What is Recurring CoF Monitoring?

Posted on by
Reply

Recurring CoF monitoring is related to merchants using stored cards on file for recurring billing. Merchants are getting notices from acquirers about failing MasterCard Data Integrity reporting and, from what I’ve seen, only have two weeks to correct the issues.

The below merchant has been identified by the latest MasterCard Data Integrity reporting as failing Edit 21 – Recurring CoF Monitoring. Per MasterCard, all recurring payments are considered credential-on-file transactions.  MasterCard requires POS entry mode= 10 (credential-on-file) to be sent for transactions identified as recurring.  Please work with the POS vendor and these locations to correct the POS entry mode. If corrections are not completed, merchants are subject to non-compliance assessments and fines will be allocated.

Basically, a merchant must comply with rules about how a transaction is presented to the acquirer and the issuer for authorization. The payment gateway is largely in control of sending the correct data with each transaction. In the example violation notice, the merchant is not compliant with recurring payment rules which requires specific steps when storing a card for the first time and then for ongoing payments.

The 3Dmerchant.com blog has many articles about the Visa Stored Credential Mandate. Visa’s are the most stringent and by following them, merchants will also be compliant with MasterCard’s. The rules went into effect in October 2017, with enforcement delayed to May 2018. Despite some claims to the contrary on payment gateway web sites, the mere fact that a payment gateway can support the correct data set does not make a merchant compliant automatically. Merchants should read the rules on this web site, which includes links to the card brand rules.

Card brand rules (Visa, MasterCard etc) are constantly changing and many payment gateways have not kept pace with been given a notice, then don’t call your existing provider. The rules were announced in 2016 and went into effect for most businesses (some were earlier) in October 2017. If your vendor let this happen to you, it’s time to get advice from another source. Here’s a list of payment gateways compatibility status.

Call Christine Speedy, CenPOS Global Sales. 954-942-0483, 9-5 ET for all your stored credential payment gateway and virtual terminal needs. CenPOS is an integrated commerce technology platform driving innovative, omnichannel solutions tailored to meet a merchant’s market needs. Providing a single point of integration, the CenPOS platform combines payment, commerce and value-added functionality enabling merchants to transform their commerce experience, eliminate the need to manage complex integrations, reduce the burden of accepting payments and create deeper customer relationships.

Event sales credit card authorization form template 2019

Posted on by
Reply

Accepting credit card deposits for events requires compliance with both card not present and stored card rules. Not PCI Compliance rules for data security, but rather authorization rules set by Visa, MasterCard etc. Comply with the rules and get rewarded with more authorization approvals, qualify for lower rates and mitigate risk of chargebacks.

Professionalism starts on the phone and continues throughout the buying experience. By replacing traditional credit card authorization forms with technology that puts buyers in control of their cardholder data, merchants create a better buying experience. Traditional credit card authorization forms were created to establish a record to use in the event of a future dispute. They’re useless today.

Merchants must replace credit card authorization forms with technology compliant with new rules for storing and using stored cards.

  • The initial authorization authenticates the cardholder.
  • The initial authorization informs that the cardholder has agreed to merchant storing card.
  • The transaction type will indicate it’s an estimate.
  • Future authorizations will reference any required above items and be submitted as Incremental or Final.

Compliance with the above is not possible with desktop terminals and even most virtual terminals and payment gateways. Merchants need a virtual terminal and or payment gateway that supports Unscheduled Credential On File, Incremental and Final Authorization rules. This is new terminology and new fields in the transaction process.

“Don’t be surprised if vendors don’t know about or support these rules. Just like EMV chip rollout, it’s a huge change and few providers are keeping up. We’re an exception. I had solutions for my clients prior to the EMV shift in October 2015 and again for the 2017 stored card mandate.”

Christine Speedy

Our solutions reduce buyer friction to pay and enables event sales and back office staff to collect deposits and capture cardholder data via text or email. These include push out payment requests via text or email, capture cardholder data for later use, and upload an invoice to collect payment.

text payment
Click here to see one of multiple options available.

Benefits of compliant solution:

  • Reduced merchant fees even with the same merchant account.
  • Increased approvals with cardholder authentication.
  • Mitigate chargeback risk including fraud liability shifting to issuer.
  • More convenient for buyers- 24/7 payments on their schedule, not yours.
  • Buyers are in control of choosing to store payment methods

Call Christine Speedy, PCI Council QIR certified, for simple solutions to card not present payment transaction problems, 954-942-0483, 9-5 ET. The cloud technology you need today to accept all payment types, with optional merchant, check processing and other services. 

