October 1st, 2013 by Elma Jane
A payment card transaction involves some or all the following participants:
Acquirers or Payment Processors that market card acceptance services to merchants, obtain transaction authorization, and clear and settle card transactions for the merchant.
Consumers or Cardholders that use payment cards to purchase goods and services. Issuers that market and issue payment cards to consumers and set the terms and conditions for their use; Merchants that accept payment cards for the purchase of goods and services; Network Operator that oversees the system and coordinates the transmission of information and the transfer of funds between issuers and acquirers.
Since the network operators revenue depends on the value of transactions that flow through its network, it tries to ensure the widest possible acceptance among consumers and merchants. In order to increase use and acceptance, the networks use marketing techniques to gain brand recognition, create products that encourage consumer usage and merchant acceptance, and set fees and impose rules on system participants including:
Interchange Fees they are set by the network but are generally paid by acquirers to issuers and are usually reflected in the merchant service fee paid by merchants to acquirers. Interchange fees can be calculated either as a flat fee per transaction, as a percentage of the transaction value, or a combination of both.
Membership Requirements MasterCard and Visa require issuers and acquirers to be regulated financial institutions or be sponsored by a regulated financial institution. Interac also requires issuers to be regulated financial institutions.
Network Switch Fees these fees are charged to acquirers and/or issuers, and are set and collected by the network. They can be calculated either as a flat fee per transaction or as a percentage of the transaction value.
Merchant Acceptance Rule Includes:
No Discrimination Rules which prohibit merchants from encouraging consumers to consider (or steering consumers toward) lower cost payment instruments.
No Surcharge Rules which prevent merchants from charging consumers a fee for the use of a credit card rather than some other credit card or method of payment;
Honour-All-Cards Rules which require merchants that accept any of the networks credit cards to accept all of that networks credit cards (core, high spend and premium high spend in the case of MasterCard), regardless of the applicable interchange fee. The networks have also expanded this rule to include debit cards (i.e. if a merchant accepts one debitcard, they must accept all of that networks debit cards).
With four-party card networks, such as Visa and MasterCard, the card networks seek to maximize the transactions following through them by attacting more card issuers. The networks do this by offering the prospect of interchange income to issuers, thus creating an incentive to increase interchange as much as the market (i.e. the parties paying the interchange fees) will bear.
The ability to use credit cards and debit cards to purchase goods and services rests largely on a behind-the-scenes architecture of procedures, rules and technology that govern how funds and information are transferred between people and institutions in the process of settling accounts, i.e., of ensuring that merchants that sell goods and services get paid by the people who purchase them.
Posted in Best Practices for Merchants, Credit card Processing, Electronic Payments Tagged with: accept, account, acquirer, authorization, cardholder, credit card, debit, fees, interchange, issuer, merchant service, merchants, network, payment, processor, Rates, transaction
September 30th, 2013 by Admin
Credit card processing involves three separate cost components for vendors who choose to accept this type of payment from customers for goods or services. The same cost components apply to debit cards. Only one cost component is negotiable.
The first component is an interchange fee, which is payable to the card holder’s issuing bank. It is a combination of a transaction volume percentage fee and a flat-rate transaction fee. Interchange fees are collectively agreed upon through Visa and MasterCard by a card’s issuing bank and are fixed costs.
Interchange fees take into consideration various information about a card. Types of cards include debit and credit, while categories of cards refer to commercial and reward cards. Processing methods include whether a card is swiped or manually keyed. Swiping a card is usually more economical for vendors.
Secondly, an assessment fee is charged by the card’s brand holder. Brand holders include Visa, MasterCard and Discover. Assessment fees are also fixed costs. Additionally, Visa charges a monthly fee.
The final charge is known as a processing fee. Processing fees vary among processors and is negotiable. Vendors are charged a processing fee, which can cause a difference in cost from one vendor to another. More credit card information: TopTenReviews
Jeremy is a tech blogger at TopTenReviews. He lives outside Salt Lake City, Utah
Posted in Best Practices for Merchants, Credit card Processing, Electronic Payments, Merchant Services Account, Visa MasterCard American Express Tagged with: accept, assessment, cost, credit card processing, debit cards, fees, flat-rate, interchange, keyed, payment, Processing, Rates, swiped, Swiping, transaction, volume
September 30th, 2013 by Elma Jane
Facebook this week began testing a new feature dubbed “Autofill with Facebook” that aims to simplify mobile purchases by filling in customers’ credit card information for them, thus eliminating the need to type it in each time. This “Autofill with Facebook gives people the option to use their payment information already stored on Facebook to populate the payment form when they make a purchase in a mobile app,” Facebook spokesperson told the E-Commerce Times. “The app then processes and completes the payment.” The feature “is designed to make it easier and faster for people to make a purchase in a mobile app by simply pre-populating your payment information.”During the test period, which began Monday evening, the feature will show up only to Facebook users who have already provided credit card information to the social network — in other words, those who have made in-game purchases or bought gifts for friends.
Facebook has partnered with PayPal, Braintree and Stripe as financial partners on the service, which is initially available only on the e-commerce iOS apps JackThreads and Mosaic.
