August 28th, 2014 by Elma Jane
Merchants are still using pedestrian passwords that crooks can easily break, security company Trustwave has found. Of the nearly 630,000 stored passwords that Trustwave obtained during penetration tests in the past two years, its technicians were able to crack more than half in just a few minutes and 92% within 31 days. Even though adding new information about weak passwords or ongoing malware investigations gets frustrating because the same problems facing the financial and payments industries persist, it does not surprise Trustwave researchers. For a lot of software or hardware developers, their main concern is availability of the service. They want to make sure their POS is available and running to accept credit cards, often at the cost of a lot of security controls. It is difficult to implement security and to do it correctly.
Trustwave recommends longer passwords with more characters, rather than shorter ones with letters and numbers. A longer password that is a phrase not easily figured out is better than a shorter, complex password. These findings have been added to an online version of the 2014 Trustwave Global Security Report. To accommodate the fast changing nature of security threats, Trustwave is regularly updating its research and making the information available to consumers and payments industry stakeholders on the company’s site. The criminals stealing data are a constantly moving target. It no longer made sense for those interested in our research to have to wait a year to see new statistics. Having access to updated security reporting should be helpful to merchants. They can see how trends are tracking over time, instead of constantly having to go online to see what is relevant to them or rely on the trade groups to keep them informed. This provides one switch to keep them in the know, so there is some value there and it’s a smart move on Trustwave’s part. Since the new Payment Card Industry security requirements call for security measures to be embedded in software development lifecycles, there is some utility in Trustwave’s new approach to sharing research information.
Trustwave said the trend of businesses detecting breaches continues to rise, with 29% of businesses doing so in 2013 compared to only 9% in 2009. Trustwave compiled that data from 691 post-breach forensics investigations conducted in 2013. The report also indicated e-commerce breaches are increasing, with 54% of all breaches targeting e-commerce sites in 2013, compared to only 9% in 2010. More regions, including the U.S., being in various stages of converting to EMV chip-based cards for card-present transactions fuels the criminals’ shift to e-commerce fraud. Additionally, the company is working with law enforcement officials after discovering a control center of eight servers behind what is being called Magnitude, an exploit kit of Russian origin that has led to thousands of attacks and millions of attempted malware attacks globally.
Posted in Best Practices for Merchants, Payment Card Industry PCI Security, Point of Sale Tagged with: breaches, card, card-present transactions, company, credit cards, data, e-commerce, EMV chip-based cards, financial, fraud, Global Security, hardware, industry, Malware, Merchant's, online, passwords, payment, Payment Card Industry security, payments, payments industries, POS, Security, servers, software
August 21st, 2014 by Elma Jane
Accept Electronic Payments in Their Currency, Convert it to Yours. National Transaction helps you and your customers transact with confidence.
DCC provides convenient currency conversion service at the time of purchase benefiting both the credit card holder and merchants. Our solution provides a system where the Visa or MasterCard holder in a foreign country can shop on an American based website that displays prices in their own local currency. Dynamic Currency Conversion utilizes a Bank Reference Table (BRT) otherwise known as a Card Recognition Table (CRT). This table is updated on a daily basis so that transactions have the most up to date conversion rate for transactions. Your web site holds pricing information in $USD, and based on the selection of the shopper, prices are converted to their native currency. At the close of the transaction an invoice or receipt can present the total to the customer in their currency, along with the merchants local currency along with the exchange rate that was applied.Your business reaches foreign nations expanding your market while presenting new opportunities, increasing your businesses bottom line and making international transaction with confidence. We have diverse set of applications to enable various kinds of business models and financial frameworks.
Posted in Best Practices for Merchants Tagged with: Bank Reference, Card Recognition, conversion rate, credit-card, currency, Currency Conversion, customers, DCC, Dynamic Currency, electronic payments, exchange rate, financial, invoice, MasterCard, Merchant's, pricing, rate, receipt, transactions, visa, website
April 11th, 2014 by Elma Jane
Of the 17 percent of consumers who reported having had their credit card declined during a card-not-present (CNP) transactions. As many as one-third of those declines were unnecessary. The result is consumer aggravation, increased operational costs for banks and credit card companies and as much as $40 billion in lost revenue for online retailers.
