Steps to Reduce Credit Card Fraud For Distribution Industry

dealer fraud credit card processingCredit card fraud is still rampant in the US, even after US EMV liability shift convinced many merchants to purchase terminals to support chip cards. Marine, auto, and other high value parts dealers have long had a problem mitigating fraud risk with local and international parts.

  1. For card not present orders, require self-pay with cardholder authentication. Taking cards over the phone, and or requiring a credit card authorization form, will not protect against all forms of counterfeit card fraud. However, consumer authentication shifts liability back to the issuer; the issuer guarantees payment, and because it’s lower risk, dealers can qualify for lower interchange rates, the bulk of merchant fees. Online payment, ecommerce payment, and electronic bill presentment and payment are the 3 methods dealers can use to enable self-payment.
  2. For retail orders, EMV is mandatory. Not by regulation, but by necessity. If a chip card is presented, and merchant supports, they’re 100% protected from counterfeit card fraud, and sometimes lost or stolen cards; if not supported by the merchant, the merchant can be automatically charged back at the issuers discretion and there’s no dispute process for merchants.
  3. Check guarantee. Whether in person or via echeck, check guarantee services are only good if they don’t reject your checks later on. Surprisingly (or maybe not), some services seem to look for ways not to approve your claim, such as information is missing from checks. This can be avoided with technology that forces users to collect the right data, including for remote self-payers.

If all of the above are implemented, dealers are protected from virtually any type of credit card fraud. The following tips will help prevent other types of lost disputes, or serve as supporting documentation if not all the above are implemented.

  1. Get a signed sales order. This can reduce non-fraud claims related to disputes about what was expected. The sales order should clearly state what was sold, refund policy, and cancellation policy, or refer to another document that specifies the information, but is initialed acceptance on the sales order.
  2. Ship to cardholder billing address. If not possible, then get cardholder approval that states bill to and ship to address are different, and they’re approval.
  3. Require all communications to cardholder business email address if selling wholesale. Free email like gmail is not OK.
  4. Require cardholder respond from business email address approving transaction receipt. This is a strong document in the case of a dispute for “I didn’t approve it”, especially when a third party is picking up the part from the dealer.
  5. The marine, automotive and other distribution companies are hit particularly hard with non-qualified transaction penalties when shifting between retail, key entered, and online payments. It’s critical that transactions are presented properly not only to qualify for lower rates, but to protect against lost disputes that require specific evidence for each type of transaction.

Not related to security, but critical for interchange rate qualification, the bulk of credit card processing fees, all services (retail, MOTO, ecommerce) should support level III processing.

In summary, dealers need US EMV and cardholder authentication to maximize risk mitigation from credit card fraud. US EMV requires terminal certification, and gateway certification* to your merchant account provider. Cardholder authentication requires a payment gateway certified for the service.  There are very few companies that meet all these requirements so if your credit card processing salesperson gives you a blank stare when you ask, it’s time to explore other options.

*A payment gateway certified for level III retail to your acquirer is required; countertop terminals are incapable of sending level III data.

Accept Payments Online

Winter Storm Jonas is a reminder of the importance for business to business companies to accept payments online. What if you have a desktop terminal, but staff is working from home? How can accounts receivable be reached for call in or fax payments? Cash flow and efficiency will improve with 24/7 online payments.accept payments onlineTo accept payments online via a self-serve 24/7 online payment form, a payment gateway is required to secure the transaction. The most popular non-integrated methods:

  1. Hosted pay page – merchant provides customers an email or web site link to make payments on the payment gateway hosted web page. Click here for hosted pay page example.
  2. Embedded payment object– the buyer stays on the merchant web site, with the gateway html code embedded as an iframe.

Online Payments FAQ

What is the rate? There are two service types: Payment gateway or bundled gateway with merchant account. For flexibility to change merchant accounts, which most businesses will do every few years, keep your gateway separate to minimize business disruption. When the merchant account changes, there’s no programming needed. Just update the gateway settings with the new merchant account information. Never, ever choose a payment gateway by comparing the cost per transaction. Instead, measure the net transaction cost, including gateway fees, for card types accepted. (Click here for online payments example of authorize.net vs CenPOS for business to business.) B2B companies need a gateway solution that supports level III processing and will help qualify transactions for the lowest rate.

