it is a 4 digit numeric code.

The codes have different names:

American Express – CID or unique card code.

Debit Card – CSC or card security code.

Discover  – card identification number (CID)

Master Card – card validation code (CVC2)

Visa  – card verification value (CVV2) 

CVV numbers are NOT your card’s secret PIN (Personal Identification Number).

You should never enter your PIN number when asked to provide your CVV. (PIN numbers allow you to use your credit or debit card at an ATM or when making an in-person purchase with your debit card or a cash advance with any credit card.)

Types of security codes:

CVC1 or CVV1, is encoded on track-2 of the magnetic stripe  of the card and used for card present transactions. The purpose of the code is to verify that a payment card is actually in the hand of the merchant. This code is automatically retrieved when the magnetic stripe of a card is swiped on a point-of-sale (card present) device and is verified by the issuer. A limitation is that if the entire card has been duplicated and the magnetic stripe copied, then the code is still valid.

The most cited, is CVV2 or CVC2. This code is often sought by merchants for card not present transactions occurring by mail or fax or over the telephone or Internet. In some countries in Western Europe, card issuers require a merchant to obtain the code when the cardholder is not present in person.

Contactless card and chip cards may supply their own codes generated electronically, such as iCVV or Dynamic CVV.

Code Location:

The card security code is typically the last three or four digits printed, not embossed like the card number, on the signature strip on the back of the card. On American Express cards, the card security code is the four digits printed (not embossed) on the front towards the right. The card security code is not encoded on the magnetic stripe but is printed flat.

American Express cards have a four-digit code printed on the front side of the card above the number.

MasterCard, Visa, Diners Club,  Discover, and JCB credit and debit cards have a three-digit card security code. The code is the final group of numbers printed on the back signature panel of the card.

New North American MasterCard and Visa cards feature the code in a separate panel to the right of the signature strip. This has been done to prevent overwriting of the numbers by signing the card.

Benefits when it comes to security:

As a security measure, merchants who require the CVV2 for card not present payment card transactions are required by the card issuer not to store the CVV2 once the individual transaction is authorized and completed. This way, if a database of transactions is compromised, the CVV2 is not included, and the stolen card numbers are less useful. Virtual Terminals and payment gateways do not store the CVV2 code, therefore employees and customer service representatives with access to these web-based payment interfaces who otherwise have access to complete card numbers, expiration dates, and other information still lack the CVV2 code.

The Payment Card Industry Data Security Standard (PCI DSS) also prohibits the storage of CSC (and other sensitive authorization data) post transaction authorization. This applies globally to anyone who stores, processes or transmits card holder data. Since the CSC is not contained on the magnetic stripe of the card, it is not typically included in the transaction when the card is used face to face at a merchant. However, some merchants in North America require the code. For American Express cards, this has been an invariable practice (for card not present transactions) in European Union (EU) states like Ireland and the United Kingdom since the start of 2005. This provides a level of protection to the bank/cardholder, in that a fraudulent merchant or employee cannot simply capture the magnetic stripe details of a card and use them later for card not present  purchases over the phone, mail order or Internet. To do this, a merchant or its employee would also have to note the CVV2 visually and record it, which is more likely to arouse the cardholder’s suspicion.

Supplying the CSC code in a transaction is intended to verify that the customer has the card in their possession. Knowledge of the code proves that the customer has seen the card, or has seen a record made by somebody who saw the card.

 

Posted in Best Practices for Merchants, EMV EuroPay MasterCard Visa, Point of Sale, Visa MasterCard American Express Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

August 4th, 2014 by Elma Jane

Run through a non-profit organisation, Stellar is a decentralized protocol for sending and receiving money in any pair of currencies, be they dollar, yen or bitcoin. The system works through the concept of gateways that let people get in and out of the network. Users hold a balance with a gateway, which is any network participant that they trust to accept a deposit in exchange for credit on the network. To cash out, a user invokes the promise represented by a gateway’s credits, returning them in exchange for the corresponding currency.