TrustInsight which helps establish trusted relationships between financial institutions, merchants and online consumers conducted study. A report and infographic detailing the findings of the study found that avoidable online credit card declines lead to loss of trust for consumers, sales for merchants and increased operational costs for credit card companies and issuing banks.
Study also revealed that consumers handle credit card declines in a variety of ways all of which carried negative economic impact to at least one party in the transaction, resulting in unnecessary operating costs for banks, decreased loyalty for the credit card company and lost revenue for all. Almost half call their issuer immediately when their card is unexpectedly declined. This is a natural response. 34 percent of consumers try again another credit card, other use a different payment method and 24 percent will skip the purchase altogether or shop at a different online retailer.
No one wants to turn away business, and no one wants their business declined. The frustration and impact of wrongful declines is a real problem especially as more and more transactions occur in non-face-to-face situations.
Impact of consumer action in the face of a decline can have real and measurable effects on all parties, including credit card companies, banks and merchants manifesting itself in lost customer loyalty, lost fees and lost revenues. Creating a standard for online trust that enables credit card companies, merchants and issuing banks to better recognize trusted digital consumers and reduce the number of wrongly declined consumers avoiding unnecessary losses.
In a world where people are increasingly reliant on a variety of Internet-connected devices for everything from banking to shopping to entertainment and media, creating friction-free customer experiences and preventing online fraud are constant business challenges.
Posted in Best Practices for Merchants, Credit card Processing, Credit Card Security, Electronic Payments, Financial Services, Gift & Loyalty Card Processing, Merchant Services Account, Small Business Improvement, Visa MasterCard American Express Tagged with: banking, consumers, credit-card, decline, declined, declines, different payment method, digital, digital consumers, financial, frustrate, internet-connected devices, issuing banks, loyalty, Merchant's, online credit card declines, online fraud, online retailers, shopping, transactions, wrongful declines, wrongly declined
December 12th, 2013 by Elma Jane
The Consumer Financial Protection Bureau is reviewing whether credit card rewards program are misleading to credit card users.
Results of the review may be new. Strict rules about the transparency of rewards programs, including details about cash back offers, mileage awards and how these rewards must be redeemed.
In an email to Bloomberg News, CFPB Director Richard Cordray said, we will be reviewing whether rewards disclosures are being made in a clear and transparent manner, and we will consider whether additional protections are needed.
Credit card issuers like American Express, Bank of America, Chase, Citi and Discover rely on rewards programs to attract new customers as well as increasing the use of their cards by existing cardholders. Rewards are the No. 1 reason why customers select the card, and there’s almost a battle to provide the highest rewards.
What we’ve learned over time is, our best customers value rewards. Their spend behaviour changes based on rewards, said Edward Gilligan, the President of American Express.
The CFPB’s restrictions could put a damper on each company’s ability to draw in new cardholders.
While there are no apparently abuse issues with rewards programs at this time, the CFPB is taking the initiative to catch a problem before it happens.
Keep an eye out for notices from your credit card issuer about changes in your rewards program. Changes, or at least clarifications, could come as a result of this examination.
Posted in Gift & Loyalty Card Processing, Visa MasterCard American Express Tagged with: American Express, Bank of America, cardholders, Chase, Citi, consumer, credit-card, Discover, financial, issuer, protection, rewards
December 2nd, 2013 by Elma Jane
Europay, Mastercard, and Visa (EMV) standards. Considered safer and widely used across Europe and other nations, the chip-based cards require insertion of the card into a terminal for the duration of a transaction, a break here from our traditional swipe-and-buy behavior. That’s just one way in which EMV changes things here… but it’s not the only way, nor is it the most important way. By way of reminder, October 2015 is the date by which all restaurants and other merchants are due to have implemented these standards, or potentially be liable for counterfeit fraud, which primarily reflects a shift from magnetic-stripe credit cards to chip cards.
The main driver in the EMV migration is card-related financial fraud. As an example, and traditionally, card fraud in the United Kingdom has always been considerably higher than here in the States, primarily because the U.K. previously used offline card authorization as opposed to the online card methodology used here. As losses due to fraud rose steadily in Europe, despite the best efforts of global law enforcement agencies to reduce it, the pressure to find a solution built around some alternative authentication strategy mounted. From this concern, EMV was born.
