Point of Sale for Heavy Equipment Rentals – Credit Card Processing Rules Changes 2017

Posted on September 7, 2017 by Christine Speedy

Heavy equipment rental companies and dealers must make changes to comply with new Visa credit card acceptance rules. The sweeping changes to rental industry card acceptance rules were announced in October 2016, with April and October 2017 mandates for compliance. The changes are complex and require cloud technology to automate compliance. Countertop terminals are not capable of compliance, and must be replaced.

Countertop terminals such as the FD130 and the Verifone VX520 are not capable of compliance for heavy equipment rentals, and must be replaced.

Visa rules changes include:

Defining who initiated the transaction (customer self-pay or merchant)
Transaction data sent
Authorization rules
Stored card rules
Customer communications.

Compliance will increase approvals and mitigate fraud risk; Failure to comply will increase risk of financial losses and issuer declines while reducing EBIDTA. These changes are significant, impacting chargeback risk and financial penalties to heavy duty equipment rental.

Visa compliant solutions:

The complexity of compliance with both card present and card not present rules requires a solution that can dynamically manage it, removing employees from making decisions that could impact profits. Everyone must change in the ecosystem- card issuer, acquirer (credit card processor), payment gateway and merchant. Whatever you had in 2016 was not compliant since all the other players were not ready yet.

Merchants should update to a payment gateway that supports at a minimum:

Estimated, initial, incremental, and final authorization requests (traditional terminals cannot comply
Authorization Reversals for unused authorization (amount changed)
Authorization validity periods
Stored credential rules
Creation and retrieval of customer opt-in records
Automated authorization and settlement amount matching (otherwise transaction downgrades to worst rate possible and other repercussions)
Verified by Visa, which uses the 3-D Secure protocol to shift fraud liability to the issuer, much like EMV does for retail.
The Verifone MX915 EMV chip terminal is an option to use in a compliant rental solution.

If you have a payment gateway, or need one, ask these questions:

How will you help us comply with the new Disclosure to Cardholder and Cardholder Consent rules?
What does the consent record look like?
How will we retrieve records?
How long are the records retained?

Contact Christine Speedy to get a compliant solution for your rental services needs. 954-942-0483. The ROI for most businesses is virtually overnight! Month to month risk free solutions.

Another change of note is revisions have been made to split the “Other Fraud” Dispute condition under Enhanced Dispute Resolution into separate conditions for Card-Present and Card-Absent Transactions, and to incorporate changes to the payment
flow related to Disputes. For merchants that comply, it’s all good. For merchants that do not comply, there will be more risk of financial penalties and risk of issuer initiated chargeback. A key component to mitigate chargeback risk is support for Verified by Visa.

There are many nuances to the rules and potential chargeback reason code 72 risk, which were non-existent in the past. Rather than consumer initiating a chargeback, the issuer will be within their rights to initiate a chargeback if the merchant fails to comply with the rules, for example, failing to submit the correct authorization flag for an estimate.

Reference: Visa Core Rules and Visa Product and Service Rules, 15 October 2016. See especially Table 5-14, 5-21, 5-22. https://3dmerchant.com/blog/merchant-bulletins-downloads

Resources:

• https://usa.visa.com/support/merchant/library/visa-merchant-business-news-digest.html see articles on Visa Stored Credentials mandate and updated revisions on Visa Stored Credentials framework

• Some acquirers put out statement alerts on their April, June and or July merchant statements.

See also, Visa Stored Credential Mandate.

Contact Christine Speedy to get a compliant solution for your rental services needs. 954-942-0483. You’ll be more profitable, efficient, and

Disaster planning: credit card processing, cash flow and accepting payments

Posted on September 6, 2017 by Christine Speedy

Mobile credit card processing and online payments of all types can ensure business cash flow during and after a disaster. When the storm is over and people emerge to shop again, how will businesses manage accepting credit cards? Or get paid by check if mail is undeliverable? Critical issues include power, telephone and internet access, as well as human capital when employees scatter to many different places.

How can we help your business when a USA storm is imminent?

