P2PE for Dynamics AX & D365

Microsoft Dynamics AX and D365 validated P2PE solution elements vary by vendor plugin and their certifications which can be researched on the PCI security standards council website here https://www.pcisecuritystandards.org/assessors_and_solutions/point_to_point_encryption_applications?reference=2017-00113.005. Merchants can choose either P2PE terminals or validated P2PE solutions with their terminals. The latter requires extra steps to implement and maintain.

A PCI P2PE solution can significantly reduce the PCI Data Security Standard (PCI DSS) validation effort of a merchant’s cardholder data environment as well as the cost of a third party assessor reviewing a merchant’s card data environment. Another benefit is simply the reduced risk of a data breach, and the potential millions in costs and lost reputation. An qualified assessor informed me at a conference, there has never been a data breach in an environment with properly implemented validated P2PE solution; The same cannot be said for merchants using P2PE terminals.

P2PE Applications are intended to be loaded onto PCI-approved point of interaction (POI) devices used as part of a P2PE Solution. Use of a P2PE Application on a PTS-approved POI device (outside of a listed P2PE Solution) does not constitute use of a P2PE Solution. I am frequently asked by consultants about other payment gateway compatibility with Cardconnect and the related CardConnect Bolt application dependency. Other payment gateways and or P2PE solutions, including CenPOS, are distinct solutions. Each has its own P2PE certification as documented on the PCI council website. Two different solutions cannot be used together; merchants must decide which is the better overall solution for their environment. Sidenote: CenPOS does not have any application dependencies for their P2PE certification.

Can you mix P2PE solutions, for example, for call centers vs retail? Excellent question. Certainly transactions would need to be run on different merchant accounts and each would be defined as to scope i.e. not entire business, but only part of an operation. This arrangement is not ideal, but maybe is a useful gap solution during a software or hardware migration.

Which P2PE application is best for your Microsoft Dynamics AX or D365 environment? This question is best answered by speaking with a payments consultant who is familiar with credit card processing rules, data security rules, and integration nuances. Differences in the integration methods and native features for the respective products often determine why to choose one vs another.

Christine Speedy, Founder 3D Merchant Services, is a credit card processing expert with specialized expertise in card not present and omnichannel technology. Christine is an authorized reseller for Elavon and CenPOS products and services, in addition to other solutions and is QIR certified by the PCI Council. Call Christine for all your Microsoft Dynamics payment gateway and payment processing needs.

Credit Card Processing from AX to D365 F&O

Upgrading from Dynamics AX to D365 Finance & Operations?

Consultants help with planning and migration, however, when it comes to choosing a payment connector to capture revenues, engaging a payment processing professional can save boatloads of time and money. Why?

  1. The payment connector, including payment gateway, influences credit card processing fees. Compliance with authorization and settlement rules is complicated and connectors manage processes differently because of where they are in technology development. It’s the single largest influencer of fees and penalties you’ll pay. Look at this MasterCard Integrity Fee on a Chase Paymentech merchant statement:
mastercard PROCESSING INTEGRITY FINAL ATH

$536,042.54 multiplied by a .25% penalty fee for a total of $1,340.10 in avoidable costs. This is due to not properly authorizing and settling transactions, including reversals for unused authorizations. There are many ways to get authorization penalty fees and I’ve written multiple articles about them, including this on the Visa Stored Credential Mandate.

2. The payment connector makes a huge difference in internal automation for related processes, such as updating journals, as well as external customer automation including self-service access to invoices, payment history, managing payment methods and more.

3. The ISV payment connector package may include other items in your development road map. An independent payment processing professional will assess needs and provide insights on multiple connectors to help guide your business to the best choice. Which support the stored credential mandate for unscheduled credential on file? How will it help meet current and future Covid-19 side effect needs? How will it protect the business from a data breach as a result of workers at home?