Is it working? Recent statistics from the European Central Bank (ECB) revealed that, despite growing card usage, fraud in the Single Euro Payments Area (SEPA) – a mature EMV territory that includes all 28 members of the European Union, Finland, Iceland , Liechenstein, Monaco and Norway, – fell 7.6% between 2007 and 2011. This decline is underpinned by a slowdown in the growth of ATM fraud as well as a 24% drop in fraud carried out at point of sale terminals. The 2008 Canadian roll-out of Chip and PIN had a dramatic impact on fraud there. Card Skimming had accounted for losses totaling $142 million, but that figure dropped to $38.5 million in 2009, according to figures provided by the Interac Association. Some critics point to the fact that most of this decrease comes in the form of face-to-face card fraud, and that criminals merely shift their focus onto some other area that is less anti-fraud focused. Still, there are positive gains and as technologies improve, more successes are sure to follow.
Part of the reason why the U.S. not embraced EMV sooner is because our fraud problem, while significant, has typically been among the lowest rates in the world among highly developed economically mature countries. Much of that is due to the online authentication methods at work here. Here at home, our online authentication methodology permits authorizations to be done in real-time, thus thwarting a significant percentage of the fraudulent attempts at the point-of-sale, the best place to stop fraud. Our online authentication methods also incorporate multiple fraud and risk parameters as well as advanced neural networks that are ‘built-in’ to the approval process. It’s been a highly effective system that works well, when compared to most alternatives. The effectiveness of our authentication processes has helped fuel the resistance to full EMV adoption here. However, the EMV migration has gained momentum to the point where it is only a matter of time. The truth is that, despite the gains in preventing credit card fraud, and despite the best efforts of EMV’s backers to push acceptance through, global adoption of the EMV standard is still considerably less than 100%.
In England’s old offline authentication method, credit card transactions were gathered together at specific times- typically, at the end of the business day- and then batched over to the card issuers for authorization. It’s a method that gave those committing fraud a significant time lag between the transaction and the authorization, and this time lag contributed greatly to the higher levels of fraudulent activities in England. However, for Europe and for much of the rest of the world, adoption of the EMV technologies changes things dramatically, at least in terms of authentication protocols for both online and offline purchases. During an offline transaction using the EMV chip card, the payment terminal communicates with the integrated circuit chip (ICC), embedded in the payment card. This is a break from the old method which involved using telecommunications to connect with the issuing bank. The ICC / terminal connection enables real-time card authentication, cardholder verification, and payment authorization offline. Alternatively, in an online EMV transaction, the chip generates a cryptogram that is authenticated by the card issuer in real time.
Posted in Electronic Payments, EMV EuroPay MasterCard Visa, Financial Services, Near Field Communication, Payment Card Industry PCI Security, Visa MasterCard American Express Tagged with: authentication, batched, card, card authorization, card-related, chip cards, chip-based, credit cards, cryptogram, EMV, EuroPay, financial, fraud, fraudulent, icc, insertion, integrated, magnetic stripe, MasterCard, Merchant's, networks, online, payment, restaurants, Skimming, standards, swipe-and-buy, terminal, transaction, verification, visa
November 14th, 2013 by Elma Jane
Micropayments provide faster results and some immediate gratification that can keep you motivated. Rather than eating out or splurging on something that you don’t really need, immediately apply that money to pay down your credit card balance. Instead of paying a certain amount once a month, divide that payment in half and pay that amount every two weeks. Consumers can even sign up for an electronic transfer of your funds to take place every two weeks. By the end of the year, you will have made 26 payments or the equivalent of 13 monthly payments. The extra monthly payment resulting from this payment plan will enable you to pay down your debt at a faster pace.
If you are planning to make micropayments, consumers may want to call their credit card company to verify that separate payments can be made and will be credited to their monthly minimum. See if your issuer has any restrictions or limitations on making additional payments.
Holiday shopping is just around the corner, and consumers need to have their credit card balances as low as possible in order to avoid costly interest charges. One way to do this is to make micropayments on their credit card bill. While we are conditioned to pay our credit card bill once a month, consumers can actually make a number of smaller payments throughout the month. Some banks and issuers allow payments to be made as often as once a day. If you carry a balance, micropayments can reduce the interest because most credit card companies charge interest based on your average daily balance during the month. Pay more often and you reduce your average daily balance and therefore the interest you pay that month.
