Posted by Sharon Robb on Mon, Feb 13, 2012 @ 12:14 PM
The term mobile payments refers to several types of transactions that originate from mobile devices such as smart phones or tablets. However, making headlines as the next possible "big" trend in payment processing in the US - is mobile payments using NFC or near-field communications (contactless).
Michael Koploy an ERP Analyst for Software Advice gives a comprehensive overview in his recent article (January 2012) of the components required to pull off utilizing contactless technology at the point of sale -
- A consumer/buyer with a smartphone outfitted with NFC technology or radio-frequency identification (RFID) chips.
- The smartphone requires an application such as Google Wallet, a "virtual" wallet that stores the credit card information (only works for Sprint Nexus S users who also have a Citibank Mastercard or a Google prepaid card - limited to date, but a competitive program is in the works in ISIS)
- A merchant with an NFC enabled credit card processing terminal or a stand alone NFC reader (MasterCard PayPass)
At the point of sale, the consumer uses a pin to access the information in the virtual wallet, waves the smart phone in front of the terminal (close proximity, 2-4 inches) and voila! a mobile payment transaction occurs.
Many of us in the industry are keeping our eyes on this technology, but few believe 2012 will be the year it takes off - there are a number of things impeding quick adoption in the US.
- We sorely lack the payments infrastructure. Most merchants do not have a reader or an integrated NFC terminal and so far consumers are not pounding on the sales counter insisting on using their virtual wallet and smartphone for payment.
- Liability and cost (ah ha!) - Angela West of PCWorld points out that NFC transactions are CNP (card not present), similar to e-commerce, as vs. CP (card present) which is typical of retail merchants. CNP transactions, where mag stripe data on the back of the card is not read/swiped at the point of sale, are processed at a higher interchange rate (i.e. cost the merchant MORE) and transfer the liability for fraud, from the card issuer, to the merchant.
- Does contactless payment increase sales? In Amy Gahran's cnn.com article (Nov. 2011) she quotes Google's VP of Payments, Osama Bedier "Merchants adopt new payment systems because they increase sales." Will customers buy more? Will ticket averages grow? Merchants will want answers to these questions before adopting new contactless technology.
- Are applications like Google Wallet secure? See Keith Wagstaff's Feb. 10th online article for TIME... hardly.
We can all agree,the current system of presenting credit and debit cards for payment at the point of sale is already quick and efficient - so do we really need NFC? We also know that merchants are resistant to change and in a payments world where most ISO's were giving equipment away - hesitant to invest in new hardware.
Koploy believes value added services that can be activated through NFC technology will drive consumer and merchant adoption of the new payments technology. Think daily deals, rewards and discounts. Payment industry professionals echo the belief that marketing will pave the path to acceptance, but discounts are not enough.
Grahn's article summarizing our sluggish trek towards NFC in the US, cites principal payment professionals who take Koploy's thoughts about merchant oppportunity even further. Consider Dickson Chu, managing director of digital networks for Citi's Global Enterprise Payments unit -the NFC merchant opportunity is to "deepen the customer relationship" and David Marcus, PayPal's VP for mobile - "Today, retailers learn about customers at the least effective time -- just when they're leaving the store. They'd like to know about you when you arrive at the store, so they can customize your shopping experience and treat you properly."
Whatever happens - and we'll keep you posted, the indisputable march towards a cashless society moves forward, now inexplicably entangled with a rapidly declining privacy in the personal preferences, interests and wants that dictate our buying habits. Weird.
Posted by Sharon Robb on Wed, Dec 07, 2011 @ 01:00 PM
The United States Postal Service (USPS), deep in the red, announced the closing of over 200 mail processing centers - a move that will add at minimum an additional day for most first class deliveries.
Thats another day for invoices to reach customers and another day for the returning check payment. Cash flow will take another hit for businesses that continue to rely on this traditional method of customer payment. FindLaw, a Thomas Reuters business, and a leading provider of online legal information and Internet marketing solutions for law firms, writes in an article on cash flow basics that "One of the first things businesses can do to maximize cash flow is to audit billing, collections and payables systems for efficiency" even "requiring up front deposits or credit cards."
