Jun
20
2014
June 20th, 2014 by Elma Jane

A recent survey said, 82 percent of e-commerce merchants who currently do not employ a consumer authentication solution are afraid that such solutions will scare off online shoppers, but with more and more fraud expected to migrate online in the coming years, the payments industry needs to do a better job of informing merchants why authentication in the card-not-present realm is crucial to data security.

While a majority of payment service companies employ some type of 3-D Secure online authentication, and most large merchants do likewise, the rest of the merchant population, especially in North America, apparently do not. 55 percent of merchants surveyed, a majority of which are U.S.-based, do not use online authentication, noting that North America is the only world region where less than half of merchants use the technology. The reason so many U.S. merchants eschew consumer authentication is they see it as a sales killer.

The main reason appears to be fear, uncertainty and doubt (FUD) about how consumer authentication will impact sales conversion and user experience, 43 percent of merchant respondents are FUD-preoccupied, with 20 percent concerned about the effect of the technology on sales conversion, 13 percent worried about changing the user experience and 10 percent simply want nothing to do with consumer authentication. Beyond the FUD concerns, there is also a very real perception with merchants and service providers that integration is long and difficult, adding that 21 percent of merchants who do not employ authentication, citing the time and/or cost of integration as the barrier.

End to FUD

The solution to merchant adoption of some form of 3-D Secure technology is apparently education. Many FUD concerns are related to a hangover effect caused by bad experiences with previous iterations of consumer authentication. But the report provides evidence that the FUD factor can be overcome because of the happiness factor that authentication-using merchants express. 81 percent of merchant respondents showing satisfaction with the solutions they have employed.

The report said nearly half of merchants surveyed said authentication had no effect on sales conversion, either positive or negative; however, almost 20 percent believe it has had a positive effect on sales. The positive result seems to be related to merchants who use authentication selectively, on specific transactions rather than on all of them. Additionally, the technology results in many merchants experiencing lower numbers of chargebacks. Amongst merchants, 59 percent overall say the authentication program brought a decrease in chargebacks and this is true for more than half of merchants from each geographic region.

FYI on FUD

The adoption is very low because not many people understand it. Online verification does retard the checkout process as a second screen pops up that consumers must navigate in order to proceed with the purchase. However, these barriers can be overcome with education and simply getting people comfortable with the technology. If we had this solution from day one on all e-commerce sites today nobody would be complaining because people would be used to doing it. It is a question of achieving ubiquity rather than taking a piecemeal approach to implementation. It is a matter of if you do it at one place or every place. If you have to do it at only one location that makes that site really secure. If all sites ask the same question, you get used to it.

Consumer authentication is also something that requires buy-in from issuers, acquirers and merchants. It is a participation solution where the issuer and the acquirer have to be participating in it. If you are an e-commerce site and you are certified with Verified by Visa the card brands proprietary version of 3-D Secure, if the card issuer has not embraced that, then the security will not happen.

Increasing number and frequency of breaches is slowly eroding consumers’ trust in the safety of e-commerce It’s not good for the whole ecosystem. At some point people will come back ­­­­­­­­and say, this is too risky to do online transactions with cards. Before that point is reached, businesses should improve their online defenses, and consumer authentication is central to that defense. With the U.S. payments infrastructure in the process of transitioning to the Europay/MasterCard/Visa (EMV) chip card standard at the physical POS, fraud in the United States will sharpen its focus on the less secure online channel. EMV will do a lot of good in terms of card present security, but it does not do anything for card-not-present environments. So how are we going to contain the online fraud? We have to go to a 3-D Secure type solution

 

Posted in Best Practices for Merchants Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , ,

Jun
16
2014
June 16th, 2014 by Elma Jane

Visa announced yesterday a new designation for consumer reload-able prepaid products that aims to simplify and clarify fees, step-up consumer protections and make prepaid solutions a valid tool for getting onto stronger financial footing. Consumers have been confused by an often complex prepaid landscape. As a prepaid leader, it is important to go beyond current requirements in the marketplace and bring transparency to this growing product area. This Visa designation will signify a new level of simplicity, protection and opportunity, enabling cardholders to confidently manage their spending every day.

