{"id":5438,"date":"2020-05-19T13:23:43","date_gmt":"2020-05-19T18:23:43","guid":{"rendered":"https:\/\/3dmerchant.com\/blog\/?p=5438"},"modified":"2021-12-01T17:25:34","modified_gmt":"2021-12-01T22:25:34","slug":"remote-checkout-with-credit-card","status":"publish","type":"post","link":"https:\/\/3dmerchant.com\/blog\/merchant-processing-industry-news\/remote-checkout-with-credit-card","title":{"rendered":"Remote checkout with credit card"},"content":{"rendered":"\n<p>Businesses are shifting to remote credit checkout to avoid close contact with customers. Remote checkout systems range from cheap to pricey, but when comparing safe and secure solutions, it&#8217;s important to know what questions to ask to maximize profits and mitigate risk. In particular, telephone credit card transactions, text, and work from home practices directly impact profits and risk.<\/p>\n\n\n\n<p>A popular practice is to eliminate customer entry into facilities. Communication methods include expansion of telemedicine and secure portals. Two areas are lacking: text and credit card payment. Even the most advanced facilities fall short in one way or another. <\/p>\n\n\n\n<p><strong>Credit card number via phone problems for typical retail merchant account:<\/strong><\/p>\n\n\n\n<ol class=\"wp-block-list\"><li>Merchants are prohibited from writing sensitive cardholder data on paper (Visa sec. 5).<\/li><li>Key entering into computer:<ol><li>Results in 100% invalid \u2013 yet issuer approved- authorizations*, typically increasing costs 30-100% per transaction. <\/li><\/ol><ol><li>Increases data breach risk with home and office hardware and network in scope for <em>Payment Card Industry Data Security Standards (PCI). <\/em><\/li><\/ol><ol><li>Employees access to cardholder data an added risk<\/li><\/ol><\/li><li>Key entering into desktop terminal:<ol><li>Same authorization problem as above (See merchant statement for non-qual, STD, EIRF, Level I etc)<\/li><\/ol><ol><li>All transactions at risk of consumer or issuer chargeback since EMV chip\/swip data expected but not received.<\/li><\/ol><\/li><li>Ties up phone lines for already overwhelmed staff;&nbsp; another data breach risk<\/li><li>Note: Digital forms that can be decrypted are unacceptable<\/li><li>If storing\/tokenizing cardholder data, most solutions are PCI compliant, not but not compliant for network (Vcardholder agreement and future transaction authorizations<\/li><\/ol>\n\n\n\n<p><strong>Card not present alternatives: <\/strong><\/p>\n\n\n\n<p>SMS\/text with\nsecure pay<\/p>\n\n\n\n<ol class=\"wp-block-list\"><li>80-95% of Americans have a smart phone; all age groups, including seniors, are texting<\/li><li>Puts customers in control of entering, storing, managing cardholder data<\/li><\/ol>\n\n\n\n<p>Email with secure pay- also eliminates employee access to cardholder data. A growing threat is business email compromise with phishing schemes increasing during Covid-19 crisis.<\/p>\n\n\n\n<p>Hosted pay page- I do not recommend as this is not efficient during quick check in and\ncheck out needs.<\/p>\n\n\n\n<p><strong>What merchants should look for\nin vendor solutions: <\/strong><\/p>\n\n\n\n<ol class=\"wp-block-list\"><li><strong>3-D Secure cardholder authentication<\/strong> for customer initiated payments; qualify for reduced card not present rates plus fraud disputes for \u201cI didn\u2019t authorize\u201d disappear. The benefit is much like  EMV chip for retail, and merchants can save even more on interchange fees for some cards due to lower risk.<\/li><li>3<sup>rd<\/sup> party app or web based solution that <strong>segregates all devices, hardware and networks from scope for PCI,<\/strong> including key entered transactions; The latter can be managed via special terminal, app, or <strong>encrypted virtual keypa<\/strong>d, perfect for workers at home and on the go.<\/li><li>3<sup>rd<\/sup> party app or web based text solution that eliminates client data from employee devices and hardware, and is <strong>compliant with various text\/telecom rules (FCC, TCPA etc<\/strong>). If employees are texting on their devices, it&#8217;s incredibly difficult or impossible to get that data later if needed in a legal dispute.<\/li><li>Checkout option to <strong>enter authorized 3<sup>rd<\/sup> party <\/strong>for animal pick up, time of day, and even details about car or truck if desired.<\/li><li><strong>Automated authorization optimization <\/strong>for card present, phone order, card on file and customer initiated transactions. This is either managed by technology (preferred) or multiple merchant accounts. Ok, many probably don&#8217;t know what this means, but it&#8217;s the difference between employees having to optionally take certain steps and technology automatically managing it.