Like Ripple, Stellar comes with its own built-in digital currency, which will be given away for free to people who sign up via Facebook, to nonprofits and to current bitcoin and Ripple holders. Initially there will be 100 billion ‘stellars’ (five per cent of which will be kept back to fund the nonprofit) with the supply increasing at one per cent a year. Although stellars will have a market-determined value, their main purpose will be to provide a conversion path between other currencies. This means that when two parties exchange money through the distributed exchange, stellars sit in the middle. Example, a user might submit a transaction which converts EUR credits to stellar and then converts those stellar to AUD credits. Ultimately, the user will have sent EUR, the recipient will have received AUD, and two exchange orders will have been fulfilled.

Developers are being invited to jump in and work with the open-source code and build applications on top of Stellar. The project has secured the backing of payment industry darling Stripe, which has handed over $3 million in exchange for two per cent of stellars. Stellar is highly experimental, but it’s important to invest effort in basic infrastructure when the opportunity arises. Stellar could become a much better substrate for a lot of the world’s financial systems.

 

Posted in Internet Payment Gateway Tagged with: , , , , , , , , , , , , ,

June 12th, 2014 by Elma Jane

QR:  The Bridge to the Modern World

Involvement devices have come a long way from the time of Clearinghouse mailings, where you would peel off a label and stick it onto another page before dropping it back in the mail.

Today, print’s best involvement device is the QR code. It works as a portal or bridge into the mobile online world where the cataloger’s brand lives and breathes in real time. Even better, it can lead the customer from the catalog page to the checkout button on their smartphone within minutes.

The printed catalog delivers rich colors and a personal, tactile experience still not attainable through any mobile device. In many ways, though, it is a vestige of a bygone era, and an expensive one at that. Catalogers know this. Even the U.S. Postal Service also knows this. That’s why the USPS is running a postage discount promotion for the second year in a row this summer to encourage the use of QR codes by direct mailers.

Let’s take a quick look at the way a few catalogers are using QR codes.

Anthropologie

Anthropologie’s marketing strategy is more about selling a lifestyle than selling products. That explains why making it easy for customers to move toward actually buying something doesn’t seem like such a big priority in their catalog. They did not include a QR code anywhere. The closest they came was one line next to the address: For store information, go to www.anthropologie.com. Their 800 number, they do take phone orders is printed only once in tiny type, so having no QR code seems to fit in with their attempts to play hard to get. Marketing critique aside, by not using a QR code on their catalog, they are missing the opportunity to draw customers into closer involvement with their brand, whether or not they intend to make an immediate sale.

Best Practices

With these few examples in mind, it’s time to look at best practices for using QR codes in catalogs, which can be a two-sided equation. There is the technical aspect and the branding/selling aspect. As far as the technical side goes, customers need to use their smartphone to scan the code successfully, and the destination on the other end must be optimized for mobile access. Sometimes the hardest part is organizing the resources required to execute the backend side of things, especially if the goal is to make an immediate sale.

The main thing to consider is that QR codes work as a bridge and that bridge is a smartphone, iPad, or some other tablet with all their usual constraints (screen size, internet connection, quality of camera, QR reader app, user proficiency, etc.). Also, don’t assume that everyone has a QR reader or even knows what a QR code is. Especially in catalogs, where customers have been seeing postal service barcodes for years, people may assume that the pixelated square thing is just something else for the USPS to lose money on. Instead, including a brief call to action to scan the QR code should do the trick.

Crossing the Bridge

Getting customers to scan the QR code is only half the battle. Now you need to make sure they feel it was worth their while to scan. It’s all about the next steps in your customer relationship. If you have an Apple or Android app, then that’s where to send people if you know that you can convert sales successfully on mobile devices. Sending them to your Facebook fan page is an option too, but not a big win if a majority of your customers are already fans.

Special promotions, optimized for mobile access, will certainly earn your QR its keep. If your goal is to inspire a trip to one of your stores, then do what Brookstone does and send customers to a Google map with all store locations within a hundred miles. It’s also possible to send scanners to a dedicated page, again, optimized for mobile where you give them a number of options: Facebook, shop, app, etc.