To qualify for the Visa prepaid designation, prepaid programs must offer things like simplified fees and transparent disclosures of them. The new designation also bans some types of feeing such as transaction decline fees, customer service fees or overdraft protection (which is not to be offered) fees among others. Once designated, cards products will receive a seal that will be visible on card packaging and materials.

Visa’s efforts to raise the bar on quality in the prepaid industry by building Compass Principles are vital because millions of Americans are searching for tools to help them reduce financial friction, and prepaid cards can be a valuable option.

Posted in Best Practices for Merchants, EMV EuroPay MasterCard Visa, Visa MasterCard American Express Tagged with: , , , , , , ,

Jun
09
2014
June 9th, 2014 by Elma Jane

Some American banks and financial institutions, like JPMorgan Chase, American Express and Citi, have already issued credit cards with new security technology. Other banks will do so by the end of the year. Often referred to as E.M.V. (short for Europay, MasterCard and Visa) or chip-and-PIN, these new cards use a combination of an embedded microchip and a personal numeric code to authorize payment transactions. Depending on the card issuer, some cards may have the chip but require just the old-fashioned signature instead of a PIN.

Most traditional credit cards in the United States today use a magnetic strip and a customer signature to seal a deal. The information embedded in the stripe can be easily cloned, however, and signatures can be forged. The chips in the newer E.M.V. cards which encode account information when transferring it to the merchant are harder to duplicate. The PIN must be entered for each charge, which helps make the cards more secure for in-person purchases. The cards are not infallible, though, criminals have still found ways to steal PINs and make fraudulent online purchases.

With new types of credit cards come new payment terminals, and many retailers must upgrade their equipment to make it compatible with E.M.V. cards. Instead of a slot to swipe the strip, the new credit card terminals typically need a chip reader. Most merchants will probably have the new equipment in place by October 2015, when new rules about fraud liability kick in. Under these rules, the bank or the merchant could be held accountable for any fraudulent charges if one of them has not upgraded to the new system. The party with the weaker security measures must pay.

Posted in Best Practices for Merchants, Credit card Processing, Credit Card Reader Terminal, Credit Card Security, EMV EuroPay MasterCard Visa, Visa MasterCard American Express Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , ,

Jun
04
2014
June 4th, 2014 by Elma Jane

The operator of a gold vault on the Isle of man is to issue a credit card made of solid gold that enables customers to draw down cash on their holdings of the valuable metal. The 14-carat Visa gold card from IMGold will be made available to clients who have at least £100,000 of the metal bars in their vault. The idea is that customers can use the card to borrow against their reserves, effectively hedging against a decline in the value of gold.

IMGold is currently inviting applicants for the blinged up store of wealth under the banner: The card that carries more weight.

The Isle of man is some way behind Kazakhstan’s oligarchs, who have been brandishing gold and diamond-encrusted cards for some year now. MasterCard and Kazkommertsbank introduced their own diamond-encrusted card in the province back in 2008. This was followed in 2012 by the launch of Visa Infinite Exclusive cards – made of pure gold, with pearl embossing and 26 diamonds – by Sberbank for its top 100 customers in the energy-rich country.

Posted in EMV EuroPay MasterCard Visa, Visa MasterCard American Express Tagged with: , , , , , , ,

May
21
2014
May 21st, 2014 by Elma Jane

There are no enforced standards in the card processing industry regarding rates, fees, and contractual terms. It is possible for two providers to offer seemingly the same rates and fees that result in different processing costs.

Excessive Monthly, Annual, or Quarterly Fees

There are numerous monthly, annual, or quarterly fees merchants may see on their statements each month. Many merchants pay far more than they should for these fees. The fees may have names like statement fee, service fee, membership fee, regulatory fee, PCI fee, and host of other names. The fair amount each merchant should pay for these fees varies by sales volume and merchant type. Also, the amount a merchant pays for any given fee isn’t as important as the overall processing cost. These are general guidelines; some merchants should pay far less. If you are currently paying more, it may be a good time to review your overall processing cost including your pricing plan, rates, and fees.