Now is the time. The USPS is clamoring to raise prices for all forms of mail delivery - they must. Next year the price of a first class stamp will go up to .45 and experts say it is not enough. For those merchants and businesses mailing invoices, statements, and repeat invoices and statements - the writing is on the wall. Traditional paper invoice and check payment is no longer cost effective.
Utility and pest control companies, professional services, B2B companies, and many others need to adjust old processes and incorporate electronic invoicing, click and pay, recurring ach (automated clearing house - i.e. direct debit!) and credit card payments. The cost of traditional collection methods is astronomical in comparison - and inefficient at best. Collections can take 30, 60 and 90 days - why not collect immediately by drafting your customers checking account as soon as services are rendered or products shipped?
Electronic invoices have customizable templates to incorporate company logos, etc., recurring payments can be automated - entered and forgotten- reliably debiting your customers account month after month with no further input by the merchant - with customizable receipts emailed upon debit.
With ACH payment processing and/or recurring credit card billing, collection costs can be reduced to a pittance with a transaction cost that pales in comparison to traditional methods.
Posted by Sharon Robb on Tue, Oct 04, 2011 @ 11:17 AM
Card Data Security and Monthly Merchant Fees - a Direct Connection
If you are a credit or debit card processing merchant you should know - PCI DSS compliance and verification, and the SAQ or Self Assessment Questionaire, is an annual requirement. Those merchants who forget to reverify will typically pay their payment processor non compliance fees monthly - IN ADDITION to their standard monthly PCI DSS fee. As we review statements here at XBS Global, we are seeing monthly non compliance fees that range anywhere from $10 to $50. I suspect there are merchants paying more.
The Payment Card Industry (PCI) Self Assessent Questionnaire (SAQ) has caused a lot of angst for merchants attempting to keep up with PCI DSS (Payment Card Industry Data Security Standards). The standards are proving to be a moving target and the SAQ an exercise in frustration. For the most recent information and updates merchants should definitely turn to the PCI Security Standards Council.
Card data security will not be going away. Card data references any personally identifiable data associated with the cardholder such as account numbers, social security numbers, even names, addresses, expiration dates, etc. The Sony breach in April 2011 was staggering and sobering, as was the May 2011 breach at Michael's stores nationwide (under investiation by the US Secret Service!).
For the vast number of merchants who feel they are being squeezed by credit card processing fees - here is one you can eliminate. If you need assistance with the SAQ -call your payment processor but for pete's sake - complete it EVERY YEAR.
Posted by Sharon Robb on Wed, Sep 21, 2011 @ 09:30 AM
Onvia estimates that "government spending accounts for one half of every US dollar spent or half the nations Gross Domestic Product." So...if you're a B2B merchant who wants to increase sales, well....local, state and federal government is looking good.
They also advise Level III payment processing capability for any merchant or supplier who hopes to do B2G business. The government, like an increasing number of small, mid and large businesses uses commercial and purchasing cards (p cards) for purchases of all sizes. If you are a supplier or merchant in this arena, it's time to get a move on and be a part of your customers procurement management solutions.
Other events continue to point to your customers need for effective management of working capital and overall improvement in operational efficiency. Take the pending insolvency of the United States Postal Service (USPS). Alex Husted - who directs the catalog business of a global imaging and photonics company says in a recent B2B article that he is "anticipating double digit postal rate increases ANNUALLY and then tops it off with the of course foreseeable "expectation of increasing paper prices". The questionable future of mail delivery and rising costs continue to create genuine niche sales opportunities for our merchants. Time to "embrace card payments" by incorporating Level III processing in your web, print and social media sales channels. It's a benefit to your customer.
Besides new customers and increased sales what else is in it for our merchants? Lower interchange rates for p cards and commercial cards. Yes, lower payment processing costs through special interchange rates provided by Visa and MasterCard when accepting these unique cards, centrally billed to the organization using them, with Level III processing. Merchants can save 30% to 50% on these transactions which encourage increased data that supports industrial buyers and keeps fraudulent card use low.