In my experience, consultants don’t consider the payment connector until the project is defined and well under way, a contributing factor why more than 50% of ERP implementations fail to meet time, budget, or benefit objectives. Specification decisions are based on ‘securing payments’, without knowing how the connector might already have built-in solutions for other areas including customer service, sales, accounting, call center and more. If brought in sooner, the payments professional can eliminate some customization, reduce implementation time and costs, while improving immediate benefits.

To summarize, a flip phone and a smart phone are both capable of making phone calls, but the experience is completely different. Which would you prefer?

Christine Speedy, 3D Merchant blogger and CenPOS Global Sales, 954-942-0483 is an Independent Payments Professional and is independently Qualified Integrator Reseller (QIR) certified by the PCI Council.

Card Networks Postpone New Merchant Fees Until July 2020

Visa, Mastercard, American Express, and Discover, postponed new interchange rates and fees originally scheduled to take effect in April, 2020 until at least July 17, 2020 due to Covid-19 Coronavirus. The announcements provide some relief to battered and closed businesses. Every Spring most networks tweak their fees.

American Express will delay the changes to their assessment fee and their Inbound Fee (International) until October 2020. TSYS will delay the PULSE annual fee increase ($4.00 increase to current $12.00 fee) until July 2020. The NYCE annual fee will be billed at the new rate of $16.00 in August to all applicable merchants.

Other card network fees were relatively minor. It’s noteworthy that many continue to be penalties related to authorization compliance, for example, fees for not performing authorization reversals.

Xtime, CenPOS Bring Better Streamlined Service Check-Out to Auto Dealerships

Consumers save time by making online and in-lane payments directly through Xtime

REDWOOD CITY, Calif., Oct. 17, 2019  — Dealers using Xtime can now leverage the payment processing capabilities of CenPOS, which is now part of Elavon, to customers creating an enhanced vehicle ownership experience through quicker online and in-lane payment options.

The CenPOS payment solution integrates into Xtime’s Spectrum Platform, which makes it easier to capture and report customer payments efficiently either in the service lane from a tablet device or any service department workstation. All U.S. and Canada-based franchise dealership customers can immediately use the CenPOS payment functionality, creating more convenient, reliable payment options without requiring a significant investment or process change.

“Giving our service advisors the ability to own the experience from start to finish on one platform is pivotal in the way we intend to do business in the future,” said Chance Wiseman, fixed operations trainer at Del Grande Dealer Group in San Jose, Calif. “This one key change in technology will drastically streamline the active redelivery process. Another opportunity Xtime is providing us to exceed our customers’ expectations.”

CenPOS provides dealership customers with more control over their experience. With the choice to make payments remotely thorough their computer and smartphone, or onsite at the dealership with the new and improved Xtime Engage Tablet Reception application, customers can pay as they choose.

“Dealers should look at the service experience they are offering their customers in order to drive greater customer loyalty and retention,” said Tracy Fred, vice president and general manager of Xtime. “The powerful combination of CenPOS and Xtime’s single platform gives both service management and advisors a more streamlined and easy-to-use solution that meets consumers’ demands and saves them time and energy throughout the entire service experience, from write-up to payment.”

An efficient check-out process is also critical to keeping consumers happy and coming back. Consumers who are most satisfied spend 2.5 hours or less at the dealership for service.1 As a result of this new integration, dealers interested in using Xtime’s Engage payment solution will soon have their choice of multiple merchant processing providers.

“With extensive expertise in providing payments for the auto industry, together with Xtime, we can offer rich, secure solutions that are specific to the needs of this industry,” said Joey Orozco, director of business development, CenPOS. “By streamlining service check-out, dealerships can increase customer satisfaction and save their customers valuable time.”

For more information, click here.

1 2019 Cox Automotive Service Industry Study

About CenPOS:
CenPOS is a merchant-centric, end-to-end payments engine that drives enterprise-class solutions for businesses, saving them time and money, while improving their customer engagement. CenPOS’ secure, cloud-based solution optimizes acceptance for all payment types across multiple channels without disrupting the merchant’s banking relationships.