Excessive Payment Gateway Fees

A payment gateway route transactions from the merchant’s website to the provider. Some retail point-of-sales devices require a gateway to route the transactions. Merchants generally pay a per-month and a per-transaction fee for use of the gateway. As a rule, the direct cost to process through the gateway is a few cents per transaction.

PCI Non-compliance or Non-validation Fee

Many providers now charge a monthly non-compliance or non-validation fee if the merchant is not PCI compliant. This fee may be in addition to a monthly, quarterly, or annual PCI fee. Supposedly, providers charge the non-compliant or non-validation fee as an incentive for merchants to become compliant. Nonetheless, some providers use this fee more for revenue generation, than as an incentive. Some providers do not charge this fee at all.

Merchants should not change providers because of this fee. Instead, the merchants should become PCI compliant to eliminate the fee and reduce the probability of being breached, which could easily result in huge monetary penalties – tens of thousands of dollars. To become compliant, merchants should complete the PCI Self-Assessment Questionnaire and adhere to the PCI requirements, which may require quarterly scans. In short, if a merchant is being charged a non-compliance or non-validation fee, it is as much the merchant’s fault as anyone else.

Visa FANF Fee

In 2012, Visa started charging providers a Fixed Acquirer Network Fee (FANF). The actual fee charged by Visa is dependent on the merchant type. The fee for customer-present retail merchants is based on the number of locations. The cost for ecommerce and fast food merchants is based on the volume of business. Customer-present retail merchants that have non-swiped transactions can also pay an additional customer-not-present FANF fee.

Most aggregators – i.e., merchant account providers that group multiple merchants into a single merchant account, such as Square, PayPal – integrate the FANF cost into their rates and fees versus itemizing them out separately. Most traditional providers properly pass through the actual Visa FANF fee to their merchants. However, there are a few that treat this fee as another hidden revenue stream. I’ve seen providers charge a flat monthly fee for customer-present merchants and I’ve seen the FANF fee inflated by as much as 50 percent for ecommerce merchants. Keep in mind when reviewing that the fee is generally based on the volume of the prior month. In order words, the fee you see on your statement for April activity is likely based on the March volume, as providers need to know the monthly Visa volume before they can assess the fee.

Unusual Discover Card Fees

For Discover transactions, some providers charge a higher percentage, or higher per-item fee, or monthly access fee.

 

Posted in Best Practices for Merchants, Credit card Processing Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

May
07
2014
May 7th, 2014 by Elma Jane

NTC's Payment

NTC’s New Approach On Payment Processing brings Client Satisfaction

About NTC (National Transaction Corporation)
NTC is a credit card processing company that was built uniquely. Combining leading edge technology with passion for customer service, as well as service to help customers maximize the value of their merchant service program. NTC provides sales agents, financial institutions and merchants with benefits not available from other providers, such as next day funding with a late cut-off time and unparallel graphical and web-based reporting.
To learn more visit http://www.nationaltransaction.com or call 888-996-2273.
Marking a 65% increase over 2012 NTC now serves approximately 15,000 businesses.
This rapid growth was driven by the many unique benefits that NTC offers its merchants and sales partners, ranging from best technology to superior customer service.
The major differentiators made possible by NTC’s proprietary back-end processing system is the Next Day Funding Service. Because NTC connects directly to the following: Amex, Discover, MasterCard and VISA. This way sales partners and merchants are able to avoid the middleman and go straight to the source of all their processing needs. This also means that the merchants can batch out their terminal POS with one of the latest cut-off times in the industry by as late as 11:00 pm Eastern.
NTC’s another appealing factor to new sales partners and merchants is its merchant connect online reporting system. It provides 24/7 access to graphical account information through a system that is fast easy and secure. Merchants are now able to clearly see and understand their payment processing costs. ISO’s have access to sugar CRM to make notes and see Merchant Marketing Data. Card Numbers are secure on the banks server so our faculty has credentials to access the bank servers.
Independent sales organizations (ISOs) and Merchant sales professionals continue to choose NTC as their payment processing partner to obtain these unique benefits. In addition to industry-leading technology, NTC offers its merchants and sales partners a level of personalized support that is not easily found among other credit card processing companies. They get round the clock account and terminal support. Collective hard work and determination helped NTC grow faster in the industry, resulted in more loyal ISO sales partners who are submitting more applications. Looking forward for continued success for NTC, its sales partners and merchants.

