October 7th, 2018 by Admin
National Transaction is celebrating 21 years in the business today. Founded in 1997 National Transaction (NTC) purpose is to serve businesses of all sizes with their cash flow with the highest levels of professionalism and care.
This 21 year anniversary would not be possible without our leader, Mark Fravel and we want to take you back to his why and the reason we are still here today.
The beginnings:
Mark, a single parent of 3 beautiful daughters, wanted to provide for their kids without being on the road all the time. And so, with this passion in mind, a desire to serve and commitment to his family, National Transaction was born.
NTC began like many business and passions, with no customers and only one employee but quickly grew and Mark knew that leading with confidence and excellence will drive this business somewhere.
The Present:
Now, NTC often ranks in the top 10 of many data and technology awards. This Excellence has also earned us an A+ rating in the Better Business Bureau.
This 21 years would not be possible without our desire to help a business grow and give them the right tools for their transactions. We love being on the phone with our customers, we love getting to know them and how we can provide our best service.
The Future
Mark started this with a desire to be a family man, and so, this family feeling has stayed with our company. We treat our team like family, and we are excited about what our future holds the next 21 years.
Thank you for celebrating 21 years of customer service, passion, connection and above all, quality. We will continue to provide you with the best service we know how to give, and we will uphold our promise and mission to make digital transactions reliable and simple to the merchant and familiar to the consumer, reducing the complexity and expense to both.
Thank you for being part of the National Transaction Corporation‘s family.
Posted in nationaltransaction.com Tagged with: Anniversary, ASTA, Better Business Bureau, business, card, consumers, credit card, credit cards, credit-card, customer, customers, data, e-commerce, entrepreneur, entrepreneurship, MasterCard, merchant, merchant account, merchants, Mobile Payments, National Transaction, payments, point of sale, Security, transaction, visa
April 27th, 2015 by Elma Jane
I was shopping in Kmart and didn’t understand why my Credit Card transaction was declined. My card is EMV and Kmart is EMV, but the Kmart system did not forced the transaction to run as EMV so, Citibank declined it. Kmart can loose a $600 sale can your small business afford it? If you think hiring a professional is expensive try an amatuer…
A lot of stores, specially big chain stores, have EMV capable terminals, but they haven’t turned them on yet and still force you to swipe. Some think, migration is just getting a new terminal and asking their acquirer to enable EMV on their account. Its not only about the liability shift, and the EMV equipment, It’s the lack of information for the Merchants.
There has to be training and orientation that merchants will need to invest into for their employees. As well as changing our mentality that we all need to be prepared for this upcoming transition….as both consumers and business owners.
The issuing banks can, and are starting to decline transactions when a merchant CAN use EMV but do not. EMV is coming October 2015 and if you are not ready you may loose sales, and will loose when a fraudulent card walks in your business.
Posted in Best Practices for Merchants, Credit Card Reader Terminal, Credit Card Security, EMV EuroPay MasterCard Visa, Visa MasterCard American Express Tagged with: banks, card, consumers, credit card transaction, credit-card, EMV, Merchant's, swipe, terminals
April 6th, 2015 by Elma Jane
Merchant Cash Advance – A lump-sum payment to a business in exchange for an agreed-upon percentage of future credit card and/or debit card sales. The term is now commonly used to describe a variety of small business financing options characterized by short payment terms (generally under 24 months) and small regular payments (typically paid each business day) as opposed to the larger monthly payments and longer payment terms associated with traditional bank loans.
Merchant Cash Advance companies, provide funds to businesses in exchange for a percentage of the businesses daily credit card income, directly from the processor that clears and settles the credit card payment. A company’s remittances are drawn from customers’ debit-and credit-card purchases on a daily basis until the obligation has been met. Most providers form partnerships with payment processors and then take a fixed variable percentage of a merchant’s future credit card sales.
The Term Merchant Cash Advance – may be used to describe purchases of future credit card sales receivables, revenue and receivables factoring or short-term business loans.
This structure has some advantage over the structure of a conventional loan. Most importantly, payments to the merchant cash advance company fluctuate directly with the merchant’s sales volumes, giving the merchant greater flexibility with which to manage their cash flow, particularly during a slow season. Advances are processed quicker than a typical type loan, giving borrowers quicker access to capital. Also, because MCA providers like typically give more weight to the underlying performance of a business who may not qualify for a conventional loan.