How long does it take to get started? Usually 2-5 days after the decision has been made, from gateway sign up to accepting payments. The actual implementation time is minimal.

How do I know when someone makes a payment? An email is automatically sent with details. TIP: Create an email alias to a distribution list. For example, epay@mydomain.com.

Can my invoices be automatically marked as paid in my accounting software? With an integration, yes. Depending on your software, and the gateway, there may be a module available for quick and easy implementation.

Where can I view transaction reports? By logging in to the virtual terminal via a secure web browser, or in some cases, via mobile app.

Can customers save their credit card information? With most gateways, yes.

Is it PCI Compliant? All the major US payment gateways are PCI Compliant. Accepting payments online can improve PCI Compliance for merchants, as risky practices like credit card authorization forms are abolished.

Can customers pay with an echeck (ACH)? It depends on the gateway.

 

Wholesale Distribution Industry Profits Impacted by Payment Processing Partners

Popular Industry Association Business Service Partners Fail To Keep Up With Changing Payment Needs

December 7, 2015–  Wholesale distributors may rely on association negotiated payment processing for reduced rates, but associations are admittedly not payment experts. In fact, other than comparing rates on paper, that lack of expertise and or lack of desire to make a change, could result in compressed profits as we head into 2016 and beyond. EMV chip card acceptance affects both retail and card present businesses.

“The EMV chip card terminal directly impacts interchange rate qualification, and none of the most popular terminals recommended today meet critical wholesale distributor requirements,” says Christine Speedy, B2B payments expert.

Why? Managing the entire payment process is crucial to impact the biggest component of fees – card interchange.  Interchange rates are non-negotiable, but they can be influenced. There are hundreds of fees that can be tacked on based on each transaction type. Due to complexities, distributors must have an intelligent solution to manage the payment process and ensure compliance with all the rules.

PURCHASING CARDS

To qualify for the lowest interchange rates, transactions must meet all the rules for the specific card and transaction method. For distributors, processing level III data for Corporate, Purchasing, and Business cards is critical. Their card use is growing and savings of 90 basis points or more for some cards is an attractive margin difference worth achieving.

mastercard rates level-lll

Sample interchange rates for the same credit card transaction; Failing to follow rules results in costly extra fees.

Countertop terminals like the popular First Data FD Series, Verifone VX series, or Ingenico iCT series, with downloaded programming, cannot support level III. The US EMV ecosystem requires a web-based payment gateway with EMV terminal and level III retail certification. For example, CenPOS has certified the Verifone MX915 to First Data, Chase Paymentech and Tsys, the latter which enables use with most processors. Merchants can use CenPOS via a web browser virtually instantly or an integrated application.

EMV COMPLIANCE DATES

While EMV is not a mandate, effective October 1, the party that does not support EMV (short for Europay, MasterCard, Visa) chip card acceptance is liable for counterfeit card, and sometimes lost or stolen card transactions. Because card issuers previously absorbed most of these losses without any notification to the merchant, businesses can expect losses if action is not taken. Additionally, non-EMV compliance fees have already been announced with at least one provider, NPC, implementing them starting January 1, 2016.

CARD NOT PRESENT

Many distributors primarily accept payments via other methods, including card not present (CNP) credit card. With CNP fraud already climbing for wholesalers, it’s only going to get worse. Implementing 3-D Secure (Vbyv / Verified by Visa and others) shifts some fraud liability from the merchant to the issuer. This service is available only via certain gateways and can only be used when the customer pays online via a shopping cart, einvoice, or paypage. Distributors may need to change their payment methods to maximize protection against fraud.

RECOMMENDATION

Wholesale distributors need to partner with a payments expert to mitigate risk as well as manage interchange rate qualification. Selecting vendors based on new criteria can increase profits virtually overnight.

