February 2nd, 2016 by Elma Jane
Businesses continue to struggle with the prohibited storage of unencrypted customer payment data. The Payment Card Industry Data Security Standard (PCI DSS), merchants are instructed that, Protection methods are critical components of cardholder data protection in PCI DSS Requirement.
PCI DSS applies to every company that stores, processes or transmits cardholder information. Regardless of the size or type of business you operate, the number of credit card transactions you process annually or the method you use to do so, you must be PCI compliant.
Data breach is not a limited, one-time occurrence. This is why PCI compliance is required across all systems used by merchants.
Encryption and Tokenization is a strong combination to protect cardholder at all points in the transaction lifecycle; in use, in transit and at rest.
National Transaction’s security solutions provide layers of protection, when used in combination with EMV and PCI-DSS compliance.
Encryption is ideally suited for any businesses that processes card transactions in a face to face or card present environment. From the moment a payment card is swiped or inserted at a terminal featuring a hardware-based, tamper resistant security module, encryption protects the card data from fraudsters as it travels across various systems and networks until it is decrypted at secure data center.
Tokenization can be used in card not present environments (travel merchants) such as e-commerce or mail order/telephone order (MOTO), or in conjunction with encryption in card present environments. Tokens can reside on your POS/PMS or within your e-commerce infrastructure at rest and can be used to make adjustments, add new charges, make reservations, perform recurring transactions, or perform other transactions in use. Tokenization protects card data when it’s in use and at rest. It converts or replaces cardholder data with a unique token ID to be used for subsequent transactions.
The sooner businesses implement encryption and tokenization the sooner stored unencrypted data will become a thing of the past.
Posted in Best Practices for Merchants, Travel Agency Agents Tagged with: card, card data, card present, cardholder, compliance, credit card, customer, data, data breach, data security, e-commerce, EMV, encryption, Mail Order/Telephone Order, merchants, moto, payment, Payment Card Industry, PCI-DSS, POS, secure data, Security, terminal, tokenization, tokens, travel, travel merchants
October 30th, 2015 by Elma Jane
This is a question we encounter on a daily basis. Travel environments are unique in that your transactions are usually keyed, there is almost always a delayed delivery period, large ticket transactions are not uncommon since one cardholder may be paying for multiple tickets, they tend to be seasonal, with peak season months generating an unusual spike in their “average” monthly volume, and chargeback’s pose a potential threat by travelers who are unable to complete their trip. Combine even a few of these factors together and you have cause for a reserve, or even account termination.
Being a part of a MO/TO (Mail Order/Telephone Order) or Keyed environment carries an increased risk of potential fraud or unauthorized use of a credit card. Since the credit card and cardholder are not present at the time of the transaction, the merchant has a limited ability to ensure the card is not being misused or that the proper AVS (address Verification Service) information is provided. NTC stresses the use of Credit Card authorization forms in order to obtain the correct credit card number, expiration date, billing address, and signature of the cardholder.
Travel merchants tend to have periods of increased volume based on peak travel seasons, whereas most other industries tend to have the same average monthly volume every month. This can generate spikes in volume on the merchant account that can trigger security concerns with the processor. Helping the merchant to analyze their volume trends and reporting the trends to the underwriters helps eliminate the security concerns when these spikes occur.
Large transactions which exceed the average sale amount for the merchant account can also trigger security concerns. Merchants who do not inform their merchant processor of large transactions prior to charging the credit cards can trigger security concerns and cause funding delays and reserve holds. Educating and clearly communicating with the merchant how to handle large tickets, volume spikes, and group bookings, prevents reserves, funding delays and/or other merchant account issues.
Another concern from the underwriters is the delayed delivery time frame. Delayed Delivery refers to the amount of time between accepting a credit card payment (whether a deposit or full purchase) and the time the cardholder travels. The client’s credit card is billed and the travel agent is paid however, the trip the travel agent was paid for doesn’t generally take place for 2 to 3 months. This leaves a lot of time for things to change, and should the client not travel for some reason, the first thing they do if the travel agent does not issue a refund, is claim a chargeback. NTC offers quite a few tips that can help protect the travel agent from chargeback situations.
Most merchants do not realize that merchant processors carry a financial risk on merchant accounts, and normally fund merchants prior to receiving payment from the client’s bank. Essentially, a merchant account is an unsecured loan. The merchant runs a transaction and at the end of the day they settle their batch. Generally the merchant will receive the funds for that batch in their bank account within 2 business days even though the travel arrangements the client paid for do not take place right away.
Here at National Transaction Corp, we specialize in understanding what makes your transactions, as a travel agent, unique in how they affect your merchant account. Educating the merchant and ensuring they have a good understanding of what makes travel merchant account high risk, is one of our specialties. We have established a special relationship with our underwriting department which facilitates our ability to approve your high risk travel merchant account.
Contact your travel merchant account specialist at NTC today.
Mark Fravel
National Transaction Corp
Founder and President
888-996-2273
Posted in Best Practices for Merchants, Travel Agency Agents Tagged with: address verification service, avs, card holder, card payment, chargeback, credit card, Mail Order/Telephone Order, merchant, merchant account, merchant processor, moto, transactions, travel agent, Travel environments, travel merchants