CAPK expired error messages on VeriFone EMV terminals

Getting a VeriFone EMV Vx520, FD55, Vx510, Vx570 CAPK expired error message? Visa has extended the EMV key’s expiration date from 12/31/2015 to 2022, and the terminal must be updated. Chip cards contain the issuers private keys which need to be verified by the card issuer’s public keys during online authorization requests.  The keys come from the Certification Authority Public Keys (CAPK), and they expire periodically. Your card reader will reject transactions (decline) when an incorrect or expired CAPK is used.

VX520 emv NFC verifone terminal

OPTION 1: UPDATE CAPK FILE ONLY via partial download

For the Vx520, Vx510, Vx570, start from the main screen (Sale/Refund/Void):

  • Press the ENTER button
  • Press F2 for setup
  • Enter the password *
  • Press ENTER
  • Press YELLOW Cancel button
  • Press far left PURPLE button (scrolls you through the menu)
  • F3 button should be “EMV Key Update” PRESS F3 (if you don’t see EMV Key Update, continue to scroll to find it)
  • The terminal will connect for the update and reboot to the main screen.

For the FD55, start from the main screen (Sale/Refund/Void):

  • Press the ENTER button
  • Press 1 for setup
  • Enter the password *
  • Press the ALPHA button 5 times
  • Press 3 for EMV Key Update
  • Press 1 to confirm update
  • The terminal will dial out, get the update and reboot to the main screen.

OPTION 1: FULL DOWNLOAD. In some instances the CAPK instructions listed above may cause the terminal to freeze or go into a constant reboot. If this should happen, please perform a full download of your terminal’s application and update the CAPK files immediately thereafter (standard step as part of the download process).

If you haven’t already downloaded the EMV file, then you do not need to download the CAPK update, as the file is included as part of the standard download process. For additional information about downloads, click here for the Verifone VX520 Reference Guide. (PDF download from Verifone web site)

If you still have problems or cannot perform the download, contact your acquirer.

*If you cannot resolve your issue with the information herein, contact your merchant services relationship manager or the help desk phone number on your merchant statement for support. We cannot help you fix your terminal via chat or any other method and that seems to bother some web site visitors.

  1. You’re paying another company to provide you service, not us. If you don’t like your existing credit card processor service from your acquirer and want to explore ours instead, we’d love to hear from you.
  2. We have no relationship with your business and merchant account- it’s not possible to provide you technical support.

ALERT SEPTEMBER 2019- Payment Card Industry (PCI) PIN Transaction Security (PTS) v3, used by the VX520 and many other terminals, expires April 30, 2020. Your terminal may need replacing.

Want to learn about replacement terminals or new merchant account options? Contact us for a consultation to determine the best solution, get a competitive price, and learn about alternative processing options if interested.Call Christine Speedy, 954-942-0483, 9-5 ET or click here.

Wholesale Distribution Industry Profits Impacted by Payment Processing Partners

Popular Industry Association Business Service Partners Fail To Keep Up With Changing Payment Needs

December 7, 2015–  Wholesale distributors may rely on association negotiated payment processing for reduced rates, but associations are admittedly not payment experts. In fact, other than comparing rates on paper, that lack of expertise and or lack of desire to make a change, could result in compressed profits as we head into 2016 and beyond. EMV chip card acceptance affects both retail and card present businesses.

“The EMV chip card terminal directly impacts interchange rate qualification, and none of the most popular terminals recommended today meet critical wholesale distributor requirements,” says Christine Speedy, B2B payments expert.

Why? Managing the entire payment process is crucial to impact the biggest component of fees – card interchange.  Interchange rates are non-negotiable, but they can be influenced. There are hundreds of fees that can be tacked on based on each transaction type. Due to complexities, distributors must have an intelligent solution to manage the payment process and ensure compliance with all the rules.