Level III processing requires purchase transactions to have more line item detail than other types of processing such as tax ID's, invoice and order no#s, item descriptions and codes, quantity, freight, etc. SAAS solutions such as 3 Delta Systems are high performance B2B/B2G payment platforms that meet secure, complex payment processing requirements, reduce costs and risk and increase productivity.
The writing is on the wall. If you are a merchant currently selling in a B2B environment that does not process payments via a Level III processing solution, your cost of processing commercial and p cards is probably astronomical and a seriously quantifiable detriment to your daily cash flow. If you think you have a service or product for the B2B market, using Level III payment processing provides your customer with the increased data needed for efficient, cost effective operations and cash management. If your competitor provides it and you don't...well.
It's a sales tool. Use it and grow.
Posted by Sharon Robb on Thu, Sep 08, 2011 @ 02:21 PM
The July 2010 Restoring American Financial Stability Act or Dodd-Frank bill as it is often referred to finally implements new regulations on October 1 of this year regarding it's heavily debated Durbin Amendment. The amendment gave the Federal Reserve Board the power to set "reasonable" debit card interchange rates and give merchants a choice in selecting the transaction network (routing regulations will go into affect April 2012, some even later).
The initial recommendation was to have debit card interchange capped at 12 cents per transaction - but to the outrage of amendment supporters - the final cap was set at 21 cents per transaction plus 5 basis points of the total transaction value (.05%). The cap represents huge revenue losses for debit card issuers, i.e. banks (those with less than 10 billion in assets are exempt from the regulations further complicating the overall financial services impact).
Who among us are the winners and losers as the bill goes "live"?
Merchants - The largest of retailers are going to save big with already negotiated interchange cost plus pricing that streamlines electronic payment costs, as much as 50% over current debit card interchange costs. The larger precentage of merchants and retailers striving to turn a profit in our distressed economy will likely see no reduction in payment fees despite the Durbin Amendment because of their pricing structure. These same merchants will take the brunt of lost debit rewards and free business checking programs.
Banks - Will survive, at least the big ones. Most have new strategies, products and fee structures to replace lost revenues ready to roll out if they have not already done so.
Consumers - Not good. The banks survival strategy will directly and negatively impact consumer wallets. The biggest Durbin Amendment supporters such as the Merchants Payment Coalition point to the consumer as a big winner through lower costs for products and services. This would be great, but doubtful. Similar regulation in other countries show savings go to the merchant with no peter down affect.
What we will feel is the elimination of debit rewards programs and most certainly free checking. Banks may charge annual fees for debit cards and/or charge a monthly flat fee for so many transactions or perhaps for using the debit card in a "purchase" environment vs ATM. Most of these notices from the major banks have already gone out. My sons SunTrust account will even charge a monthly flat fee for debit cards for the poor lowly college student when used for purchases.
David John of the Heritage Foundation in his 2011 March article,The Durbin Debit Card Interchange Fee Hurts Consumers makes some powerful observations. Some consumers, frustrated with new debit card fees will return to credit cards that have interest charges and even higher fees or even less consumer friendly, store-value cards. Lower and moderate income families could find it easier to to fall into the destructive cycle of debt. Interest paid on consumer deposits may drop further as banks attempt to stem revenue losses. Credit will tighten. Again.
In John's call to repeal the legislation he points to the positives of millions of American consumers who have moved consistently from credit to debit card use - spending their own money verses borrowing it from the card issuer. Keep in mind that debit cards are the fastest growing way to pay when it comes to non cash. According to the 2010 Federal Reserve Payments Study US consumers made 37.9 billiion payments using debit cards in 2009, up 14.8 percent from 2006.
XBS Global is a merchant account provider, a merchant and of course, a consumer.
Our business model is to assist merchants in payment optimization and provide ongoing professional and trustworthy consultation in a complex financial industry. In this we firmly stand behind efforts to lower electronic payments fees for all merchants.
As a merchant, we aim for best business practices, keeping ALL costs as low as possible and fully incorporate customary and standard expenses into the long term business plan and model. This includes payment processing costs.
Congress is way out of its league with this Amendment and we echo John's concerns - "Any law or regulation that artificially increases the cost to consumers of using their own money and directs them toward greater uses of debt or riskier debit card substitutes is inherently anti-consumer".
