EMVCo launches EMV® 3-D Secure 2.2.0 Testing Programme

Posted on by
Reply

EMVCo has announced the publication of the EMV 3-D Secure Protocol and Core Functions Specification v2.2.0.

14 December 2018 – EMVCo today announces the publication of the EMV® 3-D Secure Protocol and Core Functions Specification v2.2.0. The updated specification includes enhancements to promote an optimised consumer experience while supporting new authentication channels when making e-commerce transactions.

EMV 3DS is a messaging protocol that promotes frictionless consumer authentication and enables consumers to authenticate themselves with their card issuer when making card-not-present (CNP) ecommerce purchases. The additional security layer helps prevent unauthorised CNP transactions and protect the merchant from exposure to CNP fraud.

Version 2.2.0 builds upon the current specification version 2.1.0 which is available on the EMV 3DS Test Platform, enabling 3DS product providers to confirm that their solutions will perform in accordance with the specification. Support of v2.1.0 is required in order to implement v2.2.0. Key updates within version 2.2.0 include:

  • Improved communication between merchants and issuers, enabling Europe’s Second Payment Services Directive (PSD2) exemptions for Strong Consumer Authentication to be applied.
  • Two new features to enable authentication for various payment scenarios including mail order and telephone order transactions: 3DS Requestor Initiated (3RI) payments and decoupled authentication – allowing cardholder authentication to occur even if the cardholder is offline.
  • Expansion of existing data elements to promote communication of pre-checkout authentication events and associated data as part of the EMV 3DS transaction from systems such as those supporting the FIDO Alliance standards.

These enhancements are available if all 3DS components involved in the transaction have updated their software to support v2.2.0.

“EMV 3DS exists to promote secure, consistent consumer authentication for e-commerce transactions across all channels and connected devices, while optimising the cardholder’s experience,” comments Stephanie Ericksen, Chair of the EMVCo Executive Committee. “Our work in this area continues to evolve to ensure we respond to new marketplace requirements. EMVCo continues to encourage the payments community to get involved and provide feedback on the EMV 3DS activity.”

Earlier this year EMVCo announced the availability of the full EMV 3DS Test Platform, which enables the functional testing of EMV 3DS solutions. Letters of Approval are currently being issued for those 3DS products that have successfully tested against version 2.1.0. A list of approved products can be found on the EMVCo website. Products submitted for EMV 3DS v2.2.0 compliance testing will also be tested against EMV 3DS v2.1.0 to receive an EMV 3DS v2.2.0 Letter of Approval. Testing support for version 2.2.0 is expected to be available mid-2019. Progress updates will be posted on the EMVCo website.
To stay informed of the latest EMVCo developments and receive advanced access to EMV Specifications and related documents, join the EMVCo Associates Programme or become a Subscriber.

American Express SafeKey for hotels

Posted on by
Reply

Direct from American Express hospitality industry webinar, hotels number one protection from card not present fraud is American Express SafeKey®. SafeKey leverages the global industry standard, 3-D Secure®*, to detect and reduce online fraud by adding an extra layer of security when Card Members pay online.

How to mitigate 3rd party authorization chargeback risk? Merchant best practices:

  • Ensure the cardholder participated in the initial transactions. Safekey is the best method to prove that, making signatures irrelevant.
  • Get written authorization of what expenses the cardholder will allow.
  • Put cardholder name on the folio.
  • Show where cardholder opted in to all policies, including damages, cancellation etc.
  • Authorization must be CARD NOT PRESENT.
  • Use solution that includes cardholder name in the authorization response; retrievable record.

American Express SafeKey

How does Amex SafeKey impact the customer shopping experience? The cardholder may have some or no difference in the checkout experience, based on many factors, including prior online shopping history. The cardholder may be asked authentication question(s) to confirm it’s really the cardholder.

How does Amex SafeKey impact merchants?

  • Fraud liability for “It wasn’t me, I didn’t authorize it” goes away as liability shifts back to the issuer.
  • For business to business, where cardholder billing and shipping address frequently vary, cardholder authentication plays an important role not available with four digit CID security code validation only.
  • At this writing, American Express merchants do not receive a specific interchange discount as may be available with other card brands.

How can merchants adopt the Amex SafeKey service?

  1. Enroll your company on the American Express web site. https://network.americanexpress.com/globalnetwork/safekey/us/en/merchants-acquirers
  2. Receive e-mail from SafeKey Certification Team with your SafeKey ID and next steps.
  3. SafeKey Certification Team gets approval from Acquirer.
  4. Acquirer and SafeKey Certification Team complete required setup.
  5. Activate 3-D Secure on the application. (Ecommerce shopping cart, payment gateway, or ERP.) Both payment gateway and application must support the service.

* 3-D Secure is a registered trademark of Visa International Service Association in the United States and other countries.

Want to add American Express SafeKey to your business and get a great third party authorization form solution all included? Contact CenPOS global sales and integrations reseller, Christine Speedy, 954-942-0483 for more information.

10 Most Promising Payment and Card Solution Providers 2019

Posted on by
Reply

Who made the top 10 list of of most payment and card solutions providers? The first ten companies to fork out $3000, which 3D Merchant Services declined to pay. The criteria for getting on the top ten list of anything and then to top google search results is usually all about the money, not the product. Here’s an actual offer for how to get on the top ten list, just pay the bucks and you’re in!