Merchant Cash Advances are often used by businesses that do not qualify for regular bank loans, and are generally more expensive than bank loans. Competition and innovation led to downward pressure on rates and terms are now more closely correlated with an applicant’s FICO score.
There are generally three different repayment methods:
Split withholding – when the credit card processing company automatically splits the credit card sales between the business and the finance company per the agreed portion. The most common preferred method of collecting funds for both the clients and finance companies since it is seamless.
Lock box or trust bank account withholding – all of the business’s credit card sales are deposited into bank account controlled by the finance company and then the agreed upon portion is forwarded onto the business via ACH, EFT or wire. The least preferred method since it results in a one-day delay in the business receiving the proceeds of their credit card sales.
ACH withholding – when structured as a sale, the finance company receives the credit card processing information and deducts its portion directly from the business’s checking account via ACH. When structured as a loan, the finance company debits a fixed amount daily regardless of business sales.
Posted in Best Practices for Merchants, Financial Services, Merchant Account Services News Articles, Merchant Cash Advance, Merchant Services Account Tagged with: ach, bank loans, business loans, checking account, conventional loan, credit card processing, credit card sales, credit-card, debit card, finance company, loan, MCA providers, merchant, merchant cash advance, payments
March 17th, 2015 by Elma Jane
Merchant Cash Advance – A lump-sum payment to a business in exchange for an agreed-upon percentage of future credit card and/or debit card sales. The term is now commonly used to describe a variety of small business financing options characterized by short payment terms (generally under 24 months) and small regular payments (typically paid each business day) as opposed to the larger monthly payments and longer payment terms associated with traditional bank loans. The term Merchant Cash Advance may be used to describe purchases of future credit card sales receivables, revenue and receivables factoring or short-term business loans.
Merchant Cash Advance companies, provide funds to businesses in exchange for a percentage of the businesses daily credit card income, directly from the processor that clears and settles the credit card payment. A company’s remittances are drawn from customers’ debit-and credit-card purchases on a daily basis until the obligation has been met. Most providers form partnerships with payment processors and then take a fixed variable percentage of a merchant’s future credit card sales.
These Merchant Cash Advances are not loans – rather, they are a sale of a portion of future credit and/or debit card sales.
This structure has some advantage over the structure of a conventional loan. Most importantly, payments to the merchant cash advance company fluctuate directly with the merchant’s sales volumes, giving the merchant greater flexibility with which to manage their cash flow, particularly during a slow season. Advances are processed quicker than a typical type loan, giving borrowers quicker access to capital. Also, because MCA providers like typically give more weight to the underlying performance of a business who may not qualify for a conventional loan.
Merchant Cash Advances are often used by businesses that do not qualify for regular bank loans, and are generally more expensive than bank loans. Competition and innovation led to downward pressure on rates and terms are now more closely correlated with an applicant’s FICO score.
There are generally three different repayment methods:
Split withholding – when the credit card processing company automatically splits the credit card sales between the business and the finance company per the agreed portion. The most common preferred method of collecting funds for both the clients and finance companies since it is seamless.
Lock box or trust bank account withholding – all of the business’s credit card sales are deposited into bank account controlled by the finance company and then the agreed upon portion is forwarded onto the business via ACH, EFT or wire. The least preferred method since it results in a one-day delay in the business receiving the proceeds of their credit card sales.
ACH withholding – when structured as a sale, the finance company receives the credit card processing information and deducts its portion directly from the business’s checking account via ACH. When structured as a loan, the finance company debits a fixed amount daily regardless of business sales.
Posted in Best Practices for Merchants, Merchant Account Services News Articles, Merchant Cash Advance Tagged with: ach, bank loans, business loans, checking account, conventional loan, credit card processing, credit card sales, credit-card, debit card, finance company, loan, MCA providers, merchant, merchant cash advance, payments
February 27th, 2015 by Elma Jane
Here are the Frequently Asked Questions:
You’re probably finding yourself staring at your old credit card machine and worrying about the cost of buying a new machine. The transition doesn’t have to be an expensive one, but it pays to be educated as you consider this important upgrade.
