What is Auth Code 14, declined?

A credit card processing response of Auth Code 14, is a decline for Processor Declined, Fraud Suspected. Why does this happens for recurring billing, including unscheduled recurring billing using a stored credential, also known as a token on file? The method used to store the first transaction, and process subsequent transactions can impact authorization approvals.

For example, a merchant has successfully processed unscheduled transactions using a token on file since 2016. However, in 2017, declined for Auth Code 14 appeared.

auth code decline 14

Why would a previously stored and working card decline now? Look at the AVS,  ZIP, and CVV response above. Compare to the example below.

token billing

For the second receipt, AVS match Y= address and 5 digit zip match, Zip match Y=Address and 5 digit zip match, CVV = match X, cannot verify CVV. Because CVV was verified a match on the initial zero dollar authorization it’s not required to be presented on subsequent transactions.

The first example is returning that information does not match, thus the reason for suspected fraud. Without looking at the very first authorization when token was created, several possibilities exist, including  cardholder issued a new chip card with same number but other changes occurred in the interim; cardholder address changed or was never validated.

Merchants are at risk of issuer initiated chargeback if authorization rules are not followed. Refer to  Visa Product and Service Rules, Table 5-21: Requirements for Prepayments and Transactions Using Stored Credentials for more information. With recent rules changes, and more coming October 2017, merchants need a cloud based solution that can automate compliance. Not all of them have that intelligence. For example, some cloud based payment gateways enable merchants to perform prohibited transaction requests that put the authorization at risk of chargeback for non-compliance.

Due to many recent and upcoming changes for card absent and recurring billing with stored credentials, merchants are advised to review processes to include empowering customers to self-manage adding cards on file, and using cardholder authentication. Visa requires Verified by Visa for cardholder authentication in a card not present environment; without it, expect increasing declines.

Disclaimer: The rules of card acceptance are very complex and change typically twice a year, sometimes with interim bulletins regarding more changes. Merchants should read the manual for complete details regarding card acceptance for your business type.

Christine Speedy, authorized CenPOS reseller, provides universal payment processing solutions, including cardholder authentication, to maximize merchant profits and mitigate risk across multiple sales channels. Contact Christine at 954-942-0483. 

US EMV Verifone MX 915 for BB&T TSYS

Yes, we provide US EMV with chip and pin for BB&T customers wanting to use Verifone MX 915 terminals. BB&T merchants are on the First Data platform. One unique benefit of our solution on First Data is we can process retail, MOTO (mail order/telephone order), and ecommerce, including electronic bill presentment and payment (EBPP), all in a single merchant account, with proper representment to mitigate chargeback risk and maximize profits.

The transaction process is different for EMV than magnetic swipe transaction, in order to support the different flow for processing chip cards.

To use CenPOS as shown in the video, merchants need high speed internet, web browser, Verifone MX 915, and CenPOS account. No other software is needed. CenPOS can be used standalone or integrated. Integrated solutions include Infor, SAP, Dynamics AX, Quickbooks etc. In all cases, CenPOS segregates payments from the application to reduce PCI Compliance scope and improve security.

TIP:  Having an EMV capable terminal does not mean a merchant is ready to accept chip cards. In the CenPOS environment, if a merchant installed a future proof, EMV capable terminal to get ready for EMV, the next step is to convert to EMV enabled. This always requires turning on EMV at the merchant account level, in addition to other steps.

If you do not own a Verifone terminal, do not purchase one on your own via EBAY or some other source. For PCI Compliance, and overall security, the purchasing and installation process must be tightly controlled.

If you’re not a current CenPOS customer, contact Christine Speedy for sales and integrations at 954-942-0483. Don’t just get ready, get EMV Compliant.

myKaarma & Creditcall team up to accelerate EMV chip card adoption for car dealerships

Car dealers can now simply switch to EMV, providing their customers the most secure payment solution while benefiting from reduced PCI DSS scope.

NEW YORK, NEW ORLEANS, NADA100 (Booth #5501), January 27, 2017 – Creditcall, the omni-channel Payment Gateway and EMV Kernel provider, today announced that it now supports myKaarma, the cloud-based conversational commerce software that’s revolutionizing the auto service industry. myKaarma can now quickly and easily add EMV chip card acceptance to its dealership app by using the Creditcall payment SDK – ChipDNA – which is pre-certified with First Data, one of the leading U.S. processors and the Ingenico Group’s iPP 350 smart payment terminal. More processors and payment terminals will be added in the following months.

myKaarma enhances the retail experience for service departments of car dealerships. The myKaarma app gives the dealership the ability to offer the latest customer engagement technologies such as digital conversations (text, email, voice) and smart payment systems for online and mobile point of sale (POS) with auto-reconciliation, all in one application that seamlessly integrates with the dealerships’ current dealer management system (DMS).

