Convention
November 6th, 2015 by Elma Jane

Money 20/20 was billed as the largest convention in payments history held in Las Las Vegas, during the last week of October 2015.

The show delivered well-organized, incisive content such as Europay, MasterCard and Visa (EMV) migration, mobile payments, security and omnichannel commerce.

20/20 Highlights

  • Alternative lending and credit.
  • Bill Payments, Financial Services: Newly released market research provides insights into the future of household bill payments, millennials, and financial services.
  • Connected Commerce and the Mobile Enterprise: The Internet of Things is changing the way that consumers interact with their environments. Analysts predict up to 30 billion interactive devices will be connected to the Internet by 2020, noting that many of these devices will be payment-enabled.
  • Marketing and Customer Experience: Most marketers agree that the era of demographic profiles and pull marketing is over. Retailers, card brands and information technology professionals looked at the customer experience in the digital world. They explored new marketing practices, trends in e-commerce and mobile commerce, and big data findings in other industries that may be useful to financial service companies.
  • Mobile Banking: Banks are undergoing an incremental transformation as they learn to compete with nonbank lenders, balance cash management with digital currencies, and shift from local branches to online and mobile forms of banking.
  • Mobile Payments: Payments analysts reviewed Apple Pay a year after its launch and a range of other mobile wallet offerings, and they speculated on how third-party wallets will impact bank apps.
  • Payment Card Evolution: Payment card issuers, processors and network service providers analyzed the changing look, feel and role of payment cards in the greater ecosystem. Discussions ranged from card linking to the coolness factor of gift cards to how e-cards are expanding market opportunities.
  • POS, Processing and Open Platforms: Executive roundtables with leading acquirers explored front-end and back-end technology and omnichannel commerce for small and midsize businesses.
  • Regulatory Landscape: Increased federal and state oversight has had a significant impact on the financial services sector.
  • Security: Security analysts made in-depth presentations on tokenization, end-to-end encryption, and secure methods of authentication designed to protect consumers, merchants and industry stakeholders from cybercriminals. Many agreed that EMV implementation in the United States will drive fraudsters to the card-not-present space. They discussed how EMV adoption has changed fraud patterns in other regions and offered examples of best practices geared toward identifying and preventing electronic payment fraud.

More than 10,000 attendees and 3,000 exhibitors from 75 countries attended Money20/20. Financial services professionals from mobile, retail, marketing services, data and technology met at what show organizers described as the intersection of mobile, retail, marketing services, data and technology.

The years to come will be a turning point in the payments sector, and with the recent shift to EMV, the entire conference confirmed that all the players are more interested than ever in finding innovative solutions for combating online fraud.

 

 

Posted in Best Practices for Merchants Tagged with: , , , , , , , , , , , , , , , , , , ,

Security
October 19th, 2015 by Elma Jane

Small merchants don’t consider themselves at risk for a cyberattack. But Cybercriminals thrive on data about employees, customers, bank accounts and many other types of information any small business would carry, with fewer resources than large firms, small businesses are especially at risk for attacks.

Here are Steps to find out to make your business more cybersecure:

Employ best practices on payment cards – Credit card companies are now shifting from magnetic-strip payment cards to safer, more secure chip card EMV Technology. Are you ready for the shift? Now is the time, you should work with your banks and processors to ensure you’re using the most trusted and validated anti-fraud services. You may also have additional security obligations pursuant to agreements with your bank or processor. You should isolate payment systems from other, less secure programs and don’t use the same computer to process payments and surf the Internet.

Educate employees about cyberthreats – Educate your employers about online threats and how to protect your organization’s data, including safe use of social networking sites.

Protect against viruses, spyware, and other malicious code – Make sure all of your organization’s computers are equipped with antivirus software and antispyware and update regularly. Such software is readily available online from a variety of vendors. All software vendors regularly provide patches and updates to their products to correct security problems and improve functionality. Configure all software to install such updates automatically.

Require employees to use strong passwords and to change them often – Consider implementing multifactor authentication that requires additional information beyond a password to gain entry. Check with your vendors that handle sensitive data, especially financial institutions, to see if they offer multifactor authentication for your account.