Greetings from MyTechMag, a technology magazine which has already proved its strong hold in various industries and technology vertical. Now MyTechMag is all set to explore the Payment industry focusing on the Payment and Card Solution Providers. With great pleasure I would like to communicate that our Editorial team has selected as one among the “10 Most Promising Payment and Card Solution Providers 2019”.

Payments are now evolving at a rapid pace with new providers, new platforms, and new payment tools launching on a near daily basis.The payments industry would be in a transformational state in 2020. The ongoing war with alternative payment channels will intensify and challenges in emerging markets would force the incumbents to take drastic measures.

I was exploring the possibility of participating in this special edition. We offer a one-page profile to all the Top 10 companies. We would be keen to feature a one-page exclusive profile about  in our upcoming Payment and Card edition. The company profile will provide an in-depth perspective of the company’s product offerings, strengths, and unique proposition. The Payment and Card special edition will be sent to 166,000 technology leaders across the industry verticals.

The Branding package is at a cost of $3,000
* would have unlimited digital and prints right for the one-page profile with Senior Executives photo.
* One Full Page color advertisement space in the magazine.
* will also receive the logo of the “10 Most Promising Payment and Card Solution Providers 2019”.
* We would be happy to host all the news from your company on our website.

This is undoubtedly going to optimize your company visibility as it will reach 166,000 senior leaders, and key decision makers across the industry. Kindly go through the same and let me know your thoughts on how you would like to take this opportunity ahead.

I look forward to hearing from you.

When you need to find the best payment processing solution or credit card processing solution, call a professional and have a conversation. How knowledgeable is that person? For web sites, does it have material relevant for your business?

Did you find this web site useful? Call Christine Speedy, PCI Council QIR certified, for all your payment processing solutions needs. Have a knowledgeable professional helping you maximize profits. 954-942-0483, 9-5 ET.

D365 Finance & Operations Questions To Ask Before Choosing Credit Card Processing Solution

Posted on by
Reply

Upgrading to D365 from Microsoft AX? Engaging a payment processing professional can save boatloads of development time while opening up new ways to engage with customers. Additionally, payment gateway selection directly impacts EBITDA project objectives. What three key questions must be asked when choosing a credit card processing solution for your business to business operation?

I’ll save merchants and consultants reading this a lot of time. Ask the 3 questions and then pretty much disregard the answers. You’re unlikely to find anyone who will be able to answer all three questions adequately so on that basis alone, it’s best to contact a subject matter expert like Christine Speedy, here at 3Dmerchant.com.

  1. Does the payment gateway support Unschedule Credential On File? Virtually every business to business operation stores at least a few credit cards for the occasional customer on file need, which is a good thing because if you’re one of those that require customers to call in each time, that’s negative friction impacting cash flow, profits, and satisfaction. What most businesses don’t know is that the rules and technical specifications for storing cards and processing transactions with stored cards changed tremendously in October 2017. Virtually no payment gateway has upgraded to get compliant, leaving businesses exposed to multiple financial penalty risks. Note, this is not just ‘tokenization’, which most gateways support, but rather a specific set of new card acceptance rules. Everyone in the payment ecosystem has some responsibility to make changes for compliance- issuer, acquirer, merchant and payment gateway. No one can ‘automatically’ get merchants compliant with new UCOF rules; if any vendor says they have, call 3Dmerchant to review why it’s not.
  2. If the initial authorization and final settlement amount are not the same, what happens? This is a common scenario for distributors, manufacturing and ecommerce, but if there’s a mismatch, an or an open authorization is not reversed, merchants pay an expensive processing penalty fees. For example, MasterCard Data Rate 1 might appear on merchant statements for interchange rate qualification, which is nearly 100 basis points higher than if settled optimally.
  3. Is there any difference between the type transaction transmitted to the acquirer when a customer self-pays an invoice such as through a payment portal vs when an employee key enters the cardholder data? The answer must be yes. One is submitted as a phone order (MOTO) and one is submitted as an ecommerce order.
  4. BONUS: What’s the process for renewing an expired authorization? Preauthorizations are common in manufacturing and ecommerce. While an expired authorization is usually approved for final settlement within 30 days, there are financial penalties and risk associated with using expired authorizations. Merchants should automate this process as much as possible, removing decisions from employees, which is always fraught with risk.
  5. BONUS 2: Can I process EMV chip transactions with level 3 processing in F&O? Due to October 2019 licensing changes, some merchants may find it more profitable to skip the retail license add-on.

Call Christine Speedy, PCI Council QIR certified, for all your Microsoft Dynamics AX and D365 payment processing needs from ACH to credit cards and more. Get a new or keep existing merchant account at 954-942-0483, 9-5 ET.

MasterCard and Visa Class Action Suit Update 2019

Posted on by
Reply

The U.S. District Court in the Eastern District of New York has preliminarily approved a proposed settlement of between $5.54 Billion and $6.24 Billion in a class action lawsuit against Mastercard, Visa and member banks. Millions of merchants were sent direct mail solicitations from law firms in 2019, possibly creating confusion about how to process claims.

visa mastercar payment card settlment
Official court notification sample and official settlement web site.

The final approval hearing is November 9, 2019 and if nothing changes, merchants will be able to file their claim through a simple process. Merchants will automatically be notified about the process; at this time, there is nothing to do.

In the interim, if you have any questions, please visit the official settlement website www.paymentcardsettlement.com.