American Express To Update U.S. Fraud Policies To Limit EMV Chargebacks for Merchants

Policy Changes Aim to Reduce Fraud Costs for Merchants While Promoting Further Adoption of EMV

NEW YORK–(BUSINESS WIRE)–In an effort to promote further adoption of EMV in the U.S., American Express (NYSE: AXP) today announced changes to its EMV chargeback policy to help merchants limit their fraud costs as they upgrade their point-of-sale systems. By the end of August 2016, merchants will not be held liable for chargebacks for counterfeit fraud when a transaction is under $25. In addition, by the end of 2016 American Express also plans to limit the number of counterfeit fraud chargebacks to a total of 10 per card account. The card issuer – not the merchant – will bear the financial liability for any additional counterfeit fraud transaction that is disputed on a card account after 10 chargebacks. This limit does not prevent a Card Member from disputing additional fraudulent transactions.

“We recognize the migration to EMV in the U.S. is an effort that will take time, which is why we are making these policy changes in order to provide flexibility to those merchants that may need more time to upgrade their point-of-sale terminals to accept EMV chip cards.”

“Combating fraud is an ongoing priority for American Express,” said Mike Matan, Vice President, Global Network Business, American Express. “We recognize the migration to EMV in the U.S. is an effort that will take time, which is why we are making these policy changes in order to provide flexibility to those merchants that may need more time to upgrade their point-of-sale terminals to accept EMV chip cards.”

The changes announced today by American Express will remain in effect until April 2018. The changes are expected to help reduce counterfeit fraud costs for merchants who have not yet upgraded their point-of-sale terminals to accept EMV chip cards. An analysis by American Express found that more than 40% of its counterfeit fraud chargebacks in the U.S. are for transactions under $25.

EMV technology reduces the risk of fraud stemming from counterfeit payment cards by storing information on a microprocessor chip embedded in a card. Card Members dip or insert their EMV chip cards into a merchant’s payment terminal instead of swiping their cards. Under a Fraud Liability Shift implemented by American Express in October 2015, the party – merchant or card issuer – with the least secure form of technology is responsible for counterfeit fraud costs.

American Express earlier this month announced the availability of Amex Quick Chip, which enables Card Members to dip their chip card during the check-out process and remove it before the transaction is completed. This can reduce the time Card Members must keep their Cards inserted in the terminal, providing an experience similar to swiping a magnetic stripe card and enabling merchants to streamline the checkout experience. American Express also offers merchant acquirers a self-certification program that allows them to perform the tests necessary to certify merchants’ point-of-sale devices for EMV chip card acceptance. The program enables merchant acquirers to complete the required POS certifications within as little as a few hours. Today, the vast majority of U.S. POS certifications on the American Express Global Network are performed using the self-certification program.

For more information about the self-certification program, merchant acquirers can visit: https://network.americanexpress.com/en/globalnetwork/certification/.

About American Express

American Express is a global services company, providing customers with access to products, insights and experiences that enrich lives and build business success. Learn more at americanexpress.com.

American Express Launches Quick Chip Service to Provide a More Seamless Process for EMV Chip Card Transactions at Point of Sale

Service is Available to Help U.S. Merchants Streamline the Check-Out Process When Card Members Pay With Their Chip Cards

NEW YORK,  June 15, 2016 — 

American Express today announced the availability of Amex Quick Chip, a technology that enables merchants to provide a more seamless experience at the point of sale for Card Members when they pay with their EMV chip cards. Amex Quick Chip is available to merchant processors, which may deploy the service to interested U.S. merchants through a software update to the merchants’ EMV-enabled payment terminals. This provides another option for merchants in industries where having a fast check-out process is especially important.

EMV technology reduces the risk of fraud stemming from counterfeit payment cards by storing information on a microprocessor chip embedded in a card. Card Members dip or insert their EMV cards into a merchant’s payment terminal instead of swiping their cards. With Amex Quick Chip, Card Members can dip their Card during the check-out process and remove it before the transaction is completed. This can reduce the time Card Members must keep their Cards inserted in the terminal, providing an experience similar to swiping a magnetic stripe card and enabling merchants to streamline the checkout experience. Importantly, Amex Quick Chip continues to offer the same protection against counterfeit cards that traditional chip card technology does.

“Reducing friction for Card Members and merchants is a key priority for American Express,” said Mike Matan, Vice President, Global Network Business, American Express. “Amex Quick Chip provides merchants operating in industries where fast checkout speed is critical with an option for ensuring Card Members can quickly and efficiently pay for purchases with their EMV chip cards.”

Amex Quick Chip is compatible with the technical standards used in Quick Chip services offered by other payment networks, enabling processors and their merchants to easily implement these solutions across all card brands that they accept.