Things you need to know in the form of a brief FAQ.
Where To Buy an EMV Credit Card Terminal?
All the same places you can buy or rent a non-EMV terminal, for the most part. The vast majority of the time supported EMV machines can be reprogrammed just like their non-EMV predecessors. While credit card terminal tampering has occurred in the past, it is not common and is even less easily achieved with new EMV terminals.Terminals have built-in anti-tampering features to prevent this. Your provider is free to either charge a reprograming fee, or simply refuse to reprogram outside machines. While they can reprogram, there’s no law saying that they have to.
Is It A Must to Have an EMV-Compliant Machine?
NO BUT THERE IS RISK. NFC (Near Field Communication) is the technology used by digital wallets for contactless payments. NFC EMV terminals can be considerably more expensive than standard EMV terminals. You can buy a separate NFC reader without replacing your existing EMV terminal.
Does an EMV Chip Card Reader Cost Much?
NOT VERY MUCH! These terminals are really not more expensive that the old terminals. You can find them as cheap, especially if it’s refurbished. There’s no reason to sign on to an expensive non-cancellable lease. If you’d rather rent than own, at least look for inexpensive rental options. If you want a wireless terminal or an NFC-capable terminal, the prices will be a little bit higher. But for baseline EMV-compatible chip card readers, it’s a pretty minor investment even for a very small business.
Does EMV Terminal Upgrade Really Needed?
Technically? No, but it would be like buying a new computer and not getting a virus protection program. Worse because you have financial data on. Your CUSTOMER! Practically? You should!
If you stick with your old non-chip credit card terminal, you will still be able to run transactions. All chip cards are also equipped with the same magnetic stripe used previously, so you can still swipe them. The difference is that if one of those chip cards that you swipe is used fraudulently, you will now be liable. The rationale behind this is that if you had upgraded your terminal, the fraud could have been prevented. Therefore you are held accountable. You might be tempted to think that your small businesses is unlikely to be a victim of such fraud because it hasn’t happened in the past. But consider that all of the big retailers will be upgrading to the EMV terminals, which is likely to drive fraudsters to more vulnerable outlets (ie, small businesses). So I don’t want to be a fear-mongerer but for the fairly small business expense of a terminal upgrade you get a lot of fraud protection. If it prevents just one instance of fraud in the years to come, it has likely paid for itself many times over.
For most merchants, it’s not that expensive or difficult to switch over to EMV equipment and the insurance that the switch will provide you with is well worth the effort. So start thinking about it, and don’t wait until the last minute. The last month before the liability shift occurs in the US, equipment providers will be backed up with orders, making the transition less smooth. So there’s no time like the present to start looking into chip card machines. It might even be a good time to think about switching providers.
Posted in Best Practices for Merchants, Credit Card Reader Terminal, Credit Card Security, EMV EuroPay MasterCard Visa Tagged with: chip card readers, chip cards, contactless payments, credit card machine, credit card terminal, credit-card, Digital wallets, EMV, EMV compliant, EMV machines, EMV terminal, magnetic stripe, Merchant's, Near Field Communication, nfc, NFC reader, NFC-capable terminal, wireless terminal
February 10th, 2015 by Elma Jane
National Transaction Corporation and it’s medical software partners is introducing new “Payment Processing” solutions that can help your practice, securely and efficiently, capture payments and better serve patients. NTC offers a variety of solutions to accept patient payments/co-pays in the office, on the phone and online. With our solutions, you can make it more convenient for patients to pay via debit or credit card at the point of care to help drive more consistent cash flow. In addition we can help expedite receipt of claim payments using Medipaid, our new solution from NTC that replaces paper check payments you receive from insurance companies with fast, secure electronic deposits. Medipaid combines the convenience of electronic payments with standardized ERAs (electronic remittance advice) and automated posting options. It can help your practice accelerate cash flow and simplify reconciliation processes.