 

Posted in Credit card Processing, EMV EuroPay MasterCard Visa, Financial Services, Merchant Account Services News Articles, nationaltransaction.com, Point of Sale, Visa MasterCard American Express Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , ,

May
06
2014
May 6th, 2014 by Elma Jane

Which fee structure works best remains unclear despite the recent high-profile data security breaches that are emphasizing the need for security measures. Acquirers charge fees – or not – based on what’s best for their business model and their security objectives

Some charge merchants that comply, others charge merchants that fail to comply and a few charge both. Some Independent Sales Organizations (ISOs) don’t charge merchants a fee for helping them comply with the Payment Card Industry data security standards (PCIS DSS).

If there is any trend, it’s that more banks are finding that some sort of funding is necessary to run a program that gets any results. That funding covers costs for security assessments and compliance assistance as well as internal resources for acquirers. When it comes to covering those costs and creating incentives for compliance, no one fee structure is ideal.

Non-compliance fees encourage merchants to comply so they can save money, but the fees may not accomplish that. Unless you charge exorbitantly, it’s not going to have the effect you want it to have, and by the time you charge that much, the merchant’s just going to move to a different ISO.

ISOs charging non-compliance fees often claim the fee revenue goes into an account designated for use in case of a breach. Non-compliance fees can also reward acquirers for doing nothing to increase compliance. You get this situation where a bank has a revenue stream. Their objective is not to increase the revenue stream but to increase compliance, when they increase compliance, the revenue stream goes down.

It is recommended to some acquirers that they consider charging merchants fees for doing things like storing card data, which could be checked with a scanning tool. Merchants that do store data or fail to run the scan would be charged a fee. That is something that could really decrease risk, because if you’re not storing card data, even if you are breached, there’s nothing to get.

Simplifying the compliance verification process, by making assessment questionnaires available on its merchant portal and by teaching merchants about PCI, will minimize the potential impact of fraud by increasing compliance, which saves the company money in the long run versus a more laissez-faire approach of fees without education and compliance tools.

It’s more important to educate the merchant, it’s the spirit and intent of PCI-DSS supported by the card associations. Visa and MasterCard support it because of the severe impact of a breach or other data compromise, not as a revenue source.

ISOs and other players in the payments chain that do not work to help merchants comply are also putting themselves at risk. Breached merchants may be unable to pay fines that come with a data compromise, potentially leaving ISOs responsible for paying them. Merchants that go out of business because of a data breach also stop providing the ISO with revenue.

Plus, when merchants ask why they’re being charged a non-compliance fee, point them to the questionnaire and explain that they’ll stop being charged as soon as they demonstrate they comply with PCI.

Posted in Best Practices for Merchants, Credit Card Security, Merchant Account Services News Articles, Payment Card Industry PCI Security Tagged with: , , , , , , , , , , , ,

May
06
2014
May 6th, 2014 by Elma Jane

Mobile commerce platform provider ROAM, an Ingenico company has expanded its mPOS solutions to include chip-and-PIN acceptance with the RP750x mobile card reader. The reader allows mPOS players to get to market quickly with their own custom-branded solution, providing merchants with a powerful set of features that include device and fraud management, remote application configuration, and an mPOS application that can be localized for any language and currency in any country. Features include: Backlit display, EMV PIN pad, magnetic stripe reader, NFC reader and smart card reader. Configurable through the cloud, enabling direct shipment from factory to any country. Connects with smartphones, tablets and feature phones via Bluetooth or audio jack. Customizable for branding and form factor. Just Slightly larger than a credit card, a compact form factor. PCI PTS 3.1 with SRED, EMV Level 1 and 2, Visa-ready (Compliant with the latest industry standards).