Amex Quick Chip is currently available to processors, merchants and vendors in the U.S. Interested parties may download the Amex Quick Chip Technical Manual at www.amexglobalnetwork.com/amexquickchip to review implementation requirements for the service. Merchants that want to upgrade to Amex Quick Chip should contact their point-of-sale provider.

About American Express
American Express is a global services company, providing customers with access to products, insights and experiences that enrich lives and build business success. Learn more at americanexpress.com.

EMVCo Updates Payment Tokenisation Specification to Introduce ‘Payment Account Reference’ or PAR

Newly defined data element reduces reliance on primary account numbers when managing security requirements and delivering value-added services.

29 March 2016 – Global technical body EMVCo has released a bulletin updating the EMV® Payment Tokenisation Specification – Technical Framework to provide the payment community with a global, consistent framework to implement ‘Payment Account Reference’ (PAR). To be used by merchants, acquirers and payment processors, PAR can enhance security by limiting references to a cardholder’s primary account number (PAN) in the payment ecosystem.

Payment tokenisation is the process of replacing a PAN with a unique payment token that may be restricted in its usage, for example, with a specific device, merchant, transaction type or channel. Traditional PAN-based payments will continue to be used alongside EMV Payment Tokens. The introduction of PAR, which does not contain financially sensitive data, enables the payment acceptance community to link a cardholder’s payment token with their PAN transactions without needing to use their underlying card account number. This allows for a consolidated view of transactions on a payment account. This is also needed for security and regulatory reasons, such as risk analysis and anti-money laundering. It is also important for value-added services, as these often leverage historical transactional data to derive analytics and measurements to support customer programmes such as loyalty.

Mike Matan, current Chair of the EMVCo Executive Committee, comments: “Payment tokenisation enhances the underlying security of digital payments by limiting the risks associated with the compromise or unauthorised use of PANs. As well as increasing security, we want to ensure the payment acceptance community can continue to deliver associated payment processing and value-added services which are currently enabled by PAN. PAR addresses this by enabling all payment transactions – regardless of how they are initiated – to be processed in a consistent manner.”

The presence of PAR fulfils a fundamental need to link PAN-based and token-based transactions together. PAR enables the industry to move away from dependence on the PAN as the primary linkage. PAR data cannot be reverse-engineered to reveal the PAN or EMV Payment Token and cannot be used on its own to initiate a transaction such as authorisation, capture, clearing or chargeback. Users of PAR data are required to protect PAR data in accordance with national, regional or local laws and regulations.

“EMVCo recognises the need to continually adapt and advance the EMV payment infrastructure to support and promote user convenience without compromising security,” adds Jack Pan, EMVCo Board of Managers Chair. “Our work to establish a secure and scalable payment tokenisation ecosystem is no different. Since EMVCo launched its activity to focus on the development of a tokenisation specification, we have been working with industry stakeholders and EMVCo Associates to solicit feedback and determine appropriate updates to the framework, which will optimise the benefits of this technology. In addition to PAR, EMVCo has launched a Token Service Provider (TSP)

Registration Process, to promote transparency and interoperability of TSP entities. We look forward to continuing our work with the industry to manage and evolve this payment technology further.”

EMVCo – which is collectively owned by American Express, Discover, JCB, MasterCard, UnionPay and Visa – launched the EMV Payment Tokenisation Specification – Technical Framework v1.0 in March 2014. The PAR framework is designed to ensure global interoperability and support broad industry adoption. These latest updates are documented in the EMV Specification Bulletin No. 167, available to download without charge from the EMVCo website.

The specification bulletin accomplishes the following:

• Introduces PAR as an industry aligned data structure.

• Describes the presence of PAR in payment token and underlying PAN transactions.

• Defines PAR to be used as a consistent value for all payment tokens affiliated with an underlying PAN.

• Outlines how PAR can be used by acquirers, payment processors and merchants to link payment token transactions to those of the underlying PAN.

To join other industry stakeholders in contributing to EMVCo’s development of the tokenisation framework, become an EMVCo Associate.

– ENDS –

For further EMVCo media information please contact Sarah Jones / David Amos – Tel: +44 1943 468007 or email: sarah@iseepr.co.uk / david@iseepr.co.uk

Notes to Editors:

EMV® is a registered trademark in the U.S. and other countries and an unregistered trademark elsewhere. The EMV trademark is owned by EMVCo.

About EMVCo:

EMVCo is the global technical body that facilitates the worldwide interoperability and acceptance of secure payment transactions by managing and evolving the EMV Specifications and related testing processes. Adoption of EMV Specifications and associated approval and certification processes promotes a unified international payments framework, which supports an advancing range of payment methods, technologies and acceptance environments. The specifications are designed to be flexible and can be adapted regionally to meet national payment requirements and accommodate local regulations.