If you have more than one card with a balance, keep paying the minimums for each card, but pick one card to pay off first. Select either the card with the highest interest rate (save more money) or the card with the lowest balance (pay it off faster). Stop charging on that card, using another card for purchases.
There are several other advantages to making micropayments when paying down credit card debt:
You may have better control of your payments. If you are paid weekly or bi-weekly, money can slip away by the end of the month. Designate a specific day after you are paid to send in a payment for your credit card. Four $50 payments or two $100 payments are sometimes easier to make than a monthly $200 payment. It is also easier to add a little extra money to smaller payments.
In time, micropayments can help raise your credit score. An organized, scheduled payment plan can help you avoid late payments and pay more than the minimum due. Both of these are important elements for a good credit score.
Micropayments can reduce financial stress. Making payments right after payday at a time when you actually have the money will likely reduce anxiety and financial stress.
The higher your interest rate, the more you will save.
The disadvantage to the micropayment plan is that it takes time, organization and financial discipline to make the plan work and this may be difficult for some people.
Posted in Electronic Payments, Financial Services, Visa MasterCard American Express Tagged with: balance, bill, consumers, credit-card, credited, debt, elements, financial, interest, issuers, limitations, micropayments, money, monthly minimum, pay, payments, purchases, shopping
October 29th, 2013 by Elma Jane
Three dimensions merchants must look for in a payment system PSP and ISO:
1. Ability to adapt and customize the solution.
2. Solutions that support broad range of payment methods.
3. Supports a full set of different channels and devices.
Difference between a PSP and ISO in the payments ecosystem? Online and Mobile Payments:
There are two types of merchant service providers and not all service providers are made equal, Processors and Resellers:
Resellers are known in the industry as Independent Sales Organizations (ISO’s) and/or Merchant Service Providers (MSP’s).
1) Resellers or ISOs – ISOs resell the products or services of one or multiple processors. They can also develop their own or aggregate other value added products and services. ISO’s range from a little sketchy to best in class providers.
2) Processors – Also known as Acquirers, processors are distinguished by their ability to actually process a transaction. To be a processor, a company must have the technical capability to receive transaction data from a merchant via a telephone line or the internet and then communicate with the appropriate financial institutions to approve or decline transactions. Processors must also be able to settle completed transactions through financial institutions in order to deposit funds into the merchant’s bank account.
Processors can be banks or non-banks. While processors do maintain a direct sales force of their own, they primarily work through ISOs to acquire and maintain their merchant base. A processor’s business model is really one of economies of scale. They’re volume shops. They essentially outsource the sales function to ISOs. The processing industry is highly concentrated with the top five processors maintaining over 70% of all transaction volume.
Types of ISOs:
1. Banks – Banks of all shapes and sizes are ISOs. Banks entered into the merchant services business because it was a natural fit with their product and service offerings. It’s a way to increase revenue per customer. Most, but not all banks, will private label the services so that it’s difficult to distinguish whether they are a processor or ISO. The benefit of working with a bank is that you can consolidate your financial services. The drawback is, the you usually get out of the box solutions and service.
2. Non-banks – These types of ISOs range from some of the most dynamic and capable providers to firms who don’t represent the industry very well.
Industry Dynamics – There are a few dynamics that make the industry landscape quite interesting. First, there are very barriers to entry due to the lack of certifications, licenses, and capital requirements. Secondly, there really is no active regulatory body that oversees and enforces acceptable practices. So naturally, with these two market conditions, merchants need to be mindful and thorough in selecting a provider.
Processors versus ISOs In comparing the two, ISOs offer all of the products and services that processors do (because they are reselling) but processors can’t always offer the same products and services as ISOs. This is because ISOs can resell for multiple processors and can either develop their own technologies or aggregate solutions from other providers. ISOs have largely been the most successful creators of value-added services. ISO’s also tend to be smaller, which usually (but not always) leads to better customer service.
Processors are usually a safer bet for newer merchants that are still learning about the industry. Most still maintain what consider less-than-upfront pricing practices, but with their services it is less common to hear about some of the more serious problems that merchants encounter when they deal with the wrong ISO. As for price, in most cases, there really is very little to no difference. I argue, and fully disclose my vested interest, that in nearly any situation a best in class, non-bank ISO can provide more value than a processor.