Online pay page– hosted pay page supporting ACH/echeck with or without guarantee, credit card, wire and Paypal. No web developer is needed for this fast solution; just send our custom link to your customers.
Electronic Bill Presentment & Payment- Login to a portal and Text or email your customers a pre-filled payment object with link to pay a specific invoice; optionally create detailed invoices on the fly if your accounting system is not available.
Virtual terminal – your employees key enter the payment information via virtual terminal on a secure hosted web page or using the mobile app (free).

All solutions above are quick and easy to adopt and they work with your existing financial partners such as merchant services or check processor. Remote training videos can help users get up and running the same day as the account is activated from wherever they are. For the two self-pay options above, when using 3-D Secure cardholder authentication, liability for fraud shifts to the issuer, much like EMV does for retail. Additionally, the qualified rated for credit card acceptance in many cases is the same as retail.

It’s probably not realistic to get a credit card swiper on short notice because in the current retail world, EMV chip card and point to point encryption are critical to protect against fraud and data breaches. Use a store bought mag card reader at your own risk.

Good to know:

Works with all or most processors- bring a merchant statement, online login, or contact information with you when evacuating so we can connect to it.
No long term agreement- month to month
Plugins available for many software solutions
Encrypted virtual keypad protects cardholder data from key logger software (important when employees may be using their own PC’s)
PCI Compliant
Each user has unique login for compliance and tracking; same permission based login across all solutions.
Standardization across all locales for complete transparency, and compliance.
With simple cashiering you can even manage and track cash transactions.

Contact Christine Speedy 954-815-6040 or cspeedy At cenposreseller.com

MasterCard Bin 2 Series In Play: Declines and Fines

Posted on August 23, 2017 by Christine Speedy

Previously, MasterCard announced a new card number BIN series, requiring everyone in the payment ecosystem to update in order to support the new card acceptance. Merchants need to update software and or terminals to comply by the June 30, 2017 mandate deadline. The consequences are both transaction declines and heavy fines.

Credit card processing:

Traditional countertop terminals may need a software download, contact your processor.
Verifone vx520
Point of Sale solutions or the payment gateway that drives terminals need to be updated. This may occur seamlessly in the background with no impact to merchants and nothing to download.
Verifone MX915 EMV chip terminal

Equipment & Payment Gateway NOT affected:
- Authorize.net
- BridgePay
- Cayan
- CenPOS
- Clover
- Ingenico w/ EMV Chip Card Technology
- First Data w/ EMV Chip Card Technology
- Future POS (Version 5.0.96.30)
- Gravity Gateway
- Lavu
- Merchant Link
- Micros
- NMI
- Payeezy
- Paytrace
- Shift 4
- Shopkeep
- Swipe Simple
- USAePay/Gravity Link
Credit Card Terminals Requiring a Software Update:
- Apriva cellular terminal
- FD 50 TI (Non EMV Chip Card)
- FD 100 TI (Non EMV Chip Card)
- FD 130 (Non EMV Chip Card)
- FD 200 TI (Non EMV Chip Card)
- Ingenico (Non EMV Chip Card)
- Verifone VX520
Credit Card Terminals Requiring Replacement: These terminals are end of life and cannot be updated.
- All Hypercomm Terminals
- Fd 50 (non TI)
- FD 100 (non TI)
- FD 200 (non TI)
- FD 300 (non TI)
- VX 510
- VX 570
Consequences for non-compliance with MasterCard Bin 2 Series
Mastercard Transactions for cards beginning with a 2 in the range of 222100-272099 will be declined.
If you do not update your software before the deadline, you will fall into a status of non-compliance. A non-compliant occurrence is defined as any attempted and failed transaction that is confirmed as failed due to a merchant’s lack of readiness to support 2-Series BIN transactions.
- $2,500 per occurrence in the first 30 days.
- Escalating up to $10,000 in the next 60 days.
- Up to $20,000 per occurrence for the subsequent violations.
These fines may be assessed per merchant location per failed transaction for not implementing support of the new cards.

Fines will be pushed to acquirers. If acquirers are compliant, but the merchant is not, the fines will be passed down. If you’re sitting on old software and terminals, now is the time to change! It’s simple for MasterCard to identify non-compliance. Contact us for immediate help- keep your merchant account, get new compliant credit card processing technology.

