Entries tagged with “Payment Security”.


Today’s interconnected society provides consumers with the ability to research and purchase goods with just a couple of mouse clicks. A customer in Florida can have a wheel of authentic Wisconsin cheddar cheese delivered to their doorstep within days. A man in Spain can purchase a genuine Indian-cut diamond for his finance who is studying abroad in South Africa.  Having no borders and working basically anonymously, the internet has become an open playground for counterfeiters and frauds.  The magnetic strip on the back of a traditional debit or credit card contains an unchanging strand of data which can be used over and over once it is obtained.  This makes the process simple and effective for hackers and identity thieves. Wouldn’t it be nice if there were a practical way to prevent the information from being transferred without handcuffing the convenience of the card? Well there is.  It’s called Europay, Mastercard, and Visa technology, or EMV. The United States will attempt to fully transition to EMV technology by October 1, 2015.

What is EMV Technology?

EMV technology is designed to protect buyers from the hackers and identity thieves lingering in the darkness. Instead of a magnetic strip, which stores unchanging information that is consistent with every purchase, EMV uses a small, metal chip inserted inside the card. This chip produces a different code for every transaction, limiting the potential amount of funds a thief could obtain when stealing the cardholder’s information.

How Does it Work?

Instead of quickly swiping a card, consumers will perform a process calling “dipping.” The card is placed in a scanning machine that sends and receives data to the bank associated with the card. The dipping process is not as time-efficient as the traditional swipe, but the security benefits of having a unique code with every purchase will ultimately prove to be worth the wait. Developers are currently working on a process called near field communications, which would allow the customer to tap the card against a terminal to complete the transaction. Both of these methods may require either an entered PIN or signed receipt to verify the purchase.

What Does this Mean for My Business?

Certainly, a more secure EMV card means merchants will not have to pay as many charge-backs because there will be less fraud. In addition to this, the Payment Brands are working out the details of a program that will allow businesses to waive the PCI-DSS audit fee if a percentage of their transactions are made with an EMV-implemented system. When the transition to chip technology takes place, business that have not properly prepared for the change could potentially be held liable for fraudulent purchases when a counterfeited card is used on location. In a nutshell, completing the changeover to EMV processing will save you money on a number of different fronts.

How Can I Prepare My Business for EMV Technology Payment Processing?

Though it may take some time to familiarize yourself with the process, these 4 tips will help you with making the transition:

  1. Start learning and training your staff on the product. Though you may not be ready to make the change immediately, early instruction and education on the system and how it operates will make conversion much easier.
  2. Do not procrastinate.  Make your move soon. It is definitely beneficial to be on the pole position with the EMV transition. Don’t wait until customers begin grilling you as to why you haven’t changed. Get out ahead of this thing before the need to convert feels ominous.
  3. Create a plan. Consider cost, weigh your options, and continue research. Know what you are dealing with and how it could affect your expenses, revenues, and time management.
  4. Consult with your merchant process provider. These companies are at the forefront of the EMV wave and have access to the latest updates in technology, procedures, hardware, and procurement options. Maintain a clear line of communication with them and they will make your transition to EMV processing easier and more efficient.

The Future is Here

The United States is among the last of developed countries to convert to EMV processing technology. In today’s fast-paced business market, this is the ground floor of a major change and improvement in battling credit card fraud. While the transition may seem costly and tumultuous, it will prove to be safer, less expensive, and easy to manage in the long run. Learn the product, create a plan, and keep constant communication with your process provider to prepare for the conversion.

Real-time payment processing systems have already been successfully implemented in multiple countries around the world and will soon be implemented in the U.S.  According to an article by Tom Gorenfeldt in Forbes, “The Federal Reserve Banks and the Federal Reserve Board are evaluating potential strategies for collaborating with the industry to achieve real-time payment capabilities. The final consultation report, ‘Payment Systems Improvement Roadmap,’ has been delayed repeatedly but is expected out before the year’s end. It will define action plans to achieve faster payments capabilities in the U.S.”  Customers, businesses, and banks alike will need to learn about the benefits and potential pitfalls of real-time payment processing.