Here are some benefits when using this new and exciting program:
- Eligibility resolution
- Claims and tracking
- Rejections and denials
- Patient billing and payments
- Reporting and metrics
- Clinical tools
- 24/7 support
- Updated payer list information
- Payment Integrity/PCI compliant
- Tokenization & Encryption payment security (EMV microchip cards)
- Clinical exchange solutions
- HIPAA simplified
- E-payment (EFT & ERA)
- ICD-10 information on deadline set for October 1, 2015
- Regulation mandates from HIPAA and Affordable Care Act
If you are interested in learning more about our payment processing solution and Medipaid, we will be happy to e-mail additional information. Please feel free to contact us regarding any of your payment processing needs.
Contact Elaine Zamora RN @ 954-346-3300 Ext. 1111 or Email: elaine@nationaltransaction.com
Posted in Medical Healthcare, nationaltransaction.com Tagged with: cash flow, claim payments, credit-card, debit, electronic deposits, electronic payments, electronic remittance advice, insurance companies, paper check, payment processing, payments, solutions
January 12th, 2015 by Elma Jane
Mobile Point of Sale (POS) systems have rocked the retail world and the trending topic when it comes to POS is all about the mobile kind. When one searches the term POS, nearly every article that comes up is all about mobile, and many seem to believe it will change the retail industry.
Is traditional POS on its way out? Not so fast.
While mobile POS is indeed a hot topic, it is likely to be an enhancement, rather than a replacement, to traditional POS
There is definitely a need and a place, for both.
Everyone was certain that dot.coms would eradicate brick-and-mortar stores; they are still alive and well, and traditional brick-and-mortar stores have, like traditional POS, embraced the Internet and allowed it to serve them in the capacity of extension.
Retailers everywhere have incorporated the Internet into their business model by creating multi-channel sales strategies, such as e-commerce, digital marketing, social media marketing, online product information, specifications, reviews and online customer service.
In addition to their online presence, these same retailers have started to bring the Internet in-house by integrating such services as customer centric promotions at point of sale, introducing loyalty programs and member registration, facilitating digital signage, offering e-receipts via email, and self check out centers; all at the traditional POS kiosk.
Why bother with mobile POS anyway?
While it is true that traditional POS systems won’t be going anywhere soon, and with good reason, mobile POS systems have allowed retailers to make great strides when it comes to efficiency and customer service, as well as customer satisfaction.
Since the advent of Mobile POS, companies have made big changes in the way they handle customer transactions in-store, thus affording faster checkout, waiting line reduction, consultative selling, and more.
The list of mobile POS benefits goes on and on:
Email Receipts: Better for the environment, more convenient for customers and faster to process. A digital purchase receipts sent via email tells the customer that you care about the earth and about them.
Expanded Reach: With mobile POS, your sales are no longer confined within the four walls of your brick and mortar store. Sidewalk sales, seasonal mall kiosks, and special sponsorship events are just a few examples of all the places you can take your retail sales to, with a POS in hand.
Inventory and Price Search: When customers can be assisted with finding an item color, size or availability on the spot, rather than having to wait in line to do so, it makes them happier. The same can be said for pricing. POS in the hands of store reps can go a long way toward customer satisfaction.
Inventory Return Stations: There is always a certain volume of returns, but that volume increases for retailers particularly after the holidays. The implementation of mobile POS allows for retailers to set up additional return stations in order to avoid long lines and customer frustrations.
Mobile POS goes Mobile: Your investment in your company POS system doesn’t need to be one size fits all, regardless of store traffic volume in one location or another. Retailers may opt to have a blow out sale in one location, thus require additional checkout power for that location for a specific period of time. With mobile POS, devises and licensing can be utilized throughout different store locations on an as needed basis.
Optional Seasonal Subscription: The great thing about mobile POS is that you needn’t pay for a POS system year round if you’re not using it year around. Seasonal spikes in retail sales warrant the additional cost of extra POS licensing and hardware, but the rest of the year your budget shouldn’t need to encompass more than what is needed. Mobile lets you better manage your overall POS investment.
Storewide Promotion Opportunities: Mobile POS has allowed retailers to drive sales in various sections of the store by holding demonstrations or promotions in different departments to tout products or services. Customers can be marketed, and sold to, on the spot.