Secure your networks – Safeguard your Internet connection by using a firewall and encrypting information.  If you have a Wi-Fi network, make sure it is secure and hidden. To hide your Wi-Fi network, set up your wireless access point or router so it does not broadcast the network name, known as the Service Set Identifier (SSID). Password protect access to the router.

No one can guarantee your safety from a cyberattack, appropriate planning makes a big difference. By using these tips and resources, you can help promote the safety of your employees, customers, and the future success of your small business.

Posted in Best Practices for Merchants, Credit Card Security, EMV EuroPay MasterCard Visa Tagged with: , , , , , , , , , ,

CB
August 20th, 2015 by Elma Jane

We live in a nearly cashless society. Accepting credit cards is a requirement in today’s business trend.

What are the benefits of accepting both credit and debit at your business? Check out NTC’s List.   

Convey a sense of trust.

When launching a business, you won’t have the credibility of a well-established company, so gaining instant credibility by promoting that you’re able to accept credit cards will help your business evolve.

You’ll be able to acquire respectability and strong customer relationships, compared to companies that don’t accept credit cards.

The more payment options, the better the sales. 

Why limit your customers to just cash? The number of people carrying cash decreases every day, accepting credit cards will open the door to more opportunities.

Credit Cards drive e-commerce.

Nearly every transaction made on the Internet is paid for by some sort of payment card, be it credit, debit or gift cards, so having a successful online presence and creating an excellent revenue stream is crucial for the growth of your business.

Plastic is better than a check.

Because of the high level of diligence done by Credit Card Processors, it’s less likely that you’ll be a victim of fraud when compared to accepting checks. Accepting one bad check can make a business susceptible to spending valuable time dealing with banks and trying to find the customer to get reimbursed.

National Transaction can help you with your Merchant account set up, making the application process as seamless as possible.

Our goal is to create a smooth, fast and secured transaction process, leading to a better relationship with your customers.

Customers tend not to hesitate with convenient, nice to have purchases when they use a credit card compared to harder-to-part-with cash.

For Merchant Account Setup give us a call at 888-996-2273 or visit our website www.nationaltransaction.com

 

 

Posted in Best Practices for Merchants Tagged with: , , , , , , , ,

EMV
August 13th, 2015 by Elma Jane

The credit card processing industry, have been working towards including EMV technology in all of the point of sale systems.

Many processors have sent out EMV capable devices that will need to be adjusted before they can start accepting EMV card transactions.

See which category you fall into so you are prepared when October 1 rolls around.

First, check and see if your credit card machine has the slot to accept EMV cards (it’s either a slot in front, or on the top of, the unit). If you don’t, you need to contact your processors or sales agent to update your equipment .

If you do have the slot for EMV cards, you’ll need to contact National Transaction to see if your EMV capable machine has been enabled to accept EMV cards.

What is the difference between EMV capable and EMV enabled?

  • EMV Capable – EMV capable means that your credit card machine is equipped with the hardware (i.e. the slot) and has the capability to do a transaction, but first you’ll have to update the application to enable you to process the cards.                                                 At National Transaction, we have a support specialist to assist you with step-by-step instructions to switch your credit card Point-of-Sale System, from EMV capable to EMV enabled.
  • EMV Enabled – When your machine is EMV enabled, your terminal is ready to accept EMV transactions.                                                                                                               According to MasterCard, 73 percent of consumers say owning a chip card would encourage them to use their card more often. In addition, 75 percent of consumers expect to use their chip card at the merchants where they shop today.                     Keeping these numbers in mind, it only makes sense to equip your business with an EMV enabled credit card POS system.

What makes EMV technology so important?

EMV is a global payment system that adds a microprocessor chip into credit cards and debit cards, and reduces the chance a transaction is being made with a stolen or copied credit card. Unlike traditional magnetic-stripe cards, anytime you use an EMV card, the chip in the card creates a unique transaction sequence that can’t be replicated. Because the number will never be valid again, it makes it hard for hackers to fake these cards. If they attempt to use the copied EMV card, the transaction would be denied.