Posted by Sharon Robb on Fri, Apr 08, 2011 @ 06:48 AM
The Credit Union Times reported late last month that there is indeed momentum growing for the delay of the debit card interchange cap portion of the Durbin Amendment (a provision of HR 4173). Lots of pause legislation introduced and now out loud doubts by the likes of Federal Reserve Chairman Ben Bernanke and FDIC Chairman Sheila Bair, and others, about the ability of small debit card issuers to protect themselves against some negative impact.
Folks - if there is a delay it will be announced shortly - (rules need to be proposed by the Fed this month) - we'll keep you posted. I've discussed the issue at length here in the blog - winners, losers. Lots of opinions on this and frankly, all remains to be seen. In the mean time, we'd like our merchants to know what's happening, what they may and may not do and how to control costs.
What's happening? While there is a frenzy to pause the cap implementation, your interests are being well represented. Some of the largest retailers in the US as well as sizeable merchant coalitions and associations are lobbying congress for July implementation of the debit fee caps and the rest of the amendment, as is. If you carry a debit rewards card for your business, or for personal use - your program has probably already been cut - like Wells Fargo, and others. Possible other charges for previously free services, are being considered. The banks are looking to make up for pending lost debit card interchange revenue (There goes free checking!!).
Merchants!
You CAN offer a discount for cash, check and pin debit purchases and can encourage these alternative payment methods.
You may NOT charge checkout fees for debit card use.
You may NOT yet require minimum purchase amounts for debit cards.
See these common FAQ's and Guidelines from Visa and MasterCard.
Control your costs.
Use an electronic payments professional - and it's not your bank. Would you hire a plumber to wire your house? What a source of confusion. Banks do provide merchant services because they work with so many businesses. Banks also issue all credit and debit cards and are paid 100% of interchange, the revenue generated on every swipe, paid by...the merchant. This is a self-serving relationship. Some of the most egregious processing statements we see are from banks. Get your checking, savings, direct deposit, and loans - from your bank.
Electronic payment processing is an industry UNTO ITSELF. These professionals are paid a set service fee for delivery and risk (yes, banks charge this too). The fee includes risk and fraud protection, communications, underwriting, technology, recording, transfer of funds, guidance, set up, technology and development, etc. They do not receive payment for interchange or assessments.
Focus on costs within your control - operating, human resources, inventory, etc. Types of cards presented at the register, interchange, assessments from Visa and Mastercard are not on this list.
Interchange Cost Plus pricing (wholesale) is now available to all merchants. Ask for it.
Tiered Pricing if you insist - should include tiers specific to debit cards which is lower than credit cards.
For Pete's sake - Embrace the card and ring the till! Debit cards are the number one payment choice of consumers EVERYWHERE. We will not be going back to cash - alternative electronic payment methods will never be free.
Sure toss your hat into the legislative ring with a yay or nay but don't wait around for the federal government to solve the issues of of your small business. Incorporate the cost of payment processing into your business plan, be lean, mean and efficient with it by understanding best practices and swipe, swipe, swipe.
Posted by Sharon Robb on Tue, Mar 15, 2011 @ 09:49 AM
On Friday March 9th VeriFone CEO Doug Bergeron released a letter to the payment processing industry and consumers everywhere describing a security glitch in the free card reader (dongle) distributed by industry p2p upstart Square. The company's free wheeling mobile, person to person (p2p) payment processing solutions for smartphones touted for small businesses and virtually anyone with a reason to accept payments for anything, is getting rave techie reviews.
Bergeron's letter points to troubling security flaws in the Square payment processing model and hardware:
- The lack of encryption of credit card data at the point of the card swipe (a PCI DSS standard that we credit card processing professionals and merchants everywhere are being held to by VISA and MasterCard). He went further and posted a YouTube video re the ease of writing an application for the phones that will steal/skim the card data (and did it in about an hour). It has since been removed.