Delia’s

By appealing to fashion-hungry American teens via retail stores, web, and catalog, Delia’s sold over $220 million in 2011. In the single catalog we looked at, Delia’s had a QR code on its back cover. When scanned, the code points to Delia’s Facebook page. That’s certainly one way to build involvement with the Delia’s brand, but it may not be the best. Delia’s has an Apple app with full e-commerce capabilities, so Delia’s could be missing out on the opportunity to help the customer cut to the chase and get straight to their virtual shopping bag. Still, at least they’re using the code. 

King Schools

Unless you’re a pilot in training or know one fairly well, you have probably never heard of King Schools. They offer more than 90 flight training courses, plus all sorts of accessories for pilots-in-training. They have no retail stores, but that’s all the more reason to mention them here, retailers can learn a lot from King Schools about how to use QR codes in their catalogs.

In the one catalog, King used a QR code on the front cover and the back cover. Now, the iPad shows enormous potential for use in general and commercial aviation, so King is smart to use their QR codes to point customers directly toward their mobile apps and offerings. In fact, King Schools uses QR codes on the Take Courses on Your iPad landing page itself.

In most cases it seems counterintuitive to display a QR code on a website for people to scan. After all, they’re already there. It’s a smart use of codes in this case, for two reasons. First, the codes lead the customer directly to the Apple app store, so it actually makes sense to scan the codes even though the customer is already on their website. The customer is now just a few clicks away from buying and installing the app. Second, there is one QR code for their app store in general, and then there are unique codes for individual apps.

Technicalities

The content in a QR code tops out at 4,296 alphanumeric characters, but catalogers only need a fraction of that to get the customer to where they want them. However, even when the character count is down to a few dozen, size does matter, because QR codes with more data embedded in them are more complex visually. This means that even smartphones with the latest and greatest optics will have trouble reading densely populated codes. Make sure the QR code is big enough. Even the simplest codes will frustrate the scanning process if they are too small or if there isn’t enough white space around them. Maybe a QR code isn’t the most photogenic thing in the world, so it’s a good challenge for catalog art directors to incorporate it into the design without shrinking it into oblivion.

More sophisticated catalogers will want to use personalized QR codes. Today, even local printers are likely to have the means to print unique QR codes for each recipient in a mailing. This creates the ability to track scans back to the individual, a marketer’s dream when it comes to one-to-one marketing relationships.

Innovation can get you traction within the social media realm and that’s money in the bank. Whether you’re a major catalog player or using QR for something completely different, always consider getting the marketing and PR people involved to leverage any novelty aspects of the application.

The benefits pile up quickly to those catalogers who take the time to get smart about QR codes. Thick catalog books can be thinned down a bit if QR codes succeed in pulling customers from the page and onto their site or apps, cutting postal costs for the millions of mailings every year. And, even if the cataloger doesn’t go to the extreme of printing unique QR codes, the branding value of offering that connection from the old-style printed piece to the dynamic world of interactive mobile technology makes it well worth the effort.

The ink needed to print a QR code on a major retailer’s catalog might weigh only a fraction of an ounce, but when used right, it’s worth its weight in gold. Too bad the majority of catalogs seem to be squandering the opportunity by underutilizing the code or worse, not including any at all. In a world where an integrated multi-channel approach is a must-have for any retailer to survive, the stakes of leveraging every opportunity for interaction are higher than ever.

Posted in Best Practices for Merchants, Smartphone Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

May 9th, 2014 by Elma Jane

Email is an indispensable part of running any business, it is so important. It’s often the best  and least intrusive way to communicate with employees, colleagues and collaborators. Not all email platforms are equal, it’s important to choose one with the right email service and  features your business need, also to avoid overpaying for features that you don’t need.

Factors to consider before settling on an email platform for your business.

