MasterCard Bin 2 Series In Play: Declines and Fines

Previously, MasterCard announced a new card number BIN series, requiring everyone in the payment ecosystem to update in order to support the new card acceptance. Merchants need to update software and or terminals to comply by the June 30, 2017 mandate deadline. The consequences are both transaction declines and heavy fines.

Credit card processing:

  • Traditional countertop terminals may need a software download, contact your processor.

    Verifone vx520 emv terminal

    Verifone vx520

  •  Point of Sale solutions or the payment gateway that drives terminals need to be updated. This may occur seamlessly in the background with no impact to merchants and nothing to download.
    verifone MX915 EMV terminal

    Verifone MX915 EMV chip terminal

    Equipment & Payment Gateway NOT affected:

    • Authorize.net
    • BridgePay
    • Cayan
    • CenPOS
    • Clover
    • Ingenico w/ EMV Chip Card Technology
    • First Data w/ EMV Chip Card Technology
    • Future POS (Version 5.0.96.30)
    • Gravity Gateway
    • Lavu
    • Merchant Link
    • Micros
    • NMI
    • Payeezy
    • Paytrace
    • Shift 4
    • Shopkeep
    • Swipe Simple
    • USAePay/Gravity Link

    Credit Card Terminals Requiring a Software Update:

    • Apriva cellular terminal
    • FD 50 TI (Non EMV Chip Card)
    • FD 100 TI (Non EMV Chip Card)
    • FD 130 (Non EMV Chip Card)
    • FD 200 TI (Non EMV Chip Card)
    • Ingenico (Non EMV Chip Card)
    • Verifone VX520

    Credit Card Terminals Requiring Replacement: These terminals are end of life and cannot be updated.

    • All Hypercomm Terminals
    • Fd 50 (non TI)
    • FD 100 (non TI)
    • FD 200 (non TI)
    • FD 300 (non TI)
    • VX 510
    • VX 570

    Consequences for non-compliance with MasterCard Bin 2 Series

  • Mastercard Transactions for cards beginning with a 2 in the range of 222100-272099 will be declined.
  • If you do not update your software before the deadline, you will fall into a status of non-compliance. A non-compliant occurrence is defined as any attempted and failed transaction that is confirmed as failed due to a merchant’s lack of readiness to support 2-Series BIN transactions.
    • $2,500 per occurrence in the first 30 days.
    • Escalating up to $10,000 in the next 60 days.
    • Up to $20,000 per occurrence for the subsequent violations.

    These fines may be assessed per merchant location per failed transaction for not implementing support of the new cards.

    Fines will be pushed to acquirers. If acquirers are compliant, but the merchant is not, the fines will be passed down. If you’re sitting on old software and terminals, now is the time to change! It’s simple for MasterCard to identify non-compliance.  Contact us for immediate help- keep your merchant account, get new compliant credit card processing technology.

Disclaimer: This list and accompanying information may be out of date at any time. Check with your acquirer for the most current information.

 

CenPOS Launches PCI-Validated P2P Encryption

Florida-Based Payment Solutions Company, CenPOS, Strives to Make Customer Experience More Secure with Launch of PCI-Validated P2P Encryption.

Data breaches are on the rise and they are costing both consumers and merchants money.

The 2017 Identity Fraud Study, released by Javelin Strategy & Research, found that $16 billion was stolen from 15.4 million U.S. consumers in 2016.

When the consumer data that makes such fraudulent activity possible comes from the merchant’s database, then the merchant can also incur some major damages. In fact, the 2017 Cost of Data Breach Study: United States, found that the total average organizational cost of a data breach has reached a new high at $7.35 million.

CenPOS aims to reduce the vulnerability of sensitive consumer data — that could be used to drain debit card-linked bank accounts, make “clone” credit cards, or buy items on certain less-secure online sites — to hackers with the release of its Validated P2PE solution.

Officially released on July 7th of this year, CenPOS Validated P2PE encrypts cardholder data so businesses can simplify compliance with Payment Card Industry Data Security Standards (PCI DSS) and consumers can stop worrying about data being stolen between “the store” and the bank.

Surprisingly, Validated P2PE is not new technology. It’s the strongest level of data encryption in the market right now and is offered by other merchant payment services companies. However, CenPOS is the first and only company with the Qualified Integrator & Reseller (QIR) designation to offer a Validated P2PE solution.

The QIR designation is awarded by the Payment Card Industry Security Standards Council, a global open body formed to develop, enhance, disseminate and assist with the understanding of security standards for payment account security.

According to their standards, “the quality, reliability, and consistency of a QIR Company’s work” should provide confidence that the merchant’s payment application has been implemented in a manner that supports PCI DSS compliance.

Chris Justice, CEO of CenPOS, is quoted saying: “We believe that loyalty is built on trust and that trust is built by delivering great customer experience over and over again. So, when consumers can have greater peace of mind because they know that the merchant has the proper data security in place to reduce exposure to painful events, like data breaches, we believe customer experience is enhanced and that consumer will choose that merchant over others who are less diligent.”

CenPOS Validated P2PE launched on Friday, July 7, 2017. To learn more, visit https://cenpos.com/solutions/data-security
More facts and further information about CenPOS, can be discovered at https://www.cenpos.com/

About CenPOS
CenPOS is a merchant-centric, end-to-end payments engine that drives enterprise-class solutions for businesses, saving them time and money, while improving their customer engagement. CenPOS’ secure, cloud-based solution optimizes acceptance for all payment types across multiple channels without disrupting the merchant’s banking relationships. | CenPOS | @CenPOS

###

Christine Speedy, 3D Merchant Services, is an authorized CenPOS Reseller. There is no middleman; all solutions offered are direct CenPOS agreements with CenPOS direct billing.