The rollout of EMV technology is ongoing, but even with the October 1 deadline, it’s estimated that only 70 percent of credit cards and 40 percent of debit cards in the U.S. will support EMV. Despite these numbers, that doesn’t mean you shouldn’t update your equipment.

Following the deadline, card present fraud liability will shift to whoever is the least EMV compliant party in a fraudulent transaction.

Make sure that’s not you!

 

 

Posted in Best Practices for Merchants, Credit card Processing, Credit Card Reader Terminal, Credit Card Security, EMV EuroPay MasterCard Visa, Point of Sale Tagged with: , , , , , , , , , , , , , , , , ,

May 26th, 2015 by Elma Jane

MasterCard is aiming to change the way people transfer money between debit cards, with its new program called MasterCard Send. This first-of-its-kind, global personal payments platform allows consumers to send and receive funds within seconds, rather than waiting for the standard 1-3 business day transfer time.

Unlike most person-to-person (P2P) processors like PayPal, MasterCard Send is not designed specifically for consumers. Instead, it aims to help businesses send disbursements and cash back to customers in something very close to real-time.

Customers can receive direct deposits into their debit card accounts for shipping rebates. There is no waiting for a check in the mail or a long transfer process.

Consumers can still use MasterCard Send to send and receive money from friends and family members. The recipient does not need a debit card to access the funds. Send will also work with programs like Western Union.

According to MasterCard, cash and checks still contribute $1 trillion in global spending every year. MasterCard Send is attempting to be a safer, faster and cheaper alternative to these transactions. The program is now live in the United States.

MasterCard Send is addressing a real need that exists in today’s digital world to enable consumers, businesses, governments and more to have a safe, simple and secure way to transfer and receive funds quickly.

 

 

Posted in Financial Services Tagged with: , , , , , , , , , , ,

May 19th, 2015 by Elma Jane

We’re now nearly midway through 2015, and payment security still remains a topic that stirs up great concern and confusion. While there is seemingly unanimous agreement on the need for heightened security, there’s uncertainty about those who are tasked with actually implementing it. Let’s dig deeper into EMV, P2PE and tokenization. How each will play a part in the next generation of securing payments, and how without properly working together they might just fall short.

 

 

Europay, MasterCard, and Visa (EMV) – A powerful guard against credit card skimming. EMV also uses cryptography to create dynamic data for every transaction and relies on an integrated chip embedded into the card.

Downside: For Independent Software Vendor (ISVs), the biggest downside of EMV is the complexity of creating an EMV solution. ISVs interested in certifying PINpads with a few processors face up to 22 months of costly work, and because there are a large number of pending certifications, processors will be backed up over the next few years.

It’s not impossible for an ISV to build EMV solutions in-house, but it’s difficult and unnecessary when there are plug-and-play EMV solutions available. These solutions include pre-packaged and pre-certified APIs that remove most of the need for research, the complexity and the burden of time and cost.

Point to Point Encryption (P2PE) – Secures devices, apps and processes using encrypted data with cryptographic keys only known to the payment company or gateway from the earliest point of the transaction, from tech-savvy criminals, jumping at their chance to intercept POS systems and scrape the memory from Windows machines.

How does a key get into card reader? Through an algorithm called derived unique key per transaction (DUKPT), or “duck putt.” DUKPT generates a base key that’s shared with device manufacturers securely, where output cardholder data is rendered differently each time a card is swiped, making it impossible to reverse engineer the card data. P2PE not only benefits the cardholders, but also the ISVs and merchants. PA-DSS certification was designed to address the problems created with cardholder data which is not encrypted.

Downside: P2PE isn’t cheap if an organization wants to do it in-house. The secure cryptographic device needed to manage the keys, Hardware Security Module (HSM), can cost $30-40,000 but when it’s built out, that total cost can jump to $100,000.

TOKENIZATION – The best way to protect cardholder data when it’s stored is using tokenization, a process which the PCI Security Standards Council describes as one where the primary account number is replaced with a surrogate value a token. For merchants dealing with recurring billing, future payments, loyalty programs and more, tokenization is critical.