<\/li><li><strong>One-way texting with payment collection <\/strong>has minimal additional compliance burden for various rules. <\/li><li><strong>Two-way texting<\/strong> is much more robust, with even more upside for efficiency (think photo\/video, updates throughout the stay, promotional link with notification animal entered surgery, survey at end, and continued opt-in to future marketing). The value of opted-in marketing, when used wisely, cannot be understated.<\/li><\/ol>\n\n\n\n<p><strong>Merchants will benefit from increased approvals, more profits, happier\ncustomers, less phone time, and more secure operations. All of this adds up to\nboth internal and external customer experience improvements during a stressful\ntime dealing with Covid-19 repercussions and beloved animals needing urgent\ncare.<\/strong><\/p>\n\n\n\n<p><strong>Christine Speedy\u2019s Analysis:<\/strong><\/p>\n\n\n\n<p>Merchant\u2019s lack\nthe right technology tools, which have been used by other industries for years,\nto meet new card not present requirements while maximizing profits and\nmitigating risk. Rapid adoption will reap virtually immediate rewards. <\/p>\n\n\n\n<p>* Issuers will approve\nmost requests if funds are available, but merchants must comply with various\ncard acceptance rules based on how an authorization is requested or pay\npenalties. For example, a retail merchant account requires EMV chip or swipe\ndata. When the don\u2019t get it, penalties apply. Solutions to dynamically qualify\nper different rules require a technology update, typically via 3<sup>rd<\/sup>\nparty solution.<\/p>\n\n\n\n<p><strong>Research Links: <\/strong><\/p>\n\n\n\n<p>Card network rules: <a href=\"http:\/\/3dmerchant.com\/blog\/merchant-bulletins-downloads\">http:\/\/3dmerchant.com\/blog\/merchant-bulletins-downloads<\/a><\/p>\n\n\n\n<figure><iframe loading=\"lazy\" src=\"https:\/\/www.youtube.com\/embed\/xySlfK1nPLI\" allowfullscreen=\"\" width=\"560\" height=\"315\"><\/iframe><\/figure>\n\n\n\n<p>PCI\nCompliance: pcisecuritystandards.org<\/p>\n\n\n\n<p><strong><em>Christine Speedy, Founder 3D Merchant Services, is a credit card processing expert with specialized expertise in card not present and omnichannel. <\/em>Christine is Qualified Integrator and Reseller certified by the Payment Card Industry Security Standards Council<\/strong>, a requirement for all level 4 merchants, defined as less than 20,000 Visa or MasterCard e-commerce transactions annually, and all other merchants processing up to 1 million Visa or MasterCard transactions annually. Services include standalone and integrated technology, optional merchant services and other solutions. <em>954-942-0483. <\/em><\/p>\n\n\n\n<p>For more 3D Merchant Services news and information, visit\n3Dmerchant.com or&nbsp; <a href=\"https:\/\/www.linkedin.com\/in\/cspeedy\">https:\/\/www.linkedin.com\/in\/cspeedy<\/a><\/p>\n\n\n\n<p>Contacts: <\/p>\n\n\n\n<p>Christine Speedy<\/p>\n\n\n\n<p>954-942-0483<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Businesses are shifting to remote credit checkout to avoid close contact with customers. Remote checkout systems range from cheap to pricey, but when comparing safe and secure solutions, it&#8217;s important to know what questions to ask to maximize profits and &hellip; <a href=\"https:\/\/3dmerchant.com\/blog\/merchant-processing-industry-news\/remote-checkout-with-credit-card\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10],"tags":[177,106],"class_list":["post-5438","post","type-post","status-publish","format-standard","hentry","category-merchant-processing-industry-news","tag-card-not-present","tag-mobile-payments"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/3dmerchant.com\/blog\/wp-json\/wp\/v2\/posts\/5438","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/3dmerchant.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/3dmerchant.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/3dmerchant.com\/blog\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/3dmerchant.com\/blog\/wp-json\/wp\/v2\/comments?post=5438"}],"version-history":[{"count":2,"href":"https:\/\/3dmerchant.com\/blog\/wp-json\/wp\/v2\/posts\/5438\/revisions"}],"predecessor-version":[{"id":6250,"href":"https:\/\/3dmerchant.com\/blog\/wp-json\/wp\/v2\/posts\/5438\/revisions\/6250"}],"wp:attachment":[{"href":"https:\/\/3dmerchant.com\/blog\/wp-json\/wp\/v2\/media?parent=5438"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/3dmerchant.com\/blog\/wp-json\/wp\/v2\/categories?post=5438"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/3dmerchant.com\/blog\/wp-json\/wp\/v2\/tags?post=5438"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}