Paay Alternative for EMV 3DS

Concerned about the Paay data breach and looking for an alternative EMV 3DS, specifically EMV 3-D Secure 2.2.0, solution for your card not present transactions? Ask Christine Speedy, a Qualified Integrator and Reseller certified by the Payment Card Industry Security Standards Council. Additionally, Christine has extensive experience in the card not present world offering merchants multiple solutions. The best card not present payment gateway is a critical decision and as an independent agent, I will guide you to both the best technology and credit card processing acquirer for your specific business needs.

QIRs are integrators and resellers specially trained by PCI Security Standards Council to address critical security controls while installing merchant payment systems. QIRs reduce merchant risk and mitigate the most common causes of payment data breaches by focusing on critical security controls. Level 4 merchants process 1 to 1 million transactions annually and are mandated to use only QIR certified people for POS systems or terminals, if not doing internally.

Why bring up QIR for card not present or bigger merchants? Wouldn’t you rather have one of the few QIR cloud security trained in payment processing on your team? Paay does not have anyone listed on the PCI Council web site, though like Christine Speedy, there may be certified salespeople under a different company name. That’s because the certification follows the individual, not the company. Additionally, there is no requirement to use QIR’s at this time for card not present so Paay doesn’t need to have anyone QIR trained. There’s no specific certification of any kind required for ecommerce developers and integrators. Kind of crazy given the risks, huh?

EMV 3DS is a global security protocol with three primary beneficial outcomes:

  1. Fraud liability shift to issuer for “it wasn’t me, I didn’t authorize.” Merchants do not need to respond to a chargeback, when 3DS is invoked on a transaction, it will automatically shift liability to the issuer.
  2. Merchants can potentially qualify for even lower interchange rates on some cards due to lower risk associated with cardholder authentication. For example, merchants can save .20% on average with MasterCard UCAF rate qualification vs Merit 1 on some credit cards.
  3. Increased approvals and profits. With cardholder authentication, merchants can expect increased approvals per the card networks advice. False declines are a significant problem for cart abandonment and resulting lost sales.

Think of it like having a chip card for card present transactions. EMV 3DS is a messaging protocol that promotes frictionless consumer authentication and enables consumers to authenticate themselves with their card issuer when making card-not-present (CNP) e-commerce purchases. The additional security layer helps prevent unauthorised CNP transactions and protect the merchant from exposure to CNP fraud.

Level 3 purchasing expert for B2B credit card processing needs. HIPAA, GDPR, PCI and PSD2 and all the other compliance and security you need for your business are available.

Christine Speedy, Founder 3D Merchant Services, is a credit card processing expert with specialized expertise in card not present and omnichannel technology. Christine is an authorized reseller for Elavon and CenPOS products and services, in addition to other solutions. Call Christine for payment gateway, cloud technology, merchant services and check processing needs.

Elavon wins best CNP credit card processor awards

Elavon Receives industry recognition for the Third consecutive year

Elavon, a global payments provider and subsidiary of U.S. Bank, won both the Judges Choice and People’s Choice awards for best processor 2020 Card Not Present (CNP) Awards, sweeping the Best Processor category for the third year in a row.

Best Processor: Judges Choice

The company provides end-to-end payment processing solutions and services to more than 1.3 million customers in the U.S., Europe, Canada, Mexico and Puerto Rico. It transmits data safely three billion times each year and enables $300 billion worth of commerce. Its solutions are designed to solve pain points for small to enterprise-sized businesses.

“Elavon has been a leader in payment processing, leveraging the world’s best technologies for our partners from large worldwide enterprises, to locally owned small businesses,” the company said. “We extend powerful payment solutions for all payment types and processing environments, ensuring that your business is well-connected. Elavon is consistently rated among the top global payment providers, with more than one million customers trusting us to process their payments.”

Last year Elavon also won Best Processor in both categories.

Christine Speedy, Founder 3D Merchant Services, is a credit card processing expert with specialized expertise in card not present and is an authorized reseller for the suite of Elavon products and services. Christine is also a Qualified Integrator and Reseller certified by the Payment Card Industry Security Standards Council, a requirement for all level 4 merchants, defined as less than 20,000 Visa or MasterCard e-commerce transactions annually, and all other merchants processing up to 1 million Visa or MasterCard transactions annually. Services include standalone and integrated technology, optional merchant services and other solutions. 954-942-0483.

Remote checkout with credit card

Businesses are shifting to remote credit checkout to avoid close contact with customers. Remote checkout systems range from cheap to pricey, but when comparing safe and secure solutions, it’s important to know what questions to ask to maximize profits and mitigate risk. In particular, telephone credit card transactions, text, and work from home practices directly impact profits and risk.

A popular practice is to eliminate customer entry into facilities. Communication methods include expansion of telemedicine and secure portals. Two areas are lacking: text and credit card payment. Even the most advanced facilities fall short in one way or another.

