Oracle Micros Data Breach

Micros, a hugely popular restaurant and hospitality is the subject of a major data breach investigation. On Monday, 8 August 2016, Oracle Security informed Oracle MICROS customers that it had detected malicious code in certain legacy MICROS systems. Oracle is currently investigating the compromise.

Micros is used by many of the large hotel brands as well as restaurants. Over the last year, many in the hospitality industry have announced data breaches, though a link between the two has not been announced.

RESOURCES

Visa Compromise Notification (Micros)

Data Breach At Oracle’s MICROS Point-of-Sale Division (krebsonsecurity.com)

Increasing B2B Loyalty With Improved Customer Experience

b2b einvoiceThe last mile in any business to business transaction, collecting payment, can be a point of friction or a seamless part of a great buying experience. Too often, its the former due to a multiple roadblocks including paper invoicing, and accounts receivable staff availability for time zone differences.

Established family businesses often have the same customers for generations and they’re fiercely loyal. Or are they? In a Bain & Company survey of 290 executives in B2B industries throughout 11 countries, 68% of respondents said customers are less loyal than they used to be. Technology can be a game changer for increasing loyalty.

Common business to business billing scenarios for distributors without ecommerce capabilities:

  • Distributor A sends invoices via text or email and lets their customer choose their experience and how they want to pay. Pay from the email/text or login to a portal? Store and tokenize ACH or credit card or manually enter each time? Send check in the mail?
  • Distributor B sends invoices via email and requires customer to login to a portal to make payments.
  • Distributor C has an online pay page customers can use to pay any amount.
  • Distributor D send invoices via email, and customers send checks in the mail.
  • Distributor E sends invoice and credit card authorization form via email, then gets a fax back, key enters into a virtual terminal.

Which billing strategy delivers the optimal customer experience? Customers want to interact with you in multiple ways, so if you’re still doing business the same way you have for decades, customers have likely shifted some of their business, or maybe all of it, to another vendor. Price is not the likely culprit. In a retail study about millennials, just 15% always purchase from the lowest price retailer, while 38% cited convenience as a reason to not purchase. 58% said they’d take advantage of self-checkout on their own mobile device.

What does this mean for B2B distribution companies? Think like your customers. Are you making it easy to do business? Are you increasing their efficiency? What’s the opportunity cost of not updating? I once sought a new distributor for a product an existing supplier discontinued. I found one, but didn’t place the first order. Why not? They required calling in with my credit card information citing it would be more secure. We were in different time zones and the phone was busy, or the person at lunch, and it was just plain inconvenient to keep trying.

A distributor recently advised me they don’t store anything – they require a credit card authorization form for every single purchase. Talk about driving customers away! Even a simple hosted pay page can alleviate the need for paper forms, immensely increase customer convenience, and increase cash flow to boot. While increasing a credit line is a possibility, some customers use them as a tool to self-manage credit, increasing purchasing without having to interact with anyone.

Invoicing and payment technology updates are critical to garnering customer loyalty, regardless of the payment type. The more flexible the solution, the more likely each customer can interact with your business via their preferred method. Today’s technology supports a myriad of payment types, including ACH, credit card, wire and others, and multiple ways to interact for making payments from email to text and beyond. Delighted customers are more loyal and more likely to refer new business.

Christine Speedy is an authorized reseller for CenPOS, a cloud-based, end-to-end payments engine that drives enterprise-class solutions for businesses, saving them time and money, while improving their customer engagement. The secure, cloud-based solution optimizes acceptance for all payment types across multiple channels without disrupting the merchant’s banking relationships. 954-942-0483

MAGENTO VULNERABILITIES IMPACT PCI COMPLIANCE

Magento, a popular e-commerce platform, released multiple security patches this year, several addressing critical and high credit card data breach vulnerabilities. Merchants that haven’t deployed security patches, as required by PCI standards, are vulnerable to remote exploits that can compromise customer account and credit card data.

One cross-site scripting (XSS) flaw potentially allows an attacker to add malicious JavaScript code to a comment via the PayFlow Pro payment module. The JavaScript code is executed server-side when the targeted site’s administrator views the attacker’s order.

PCI Compliance Requirement 6: Develop and maintain secure systems and applications. All critical systems must have the most recently released software patches to prevent exploitation. The average merchant relies upon third party developers for web site maintenance, but unless specifically contracted to update the e-commerce software and add-on modules, don’t count on it.