Disclaimer: This list and accompanying information may be out of date at any time. Check with your acquirer for the most current information.

Mastercard Lane and Unique Terminal Identification (TID) Mandate

Posted on August 23, 2017 by Christine Speedy

The Mastercard Unique Terminal ID mandate is another attempt to stem and more quickly identify fraud at merchants using integrated retail point of sale solutions. This mandate was announced back in 2013, and requires unique terminal identifiers for each independent card reading device at a single location, not to be confused with the acquiring TID.

Effective January 1, 2017, merchants who do not adhere to the MasterCard Unique Terminal ID mandate will fall into a status of noncompliance. Fines for non-compliance go into effect December 31, 2017. Multiple card-reading devices, such as PIN pads and terminals, connected to a single host terminal are each required to have a Unique Device ID to remain compliant and avoid potential fines from Mastercard.

MasterCard Fines will be assessed for each transaction that violates this mandate.

If you do not regularly update your POS software, as is also required for PCI Compliance, you’re probably not compliant. with MasterCard and may be fined. Action: contact your POS provider for further information. Read your merchant statement messages for these and other critical alerts.

CenPOS Launches PCI-Validated P2P Encryption

Posted on July 29, 2017 by Christine Speedy

Florida-Based Payment Solutions Company, CenPOS, Strives to Make Customer Experience More Secure with Launch of PCI-Validated P2P Encryption.

Data breaches are on the rise and they are costing both consumers and merchants money.

Miami, Florida (PRWEB)July 29, 2017

The 2017 Identity Fraud Study, released by Javelin Strategy & Research, found that $16 billion was stolen from 15.4 million U.S. consumers in 2016.

When the consumer data that makes such fraudulent activity possible comes from the merchant’s database, then the merchant can also incur some major damages. In fact, the 2017 Cost of Data Breach Study: United States, found that the total average organizational cost of a data breach has reached a new high at $7.35 million.

CenPOS aims to reduce the vulnerability of sensitive consumer data — that could be used to drain debit card-linked bank accounts, make “clone” credit cards, or buy items on certain less-secure online sites — to hackers with the release of its Validated P2PE solution.

Officially released on July 7th of this year, CenPOS Validated P2PE encrypts cardholder data so businesses can simplify compliance with Payment Card Industry Data Security Standards (PCI DSS) and consumers can stop worrying about data being stolen between “the store” and the bank.

Surprisingly, Validated P2PE is not new technology. It’s the strongest level of data encryption in the market right now and is offered by other merchant payment services companies. However, CenPOS is the first and only company with the Qualified Integrator & Reseller (QIR) designation to offer a Validated P2PE solution.

The QIR designation is awarded by the Payment Card Industry Security Standards Council, a global open body formed to develop, enhance, disseminate and assist with the understanding of security standards for payment account security.

According to their standards, “the quality, reliability, and consistency of a QIR Company’s work” should provide confidence that the merchant’s payment application has been implemented in a manner that supports PCI DSS compliance.

Chris Justice, CEO of CenPOS, is quoted saying: “We believe that loyalty is built on trust and that trust is built by delivering great customer experience over and over again. So, when consumers can have greater peace of mind because they know that the merchant has the proper data security in place to reduce exposure to painful events, like data breaches, we believe customer experience is enhanced and that consumer will choose that merchant over others who are less diligent.”

CenPOS Validated P2PE launched on Friday, July 7, 2017. To learn more, visit https://cenpos.com/solutions/data-security
More facts and further information about CenPOS, can be discovered at https://www.cenpos.com/

About CenPOS
CenPOS is a merchant-centric, end-to-end payments engine that drives enterprise-class solutions for businesses, saving them time and money, while improving their customer engagement. CenPOS’ secure, cloud-based solution optimizes acceptance for all payment types across multiple channels without disrupting the merchant’s banking relationships. | CenPOS | @CenPOS

###

Christine Speedy, 3D Merchant Services, is an authorized CenPOS Reseller. There is no middleman; all solutions offered are direct CenPOS agreements with CenPOS direct billing.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Card Not Present, CenPOS, credit card processing

B2B Cloud payment processing technology blog about increasing profits, efficiency and security.