EMVCo is collectively owned by American Express, Discover, JCB, MasterCard, UnionPay and Visa, and focuses on the technical advancement of the EMV Specifications. To provide all payment stakeholders with a platform to engage in its strategic and technical direction, EMVCo operates an Associates Programme and encourages all interested parties to get involved.

Visit www.emvco.com for further information and join EMVCo on LinkedIn.

3 Profit Boosters for Lumber, Building Materials, Distribution Companies

Lumber, building materials, and distribution companies increase profits and cash flow almost instantly with these credit card processing and accounts receivable tips.

  1. Use a credit card processing solution that supports level III processing for retail. Prior to the October 2015 EMV liability shift, there were more companies that offered this, but today, to my knowledge, we offer the only solution that has both US EMV and level 3 retail certification.
    level 3 processing interchange rate

    Sample interchange rates for the same credit card transaction; Failing to qualify for level III is costly.

    Benefit: Potential 1% or more profit margin increase.  TIP: No countertop credit card terminal supports level 3 due to the data that must be sent with transactions; no bank currently offers a level 3 retail solution with US EMV. A cloud-based payment gateway is required.

  2. Ensure key entered transactions are sent for authorization with the MOTO (mail order, telephone order) transaction type indicator. If not, the transaction will default to the highest ‘non-qualified’ interchange rate possible for the card type, and in the event of a dispute, merchant must be able to produce a signed receipt.  TIP: Never key enter on a countertop terminal since it is set up for RETAIL. VX520 emv NFC verifone terminalThe best solution manages proper presentment for processing automatically so employees don’t need to understand the nuances of the best way to process any transaction to qualify for lower rates or mitigate risk.
  3. Enable online payments, with level III credit card processing. By empowering customers to pay 24/7, they’ll pay faster to clear up credit lines to buy more. Also, with cardholder authentication, payment can sometimes be guaranteed against fraud and qualify for even lower interchange rates due to lower risk; key entered transactions carry more risk and while risk can be mitigated, payment is not guaranteed. Accepting alternative methods like ACH, wire, and Paypal will also reduce friction, increase efficiency and increase cash flow.

6 Ways To Increase Omnichannel Payment Security & PCI Compliance

Chip card acceptance has propelled companies to rethink how EMV compliance impacts overall PCI Compliance strategies. According to the Verizon 2015 PCI COMPLIANCE REPORT, 80% of companies fail an interim Payment Card Industry Data Security Standards (PCI-DSS) audit. CenPOS deploys multiple cloud solutions to reduce data security risk, and comply with EMV, while meeting top business priorities like improving customer engagement and the customer experience.

Point-to-Point Encryption (P2PE) – Working with Verifone and Ingenico, CenPOS Enterprise Payments Suite encrypts card data at the point of card swipe or insertion to prevent clear text information from traversing the network thereby protecting data in transit.

Electronic Bill Presentment and Payment (EBPP) – Key entering cardholder data into a computer without the use on an encrypting keypad introduces vulnerabilities that can be exploited by key logging malware.  EBPP allows you to push final invoices to consumer mobile devices via text and email so that they can complete the transaction—eliminating your staff’s need to enter data and reducing vulnerabilities.

Consumer Validation – As chip cards proliferate the United States, counterfeit card fraud rapidly migrates to online channels.  CenPOS Consumer Validation shifts risk to the consumer’s bank, reduces acceptance costs, and increases the approval rate for higher sales.

Chip Card Acceptance (EMV) – The deadline to avoid shifting liability associated with EMV acceptance was October 1, 2015.  Chip card transactions processed using legacy magnetic stripes could result in a chargeback to the merchant with no possibility of reversal.  CenPOS has certified the Verifone MX915 to all processing platforms to protect businesses from the liability shift. CenPOS has been processing chip transactions on multi-lane terminals since January 2015.

Tokenization – Sensitive cardholder data is replaced by a surrogate number, called a token, that eliminates the risk of storing customer information on internal systems.  Subsequent transactions and adjustments can be processed safely using the token to facilitate a transaction.  This service is automatically deployed.  Any attempt to store sensitive cardholder data evokes the tokenization system.

Encrypted Virtual Keypad (EVK) – In some instances, it is desirable to manually enter cardholder information into a system, but this increases data breach, including from key logger malware, on site, from call centers and remote employees.  The CenPOS EVK uses advanced technology to secure data entry by clicking the numbers on an encrypted screen-based keypad, segregating sensitive cardholder data from local hardware and networks.

encrypted virtual keyboard evk cenpos

The combination of these solutions reduces the risk of data loss along with the financial and brand damage associated with security breaches. Additionally, merchants also benefit from increased efficiency, cash flow and EBITDA.

Contact Christine Speedy for P2PE, EBPP, EMV and Customer Validation options, including integrated solutions,