#hotel #creditcardauthorization

Contact At Once! and AdvantageTec Become LivePerson Automotive And Launch End-to-End Conversational Commerce Platform for Automobile Sales and Service

Posted on by
Reply

ATLANTA, Jan. 25, 2019 /PRNewswire/ — LivePerson, Inc. (Nasdaq: LPSN) announced today that its automotive division, including Contact At Once! and AdvantageTec, will use its new moniker LivePerson Automotive at the National Automobile Dealer’s Association (NADA) conference in San Francisco this week. Contact At Once! and AdvantageTec, two leading industry messaging solutions, have combined forces with their parent company LivePerson to deliver an end-to-end customer lifecycle conversational commerce platform that connects consumers through messaging to the whole dealership—from sales to service.

“I’m excited about the LivePerson Automotive branding because it sets the stage for where we want to take our dealer, manufacturer and advertising partners, and it reinforces yet again that we know this industry puts relationships first,” says Denise Chudy, general manager of LivePerson Automotive. “We are still the same great companies our customers are used to working with, but this serves as a reminder of the added strength, scale and know-how we bring with the industry’s most widely deployed automotive messaging platform, an innovative DMS-integrated service texting solution and the depth and breadth of LivePerson’s technologies…all working for you.”

LivePerson Automotive’s conversational commerce platform can connect consumers with their dealership through all the steps involved in buying and owning a vehicle. “Our key differentiation is our ability to make the shopping process conversational from just about any advertising point or messaging channel and then carry that connection into servicing the car and building a loyal relationship,” adds Chudy. “From initial research to digital retailing steps, service updates and payments, dealers and consumers are continuously connected with LivePerson Automotive.”

Andy Costello, General Manager of BMW of San Rafael who is a Contact At Once! and AdvantageTec customer, points out that consumers really like the experience too. “Our customers are very happy to get updates, schedule appointments, approve repair orders, and even pay—all through a messaging conversation,” says Costello. “CAO! Connect helps us create more conversations with shoppers from the moment they start looking, and AdvantageTec helps us turn those car buyers into lifelong customers.” 

Learn more exciting updates for LivePerson Automotive and our consumer lifecycle conversational commerce platform at NADA 2019 in San Francisco, January 24 – 27 (Booth 6831W) or by texting us at +1 404-850-9297.

ABOUT LIVEPERSON AUTOMOTIVE
LivePerson Automotive, formerly Contact At Once! and AdvantageTec, helps create satisfying connections and build relationships between consumers and automotive companies to enable better experiences when they’re shopping for or getting vehicles serviced. LivePerson Automotive is the industry’s leading provider of messaging platforms with over 17,000 businesses using our solutions to enable conversational commerce, from brands to retailer sites, via online advertising, in-app messaging, social media and more. For more information, visit www.liveperson.com/solutions/automotive.

ABOUT LIVEPERSON, INC.
LivePerson makes life easier by transforming how people communicate with brands. Our 18,000 customers, including leading brands like Citibank, HSBC, Orange, and The Home Depot, use our conversational commerce solutions to orchestrate humans and AI, at scale, and create a convenient, deeply personal relationship — a conversational relationship — with their millions of consumers. For more information about LivePerson (NASDAQ: LPSN), please visit www.liveperson.com.

MEDIA CONTACT
Jennifer Sutton
LivePerson
PR (at) liveperson.com

SOURCE LivePerson, Inc.

3DMERCHANT NOTE: We offer AdvantageTec products, including integrated with virtual terminal and payment gateway for express customer checkout. Saves time and money. With 3-D Secure, the cost of accepting credit cards remotely is virtually the same as card present in most cases, and merchants are also protected from “it wasn’t me, I didn’t authorize” fraud. Contact us for Liveperson text, chat, and click and pay solutions.

Credit card authorization form 2019

Posted on by
Reply

Credit card authorization form 2019 templates are starting to pop up on the internet. The forms are never PCI compliant nor compliant with card network rules, plus the form might introduce malicious code into your network, leading to a future data breach. In this article learn about compliant credit card authorization form problems and solutions.

Merchants must replace traditional credit card authorization forms with other payment methods where the customer self-pays in 2019. The services are typically provided by a payment gateway, acquirer or software solutions provider. I recommend using an independent payment gateway for the checkout because if other changes are made, such and changing acquirer, it’s non-disruptive to customers and business processes.

Three solutions to replace traditional credit card authorization forms:

  1. Hosted pay page is a third party hosted web page where buyer can enter all their payment information for immediate payment, and in some cases store it for future payments.
  2. Pushing out a payment request via text or email includes link to a hosted prefilled pay page that can include an invoice number and amount due.
  3. Electronic invoicing may be standalone or integrated and empowers buyers to pay online.

Per Visa, merchants are never allowed to ask for the security code in any written form.  Merchants also cannot store the form with full card numbers nor store the security code after authorization. Traditional credit card authorization forms increase risk of fraud and identity theft and nobody likes them!

pci security standards
PCI Security Standards Council guidelines for storage of cardholder data.