Credit card number via phone problems for typical retail merchant account:

  1. Merchants are prohibited from writing sensitive cardholder data on paper (Visa sec. 5).
  2. Key entering into computer:
    1. Results in 100% invalid – yet issuer approved- authorizations*, typically increasing costs 30-100% per transaction.
    1. Increases data breach risk with home and office hardware and network in scope for Payment Card Industry Data Security Standards (PCI).
    1. Employees access to cardholder data an added risk
  3. Key entering into desktop terminal:
    1. Same authorization problem as above (See merchant statement for non-qual, STD, EIRF, Level I etc)
    1. All transactions at risk of consumer or issuer chargeback since EMV chip/swip data expected but not received.
  4. Ties up phone lines for already overwhelmed staff;  another data breach risk
  5. Note: Digital forms that can be decrypted are unacceptable
  6. If storing/tokenizing cardholder data, most solutions are PCI compliant, not but not compliant for network (Vcardholder agreement and future transaction authorizations

Card not present alternatives:

SMS/text with secure pay

  1. 80-95% of Americans have a smart phone; all age groups, including seniors, are texting
  2. Puts customers in control of entering, storing, managing cardholder data

Email with secure pay- also eliminates employee access to cardholder data. A growing threat is business email compromise with phishing schemes increasing during Covid-19 crisis.

Hosted pay page- I do not recommend as this is not efficient during quick check in and check out needs.

What merchants should look for in vendor solutions:

  1. 3-D Secure cardholder authentication for customer initiated payments; qualify for reduced card not present rates plus fraud disputes for “I didn’t authorize” disappear. The benefit is much like EMV chip for retail, and merchants can save even more on interchange fees for some cards due to lower risk.
  2. 3rd party app or web based solution that segregates all devices, hardware and networks from scope for PCI, including key entered transactions; The latter can be managed via special terminal, app, or encrypted virtual keypad, perfect for workers at home and on the go.
  3. 3rd party app or web based text solution that eliminates client data from employee devices and hardware, and is compliant with various text/telecom rules (FCC, TCPA etc). If employees are texting on their devices, it’s incredibly difficult or impossible to get that data later if needed in a legal dispute.
  4. Checkout option to enter authorized 3rd party for animal pick up, time of day, and even details about car or truck if desired.
  5. Automated authorization optimization for card present, phone order, card on file and customer initiated transactions. This is either managed by technology (preferred) or multiple merchant accounts. Ok, many probably don’t know what this means, but it’s the difference between employees having to optionally take certain steps and technology automatically managing it.
  6. One-way texting with payment collection has minimal additional compliance burden for various rules.
  7. Two-way texting is much more robust, with even more upside for efficiency (think photo/video, updates throughout the stay, promotional link with notification animal entered surgery, survey at end, and continued opt-in to future marketing). The value of opted-in marketing, when used wisely, cannot be understated.

Merchants will benefit from increased approvals, more profits, happier customers, less phone time, and more secure operations. All of this adds up to both internal and external customer experience improvements during a stressful time dealing with Covid-19 repercussions and beloved animals needing urgent care.

Christine Speedy’s Analysis:

Merchant’s lack the right technology tools, which have been used by other industries for years, to meet new card not present requirements while maximizing profits and mitigating risk. Rapid adoption will reap virtually immediate rewards.

* Issuers will approve most requests if funds are available, but merchants must comply with various card acceptance rules based on how an authorization is requested or pay penalties. For example, a retail merchant account requires EMV chip or swipe data. When the don’t get it, penalties apply. Solutions to dynamically qualify per different rules require a technology update, typically via 3rd party solution.

Research Links:

Card network rules: http://3dmerchant.com/blog/merchant-bulletins-downloads

PCI Compliance: pcisecuritystandards.org

Christine Speedy, Founder 3D Merchant Services, is a credit card processing expert with specialized expertise in card not present and omnichannel. Christine is Qualified Integrator and Reseller certified by the Payment Card Industry Security Standards Council, a requirement for all level 4 merchants, defined as less than 20,000 Visa or MasterCard e-commerce transactions annually, and all other merchants processing up to 1 million Visa or MasterCard transactions annually. Services include standalone and integrated technology, optional merchant services and other solutions. 954-942-0483.

For more 3D Merchant Services news and information, visit 3Dmerchant.com or  https://www.linkedin.com/in/cspeedy

Contacts:

Christine Speedy

954-942-0483

Card Networks Postpone New Merchant Fees Until July 2020

Visa, Mastercard, American Express, and Discover, postponed new interchange rates and fees originally scheduled to take effect in April, 2020 until at least July 17, 2020 due to Covid-19 Coronavirus. The announcements provide some relief to battered and closed businesses. Every Spring most networks tweak their fees.

American Express will delay the changes to their assessment fee and their Inbound Fee (International) until October 2020. TSYS will delay the PULSE annual fee increase ($4.00 increase to current $12.00 fee) until July 2020. The NYCE annual fee will be billed at the new rate of $16.00 in August to all applicable merchants.

Other card network fees were relatively minor. It’s noteworthy that many continue to be penalties related to authorization compliance, for example, fees for not performing authorization reversals.