- There are minimal restrictions (any?) to individuals attaining the Square reader device that attaches to your phone and the ability to process credit card payments through Square. Typical merchants who want to process credit cards via other methods or through other networks, such as VeriFone must undergo an underwriting process to qualify for the merchant account (the privilege of processing secure customer payments).
The Bergeron letter was greeted with strong cries of foul from an ethical standpoint because VeriFone has a product that competes with Jack Dorsey's Square in the mobile payment processing game, VeriFone's PAYware Mobile
Hard to relate to wireless guru's RCR Unplugged reference to VeriFone as just an "established competitor" of Square. Uh, actually, founded in 1981, the worldwide company has earned a stalwart reputation in the manufacture of credit card processing terminals and software. VeriFone is a giant in the industry.
VeriFone could have handled the information with more public relations savvy true, but we struggle with what some could consider Dorseys flippant response to the inherent risks of credit card use being unavoidable. Step up to the plate! Payment professionals everywhere are appropriately fixated on PCI DSS and the protection of this private sensitive data, something our customers have a right to expect. We are being held financially responsible. We'd much rather see Dorsey have a "we are working on it" and "it's a top priority" sort of approach. Should Square be any different? any less accountable?
Consider in 2010 that consumer victims of credit card fraud sustained $5.5 billion in unreimbursable expenses (such as legal fees)! Industry professionals point to increasing sophisticated security for large retailers resulting in more attacks on the smaller, less sophisticated targets - Square and VeriFone's PAYware has a target market that fits this trend. It is "the smaller merchants, that haven't really paid attention to security, that are apt to be the next big targets for card data theives in particular", suggests First Data Corporation's John Barrett in the GSQ December 2010 edition - The State of Acquiring.
We have marveled in the past at the progress and outlook for mobile payment processing including the promise of Square and are a proud reseller of VeriFone's credit card processing terminals.
XBS Global continues to support meticulous and professional adherence to Payment Card Industry Data Security Standards for all those who want to participate and grow in the payment processing industry.
Posted by Sharon Robb on Tue, Feb 01, 2011 @ 08:04 AM
Lock your doors. Ratchet up the security.
While substantial breaches seem to be diminishing as large companies do just that, Payment Card Industry Data Security Standard (PCI DSS) experts point to Level III and Level IV merchants to be at high risk for credit card data theft in 2011. That's a large number of merchants who've been relaxing above the "cloud" of breaches because their "stuff is not worth stealing."
Just ask a local Ft. Mills, SC restauranteer on the cost of a "small" breach. With an estimated 30 credit card data records stolen at an overall cost of nearly $60,000 - small business owners should be on full alert. The restaurant was a hacking casualty as investigations have turned up no indications of an inside job. The business owner seems to have made all the right moves following SC law in disclosing the breach and making good with customers. Admirable. Costly.
We beseige our fellow business owners and merchants to pay attention. In the ongoing effort to protect merchants, processors and consumers from fraud and inevitably, financial loss, PCI DSS version 2.0 was released in October of 2010. The new standards remind us that with new technology comes vulnerability.
The new version offers more new guidance than costly change and efforts to comply with version 1.2 will easily and directly relate to version 2.0. Naturally compliance with the new version isn't expected by the card brands until January 2012.
We remind you to adhere to common sense and start with the basics -
- Do not store credit card data. Do not.
- Check your POS equipment and softwares for PCI compliance.
- Check your business processes for security flaws.
These resources will get you started in the right direction for 2011.
What is PCI Compliance
PCI DSS for Small Merchants - an excellent no nonsense site to assist the small business owner with payment card industry data security standards.
Full Version PCI DSS 2.0 PDF
Highlighted Summary of PCI DSS Changes from 1.2 to 2.0
Privacy Rights Clearinghouse - a wealth of information on state laws, breaches, etc. A must see.
Approved/Compliant Pin Transaction Security Devices
Validated Secure Payment Applications/Software
It's our job to protect the credit card data of customers, like it was our own.
Posted by Sharon Robb on Fri, Dec 03, 2010 @ 02:02 PM
Remember the old knucklebusters? I do (hence the gray). Back in the early 80's when I was waiting tables that's how we processed credit cards at the restaurant. I even remember checking "the book" - a publication with pages and pages of credit card numbers, to ensure card validity. Imagine keeping THAT publication up to date.