Only 16.4% of organizations that had suffered a data breach were compliant with Requirement 6, compared to an average of 64% of organizations assessed by our QSAs in 2014- Verizon 2015 PCI Compliance Report.

Payment gateway implementation requirements have changed over time as a result of cross-site scripting and cross-site request forgery (CSRF) to meet current PCI Compliance standards. Merchants should verify all components of their ecommerce ecosystem are current, and have a system for ongoing monitoring and updating.

RESOURCES

  • Magento Security Center
  • VISA MAGENTO SECURITY ALERT, July 2016
  • Christine Speedy, 3D Merchant Services, offers Magento payment gateway module for merchants to improve their omnichannel customer experience and mitigate risk. B2B customer benefits include friction-less payments across all sales channels; text and email Express Checkout, customer invoice portal for 24/7 ACH, credit card, wire and more payment types, and US EMV with level 3 processing. Magento and ERP modules combine to provide a powerful array of solutions to improve cash flow and profits while maximizing security. 954-942-0483.

 

 

Faster Processing and Settlement of ACH Credit Transactions begins Today, Reaching all U.S. Bank Accounts

NACHA Announces Implementation of New Rule for Phase 1 of Same Day ACH

HERNDON, Va.–(BUSINESS WIRE)–Today, NACHA —The Electronic Payments Association®, the trustee and rule maker of the ACH Network, announced the launch of Phase 1 of Same Day ACH. Same Day ACH is a new faster payments option that reaches all bank accounts and will enable businesses and consumers to send and receive payments and payment-related information on the same day through the ACH Network.

The launch of Same Day ACH marks a significant milestone in the journey towards faster payments in the U.S.

Phase 1 of Same Day ACH allows for the sending and receiving of virtually any ACH credit transaction, enabling a variety of transactions such as urgent claim payments from an insurance company to a consumer or same-day payroll payments from an employer to an hourly or contract employee.

“The launch of Same Day ACH marks a significant milestone in the journey towards faster payments in the U.S.,” said Janet O. Estep, president and CEO of NACHA. “While other payments initiatives have been developed to support the demand for faster payments in the U.S., Same Day ACH provides absolute certainty that your payment can get to absolutely anyone else with a bank account on the same day, regardless of which bank or credit union they use, bringing value to all users of the ACH Network.”

Beginning today, all financial institutions will be able to receive same-day transactions. Although sending same-day transactions by financial institutions and their customers is optional, it is expected that many will begin enabling the origination of same-day payments today. According to research conducted by NACHA, 95 percent of the nation’s top financial institutions intend to originate Same Day ACH in 2016. The top reasons cited for how Same Day ACH will be used by financial institutions beginning today include payroll and business-to-business payments.

“Same Day ACH is an innovative and immediate solution to support the demands of those consumers and businesses that want to move their money faster,” said Estep. “Not only does it support the industry’s near-term needs, but it also serves as a building block for the future of faster payments. Upon the Same Day ACH foundation, other products and services can be built to continue to meet the evolving needs of consumers and businesses into the future.”

Phase 2 of Same Day ACH will launch on Sept. 15, 2017. Phase 2 will introduce the faster processing and settlement of debit transactions, in addition to credit transactions. This Phase will support additional use cases such as consumer bill payment for utility, insurance, telecom, mortgage, loan and credit card payments.

For more information about Same Day ACH and how to implement and leverage this opportunity, visit NACHA’s Same Day ACH Resource Center at https://resourcecenter.nacha.org/.

About NACHA—The Electronic Payments Association

Since 1974, NACHA – The Electronic Payments Association has served as trustee of the ACH Network, managing the development, administration and rules for the payment network that universally connects all 12,000 financial institutions in the U.S. by moving money and information directly from one bank account to another. Financial institutions exchange 24 billion ACH payments valued at $41 trillion annually. Through its collaborative, self-governing model, education, and inclusive engagement of ACH Network participants, NACHA facilitates the expansion and diversification of electronic payments, supporting Direct Deposit and Direct Payment via ACH transactions, including ACH credit and debit payments, recurring and one-time payments; government, consumer and business transactions; international payments, and payments plus payment-related information. Through NACHA’s expertise and leadership, the ACH Network is now one of the largest, safest, and most reliable systems in the world, creating value and enabling innovation for all participants. Visit nacha.org for more information.