Benefits

In an increasingly digital world where a company might exist totally online, a person could theoretically buy something, have it shipped, and receive it all before their payment is completely processed. Lag in payment processing time can mean that customers could easily overspend their accounts. Lag in payment could also severely hinder some businesses, particularly when they are crossing time zones. “Merchants like to restock once they sell, and the time it takes to get the proceeds of their sales can create cash flow management issues for them. The impact of that latency just moves up the supply chain,” said Rich Koehler, Director of Product and Marketing at Amazon, “When we look at payments in the future we should look at it as an enabler for new business models.” Real-time payments can help eliminate some of the issues that come with that lag in payments. While online businesses operate 24/7, banks don’t, which may have to change as real-time payment processing in the U.S. starts to become a reality.

Making the Change

While some businesses are completely ready for a more reactive payment processing system, some banks just can’t justify the cost of switching to a real-time payment process. However, with new direction from the U.S. federal government and so many other countries already operating with real-time payment systems, their philosophies could soon change. According to the same Forbes article, The Clearing House “plans to undertake a multi-year effort to build a real-time payment system to better meet consumers’ and businesses’ expectations in an increasingly digital economy. The real-time payment system will be designed to address gaps in payment processing and will enable consumers and businesses to securely send and receive immediate payments directly from their accounts at financial institutions,” and banks will need to keep up.

Pitfalls

Although a real-time payment system has a lot of benefits, businesses need to be aware of potential pitfalls. As businesses and banks begin developing a real-time payment system, they’ll need to develop a real-time fraud prevention system. The way fraud prevention operates now, banks and credit card companies rely on the day or two it takes to fully process a transaction to help identify and rectify fraudulent transactions. But if real-time payments truly are the future, then real-time fraud protection that could stop an unauthorized transaction in its tracks needs to be developed as well. The U.S. implementation of EMV cards will help decrease the risk of fraudulent transactions, but that doesn’t mean companies can completely abandon their fraud detection and prevention measures. They’ll need to evolve to encompass every new change.

While the U.S. might not be totally ready to implement real-time payments, businesses, banks, and customers alike can start preparing themselves for the changes real-time payment processing will mean.

About ProPay

Since 1997, ProPay has provided simple, secure and affordable payment solutions for organizations ranging from the small, home-based entrepreneur to multi-billion dollar businesses. ProPay is a leading provider of complete end-to-end payment security solutions that reduce, and may even eliminate, an organization’s risk of having sensitive payment data compromised. ProPay can help you:

  • Enable merchants to quickly begin accepting credit and debit cards through instant underwriting
  • Secure payment data
  • Reduce compliance obligations
  • Reduce overall transaction costs
  • Enable companies to ACCEPT and MAKE payments in multiple international currencies

You’ve worked hard to keep your credit clean, and your business should be rewarded for it. One of the top credit processing trends of 2015 is for payment processing companies, a quickly proliferating industry, to offer rebates and rewards as an enticement to clients with good credit who deserve to cash in on the rebates and rewards. It’s similar to the way personal credit card companies monitor and reward clients with good credit who pay on time. This may come in the form of an initial rebate, or a percentage back at the end of a pay period. Personal credit card offers can suck people in with point systems that dupe some customers into rationalizing overspending because they are earning points or airline miles. There’s not the same risk with payment processing providers since your rebates and rewards are contingent on transactions you were already processing; it’s simply a smart way to capitalize on your system for accepting payments and processing cards. There’s no reason not to take advantage of these offers. With so many options in the payments industry vying for your business, there’s also no reason to compromise. Find a rebate and rewards program that works for you.

Capitalize on Rebates and Rewards

Savvy businesses are capitalizing on opportunities such as rebates and rewards to create new revenue streams.  When you’re looking for a payment processor, choose one that offers rebates and rewards that help you maximize your investment. Use a payment processor that gives you something in return for your business and rewards you for being conscientious about your credit. If you’re managing a business, you know that being scrupulous about your financials is its own reward. Payment processing rebates are just a way to cash in on smart business practices.

Picking the Right Card

It’s essential to do your homework and find the card that’s right for your business. Pick one that’s easy to use and fits your financial style. Check the interest rates and the fees. Make sure you know what you’re getting in return for your business. Do the math—obviously, if the fees are more than the rewards, it’s not a good fit for you. For most businesses, a slow-and-steady approach wins the race. Consistent rewards for paying on time and staying within processing limits are usually the best way to go. Watch out for enticing deals that come with your initial sign-up, but peter out before they provide much of a benefit to you.