Bonus Features

Once you’ve found an email service that covers all the basics, check for additional features that can boost your productivity. Some platforms such as Gmail and Outlook includes integrated video chat. That means you can use a single service for both exchanging messages and meeting remotely, making your day-to-day operations simpler and more efficient. Some email platforms also include instant messaging functionality. Instant messaging is better than email for real-time discussions, since you can exchange numerous short messages in rapid succession. Sending an instant message may be preferable to sending an email if the content of your message is not that important

Collaboration Tools

Good business email platform makes it easier for you to work together with your employees or colleagues. The best platforms include tools to help you collaborate. Services such as Gmail and Outlook include a built-in-calendar as part of your email inbox, in a few simple steps you can share your calendar with others so they can view and edit it on the fly. That can really help with planning and collaboration. Email threading is another feature that can help you work together with colleagues. Threaded emails make it easier to follow long exchanges because replies appear one after another in a single thread, instead of being spread throughout your inbox in the order they were received.

 Free or Paid??

One thing you can’t get with a free Web mail service is the ability to use your brand’s name as part of your email address. Registering for a free Gmail account gives you an email address like [username]@gmail.com; but by subscribing to Google Apps for Business, you can secure an email address that reads [username]@[yourbusiness].com. In most cases, you’ll need to already own your own Web domain in order to use it as part of your email address, but registering a domain can cost as little as $10 per year. Services such as Microsoft Office 365, give you your own domain name without the need to pay additional hosting fees.

Security

Whether you pay for email or use a free service, you’ll want tight security for your business inbox especially if running your business involves the exchange of private client data and other sensitive data can be attached to your email account, such as bank account numbers and tax returns. Even more than with your personal email, it’s important to keep cyber criminals out of your business account. Before settling on an email service, check for common-sense security measures such as spam and phishing filters. Support for two-factor authentication is also important. The feature helps keep outsiders out of your inbox by requiring users to have two pieces of information to sign in. The first is your regular password and the second is a freshly generated code sent to either your mobile phone or a second email address. Other security features to check for include built-in antivirus measures to keep malware off your computer, which is especially important if you download a lot of attachments. Whether or not it’s important for you (and any employees) to have a branded email address is ultimately up to you. An email address that includes your own domain name can potentially boost the perceived credibility of your business. On the other hand, a generic email address might be fine for the smallest businesses, especially if you are a sole proprietor.

Storage Space

A branded email address isn’t the only advantage of a paid email service. Paid platforms offer plenty of other perks, such as expanded cloud storage for email and other files. Many free email services offer limited storagespace, forcing you to delete messages when your inbox gets full. If you run a small business that relies heavily on email and you prefer to archive messages rather than delete them, your inbox can fill up in a hurry. By subscribing to a paid service, you can gain access to a much bigger inbox. There are a few other related concerns to consider. The maximum size of an email attachment varies widely between different services, with some services capping attachments at 10GB and others letting you send huge files up to 300GB or more, as long as the file is already uploaded to the cloud.

Posted in Best Practices for Merchants Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

October 11th, 2013 by Elma Jane

PayPal payments giant may finally have found a way to get people to use (Quick Response Code) QR Code.

The company is introducing Payment Code today, a new technology intended to enable shoppers to make purchases by scanning a QR code on their mobile phone, or receive a short four-digit code on their phone, to complete a purchase. “Payment code is easy to use and understand and utilizes a ubiquitous technology that merchants have and are familiar with. If the merchant has a barcode or QR code scanner, the merchant scans to complete the transaction. If the merchant doesn’t, then a four-digit code pops up on the shopper’s phone that can be entered into the PIN pad at checkout.

According to the PayPal blog, Payment Code is an extension of the company’s offerings aimed at enhancing in-store payments. Their approach isn’t to push technology for technology’s sake, but to truly make the paying experience better for consumers and to give merchants more opportunity to innovate without a costly investment. When shoppers are ready to pay, they open the PayPal app (or the specific merchant’s app) and check in at that location, which will result in the app prompting them with a QR code, or a four-digit short code, to authenticate their purchase.

Posted in Financial Services, Merchant Account Services News Articles, Mobile Payments Tagged with: , , , , , , , , , , , , , , , , ,