Cardholder verification with 3-D Secure shifts fraud liability to the issuer, so instead of responding to chargebacks, merchants can prevent them from happening. This is far more powerful than using security code or address for cardholder verification, and eliminates the need for traditional credit card authorization forms. 3-D Secure is a set of global security standards, for example, Verified by Visa.

Phone order payments risk identity theft:

  • Phone orders expose card data to employees.
  • Employees often write the cardholder information down on paper first to avoid making a mistake that requires them asking for the information again.
  • While less than 15% of data breaches occur from insider threats, trusted employees do steal data for financial, espionage, and grudge reasons.
  • It costs more to process the card both in actual labor and in card acceptance fees because it’s impossible to qualify for the lowest card not present rates possible on manually key-entered transactions.

Fax order payments risk identity theft:

  • All of the phone order risks apply, plus new risks for fax.
  • Digital faxes have memory where data can be stored, risking theft during use and after disposal of hardware.
  • Depending on access to the hardware or software, many people might have access to faxed forms, including evening cleaning service personnel.
  • Merchants cannot ask for security code on the form, yet it’s required for card not present transactions.
  • The card number must be masked after use if being stored
  • Storing the form has no value because if proper card not present rules are followed, there’s no need for it to defend chargebacks.

Cloud digital credit card authorization forms may not be PCI compliant:

The rise in digital credit card authorization forms is downright scary, because despite claims by sellers, merchant implementation of them is often not PCI Compliant. Here’s a few reasons why:

  • Neither merchants nor third parties can store the security code after authorization.
  • Neither merchants nor third parties can store the card number unmasked after authorization.
  • Merchants will be hard pressed to prove PCI Compliance in the event of a data breach. Who had access to the forms and when? How is the server wiped of the data? What about back up servers?
  • What’s the point of getting a signed form if you can’t save it?
  • If the service offers an authorization to verify cardholder, but the merchant then types card number into another system with no connection to the initial verification, all subsequent transactions are in violation of rules for storing and using stored cards thus are open to issuer chargeback risk.

Benefits of compliant solution:

  • Reduced merchant fees for some cards (3-D Secure cardholder authentication such as Verified by Visa must be enabled.)
    Increased approvals with cardholder authentication.
    Mitigate chargeback risk – with 3-D Secure cardholder authentication, fraud liability shifts to issuer.
    More convenient for buyers- 24/7 payments on their schedule, not yours.
    Buyers are in control of choosing to store payment methods

How can merchants get 3-D Secure? Contact us for the latest instructions or call your acquirer aka merchant services provider.

See also Visa Stored Credential Mandate & Framework – Improving Authorization Management for Transactions with Stored Credentials.

Call Christine Speedy, PCI Council QIR certified, for simple solutions to card not present payment transaction problems, 954-942-0483, 9-5 ET.

References: Search the blog for credential or form or click on the navigation for links for more resources on rules and compliance.

Microsoft D365 ERP Invoice Custom Email Subject with CenPOS

Posted on by
Reply

Microsoft Dynamics AX and D365 users need a more customized invoice and sales receipt subject and body than they have with their current solution. The CenPOS F&O accounts receivable module includes the 3 most common requests users ask for.

  1. Create a custom subject and automatically insert the invoice number. For example, Sales Invoice # 231255.
  2. Create a custom body plus automatically insert subtotal, invoice #, sales tax, discount, total invoice etc and a click to pay link.
  3. Attach a PDF invoice

Invoices can be delivered via multiple methods and customers can pay via ACH, wire, credit card and other payment types directly from the email or text; customers can also login to a portal to view and pay multiple invoices. This increases efficiency for both parties and is proven to reduce DSO Because CenPOS is both the invoicing solution and a PCI Level 1 Service Provider, merchants can eliminate Red Maple Advanced Credit Cards, Billtrust and similar other third party solutions.

The sales receipt works pretty much the same way, with receipts automatically delivered via the customers preferred communication method.

The CenPOS F&O module is quick and easy to implement. All these features and more are available standalone or integrated. Integrators, developers and Dynamics users can contact Christine Speedy at 954-942-0483 for the module.

Call Christine Speedy, CenPOS Global Sales, PCI Council QIR certified, for the CenPOS Dynamics AX and D365 modules to make your business more profitable, efficient and secure. 954-942-0483, 9-5 ET.

CenPOS is an integrated commerce technology platform driving innovative, omnichannel solutions tailored to meet a merchant’s market needs. Providing a single point of integration, the CenPOS platform combines payment, commerce and value-added functionality enabling merchants to transform their commerce experience, eliminate the need to manage complex integrations, reduce the burden of accepting payments and create deeper customer relationships.