Posted in Best Practices for Merchants, Credit card Processing, Electronic Payments, Financial Services, Mail Order Telephone Order, Merchant Services Account, Visa MasterCard American Express Tagged with: account, acquirers, aggregate, approve or decline, bank, best in class, channels, customize, data, deposit, devices, financial, independent sales organizations, internet, ISO, merchant service providers, Merchant's, mobile, msp, non-banks, online, payment methods, payment system, payments, processors, psp, resellers, solution, telephone, transaction, value added
October 17th, 2013 by Elma Jane
National Transaction Corporation’s services will work with any existing (Non Proprietary) Terminal. NTC can reprogram an existing terminal as well as service and provide supplies for any terminal.
Below are the following Terminals and Model Type:
1. Hypercom – They produce electronic payment processing hardware and software for a wide range of industries. In 2009 Hypercom co-founded founding the Secure POS (Point Of Sale) Vendor Alliance, a non profit organization created by Hypercom, Ingenico and VeriFone to increase awareness of and improve payment industry security. Hypercom entered into a merger agreement with VeriFone, which closed August 4th, 2011.
Hypercom Machines: T7P – T7Plus – T4100 – T4210 – T4220 IP Terminal. For Precise Detail of the machines please check our website. www.nationaltransaction.com
2. Ingenico – is a leading provider of payment solutions, with over 20 million terminals deployed in more than 125 countries. Ingenico is a worldwide company, whose business is to provide the technology involved in secure electronic transactions. Its traditional business is based around the manufacture of point of sale payment terminals, but it now also includes complete payment solutions and related services. In 2008, after the merging with SAGEM Sécurité, Ingenico decided to close its historical R&D centre in Barcelona. This centre has developed Ingenico’s most successful family of EFTPOS (Electronic funds transfer point of sale). More than three million units sold worldwide in 2007. Ingenico acquired German payment processor Easycash in 2009. In 2011, Ingenico integrated Pennies, The electronic charity box, into one of their market leading mobile Chip and PIN payment terminals, allowing retailers to ‘switch on’ the Pennies solution so their customers can add a micro-donation to their bill when paying by card. As of 2012, over 15 million Ingenico terminals are deployed across 125 countries, with the Ingenico Aqua 50 being their best selling POS (Point Of Sale) terminal.
Ingenico Terminals: iPP220 – iPP320USB – iCT220 PIN Pad – iCT250 CounterTop – Agua PCI – i5100 Dial – i7780 HandHeld i778oM – i7780 Versatile Base – 7770 Intel Base. For Precise Detail of the terminal please check our website. www.nationaltransaction.com
3. VeriFone – is a global provider of technology for electronic payment transactions an international producer and designer of electronic payment solutions and value-added services at the POS (Point Of Sale). VeriFone provides merchant-operated, consumer-facing and self-service payment systems for the financial, retail, travel & hospitality, petroleum, government and healthcare industries. The company’s solutions are utilized by merchants, processors and acquirers in developed and emerging economies worldwide.
VeriFone Models: OMNI 3730LE/VX510LE N – OMNI 3750 4MEG DUAL COM – VX 510 6 MB DUAL COM 12MB – VX570 DUAL COM 6MB WITH SMART CARD – VX610 CDMA (AVAILABLE FOR SPRINT AND VERIZONE). For Precise Detail of the models please check our website. www.nationaltransaction.com
Posted in Credit card Processing, Credit Card Reader Terminal, Credit Card Security, Electronic Payments, Near Field Communication, Point of Sale Tagged with: 15100 Dial, 7770 Intel Base, acquirers, aqua 50, Aqua PCI, Chip and PIN, eftpos, electronic, electronic funds transfer point of sale, financial, healthcare, hospitality, hypercom, i7780, iCT220 PIN Pad, IP, iPP220, iPP320USB, mobile, Omni 3730LE, Omni 3750, paying, payment, point of sale, processor, retailers, Security, T4100, T4210, T4220, T7P, T7Plus, travel, VX 510, VX510LE, VX570, VX610
October 15th, 2013 by Elma Jane
Banking and payments technology provider FIS and City National Bank, a private and business bank, have partnered to pilot FIS’s Cardless Cash Access at City National ATMs in Los Angeles, New York City and San Francisco. The solution lets consumers stage an ATM transaction from their mobile devices.