Downside: Tokenization doesn’t prevent malware that’s remotely installed on POS devices. It’s possible, as seen with recent retail card breaches, for data to be stolen before it is tokenized. That’s why it’s essential to group tokenization together with P2PE and EMV to offer optimal security.

 

Posted in Best Practices for Merchants, Credit Card Security, EMV EuroPay MasterCard Visa, Payment Card Industry PCI Security, Visa MasterCard American Express Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

April 28th, 2015 by Elma Jane

The Southeast Acquirers Association held its 14th annual conference April 20 to 21, 2015, in New Orleans with a balanced blend of exhibits, entertainment and presentations. It’s a two-day event which includes networking, presentations, seminars and entertainment.

It was a well-organized, high quality event with a great balance between social gatherings and informative discussions around payments, acquiring and merchant relationships.

 

Leading industry processors, manufacturers, vendors, leasing companies and technology startups convened in the exhibit hall. Monday evening’s opening reception was followed by a Bourbon Street pub crawl led by a live jazz band. Show highlights included an ETA Certified Payments Professional seminar, an array of contests and an eclectic mix of guest speakers.

Other presentations by industry experts included advice on selling merchant portfolios, using technology to acquire new merchants, and effective ways to build a personal brand through networking and relationships.

Exhibiting at SEAA increased company’s visibility and credibility. The show’s overall atmosphere as friendly professionalism.

Lagniappe, a word that means a little something extra, can be used to describe the spirit of camaraderie and partnership at Transaction Cardi Gras. It thought to have originated in New Orleans from the Spanish phrase la ñapa.

Posted in Best Practices for Merchants Tagged with: , , , ,

September 15th, 2014 by Elma Jane

Visa has taken advantage of the hoopla surrounding Apple’s application of digital account tokens to replace card numbers for online and mobile purchasing by initiating the roll out of its Token Service to US clients.

Visa Tokens will be made available to issuing financial institutions globally, starting with US banks next month, and followed by a phased roll-out overseas beginning in 2015. The technology has been designed to support payments with mobile devices using all major mobile platforms.

More than 750 staff from across the Visa organisation globally were involved in the effort, working closely with initial launch partners – financial institutions, merchants and processors to ensure the ecosystem was ready. Today, Visa is making these services available and believe it will help transform connected devices and wearables into secure payment vehicles.

Visa Token Service replaces sensitive payment account information found on plastic cards with a digital account number or token. Because tokens do not carry a consumer’s payment account details, such as the 16-digit account number, they can be safely stored by online merchants or on mobile devices to for e-commerce and mobile payments.

The release of the service has been given added urgency by a spate of successful hacks on merchant card data stores, such as the recent plundering of card account data at Home Depot and Target.

MasterCard has its own equivalent Digital Enablement Service, which will be released outside of the US in 2015.

Posted in Best Practices for Merchants, Credit Card Security, e-commerce & m-commerce, Mobile Payments, Visa MasterCard American Express Tagged with: , , , , , , , , , , , , , , , , , , , , , , , ,

October 31st, 2013 by Elma Jane

While credit card processors and retailers have made strides to combat credit card fraud, it is still rampant across the U.S. In fact, credit card fraud jumped 17 percent between January, 2011, and September, 2012, according to the most recent data from the FICO Falcon Fraud Manager Consortium.

Debit cards obviously have better safeguard measures in place, since debit card fraud rose less than 1 percent between January, 2011, and September, 2012. Plus, the average fraud loss per compromised account fell by 3 percent.

Card-not-present (CNP) fraud is the biggest challenge by far, accounting for 47 percent of all credit card fraud. CNP fraud – which includes payments via the internet, mail and phone – grew 25 percent over the two-year period. So, where the problems with credit cards lie.

Unfortunately, CNP fraud may get worse before it gets better, in FICO’s Banking Analytics Blog. This problem may even intensify as the US moves away from magnetic stripe and toward EMV [chip] card technology. In other countries adopting chip-based authentication technology, we’ve seen counterfeit fraud decline, but as a counterbalance, fraudsters often ramp up efforts around CNP fraud.