Ironing Out the Wrinkles Autofill with Facebook isn’t a move to compete with PayPal and credit card companies, but to complement payment services by adding a layer for convenience, much the way Facebook, Google and Amazon have created a single login that works across a network of websites.
“Facebook is not interested in being a payments company,” an analyst, told the E-Commerce Times. “Instead, it is aiming to be the entity that irons out bumps in the payment process — something it is well-positioned to do. “With Autofill, Facebook will act as the lubricant that makes the commerce experience more seamless, providing a number of benefits to all stakeholders.”
Partners in the deal ensure that Facebook will succeed in Autofill with Facebook, it doesn’t care about payments, it cares about reaping the benefits that come from making the payment experience better.”
‘The Potential to Be Lucrative’ There could be significant financial benefits as well. “This approach has the potential to be lucrative for Facebook in that it will help plug the mobile conversion gap,” McKee suggested. “If Facebook can prove to its partner merchants that an ad on its site led to a purchase, the validity of its platform can easily be proven. Ideally, this will help convince other companies to advertise with Facebook as well.”
Taking it a step farther, Facebook will also gain transaction data, which McKee believes has considerable value. “Facebook can leverage transaction data with what it already knows about us for precision ad targeting. This will increase the relevance and placement of ads on Facebook.”
The Security Factor While many mobile customers will appreciate the Autofill function, security issues still lurk in the back of every consumer’s mind. Yet while privacy concerns have been an ongoing issue for Facebook, it has a good track record where security is concerned. “Facebook has been relatively incident-free when it comes to security breaches.” “However, this is more a problem of consumer perception. Will consumers feel comfortable storing their payment credentials with a social media platform?
“Facebook is already approaching ‘big brother’ status, and this takes it one step further.” “To succeed, Facebook must provide visibility into what it plans to do with transaction data.”
‘It’s a No-Brainer’ The convenience factor, meanwhile, could be a compelling one for consumers. “It’s no-brainer useful to mobile users…who wants to enter their credit card on a mobile phone more than once?” “It could be more secure than mobile payment alternatives.” If Facebook gets past its hurdles, it will also succeed in building strengths in areas where it has been lacking to date.
“Right now Facebook isn’t super strong at the conversion side of e-commerce.” “Autofill will give them a lot of data about purchases, which might help them remedy that.”
‘Strategic Smarts and Ambition’ As for those benefits to Facebook, there are potentially many. One example,”Autofill admits them to the online payments world.”
“This is another example of the strategic smarts and ambition of Zuck.” “One gets the sense that he wants to be a major competitor for everything online.”
Posted in Credit card Processing, Credit Card Security, Digital Wallet Privacy, e-commerce & m-commerce, Electronic Payments, Mobile Payments Tagged with: Amazon, commerce, credit card, e-commerce, Facebook, google, media, mobile, mobile phone, network, payment, payment information, payment services, PayPal, platform, processes, secure, social, transaction
August 30th, 2013 by Admin
According to a poll by OnePoll on behalf of I Love Velvet titled “Consumer Mobile Point-of-Sale (MPOS) Attitudes Report” over half of retail customers think cash registers are outdated. The poll found that 51% of Americans think the cash register could soon be gone altogether as retailers opt for mobile point of sale systems. Consumers seem to favor MPOS systems allowing the shoppers to check out from anywhere in the store and that they return more often to stores with modern electronic payment technologies. Thirty five percent cited they would shop more often at stores with mobile point of sale payment systems. An additional 17% said they would share their shopping experience via social networking sites and 35% report they likely would tell a friend or recommend stores with these technologies. Forty six percent say that stores that have mobile payment systems seem to be more tech savvy and even more (56%) praise the store for making the experience more convenient and secure. Retailers are struggling to modernize their payment platforms to cut down long lines at registers, and place staff on the floor for better customer access. “It’s a great opportunity for retail store owners to dip into the mobile point of sale arena” said Richard Delos Santos of National Transaction Corporation.
Mobile point-of-sale equipment and software manufacturers are stepping up to the security plate as they seek to pass PCI DSS and other security related issues. As new mobile kiosks and point of sale hardware and software evolve so do the security challenges used to thwart credit card fraud and identity theft. The challenge for point of sale system providers is to create an increasingly secure and convenient way for customers to make electronic payments in-store or on their mobile devices. iPads, iPhones and Android tablets are often used by curious shoppers to compare and contrast features, prices and availability, why not let digital wallets be used to close the transaction? The use and connectivity of these new devices mean more complex security measures are needed to thwart attackers, crackers, and hackers.
In the coming years everything from NFC, to fingerprint readers in smartphones and tablets and even QR codes will change the landscape of mobile payment transaction processing and things are beginning to heat up. An estimated $17 Trillion of mobile transactions are predicted by 2020 and security and adoption will reign king on the streets. It might be time to look into the security and features that a mobile point-of-sale system can add over any existing point of sale systems and cash registers. Mobility is a great tool for a sales force, but security and convenience for the customer is a necessity that will only grow in the future.