City National plans to introduce the emerging technology to clients in its three largest markets early next year, according to an FIS announcement, continuing FIS’ rollout of the solution at banks and ATMs in key U.S. locations.
FIS said Cardless Cash Access securely authenticates a user on his or her smartphone. The consumer then uses the phone to select the account and amount of the withdrawal. At the ATM, the consumer scans a QR code on the ATM screen and, within seconds, the cash is dispensed and an e-receipt is sent to the phone.
Consumers continue to look for innovative new ways to engage with their financial institutions via mobile devices, FIS Mobile, said in the release. At the same time, they demand additional security to keep their information safe. Information from Cardless Cash Access is maintained in the cloud, so card data cannot be accessed if the consumer’s phone is lost or stolen – making this a faster, safer, more secure way to make a withdrawal.”
To decrease fraud, FIS said, security within Cardless Cash Access is provided through the app’s authentication and registration of a user’s smartphone, which the company said eliminates card skimming risk and fraud incidents for banks and their clients.
With the proliferation of debit and access to cash at the point of sale, financial institutions are looking for ways to expand the utility of the ATM,” Senior vice president and head of product strategies, Vince Hruska, City National Bank, said in the release. “Cardless Cash Access not only provides a secure and easy way to obtain cash from an ATM, but introduces to the client a new way of looking at ATM use.
Posted in Financial Services Tagged with: account, amount, atm, authenticates, banking, banks, card, cardless, cash, data, e-receipt, emerging, financial, Mobile Devices, national, payments, QR code, securely, Security, Skimming, smartphone, transaction
October 3rd, 2013 by Elma Jane
Here’s how typical credit card transaction works:
When a consumer pays with a credit card, the merchant sends the details of the transaction along with the credit card information to the merchant’s bank. The merchant’s bank forwards the information to the cardholder’s bank for approval. If approved, the cardholder’s bank sends the required amount to the merchant’s bank, minus the merchant discount rate. The credit card companies don’t receive any revenue directly from interchange rates. Instead they make their money by charging the banks fees for networks, transactions and other kinds of services.
Up until April 2008, interchange rates were simple and inflexible. At that point, the company decided to move to a more dynamic system.
Interchange rates now vary from card to card, depending on the types of services and incentives offered. Typically, premium cards, which come with rewards for things like travel, cost merchants more to process. The rates also vary by type of transaction, and even by type of retailer. At times, the card companies have, for example, set special rates for grocery and gas retailers in a bid to boost credit-card use in locations where cash and debit traditionally dominated. The card companies have also introduced a growing number of premium and even super-premium cards that cost merchants more to process. The cards appeal to consumers because they contain a number of attractive incentives, such as travel and other rewards. The changes in the rate structure followed a change in the credit card companies’ business model in the mid 2000s.
Visa and MasterCard evolved from private associations owned mainly by the banks they serviced to publicly traded, profit-driven entities beholden to a wide range of shareholders. Merchants say the fees they pay to accept credit cards are rising as a result and have become increasingly unpredictable. Critics of the credit card companies say the merchant is a powerless middleman in a system that entices consumers to use their cards and banks to reap the benefits.
The credit card companies say the system benefits everyone, including merchants, by providing a rapid, secure form of payment.
Every time you use your credit card to make a purchase, the merchant pays what is called the “merchant discount fee.” The merchant discount fee is calculated as a percentage of the good or service purchased. It can range from 1.5 per cent to 3 per cent. On a $100 item, for example, the merchant could pay a fee of between $1.50 and $3.The merchant discount fee covers a number of things, such as terminal rentals, fraud protection and transaction slips. But the biggest component of it is based on the interchange rate, which is set by the credit card companies.
In a complicated twist, the credit card companies don’t make any money from the interchange rate. The banks do. The interchange rate is what makes the credit card system work. This rate ensures the banks have a financial incentive to issue and accept credit cards.
Posted in Credit card Processing, Electronic Payments, Merchant Services Account, Visa MasterCard American Express Tagged with: associations, bank, card, cardholder, charging, credit, credit-card, discount rate, dynamic, fees, financial, fraud, interchange, merchant, Merchant's, networks, payment, process, protection, Rates, rentals, secure, services, terminal, transaction, travel