ProPay offers a nice rebate in the form of a processing credit, which you can earn after the first 90 days of activating your account. When you sign up for a ProPay account and process $600 in credit card sales in the first 90 days you’ll earn a processing credit worth $29.95. This processing credit covers all of the fees you would normally have paid to ProPay as you process credit cards or transfer funds from your account after receipt of this rebate. It’s a handy way to take care of some of the fees associated with processing cards.

Targeted Reward Programs

As the payment processing arena gets more competitive, expect to see rebate and reward programs becoming more and more specific to customer needs and spending patterns. Strategy& observes the following:

“In the technology sphere, we see opportunities for companies in the payments industry to mine customer data and create analytics that can support increasingly sophisticated merchant-funded rewards programs. These programs are becoming more and more pervasive, offered by an ever-broader assortment of national and local retailers, and their success in an era of ‘big data’ is determined by how well they are integrated with the consumer’s path to purchase. The customer’s location — physical store, mobile computer or desktop, smartphone or tablet — as well as recent purchase history, browsing habits, checkout completion rate, response to marketing impressions, and type of credit card used are among the many data points that payments providers can help retailers evaluate to make rewards programs more relevant to individual consumers. This, in turn, should increase sales per active customer and improve retailer marketing ROI.”

This is a promising trend for business owners who rely on the payments industry for their day-to day credit card processing. As their offers are fine-tuned to meet your needs you’ll best be able to capitalize on a rebate and reward program that recognizes and appreciates your good credit.

Fraud prevention can seem like an overwhelming subject for those who run small businesses, especially if they’ve just opened up shop. Fortunately, there is no need for the massive layers of security or huge teams that are often associated with giant companies. Instead, fraud prevention for small businesses is best done by using common sense and a careful eye.

Find Out What Country Orders Really Came From

This is a big help for preventing fraud. Sometimes, an order will come through that seems to be from a legitimate location, but something might seem just a bit amiss. Perhaps the order is for more items than are usually sold, or there’s a comment in broken English, or there’s some other tip-off that all is not what it seems. That’s when you need to use the IP address of the customer to see where the order really came from. If your shopping cart software provides this information, just copy it and paste it into a reverse IP lookup site. A Google search will reveal plenty such sites. Once you enter the IP into the lookup site, the site will tell what country it’s located in. Don’t ship if it isn’t the country the customer gave in the order.

Check Your Records

If someone irately writes you demanding a refund, do a simple record check and make sure that the person ordered anything from you. Sometimes it’ll turn out that they did not. Of course, a dedicated criminal won’t just go away when you tell them that, so your next step is to tell them that you don’t give refunds until you have the item back. Don’t let them wear you down on that policy. Refunds given before items arrive are nothing but gifts for criminals.

Use a Merchant-Friendly Payment Processor

Many criminals work their frauds by demanding refunds from their credit card issuers instead of from you. Some payment processors always mindlessly side with the “customer,” and crooks take massive advantage of such policies. Look for a processor that is not so “customer-centric” that they end up becoming your adversary. Of course, you’ll still need proof that you upheld your end of the deal, so be sure to use trackable shipping.

For more tips on fraud prevention, just contact us. We’ll be glad to help you thwart criminals and ensure that all of your merchandise is not only bought, but paid for.

A British retailer, known in the United Kingdom and around the world for its wide selection of fashionable footwear recently experienced a security breach. Over one million customers were affected, and this is the latest examples of cybersecurity hacks.

Compromised data includes customer contact information and website passwords. The retailer had security measures in place, but the hacker was able to enter the company’s network through an unencrypted database that had been scheduled to be decommissioned. The attack happened last May, but was just recently reported. A warning has been issued to customers to keep an eye on possible account compromises.

In documents provided to British authorities, company executives say that the shoe retailer retained historic customer data because the company thought that removing it would be complicated for the retailer’s operations. They now realize those complications were overstated, and the data did not need to be retained. The servers that were affected have now been decommissioned.

Officials say that companies need to have stronger measures in place to prevent similar breaches. Businesses should:

- Have policies governing how customer data is stored

- Regularly assess how customer data interacts the IT infrastructure

- Test website and servers on a regular basis

For more information about cyber security measures, contact us.