However, there was a glimmer of light in the credit card fraud fiasco. While card fraud attempts rose, the average loss per compromised account dropped 10 percent. Plus, the ratio of fraud to non-fraud spending remained constant. “In other words, the volume of card fraud increased proportionally to the volume of consumer credit card spending.

Even though many retailers have implemented successful fraud prevention programs, Visa provides retailers with the warning signs for CNP fraud, including:

Multiple cards used from a single IP address. Orders made up of “big ticket” items. Orders that include several of the same item. Shipping to an international address. Transactions with similar account numbers.

Posted in Digital Wallet Privacy, EMV EuroPay MasterCard Visa, Mail Order Telephone Order, Payment Card Industry PCI Security Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

October 29th, 2013 by Elma Jane

Three dimensions merchants must look for in a payment system PSP and ISO:

1. Ability to adapt and customize the solution.

2. Solutions that support broad range of payment methods.

3. Supports a full set of different channels and devices.

Difference between a PSP and ISO in the payments ecosystem? Online and Mobile Payments:

There are two types of merchant service providers and not all service providers are made equal, Processors and Resellers:

Resellers are known in the industry as Independent Sales Organizations (ISO’s) and/or Merchant Service Providers (MSP’s).

1) Resellers or ISOs – ISOs resell the products or services of one or multiple processors. They can also develop their own or aggregate other value added products and services. ISO’s range from a little sketchy to best in class providers.

2) Processors – Also known as Acquirers, processors are distinguished by their ability to actually process a transaction. To be a processor, a company must have the technical capability to receive transaction data from a merchant via a telephone line or the internet and then communicate with the appropriate financial institutions to approve or decline transactions. Processors must also be able to settle completed transactions through financial institutions in order to deposit funds into the merchant’s bank account.

Processors can be banks or non-banks. While processors do maintain a direct sales force of their own, they primarily work through ISOs to acquire and maintain their merchant base. A processor’s business model is really one of economies of scale. They’re volume shops. They essentially outsource the sales function to ISOs. The processing industry is highly concentrated with the top five processors maintaining over 70% of all transaction volume.

Types of ISOs: 

1. Banks – Banks of all shapes and sizes are ISOs. Banks entered into the merchant services business because it was a natural fit with their product and service offerings. It’s a way to increase revenue per customer. Most, but not all banks, will private label the services so that it’s difficult to distinguish whether they are a processor or ISO. The benefit of working with a bank is that you can consolidate your financial services. The drawback is, the you usually get out of the box solutions and service.

2. Non-banks – These types of ISOs range from some of the most dynamic and capable providers to firms who don’t represent the industry very well.

Industry Dynamics – There are a few dynamics that make the industry landscape quite interesting. First, there are very barriers to entry due to the lack of certifications, licenses, and capital requirements. Secondly, there really is no active regulatory body that oversees and enforces acceptable practices. So naturally, with these two market conditions, merchants need to be mindful and thorough in selecting a provider.

Processors versus ISOs In comparing the two, ISOs offer all of the products and services that processors do (because they are reselling) but processors can’t always offer the same products and services as ISOs. This is because ISOs can resell for multiple processors and can either develop their own technologies or aggregate solutions from other providers. ISOs have largely been the most successful creators of value-added services. ISO’s also tend to be smaller, which usually (but not always) leads to better customer service.

Processors are usually a safer bet for newer merchants that are still learning about the industry. Most still maintain what consider less-than-upfront pricing practices, but with their services it is less common to hear about some of the more serious problems that merchants encounter when they deal with the wrong ISO. As for price, in most cases, there really is very little to no difference. I argue, and fully disclose my vested interest, that in nearly any situation a best in class, non-bank ISO can provide more value than a processor.

Posted in Best Practices for Merchants, Credit card Processing, Electronic Payments, Financial Services, Mail Order Telephone Order, Merchant Services Account, Visa MasterCard American Express Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,