PURCHASING CARDS

To qualify for the lowest interchange rates, transactions must meet all the rules for the specific card and transaction method. For distributors, processing level III data for Corporate, Purchasing, and Business cards is critical. Their card use is growing and savings of 90 basis points or more for some cards is an attractive margin difference worth achieving.

mastercard rates level-lll

Sample interchange rates for the same credit card transaction; Failing to follow rules results in costly extra fees.

Countertop terminals like the popular First Data FD Series, Verifone VX series, or Ingenico iCT series, with downloaded programming, cannot support level III. The US EMV ecosystem requires a web-based payment gateway with EMV terminal and level III retail certification. For example, CenPOS has certified the Verifone MX915 to First Data, Chase Paymentech and Tsys, the latter which enables use with most processors. Merchants can use CenPOS via a web browser virtually instantly or an integrated application.

EMV COMPLIANCE DATES

While EMV is not a mandate, effective October 1, the party that does not support EMV (short for Europay, MasterCard, Visa) chip card acceptance is liable for counterfeit card, and sometimes lost or stolen card transactions. Because card issuers previously absorbed most of these losses without any notification to the merchant, businesses can expect losses if action is not taken. Additionally, non-EMV compliance fees have already been announced with at least one provider, NPC, implementing them starting January 1, 2016.

CARD NOT PRESENT

Many distributors primarily accept payments via other methods, including card not present (CNP) credit card. With CNP fraud already climbing for wholesalers, it’s only going to get worse. Implementing 3-D Secure (Vbyv / Verified by Visa and others) shifts some fraud liability from the merchant to the issuer. This service is available only via certain gateways and can only be used when the customer pays online via a shopping cart, einvoice, or paypage. Distributors may need to change their payment methods to maximize protection against fraud.

RECOMMENDATION

Wholesale distributors need to partner with a payments expert to mitigate risk as well as manage interchange rate qualification. Selecting vendors based on new criteria can increase profits virtually overnight.

Christine Speedy, CenPOS global sales and integrated solutions reseller, 954-942-0483. CenPOS is a merchant-centric, end-to-end payments engine that drives enterprise-class solutions for businesses, saving them time and money, while improving their customer engagement. CenPOS? secure, cloud-based solution optimizes acceptance for all payment types across multiple channels without disrupting the merchant?s banking relationships.

4 Credit Card Processing Tips for Consultants & Accountants

profits Following several years of regulatory and technology credit card processing changes, 2015 has been another big year of changes. As we close out 2015, what are you advising clients to maximize profits? Every consultant to distributors, especially for building materials, including lumber and millwork, electrical, marble & stone, and plumbing supply, needs to update their merchant services knowledge. These businesses tend to have both a retail and a ‘to the trade’ component, making old solutions potentially outdated, risky, and costly.

  1. EMV liability shift October 2015, shifted liability for counterfeit card, and sometimes lost and stolen card, transaction losses from the issuer to the merchant, if the merchant does not support EMV chip card acceptance. Since businesses never saw this fraud, the financial risk is unknown, but guesses put it in the 1-2% of sales range. The first acquirer (Vantiv) announced penalties effective January 1 if a retail operation does not support EMV chip card transactions. These fees will grow throughout the payment chain in 2016, and be passed down to the merchant. If profit margins are important, EMV compliance is not optional. Between growth in credit card fraud losses and new penalties, distributors need to make the change ASAP.
  2. EMV terminal selection. Retail Distributors fall into two categories: Those who use countertop terminals, and those who use anything else, including mag swipe reader or signature capture terminal. Only the latter are even capable of supporting level 3 data, critical for qualifying for level 3 interchange rates, which makes up more than 95% of credit card processing, or merchant, fees. Yet, the vast majority of recommended EMV solutions are incapable of level 3, and or there is no certification for it. While updating, add NFC for ApplePay and newer payment methods, and P2PE, which encrypts at the terminal head, further mitigating data breach risk.  The best EMV terminal selection for distributors may reduce merchant fees an average of 32% and mitigate data breach risk. Conversely, the wrong choice will directly reduce profit margins. 
  3. PCI Compliance. Internal and external data breaches are a serious growing problem (Lowes and Home Depot both admitted), and best practices are being shared among peers that are ‘risky’ at best. Top areas of concern are paper credit card authorization forms and electronically storing card data (without certified compliant tokenization such as a payment gateway). Both should be eliminated. Online pay pages and other technology solutions have negated the need for employees to ever have access to credit card data, not even for a minute. Has your own company eliminated them?
  4. Quickbooks. For operations that used Intuit Merchant Services because there was no other integrated choice, that’s no longer an issue. Third party integrations empower businesses to use any acquirer. Look for one that supports all payment methods needed (ACH, check, wire, credit card etc). If processing more than $500k annually, fees may drop up to 50%.