Posted in Best Practices for Merchants, Credit Card Reader Terminal, e-commerce & m-commerce, EMV EuroPay MasterCard Visa, Financial Services, Mobile Payments, Mobile Point of Sale, Near Field Communication, Payment Card Industry PCI Security, Point of Sale, Smartphone, smartSD Cards, Visa MasterCard American Express Tagged with: , , , , , , , , , , , , , , , , , ,

Apr
11
2014
April 11th, 2014 by Elma Jane

A new standard that uses Host Card Emulation (HCE) was introduced by VISA to enable financial institutions to securely host Visa accounts in the cloud. Visa’s move to support HCE includes tools and services as well as the standard. It is available now and will include support for QR codes and in-app payments in the future.

With this new service and platform that Visa is developing, it will enable clients and partners to issue Visa accounts digitally in the cloud, on secure elements in smartphones, or linked to a digital wallet. The solution will also enable the issuance of payment tokens that will replace the 16-digit payment account number and can be limited for use with a specific device, merchant or payment channel.

Layers of security will deploy by Visa to protect payment accounts in the cloud, including at the Visa network, application and hardware levels. Device fingerprinting technology, one-time use data, payment tokens and real-time transaction analysis will make up a multi-layered defense against unauthorized account access for their services.

Visa has intensified its Visa PayWave contactless payment application and is introducing a new implementation guidelines, program approval process standard and requirements for their standards.

Visa is also developing a tool, its software development kit (SDK) to support clients who wish to develop their own cloud-based payment applications or want to enhance their existing mobile banking applications with Visa PayWave functionality.

HCE is introduced to make it easier for developers to create NFC applications like mobile payments, loyalty programs, transit passes, and other custom services. Visa’s move to enable NFC payments with Android devices is welcome news and will guide the way for the payments industry.

Clients and partners around the globe are continuously looking for cost efficient, flexible and secure ways to enable mobile payments. The Android HCE feature provides with a platform to evolve the Visa PayWave standard, support the development of secure, cloud-based mobile applications, while at the same time offer greater choice.

Posted in Best Practices for Merchants, Credit card Processing, Credit Card Security, Electronic Payments, Financial Services, Merchant Services Account, Mobile Payments, Mobile Point of Sale, Near Field Communication, Smartphone Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , ,

Feb
18
2014
February 18th, 2014 by Elma Jane

Payment Tokenization Standards

Tokenization is the process of replacing a traditional card account number with a unique payment token that is restricted in how it can be used with a specific device, merchant, transaction type or channel. When using tokenization, merchants and digital wallet operators do not need to store card account numbers; instead they are able to store payment tokens that can only be used for their designated purpose. The tokenization process happens in the background in a manner that is expected to be invisible to the consumer.

EMVCo – which is collectively owned by American Express, Discover, JCB, MasterCard, UnionPay and Visa – has announced that it is expanding its scope to lead the payments industry’s work to standardize payment tokenization. EMVCo says that the new specification will help provide the payments community with a consistent, secure and interoperable environment to make digital payments when using a mobile handset, tablet, personal computer or other smart device.

Key elements of EMVCo’s work include adding new data fields to provide richer industry information about the transaction, which will improve transaction efficiency and enhance the consumer and merchant payment experience by helping to prevent fraudulent card account use. EMVCo will also create a consistent approach to identify and verify the valid use of a token during payment processing including authorization, capture, clearing and settlement.

EMVCo’s announcement follows an earlier joint announcement from MasterCard, Visa and American Express that proposed an initial framework for industry collaboration to standardize payment tokenization. EMVCo says it will now build on this framework with collective input from all of its members and the industry as a whole.

Posted in Credit card Processing, Credit Card Reader Terminal, Credit Card Security, Digital Wallet Privacy, Electronic Payments, Financial Services, Payment Card Industry PCI Security, Visa MasterCard American Express Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

← Previous Article
Next Articles »