ChipDNA is an omni-channel, EMV-ready payment gateway solution for mobile, online, in-store and self-service card payment acceptance. It is aimed at software developers and can be integrated into Android and iOS based mobile POS (mPOS) payment solutions as well as Windows and Linux semi-integrated environments. It includes a comprehensive terminal management system (TMS), remote key injection (RKI) and point to point encryption (P2PE) for the highest level of cardholder data protection. Developers can choose from 38 different device manufacturer and processor combinations which reduces integration time and resources without the need for complex and lengthy processor certifications.

“We wanted a partner who already had years of EMV experience and a proven solution, knowing if we had any bumps along the way”

– Ujj Nath, CEO at myKaarma

“We wanted a partner who already had years of EMV experience and a proven solution, knowing if we had any bumps along the way, our partner will be able to support us and meet our needs in a timely manner” said Ujj Nath, CEO at myKaarma. “By leveraging ChipDNA, we were able to spend more time making our software even more valuable to our customers, rather than spending time trying to navigate the complex requirements of EMV”.

“Many developers and merchants still assume that replacing an old swipe card reader with an EMV chip card reader equals EMV compliance” says Jeremy Gumbley, CTO at Creditcall. “The reality is that true EMV compliance requires upgrading the entire payment infrastructure, involving several parties and complex moving parts. Once completed, there is still an ongoing requirement for maintenance and updates to remain compliant. We are proud to offer ChipDNA, which allows software developers like myKaarma to avoid the majority of headaches and address EMV with one simple, fast and future-proof integration” Gumbley continues.


About MyKaarma

myKaarma is a conversational commerce software company for automotive dealerships that focuses on enhancing the retail service department experience. myKaarma’s platform gives dealers the ability to offer their customers 21st Century technology through digital conversations and smart payment systems. myKaarma was named as an official communications and payments partner for Mercedes-Benz USA.

About Creditcall

Creditcall provides the tools to enable secure payment acceptance in-store, self-service, online or mobile. From retail and hospitality, to parking, vending, transportation or charity applications, Creditcall’s omni-channel Payment Gateway and EMV Kernels are at the very heart of its partners’ businesses, enabling them to focus on what they do best.

Creditcall is an EMVCo Business and Technical Associate, a PCI SSC Participating Organization, a Mastercard accredited MEPSA company and member of the U.S. Payments Forum with offices in Bristol, UK and New York, USA.

Chip-and-PIN, or Chip-and-Choice? EMV Liability Shift For PIN Transactions

With US EMV adoption well under way in the US, merchants are in the next phase of decision making for their EMV environment, for those terminals and solutions that support it. Should I force chip and pin when the issuer supports it, or should I allow chip and choice? It’s a tough decision and the answer is not the same for everyone.

Point-of-Sale (POS) systems vary in both implementation and capability. For example, a salesperson for a popular POS solution I spoke to told me they don’t support chip and pin. He actually said, “Since debit card processing costs are the same either way now with regulated debit, pin doesn’t really matter any more anyway.” Not true.

Consider the implications for a specialty retail environment with higher average value transactions, such as building supply, automotive parts, and electronics.

RETAIL: HIGH VALUE
FORCED CHIP & PIN CHIP & CHOICE
PROS Maximize profit potential 3 ways: highest security supported to shift counterfeit fraud to issuer; Even with regulated debit, there’s some financial differential for sending transactions via debit network, though vastly decreased. Finally, not all debit is regulated, and costs do vary. Less friction at the point of sale, faster checkout.
CONS While consumers know their debit pins, studies estimate consumers’ knowledge of credit card PINs at 5-10%. What is financial impact if customer cannot recall pin, fallback to signature is not allowed, and customer has no other payment method? Potential losses based on US EMV liability shift rules which require the highest level of security to shift back to issuer; may vary by brand for counterfeit, lost and stolen cards.

As with everything EMV, there are many moving parts to certifications for chip card acceptance. In order to have a choice, the merchants ecosystem from terminal to payment gateway, if applicable, acquirer, etc must all support it, which may be a tall order.

IMPORTANT: This article highlights a few items and does not cover all brand, business type, transaction type, card type, nor reasons for determining liability. Refer to various card brand core manuals or your acquirer for more specific details about EMV and card acceptance rules.

RESOURCES & ARTICLES AROUND THE WEB

To avoid issues with broken outside links over time, please copy the URL’s below into your browser.

https://www.mastercard.us/en-us/about-mastercard/what-we-do/rules.html

Chip & PIN vs. Chip & Signature

Best article for thoroughness. October 2014 http://krebsonsecurity.com/2014/10/chip-pin-vs-chip-signature/

Chip-and-PIN, or Chip-and-Choice?