Christine Speedy, CenPOS global sales and integrated solutions reseller, 954-942-0483. CenPOS is a merchant-centric, end-to-end payments engine that drives enterprise-class solutions for businesses, saving them time and money, while improving their customer engagement. CenPOS? secure, cloud-based solution optimizes acceptance for all payment types across multiple channels without disrupting the merchant?s banking relationships.

Magento B2B Payment Gateway Developer Selection – CenPOS vs Authorize.net vs

Which is the best payment gateway for Magento developers B2B clients?

The answer lies in Magento top user concerns, which are security & PCI Compliance, cost, customer experience and flexibility with other systems including ERP and accounting.

Security and PCI Compliance: PCI should be a non-issue as any payment gateway being suggested for a B2B company should be level 1 PCI Compliant. However, developers can help merchants reduce PCI Compliance burden by partnering with a B2B payment gateway specialist who can recommend payment gateway solutions compatible with all business needs, not just Magento. For example, does the business also send invoices from an ERP? Do salesmen or credit managers get credit card numbers via fax or phone? Magento developers are not experts in payments and cannot be expected to ask the right questions to help solve unrelated compliance problems.

Internal and external fraud protection are critical. At a minimum, the payment gateway must support 3-D Secure, including Verified by Visa and MasterCard SecureCode to shift liability for certain types of fraud from merchant to card issuer.

Payment Gateway Cost: The worst mistake is recommending or selection a payment gateway based on per transaction cost. The payment gateway plays a critical role in interchange rate qualification, which comprises over 95% of merchant fees. Gateway capabilities, and lack thereof, can literally double the cost of credit card acceptance for B2B. The most important base criteria is it must support Level 3 processing. There are many nuances to qualifying transactions correctly, that most credit card processor salesmen don’t understand, so there’s little expectation a developer would have the global financial expertise to recommend the best choice.

Treasury Management: Where are your customers? Where are your offices? What currency do you want to collect and bill in? Authorize.net has virtually nothing to help manage cross-border sales. CenPOS has a multitude of treasury solutions that can be customized.

For example, a company bills everything from the US, but also has operations in Canada and the European Union. Authorize.net will process every transaction in USD. The company pays cross-border fees on foreign issued cards, which now exceed 1% in some cases, and then pays again to repatriate revenue back to the EU or Canadian operations. CenPOS automatically identifies and processes the transaction in the local issuer currency, avoiding costly cross-border fees and more expensive US interchange rates, and deposits in the regional account. It does this seamlessly with no special developer programming.

Customer Experience: Will the gateway enhance or detract? In most cases, there’s very little difference in the checkout experience, but for B2B, there’s a bigger picture. What if the customer buys via multiple channels? Sharing tokens across multiple channels, including for emailed invoices may be important. A holistic look at all sales channels and payment methods is essential, but it’s not a good use of a developers time, thus deferring to payment expert will yield a better ROI for developer and better result for the business.

Flexibility: Payment acceptance types, global availability, omnichannel integrations, flexibility and scalability are all factors in choosing not only the best B2B payment gateway for Magento, but also for the entire organization. For example, if there’s also a retail component, US businesses also need an EMV solution that supports level 3 processing for retail. If the distributor is global, how many countries is the gateway available in?

Back Office Efficiency: If you’ve ever done research in Authorize.net reports, and then in CenPOS, you’ll appreciate the massive difference between download and search vs dynamic drill down within CenPOS online reports. CenPOS reports were designed with input from today’s businesses, not those of over a decade ago. Too many differences to mention here.

There’s a plethora of misinformation across multiple industries ranging from consultants to developers. Defaulting to Authorize.net or Payflow Pro because they’re two of the oldest payment gateways, is an injustice to the end user. Payment gateway selection plays a crucial role in business profits, security and efficiency. By partnering with a payments expert, clients are provided the best solution, and Magento developers can grow revenues with specialty implementation and add-on services the expert recommends.  

“I have some knowledge of Magento, including as a developer in it’s early years, but I’m not a Magento expert,” says Christine Speedy, owner of 3D Merchant Services and B2B payment gateway expert. “Likewise, there are great B2B Magento developers, that are not payment gateway experts. By partnering, we can offer businesses more appropriate solutions to maximize profits and security, while also mutually benefiting. “