The growing industry of mobile payments doesn’t stop at in-store mobile POS. Digital wallets like Google Wallet and Apple Passbook, mobile-to-mobile cell phone transfers, Near Field Communication (NFC) payments, mobile device credit card swipe and other emerging technologies are quickly changing our cash and credit card world.
What about traditional POS?
Mobile payment systems are indeed terrific. So, when should you consider going with traditional POS? The reality is, in addition to the aforementioned benefits of traditional checkout kiosk functions, there times when mobile POS simply will not suffice.
Mobile POS is great when a customer wants to choose and pay for one item while on the sales room floor, but what about when the customer has a multitude of items? Ringing up and bagging groceries, removing anti-theft mechanisms, neatly folding and bagging clothing items and managing the sales of numerous agents, stations or departments are just a few examples of situations that often require the traditional POS checkout station.
By combining traditional POS strategies with mobile POS flexibility, retailers can leverage the command of a complex, and multi-dimensional, marketing and retail sales management system.
Posted in Best Practices for Merchants, Mobile Payments, Mobile Point of Sale, Point of Sale Tagged with: brick and mortar, credit card swipe, credit-card, customer service, digital marketing, Digital wallets, e-commerce, mobile device, Mobile Payments, mobile point of sale, mobile pos, multi-channel, Near Field Communication (NFC), POS, retail industry, social media
November 4th, 2014 by Elma Jane
“Healthcare’s Unique, Robust MEDIPAID Rolls Out”
Delivering paperless, next-day deposits for Medical Billers
National Transaction Corporation (NTC) in Coral Springs, Florida announced today that, by the first of December 2014, their paperless medical insurance electronic funds capturing suite: MEDIPAID will be fully functional nationwide. NTC’s MEDIPAID delivers next-day deposits for any Medical entity that must bill health insurance companies.
MEDIPAID will bring the speed, ease and convenience of credit card merchant accounts to the world of medical insurance billing. Upon MEDIPAID’s deployment, the medical office receives its payments considerably faster. The revenue is immediately available since it is paid directly into the businesses’ checking account with secure electronic payments.
NTC’s agents help merchants standardize their Electronic Remittance Advice (ERA) and distribution options to automate posting which further reduces paper and time burdens. At a rate far less than credit card processing or third party billing companies, MEDIPAID is designed to eliminate the healthcare provider’s paper check payments with electronic payments that include the remittance detail (ERA) and further allows providers to take advantage of distribution options to automate the claims payment posting processes.
For more information, Contact us anytime.
National Transaction Corporation
Posted in Best Practices for Merchants, Medical Healthcare Tagged with: billing, check payments, credit card processing, credit-card, electronic funds, electronic payments, Electronic Remittance, health insurance, Medical Billers, merchant accounts, Merchant's, paperless medical insurance, secure electronic payments
October 8th, 2014 by Elma Jane
When the PCI Security Standards Council (PCI SSC) launched PCI DSS v3.0 in January 2014, businesses were given one year to implement the updated global standard. Now that the deadline is fast approaching, interest is picking up in what v3.0 entails. On Jan. 1, 2015, version 3.0 of the Payment Card Industry (PCI) Data Security Standard (DSS) will reach year one of its three-year lifecycle.
Trustwave, a global data security firm, is on the frontlines of helping secure the networks of merchants and other businesses on the electronic payments value chain against data breaches. As an approved scanning vendor, Trustwave is used by businesses to achieve and validate PCI DSS compliance.
PCI DSS v3.0 is business as usual for the most part, except for a few changes from v2.0 that considers impactful for large swaths of merchants. The top three changes involve e-commerce businesses that redirect consumers to third-party payment providers. The expansion of penetration testing requirements and the data security responsibilities of third-party service providers.
Penetration testing
Penetration testing is the way in which merchants can assess the security of their networks by pretending to be hackers and probing networks for weaknesses. V3.0 of the PCI DSS mandates that merchants follow a formal methodology in conducting penetration tests, and that the methodology goes well beyond what merchants can accomplish using off-the-shelf penetration testing software solutions.
Merchants that are self assessing and using such software are going to be surprised by the rigorous new methodology they are now expected to follow.