Worth a look. February 10, 2014, By David Lott, a retail payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed. http://takeonpayments.frbatlanta.org/2014/02/chip-and-pin-or-chip-and-choice.html

Chip & Choice Keeping Security Flexible

From Visa web site today, great illustration on impact of choices in different market segments. https://www.visa.com/chip/clients-partners/issuers/credit-card-chip-technology/chip-and-pin-choices.jsp

Chip-and-PIN vs. ‘chip-and-sig’

Good global overview and stats By Janna Herron · Bankrate.com, August 28, 2013
 http://www.bankrate.com/financing/credit-cards/chip-and-pin-vs-chip-and-sig/#ixzz4ALnE5Ps9
“What’s the difference? What separates the two is how each is authenticated at the register. Chip-and-PIN cards require a personal identification number to be entered to complete a purchase, much like how many debit card transactions are carried out now with magnetic stripe cards.” Read more: http://www.bankrate.com/financing/credit-cards/chip-and-pin-vs-chip-and-sig/#ixzz4ALnUjB9D

Visa Core Rules AND OTHER CARD BRAND RULES

merchant bulletins – downloads

 

 

Mastercard Chip Momentum: Reducing Fraud One Year In

Chip Cards in Market at 88 Percent as Chip-Active Terminals Reach 33 Percent

September 12, 2016 09:00 AM Eastern Daylight Time
PURCHASE, N.Y.–(BUSINESS WIRE)–At the one year anniversary of the shift to chip approaches in the U.S., Mastercard today unveiled data confirming the positive impact the technology is having on issuing banks, merchants and consumers. To date, chip adoption continues to grow:

“Payment cards are an essential part of commerce; EMV requires a change to the customer experience as the industry shifts from swipe to chip”

•    As of July 2016, 88 percent of Mastercard U.S. consumer credit cards have chips, representing a 105 percent increase in chip card adoption since the October 1, 2015 liability shift.
•    The company also sees 2 million chip-active merchant locations on its network, a 468 percent increase in chip terminal adoption since October 1, 2015. Two million merchants represent 33 percent of all U.S. merchants.
•    Of the 2 million chip-active merchant locations, 1.3 million are regional and local merchant locations, representing a 159 percent increase since October 1, 2015.
“Since 2012, Mastercard has championed chip technology. We need chip cards in wallets and chip terminals at checkout to continue to drive card fraud out of the U.S. This country is one of the most complex markets in the world so we know things won’t change overnight,” said Craig Vosburg, president of North America for Mastercard. “However, we’re encouraged by the significant progress over the last 11 months. With every additional chip transaction we move closer and closer to our collective goal – moving fraud out of the system.”
Chip Impact on Merchants
The biggest benefit of chip technology is minimizing the cost of fraud caused, in part, by the use of counterfeit cards. Now, the chips in terminals “talk” with the chips on cards creating unique codes for all purchases. The unique codes protect cards from being counterfeited.
Mastercard fraud data shows a 54 percent decrease in counterfeit fraud costs at U.S. retailers who have completed or are close to completing EMV adoption, when comparing April 2016 to April 2015. Demonstrating the power of EMV and the risk of not adopting it, counterfeit fraud costs increased by 77 percent year-over-year among large U.S. merchants who have not yet migrated or have just begun the migration to chip.
“Payment cards are an essential part of commerce; EMV requires a change to the customer experience as the industry shifts from swipe to chip,” said Brian Riley, director, Credit Advisory Service, Mercator Advisory Group. “There is no doubt chip cards will curtail fraud and it is exciting to see enhancements at the point of sale that will propagate usage, reduce friction and accelerate transaction time.”
Mastercard continues to work closely with merchant partners to ease the adoption of chip. Recent initiatives and programs have included: speeding the terminal certification processes from days to hours, while maintaining quality; adding more intelligence on its network to minimize chargeback costs to merchants; and introducing M/Chip Fast, a new application to help speed transactions and shoppers through checkout lines.
U.S. Consumers Prefer Chip
U.S. consumers have also been central to chip card adoption. While there was an initial learning curve on the chip experience, they now also are seeing the benefit of increased chip safety and security.
Chip card use continues to rise in the U.S. according to a recent Mastercard survey of over 1,000 U.S. consumers:
•    Nine-in-ten Americans commonly use chip cards, a 38 percentage point increase year-over-year, from 49 percent in 2015 to 87 percent in 2016.
“As more U.S. cardholders use their Mastercard chip cards, they are learning the benefits of increased safety and security. It’s no small undertaking to change the way people pay for things. The only reason to start this big a task is to make people’s lives better. Chips have the potential to do just that,” said Chiro Aikat, senior vice president of product delivery – EMV, Mastercard.
METHODOLOGY:
Braun Research conducted an online survey in the United States between June 27 and July 15, 2016 among a nationally representative sample of about 1,000 general population consumers, 18 years of age and older. The sample was weighted to be nationally representative of the US population as it relates to age, gender and region, as well as ethnicity/race. At the 95 percent confidence level, the margin of error is about +/- 3.1 percent.
About Mastercard
Mastercard (NYSE: MA), www.mastercard.com, is a technology company in the global payments industry. We operate the world’s fastest payments processing network, connecting consumers, financial institutions, merchants, governments and businesses in more than 210 countries and territories. Mastercard products and solutions make everyday commerce activities – such as shopping, traveling, running a business and managing finances – easier, more secure and more efficient for everyone. Follow us on Twitter @MastercardNews, join the discussion on the Beyond the Transaction Blog and subscribe for the latest news on the Engagement Bureau.