Credit Card Expiration Updater & Recurring Billing

Are automated recurring billing transactions declining due to expired credit cards? This article identifies methods to automate credit card expiration updating for installment, fixed recurring, and variable recurring token billing transactions.

All credit cards on file are managed at the payment gateway level for PCI Compliance. The ‘token’ is the alpha numeric character set that replaces sensitive card data. Businesses have access to the token, but not the sensitive cardholder data, after it’s stored. With token management, users can update the credit card expiration date manually. No other fields can be modified. If the CVV – CID security code or card number changes, a new token is created for the new card.

Per rules of card acceptance, the actual expiration date must be used. There have been recurring billing software solutions on the market that simply change the expiration date for recurring transactions with expired cards, for example by changing the date by one year. This enabled transactions to go through with an authorization in some cases because the expiration date was not validated by the issuer. However, for chargeback rights, the expiration date must be provided by the Cardholder and must be correct.

Credit Card Expiration Date Updater Methods

  1. Self credit card updating. An email is generated by the recurring billing platform and or payment gateway alerting the cardholder of an upcoming expiration. The cardholder then self-updates their payment method via a web portal. While effective at reducing phone calls for updating, it still requires action by the busy cardholder, thus, many still go unattended until the point that a transaction fails. This impacts profits with attempted transaction fees, the time to manually reach out to customers, and cancellations; We all know that sometimes a customer pays for a service they do not use effectively, but don’t bother to cancel. Once they have to update their card… the revenue stream can be lost.
  2. Automated credit card updating via the card brands. Merchants must register for the service with their merchant services provider, and must have a payment gateway that supports the updater service. Visa and MasterCard charge a one time fee for registration. There’s also a fee per card updated, which varies by merchant services provider; typically, the provider will mark up for profit.

Credit Card Expiration Date Updater Costs

One-time Visa Account Updater (VAU) Setup fee $250, MasterCard Automatic Billing Updater Setup fee $350 per merchant account. The fee per update varies. For example, we charge $.09 as of this writing and clients have been quoted $.30 by other companies.

Recurring Billing Compliance Alert

Significant changes are coming to recurring billing. After the first authorization, all subsequent recurring billing transactions are to include a unique reference to the initial authorization. This must be managed seamlessly in the background at the payment gateway level. Adding a new field to the transaction process is significant and the challenges are likely on par with the launch of US EMV. Expect problems in the next 12-24 months as gateways struggle to comply with these requirements.

Refer to Visa Public Rules, and search for “recurring”, including section 5.9.9 Prepayments, Repeated Payments, and Deferred Payments, for more details.

CenPOS and Credit Card Expiration Date Updater

CenPOS, an enterprise payment gateway and merchant centric processing platform, supports the account updater services. As your CenPOS representative, I can activate the service on CenPOS for you, however, if your merchant services resides with a third party, you’ll still need to register through them. Before proceeding, contact Christine Speedy at 954-942-0483 for more information.

NRF Says Overturning Dodd-Frank Would Reinstitute Price Fixing by Card Companies

June 7, 2016 WASHINGTON – The National Retail Federation today released the following statement after Rep. Jeb Hensarling, chairman of the House Financial Services Committee, announced plans to repeal swipe-fee reform and the Dodd-Frank Wall Street Reform Act.

“Today Jeb Hensarling announced that he wants to repeal an important competitive change in Dodd-Frank reform and return to the bad old days when card companies and banks freely picked the public’s pocket,” NRF Senior Vice President and General Counsel Mallory Duncan said.

 

“Protecting bank profit margins at the expense of competition is not sound public policy and it will harm merchants and consumers. The financial services industry attempted to get Congress to reject transparency and competition in 2010 and again in 2011. Both efforts failed. On behalf of retailers and their customers, NRF will fight for free and open markets.”

Swipe fees on debit and credit cards are many retailers’ second-largest operating cost, behind labor. These fees threaten small retailers with failure and keep merchants from hiring and expanding, slowing the entire economy. Exorbitant swipe fees also mean consumers pay higher prices. American merchants and consumers still pay the highest swipe fees in the world on debit and credit cards, according to the Federal Reserve Bank of Kansas City.

Under the Dodd-Frank Consumer Protection and Wall Street Reform Act of 2010, the Federal Reserve was required to adopt regulations that would result in debit swipe fees that were “reasonable and proportional” to the actual cost of processing a transaction. Federal Reserve staff calculated the average cost at 4 cents per transaction and proposed a cap no higher than 12 cents. Nonetheless, after heavy lobbying from banks the Federal Reserve Board of Governors eventually settled on 21 cents plus 0.05 percent of the transaction for fraud recovery and allowed another 1 cent for fraud prevention in most cases. The cap, which applies only to financial institutions with $10 billion or more in assets, took effect in 2011 and totals about 24 cents on a typical debit card transaction.

NRF is the world’s largest retail trade association, representing discount and department stores, home goods and specialty stores, Main Street merchants, grocers, wholesalers, chain restaurants and Internet retailers from the United States and more than 45 countries. Retail is the nation’s largest private sector employer, supporting one in four U.S. jobs – 42 million working Americans. Contributing $2.6 trillion to annual GDP, retail is a daily barometer for the nation’s economy. NRF’s This is Retail campaign highlights the industry’s opportunities for life-long careers, how retailers strengthen communities, and the critical role that retail plays in driving innovation. nrf.com

###