They live on.
I'm not kidding - just Google it and see. There are still manufacturers and resellers of manual credit card imprinters. In fact I have a few in inventory - little dusty, but if the right application comes along...
What the heck would be the purpose of a credit card imprinter in 2010? Well.... perhaps you are a merchant with low credit card processing volume, your credit card terminal malfunctions or the actual credit card magnetic strip is worn or demagnetized. Maybe you're a small mobile merchant looking to contain costs or a mobile merchant with no access to electricity, internet or phone line for real time processing. Perhaps your cell phone service provider is less than dependable (can you hear me now?) It could come in handy.
Credit card imprinters should have a custom imprinter plate permanently attached, that has the merchants name, merchant ID#, and at least a phone number. The manual imprinter requires a form or credit card slip with at least 2 copies - one for the merchant, one for the customer. It is the merchants responsibility to record the specifics of the sales transaction on the slip - description of the goods or services sold - cost of the sale/amount of the transaction and of course, a customer signature.
Credit card slips should be kept for at least six months to protect against chargebacks - also the reason for the customer signature. PCI DSS consists of keeping the slips under lock and key (the slips will have the full credit card number on them remember - not just the last 4 digits like electronic receipts. Why use an imprinter if I can just write out the whole darn thing? No proof the card was present, no protection in case of the chargeback.
Used to be a copy of these slips were submitted to the bank for funding (mailed no less!) - not very quick or efficient of course. Today, merchants using imprinters use a payment gateway or virtual terminal or even their POS credit card terminal to submit the transactions (batched out daily preferably). The transaction data from the slips are manually entered for authorization, and of course funding and the transaction is billed to the merchant at the keyed discount rate - mid-qualified, or higher.
Not only are the credit card imprinters still in circulation but there are different types such as portable (light weight, fits in the pocket) or the pump handle (precise, crisp impressions, durable, can be used with a variety of form types - etc.), all with various pricing naturally. If you are opening a merchant account - I'm hard pressed to believe that your merchant provider would charge you for a low end imprinter, seriously.
So that's the story on the manual credit card imprinter - marks the beginnings of POS equipment in the early days of credit card processing. Still available, possible applications I suppose, but losing steam daily.
Why, when you get right down to it, why not just use a Magtek card reader?
Posted by Sharon Robb on Fri, Oct 08, 2010 @ 01:42 PM
I would be remiss not to mention the recent lawsuit - October 4, 2010 - launched by the US Justice Department against the three renowned credit card companies, American Express, Visa and MasterCard, for anticompetitive practices.
At issue is the merchant rules and regulations signed when a business owner is approved for a merchant account to accept any one of these credit cards. Simply put, merchant account rules typically deny the merchant the ability to steer customers to alternative, less costly forms of payment at the point of sale - such as cash, check or a less costly card - by offering incentives, discounts or special treatment.
VISA and MasterCard have already settled the suit (dang that's quick!), but American Express is standing firm - if the merchant does not wish to abide by the companys rules and regulations for card acceptance - than they should simply choose not to accept the card. Fascinating.
So the brouhaha about monies made by the issuing banks (paid by the merchant) through interchange fees finds its way to the courts in a backhanded sort of way. Remember the credit card companies themselves receive an assessment fee per transaction - not interchange fees.
I wonder though - how will the merchant overcome several decades of consumer behavior?
Can merchants really tell us what to carry in our wallets? Will the prices of goods and services really come down? Will we carry cash for a 5% discount? Can sales clerks be trained to identify a rewards card (higher interchange fee) or a no frills cards, johnny on the spot?
Remember the credit card prank, which was not so much a joke on credit card companies, but unsuspecting merchants, and clearly, poorly trained staff. Today's emphasis on security and specifically PCI DSS has done a lot to change lackadaisical behavior by employees at the retail point of sale and elsewhere....but can we really expect our lowest paid staff to be the credit card police?
Will each new crackdown on the credit card companies serve to benefit or hurt the consumer in a purchasing world markedly tipped towards the power of plastic?
What do you carry in your wallet?