Mastercard Chip Momentum: Reducing Fraud One Year In

Chip Cards in Market at 88 Percent as Chip-Active Terminals Reach 33 Percent

September 12, 2016 09:00 AM Eastern Daylight Time
PURCHASE, N.Y.–(BUSINESS WIRE)–At the one year anniversary of the shift to chip approaches in the U.S., Mastercard today unveiled data confirming the positive impact the technology is having on issuing banks, merchants and consumers. To date, chip adoption continues to grow:

“Payment cards are an essential part of commerce; EMV requires a change to the customer experience as the industry shifts from swipe to chip”

•    As of July 2016, 88 percent of Mastercard U.S. consumer credit cards have chips, representing a 105 percent increase in chip card adoption since the October 1, 2015 liability shift.
•    The company also sees 2 million chip-active merchant locations on its network, a 468 percent increase in chip terminal adoption since October 1, 2015. Two million merchants represent 33 percent of all U.S. merchants.
•    Of the 2 million chip-active merchant locations, 1.3 million are regional and local merchant locations, representing a 159 percent increase since October 1, 2015.
“Since 2012, Mastercard has championed chip technology. We need chip cards in wallets and chip terminals at checkout to continue to drive card fraud out of the U.S. This country is one of the most complex markets in the world so we know things won’t change overnight,” said Craig Vosburg, president of North America for Mastercard. “However, we’re encouraged by the significant progress over the last 11 months. With every additional chip transaction we move closer and closer to our collective goal – moving fraud out of the system.”
Chip Impact on Merchants
The biggest benefit of chip technology is minimizing the cost of fraud caused, in part, by the use of counterfeit cards. Now, the chips in terminals “talk” with the chips on cards creating unique codes for all purchases. The unique codes protect cards from being counterfeited.
Mastercard fraud data shows a 54 percent decrease in counterfeit fraud costs at U.S. retailers who have completed or are close to completing EMV adoption, when comparing April 2016 to April 2015. Demonstrating the power of EMV and the risk of not adopting it, counterfeit fraud costs increased by 77 percent year-over-year among large U.S. merchants who have not yet migrated or have just begun the migration to chip.
“Payment cards are an essential part of commerce; EMV requires a change to the customer experience as the industry shifts from swipe to chip,” said Brian Riley, director, Credit Advisory Service, Mercator Advisory Group. “There is no doubt chip cards will curtail fraud and it is exciting to see enhancements at the point of sale that will propagate usage, reduce friction and accelerate transaction time.”
Mastercard continues to work closely with merchant partners to ease the adoption of chip. Recent initiatives and programs have included: speeding the terminal certification processes from days to hours, while maintaining quality; adding more intelligence on its network to minimize chargeback costs to merchants; and introducing M/Chip Fast, a new application to help speed transactions and shoppers through checkout lines.
U.S. Consumers Prefer Chip
U.S. consumers have also been central to chip card adoption. While there was an initial learning curve on the chip experience, they now also are seeing the benefit of increased chip safety and security.
Chip card use continues to rise in the U.S. according to a recent Mastercard survey of over 1,000 U.S. consumers:
•    Nine-in-ten Americans commonly use chip cards, a 38 percentage point increase year-over-year, from 49 percent in 2015 to 87 percent in 2016.
“As more U.S. cardholders use their Mastercard chip cards, they are learning the benefits of increased safety and security. It’s no small undertaking to change the way people pay for things. The only reason to start this big a task is to make people’s lives better. Chips have the potential to do just that,” said Chiro Aikat, senior vice president of product delivery – EMV, Mastercard.
METHODOLOGY:
Braun Research conducted an online survey in the United States between June 27 and July 15, 2016 among a nationally representative sample of about 1,000 general population consumers, 18 years of age and older. The sample was weighted to be nationally representative of the US population as it relates to age, gender and region, as well as ethnicity/race. At the 95 percent confidence level, the margin of error is about +/- 3.1 percent.
About Mastercard
Mastercard (NYSE: MA), www.mastercard.com, is a technology company in the global payments industry. We operate the world’s fastest payments processing network, connecting consumers, financial institutions, merchants, governments and businesses in more than 210 countries and territories. Mastercard products and solutions make everyday commerce activities – such as shopping, traveling, running a business and managing finances – easier, more secure and more efficient for everyone. Follow us on Twitter @MastercardNews, join the discussion on the Beyond the Transaction Blog and subscribe for the latest news on the Engagement Bureau.