Phone vs text express checkout: Covid-19 customer pick up solutions

Businesses are changing the way they interact with customers to reduce both employee and customer exposure due to the Covid-19 coronavirus crisis. Accepting payment over the phone and delivering to cars is growing. However, there are risks and costs associated with this that can be avoided. A combination of text, chat, and artificial intelligence can dramatically improve customer engagement and satisfaction while driving down costs and increasing revenue. We put this all together with express pay checkout for a ready-to-go solution to transform operational efficiency and drive profitability virtually overnight.

FAST HELP NOW: Stop taking cards over the phone and start getting paid remotely with a one-way text or email. You’ll use the platform to send a simple request for payment or you can optionally upload an invoice. I just fixed your Covid-19 pay over the phone problem to instantly save you time and money, while improving security.

MANPOWER PROBLEMS: Working with fewer employees, whether to save money due to declining sales resulting from Covid-19 economics, or to adjust for family needs and illness, can lead to customer service issues. Longer hold times leads to even more phone calls, messages and emails as customers desperately search for answers. Takeaway: Studies show a 48% decrease in customer care costs with our recommended automation solutions. It takes just a few seconds to change customer status to ‘ready for pick up’, generating an automated text that will collect payment. That’s way faster than getting card data over the phone.

CREDIT CARD PROCESSING FEES: If your business traditionally accepts cards in person, then the merchant account is set up for RETAIL. When the acquirer does not receive EMV or swipe card data, the transaction is downgraded to the worst rate possible. Timing couldn’t be worse with new higher rates imminent. Small Business credit transactions failing to qualify for Custom Payment Service (CPS) will be assessed the Non-Qualified interchange rate of 3.15% + $0.20 effective April 18, 2020. That’s cost plus there are other fees on top of that. Regulated debit will still be .05% regardless of payment acceptance method. The Fix: Our recommended solution improves credit card rate qualification; merchants can qualify for lower rate using our express checkout vs over the phone, and fraud liability for ” it wasn’t me, I didn’t authorize” shifts to the issuer.

CUSTOMER SATISFACTION: As time goes on, people holed up at home are bound to get more anxious and testy. Nobody likes giving their card number over the phone so now you’ve got an unhappy customer regardless of what you do. They’re on their phones texting all day, and calling to sit on hold with you is annoying. Employees often resort to using their own phone devices with no oversight, creating potential liability problems. The Fix: Converse with them the way they want and customer satisfaction is proven to soar. Use a cloud platform from any device so all data is secure and compliance is managed automatically. Our recommended solution ensures texting compliance and creates on-demand searchable records. Additionally, the one click yes or no end of service satisfaction survey enables management to instantly identify problems and address them accordingly.

HOW IT WORKS FOR MANAGEMENT OVERVIEW: Add users, assign users to roles, modify existing automated message templates (or make new ones), set up hours of business, set up alerts; users can login via computer, tablet or phone app. Add a promotion and one question survey if desired. Let the automation begin!

SECURITY AND COMPLIANCE: The last thing I’d want any business to do is have employees taking card data over the phone and then key enter it into something else. There are too many things that could go wrong. One mistake and a data breach or disgruntled employee could put you out of business. The Fix: Our recommended solutions remove employee access from cardholder data and customer self-checkout is proven to be far more secure. Compliance with the latest credit card processing rules is automated. This is not the case with all remote payment solutions, many of which have not kept up with the onslaught of new card processing rules (not the same as PCI compliance), especially for storing and using stored cards. I don’t care how big they are or how recognizable their name is, many solutions are not compliant today.

DRIVE THROUGH PICK UP: A parent pays for their kids car repair. A friend wants to pick up a pet for their elderly neighbor. No problem. During checkout, your customer can designate things like a pick up time, name of pick-up person, and even add details about the car that will be picking up.

BEST USE CASES: Veterinarians, car service, truck service, anything where something is dropped off and then needs to be picked up later. Animal hospitals can deliver instructions, photos, results etc and reduce or even eliminate phone time. Restaurants may have specialized software that meets needs so I would look there first. We focus on businesses with sales are over $1M annually.

FAQ: Can I use my same merchant account? Yes. Do you offer low cost merchant accounts? Yes, submit your statements for a comparison. How do you reduce my fees if I keep the same merchant account? Proprietary patented technology dynamically optimizes every transaction to mitigate risk and qualify for the lowest fees. What payment types are supported? Paypal, Visa, MasterCard, Discover, American Express, ACH/echeck and more. Is it HIPAA compliant? Yes. What if my customer insists on paying in person? No problem. Just mark as paid when they come in. How long does it take to get set up? Usually one business day turnaround once we receive your paperwork, though it can vary. How easy is it to use? We like both our users and customers to have an ‘Apple-like’ experience; just login an go; self-serve and assisted remote training is available. How much does it cost? We have two price plans depending on your business type. Most customers are more profitable using our system so any fees are entirely offset by credit card fee savings, labor savings, and increased revenues. How long is the contract? Month to month; if you don’t like it, just cancel. We’ve never had a customer say they didn’t like it and cancel.

GET STARTED: Christine Speedy, 954-942-0483. For a fast, free checkup on your merchant account or to implement our express checkout system, contact us today.