About Xtime
Xtime increases customer retention for automotive dealer service departments by using technology to transform the ownership experience. Improving customer satisfaction and retention drives dealer revenue and profitability. Xtime is committed to delivering the experience consumers demand – an experience which emphasizes value, convenience and trust.

Xtime books 52 million service appointments and processes 120 million repair orders annually. Twenty-nine global OEMs have chosen Xtime to drive that same type of success for their businesses, converting more than $13 billion in service revenue annually for more than 7,500 dealerships.

About Cox Automotive
Cox Automotive Inc. makes buying, selling, owning and using cars easier for everyone. The global company’s 34,000-plus team members and family of brands, including Autotrader®, Clutch Technologies, Dealer.com®, Dealertrack®, Kelley Blue Book®, Manheim®, NextGear Capital®, VinSolutions®, vAuto® and Xtime®, are passionate about helping millions of car shoppers, 40,000 auto dealer clients across five continents and many others throughout the automotive industry thrive for generations to come. Cox Automotive is a subsidiary of Cox Enterprises Inc., a privately-owned, Atlanta-based company with revenues exceeding $20 billion.www.coxautoinc.com

EMVCo launches EMV® 3-D Secure 2.2.0 Testing Programme

EMVCo has announced the publication of the EMV 3-D Secure Protocol and Core Functions Specification v2.2.0.

14 December 2018 – EMVCo today announces the publication of the EMV® 3-D Secure Protocol and Core Functions Specification v2.2.0. The updated specification includes enhancements to promote an optimised consumer experience while supporting new authentication channels when making e-commerce transactions.

EMV 3DS is a messaging protocol that promotes frictionless consumer authentication and enables consumers to authenticate themselves with their card issuer when making card-not-present (CNP) ecommerce purchases. The additional security layer helps prevent unauthorised CNP transactions and protect the merchant from exposure to CNP fraud.

Version 2.2.0 builds upon the current specification version 2.1.0 which is available on the EMV 3DS Test Platform, enabling 3DS product providers to confirm that their solutions will perform in accordance with the specification. Support of v2.1.0 is required in order to implement v2.2.0. Key updates within version 2.2.0 include:

  • Improved communication between merchants and issuers, enabling Europe’s Second Payment Services Directive (PSD2) exemptions for Strong Consumer Authentication to be applied.
  • Two new features to enable authentication for various payment scenarios including mail order and telephone order transactions: 3DS Requestor Initiated (3RI) payments and decoupled authentication – allowing cardholder authentication to occur even if the cardholder is offline.
  • Expansion of existing data elements to promote communication of pre-checkout authentication events and associated data as part of the EMV 3DS transaction from systems such as those supporting the FIDO Alliance standards.

These enhancements are available if all 3DS components involved in the transaction have updated their software to support v2.2.0.

“EMV 3DS exists to promote secure, consistent consumer authentication for e-commerce transactions across all channels and connected devices, while optimising the cardholder’s experience,” comments Stephanie Ericksen, Chair of the EMVCo Executive Committee. “Our work in this area continues to evolve to ensure we respond to new marketplace requirements. EMVCo continues to encourage the payments community to get involved and provide feedback on the EMV 3DS activity.”

Earlier this year EMVCo announced the availability of the full EMV 3DS Test Platform, which enables the functional testing of EMV 3DS solutions. Letters of Approval are currently being issued for those 3DS products that have successfully tested against version 2.1.0. A list of approved products can be found on the EMVCo website. Products submitted for EMV 3DS v2.2.0 compliance testing will also be tested against EMV 3DS v2.1.0 to receive an EMV 3DS v2.2.0 Letter of Approval. Testing support for version 2.2.0 is expected to be available mid-2019. Progress updates will be posted on the EMVCo website.
To stay informed of the latest EMVCo developments and receive advanced access to EMV Specifications and related documents, join the EMVCo Associates Programme or become a Subscriber.