CHRISTINE’S RECOMMENDATIONS FOR CLIENT ADVICE TO DISTRIBUTORS:

  • Implement EMV ASAP to avoid penalties and fraud losses.
  • Only implement an EMV solution certified for level 3 processing to maximize profit margins.
  • Get PCI 3.0 Compliant to mitigate risk of financial losses from a data breach- Replace all practices that include credit card access by any employee, even for a minute, with a technology solution.
  • Replace Intuit Merchant Services to maximize profit margins.

Note: this advice is applicable to any business that has a customer base which includes some business to business and retail, even if retail is a small part of the overall payment types accepted.

EMV TERMINAL SELECTION IMPACTS PROFITS FOR BUSINESS TO BUSINESS

What’s the most important EMV implementation criteria for business to business retail? Supporting level III data, which increases profit margins by qualifying credit card transactions for the lowest interchange rates possible. With proper terminal selection, businesses can quickly offset the cost of compliance for chip card acceptance, and protect long-term profit margins.

“The most recommended terminals in the US, including all the First Data FD series, Verifone VX series, and Ingenico iCT series terminals, do not meet critical business to business needs to protect profit margins, ” said Christine Speedy, a global CenPOS Authorized Reseller.

Interchange is the primary component of credit card processing fees, typically accounting for over 95% of fees. For business to business (B2B), including building supply and HVAC, many customers use corporate, business and purchasing cards. By qualifying these cards for level III interchange rates, B2B merchants can boost margins significantly. For example, the MasterCard interchange rate can drop from 2.65% to 1.80%, for transactions under $7500, and even more for larger transactions.

What’s needed to qualify for level III rates? The US EMV ecosystem at a minimum requires a web-based payment gateway that has certified an EMV terminal with level III processing to a specific acquirer. That’s because the extra data needed for the transaction is too cumbersome for a countertop terminal, but can be easily managed with a cloud solution. For example, CenPOS has certified the Verifone MX915 to First Data, Chase Paymentech and Tsys, the latter which enables use with most processors. Merchants can use CenPOS via a web browser virtually instantly or an integrated application.

While there is no mandate for chip card acceptance, effective October 1, the party that does not support EMV (short for Europay, MasterCard, Visa) chip card acceptance is liable for counterfeit card, and sometimes lost or stolen card transactions. Additionally, non-EMV compliance fees have already been announced by at least one provider starting January 1, 2016.

About CenPOS
CenPOS is a merchant-centric, end-to-end payments engine that drives enterprise-class solutions for businesses, saving them time and money, while improving their customer engagement. CenPOS’ secure, cloud-based solution optimizes acceptance for all payment types across multiple channels without disrupting the merchant’s banking relationships.

For global sales and integrations, contact authorized reseller Christine Speedy 954-942-0483.

 

US Retailers push for PIN on credit cards as EMV rolls out

By Jim Finkle

BOSTON (Reuters) – Some big U.S. retailers are stepping up efforts to use personal identification numbers, or PINs, with new credit cards embedded with computer chips in a bid to prevent counterfeit card fraud.

But they are being resisted by the banking industry, which sees no need to invest further in PIN technology, already used with debit cards, resulting in halting adoption and widespread confusion.