Posted in Credit Card Reader Terminal, Mobile Payments, Mobile Point of Sale, Near Field Communication, Point of Sale Tagged with: Android, ipad, Iphone, mobile, MPOS, payments, point of sale, Processing, smartphone, tablet, transaction
August 16th, 2013 by Admin
Today the PCI Security Standards Council (PCI SSC), an open, global forum for the development of electronic transaction security standards published PCI Data Security Standard (PCI DSS) and Payment Application Data Security Standard (PA-DSS) 3.0 Change Highlights as a preview of the new version of the standards coming in November 2013. The changes will help companies make PCI DSS part of their business-as-usual activities by introducing more flexibility, and an increased focus on education, awareness and transaction security as a shared responsibility with merchant account holders.
The seven-page document is part of the Council’s commitment to provide as much information as possible during the development process and eliminate any perceived surprises for organizations in their PCI credit card security planning. Specifically, the summary will help PCI Participating Organizations and the assessment community as they prepare to review and discuss draft versions of the standards at the 2013 Community Meetings in September and October.
Changes to the standards are made based on feedback from the Council’s global constituents per the PCI DSS and PA-DSS development lifecycle and in response to market needs. Key drivers for version 3.0 updates include: lack of education and awareness; weak passwords, authorization, verification and authentication challenges; third party payment security challenges; slow self-detection in response to malware and other threats; inconsistency in assessments.
“Today, most organizations have a good understanding of PCI DSS and its importance in securing credit card data during transactions, but implementation and maintenance remains a struggle – especially in light of increasingly complex business and payment technology environments,” said Bob Russo, PCI SSC general manager. “The challenge for us now is providing the right balance of flexibility, rigor and consistency within the standards to help organizations make payment security business-as-usual. And that’s the focus of the changes we’re making with version 3.0.”
Based on feedback from the industry, in 2010 the Council moved from a two-year to a three-year standards development lifecycle. The additional year provides a longer period to gather feedback and more time for organizations to implement changes before a new version is released. Version 3.0 will introduce more changes than version 2.0, with several new sub-requirements. Proposed updates include:
- Recommendations on making PCI DSS business-as-usual and best practices for maintaining ongoing PCI DSS credit card compliance
- Security policy and operational procedures built into each requirement
- Guidance for all requirements with content from Navigating PCI DSS Guide
- Increased flexibility and education around password strength and complexity
- New requirements for point-of-sale terminal security
- More robust requirements for penetration testing and validating segmentation
- Considerations for credit card data in memory
- Enhanced testing procedures to clarify the level of validation expected for each requirement
- Expanded software development lifecycle security requirements for PA-DSS application vendors, including threat modeling
Note that these updates are still under review by the PCI community. Final changes will be determined after the PCI Community Meetings and incorporated into the final versions of the PCI DSS and PA-DSS published in November.
The change highlights document with tables outlining anticipated updates is available on the PCI SSC website:https://www.pcisecuritystandards.org/security_standards/documents.php
The Council will host a webinar series for the PCI community and the general public to outline the proposed changes. To register, visit: https://www.pcisecuritystandards.org/training/webinars.php
“PCI DSS and PA-DSS 3.0 will provide organizations the framework for assessing the risk involved with technologies and platforms and the flexibility to apply these principles to their unique payment and business environments, such as e-commerce, m-commerce, mobile acceptance or cloud computing,” added Troy Leach, PCI SSC chief technology officer.
PCI DSS and PA-DSS 3.0 will be published on 7 November 2013. The standards become effective 1 January 2014, but to ensure adequate time for the transition, version 2.0 will remain active until 31 December 2014.
For more information and to register for the 2013 Community Meetings, please visit:https://www.pcisecuritystandards.org/communitymeeting/2013/
About the PCI Security Standards Council
The PCI Security Standards Council is an open global forum that is responsible for the development, management, education, and awareness of the PCI Data Security Standard (PCI DSS) and other standards that increase payment data security. Founded in 2006 by the major payment card brands American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc., the Council has more than 650 Participating Organizations representing merchants, banks, processors and vendors worldwide. To learn more about playing a part in securing payment card data globally, please visit: pcisecuritystandards.org.
Connect with the PCI Council on LinkedIn: http://www.linkedin.com/company/pci-security-standards-council
Join the conversation on Twitter: http://twitter.com/#!/PCISSC
Posted in Credit Card Security, Digital Wallet Privacy, Mobile Payments, Mobile Point of Sale, Point of Sale Tagged with: credit card, DSS, e-commerce, m-commerce, mobile, PA-DSS, PCI Compliance, Security, transaction
August 15th, 2013 by Admin
The Federal Trade Commission recently charged a merchant account provider with violating federal law. The business sells credit card and debit card payment processing services to other small businesses in a business to business or B2B fashion. Allegedly the business made unsubstantiated and false claims to unwary businesses. Read more of this article »
Posted in Credit card Processing, Electronic Payments, Merchant Services Account, Visa MasterCard American Express Tagged with: b2b, credit card processing, FTC, ISO, merchant account, merchant services, MSD, terminal, transaction