Additionally, penetration testing requirements in v3.0 raises the compliance bar for small merchants who self assess. Those merchants could lower the scope of their compliance responsibilities by segmenting their networks, which essentially walls off data-sensitive areas of networks from the larger network. In this way merchants could reduce their compliance burdens and not have to undergo penetration testing.
Not so in v3.0. If you do something to try to reduce the scope of the PCI DSS to your systems, you now need to perform a penetration test to prove that those boundaries are in fact rigid.
Redirecting merchants
The new redirect mandate as affecting some, but not all, e-commerce merchants that redirect customers, typically when they are ready to pay for online purchases to a third party to collect payment details. If you are a customer and you are going to a website and you add something to your shopping cart, when it comes time to enter in your credit card, this redirect says I’m going to send you off to this third party.
The redirect can come in several forms. It can be a direct link from the e-commerce merchant’s website to another website, such as in a PayPal Inc. scenario, or it can be done more silently.
An example of the silent method is the use of an iframe, HTML code used to display one website within another website. Real Estate on the merchant’s website is used by the third-party in such a way that consumers don’t even know that the payment details they input are being collected and processed, not by the e-commerce site, but by the third party.
Another redirect strategy is accomplished via pop-up windows for the collection of payments in such environments as online or mobile games. In-game pop-up windows are typically used to get gamers to pay a little money to purchase an enhancement to their gaming avatars or advance to the next level of game activity.
For merchants that employ these types of redirect strategies, PCI DSS v3.0 makes compliance much more complicated. In v2.0, such merchants that opted to take Self Assessment Questionnaires (SAQs), in lieu of undergoing on-site data security assessments, had to fill out the shortest of the eight SAQs. But in v3.0, such redirect merchants have to take the second longest SAQ, which entails over 100 security controls.
The PCI SSC made this change because of the steady uptick in the number and severity of e-commerce breaches, with hackers zeroing in on exploiting weaknesses in redirect strategies to steal cardholder data. Also, redirecting merchants may be putting themselves into greater data breach jeopardy when they believe that third-party payment providers on the receiving end of redirects are reducing merchants’ compliance responsibilities, when that may not, in fact, be the case.
Service providers
Service provider is any entity that stores, processes or transmits payment card data. Examples include gateways, web hosting companies, back-up facilities and call centers. The update to the standard directs service providers to clearly articulate in writing which PCI requirements they are addressing and what areas of the PCI DSS is the responsibility of merchants.
A web hosting company may tell a merchant that the hosting company is PCI compliant. The merchant thought, they have nothing left to do. The reality is there is still always something a merchant needs to do, they just didn’t always recognize what that was.
In v3.0, service providers, specifically value-added resellers (VARs), also need to assign unique passwords, as well as employ two-factor authentication, to each of their merchants in order to remotely access the networks of those merchants. VARs often employ weak passwords or use one password to access multiple networks, which makes it easier for fraudsters to breach multiple systems.
The PCI SSC is trying to at least make it more difficult for the bad guys to break into one site and then move to the hub, so to speak, and then go to all the other different spokes with the same attack.
Overall, v3.0 is more granular by more accurately matching appropriate security controls to specific types of merchants, even though the approach may add complexity to merchants’ compliance obligations. On the whole a lot of these changes are very positive.
Posted in Best Practices for Merchants, Credit Card Security, Payment Card Industry PCI Security Tagged with: (PCI SSC), call centers, cardholder data, consumers, credit-card, customers, data breaches, data security assessments, Data Security Standard, e-commerce breaches, e-commerce businesses, e-commerce merchant's website, electronic payments, global data security, global standard, Merchant's, merchant’s website, mobile, networks, payment, payment card data, Payment Card Industry, payment providers, PCI Security Standards Council, PCI-DSS, Penetration testing, Service providers, shopping cart, software solutions, web hosting, website
September 24th, 2014 by Elma Jane
The CVV Number (Card Verification Value) on your credit card or debit card is a 3 digit number on VISA, MasterCard and Discover branded credit and debit cards. On your American Express branded credit or debit card it is a 4 digit numeric code.
The codes have different names:
American Express – CID or unique card code.
Debit Card – CSC or card security code.