A small band of retailers with the clout to call the shots on their branded credit cards is leading the charge. Target Corp is moving ahead with a chip-and-PIN rollout, and Wal-Mart Stores Inc plans to do the same.

But Wal-Mart said it faces obstacles because its credit card partner, Synchrony Financial, is not yet able to handle PINs on credit cards. Synchrony declined comment.

Broadly, U.S. banks are unprepared or resisting the change.

The impasse comes after many consumers got their hands on new credit cards embedded with so-called EMV chips in advance of an Oct. 1 deadline that required retailers to accept chip cards or be liable for fraud losses. EMV stands for EuroPay, MasterCard and Visa.

But only about a third of merchants are actually using the chip technology, according to analyst estimates. The number may not pick up until early next year, if at all, because the retail industry typically halts upgrades during the crucial holiday shopping season.

“PIN issuance will remain a niche,” said Julie Conroy, credit-card analyst with Aite Group.

Banks favor using chip cards verified by old-school signatures, even though chip-and-PIN usage has led to lower fraud over the decade they have been used in Europe and elsewhere.

“The PIN is definitely a must,” said Lance James, chief scientist with cyber intelligence firm Flashpoint. “It’s one extra step that provides true two-factor authentication.”

But bankers say PINs provide little benefit beyond the advantage of using chips in combating the estimated $7 billion-plus in annual U.S. card fraud.

EMV chips thwart criminals who use stolen data to create counterfeit cards, a category that Aite estimates accounts for 37 percent of that fraud. Banks say that PINs only provide additional fraud protection when criminals seek to use lost or stolen cards, a situation that Aite estimates accounts for only 14 percent of fraud.

Banking groups say there are better approaches than PINs for verifying customers and have asked retailers to embrace tokenization and encryption to prevent theft of credit card numbers.

“PIN is a static data element that would not have a meaningful impact on overall payments fraud,” said Electronic Payments Coalition spokesman Sam Fabens.

PINs are also expensive to implement. Gartner analyst Avivah Litan estimates that banks would have to invest hundreds of millions of dollars in network improvements to support them.

Most retailers have yet to begin using any form of chip technology on credit cards, instead relying on the magnetic strips that are still part of the new cards, even though it now puts them on the hook for fraud losses.

But some are pushing recalcitrant banks, arguing that it is absurd to require them to spend billions of dollars to upgrade their point-of-sale terminals if they are not going to get the added security of chip-and-PIN technology.

“If they really cared about security, it would be a no-brainer,” to use PINs, said National Retail Federation General Counsel Mallory Duncan.

CONFUSION REIGNS

The issue has caused some confusion, even among experts.

A Chase credit card representative this month wrongly tweeted that the firm would soon issue chip and PIN credit cards. A company spokeswoman later said the tweet was a mistake.

The U.S. Federal Bureau of Investigation this month released a public service announcement incorrectly suggesting that all EMV credit cards use PINs, saying “Consumers should use the PIN, instead of a signature, to verify the transaction.” The agency updated the announcement to remove the error.

So far only one PIN credit card is available through a major U.S. retailer, a MasterCard that Target issues through Toronto Dominion Bank.

Target spokeswoman Molly Snyder said her company recently began distributing PIN cards through a rollout that should be completed in the spring.

“We believe that it is the most secure form of payment that is currently available,” Snyder said.

Even though demands for PIN cards are being made by groups representing large retailers, some big merchants say they have no plans to offer PINs.

“Our approach is chip and signature,” said Macy’s Inc spokesman Jim Sluzewski.

JC Penney Co Inc said it has no plans to introduce PINs and has yet to begin processing any chip transactions.

An industry executive said that some retailers have privately confided that they fear widespread PIN adoption could result in slower lines and lost sales from shoppers who forget PINs.

“They don’t want PINs because it clogs up transactions,” said the executive who declined to be named because the discussions were private.

(Reporting by Jim Finkle; Additional reporting by Sruthi Ramakrishnan, John Tilak and David Henry; Editing by Jonathan Weber and Bill Rigby)