Discover – card identification number (CID)
Master Card – card validation code (CVC2)
Visa – card verification value (CVV2)
CVV numbers are NOT your card’s secret PIN (Personal Identification Number).
You should never enter your PIN number when asked to provide your CVV. (PIN numbers allow you to use your credit or debit card at an ATM or when making an in-person purchase with your debit card or a cash advance with any credit card.)
Types of security codes:
CVC1 or CVV1, is encoded on track-2 of the magnetic stripe of the card and used for card present transactions. The purpose of the code is to verify that a payment card is actually in the hand of the merchant. This code is automatically retrieved when the magnetic stripe of a card is swiped on a point-of-sale (card present) device and is verified by the issuer. A limitation is that if the entire card has been duplicated and the magnetic stripe copied, then the code is still valid.
The most cited, is CVV2 or CVC2. This code is often sought by merchants for card not present transactions occurring by mail or fax or over the telephone or Internet. In some countries in Western Europe, card issuers require a merchant to obtain the code when the cardholder is not present in person.
Contactless card and chip cards may supply their own codes generated electronically, such as iCVV or Dynamic CVV.
Code Location:
The card security code is typically the last three or four digits printed, not embossed like the card number, on the signature strip on the back of the card. On American Express cards, the card security code is the four digits printed (not embossed) on the front towards the right. The card security code is not encoded on the magnetic stripe but is printed flat.
American Express cards have a four-digit code printed on the front side of the card above the number.
MasterCard, Visa, Diners Club, Discover, and JCB credit and debit cards have a three-digit card security code. The code is the final group of numbers printed on the back signature panel of the card.
New North American MasterCard and Visa cards feature the code in a separate panel to the right of the signature strip. This has been done to prevent overwriting of the numbers by signing the card.
Benefits when it comes to security:
As a security measure, merchants who require the CVV2 for card not present payment card transactions are required by the card issuer not to store the CVV2 once the individual transaction is authorized and completed. This way, if a database of transactions is compromised, the CVV2 is not included, and the stolen card numbers are less useful. Virtual Terminals and payment gateways do not store the CVV2 code, therefore employees and customer service representatives with access to these web-based payment interfaces who otherwise have access to complete card numbers, expiration dates, and other information still lack the CVV2 code.
The Payment Card Industry Data Security Standard (PCI DSS) also prohibits the storage of CSC (and other sensitive authorization data) post transaction authorization. This applies globally to anyone who stores, processes or transmits card holder data. Since the CSC is not contained on the magnetic stripe of the card, it is not typically included in the transaction when the card is used face to face at a merchant. However, some merchants in North America require the code. For American Express cards, this has been an invariable practice (for card not present transactions) in European Union (EU) states like Ireland and the United Kingdom since the start of 2005. This provides a level of protection to the bank/cardholder, in that a fraudulent merchant or employee cannot simply capture the magnetic stripe details of a card and use them later for card not present purchases over the phone, mail order or Internet. To do this, a merchant or its employee would also have to note the CVV2 visually and record it, which is more likely to arouse the cardholder’s suspicion.
Supplying the CSC code in a transaction is intended to verify that the customer has the card in their possession. Knowledge of the code proves that the customer has seen the card, or has seen a record made by somebody who saw the card.
Posted in Best Practices for Merchants, EMV EuroPay MasterCard Visa, Point of Sale, Visa MasterCard American Express Tagged with: (Card Verification Value), (CVC2), American Express, atm, authorization data, bank/cardholder, card holder data, card identification number, card issuers, Card Not Present transactions, card number, card numbers, card security code, card validation code, card-not-present, card-present transactions, cardholder, cards, cash advance, chip cards, CID, code, Contactless card, credit, credit-card, CSC, customer, customer service, CVC1, CVV Number, CVV1, CVV2, Data Security Standard, debit, debit card, debit cards, device, Diners Club, Discover, fax, gateways, iCVV or Dynamic CVV, individual transaction, internet, issuer, JCB credit, magnetic stripe, mail, MasterCard, merchant, payment card, Payment Card Industry, payment card transactions, payment gateways, PCI-DSS, Personal Identification Number, PIN, point of sale, post transaction authorization, security codes, telephone, terminals, unique card code, virtual terminals, visa, web-based payment