Six Things You Need to Know About Chip Cards (EMV)

The days of credit and debit cards with black magnetic stripes across the back are not the future. The U.S. is moving toward EMV and chip cards. The media has been abuzz recently with references to this important change. So what do you need to know?

Q.  The Basics – What are Chip Cards?

EMV chip cards have computer chips embedded in them. They are widely used in Europe and Asia and are beginning to be adopted in the U.S.

People who frequently travel abroad may already have chip cards or may have seen them used in London, Toronto and Istanbul. The rest of us are likely to have chip cards in our hands by 2015.

Q.  Why Chip Cards?

Chip cards better protect your account information from fraud. And every electronic payment – credit cards, debit cards, digital wallets – is almost always more secure than cash.

The magnetic-striped credit and debit cards you are accustomed to contain “static” data, or payment data that does not change. The data stored in the magnetic stripes includes your 16-digit card account number, expiration date and 3-digit security code (CVC) like the one found on the back of your card.

Chip cards contain the same data and more. Each purchase or transaction that you make generates “dynamic” or unique data that is encoded in a safe mode.

EMV helps protect you even if your card or your card data is lost or stolen, the technology:

• Makes it difficult for anyone but the rightful owner to use the card
• Protects against the creation of counterfeit cards because dynamic data is only good for a single purchase or use

 

Q. What is MasterCard Doing?

MasterCard is one of the original founders of the chip card standard known as EMV, short for EuroPay (now part of MasterCard), MasterCard and Visa.

They continue to advance the technology and introduce it to every country around the world . . . allowing users to safely use the MasterCard no matter where they are.

Q.  Will this Change The Way I Pay for Things?

A little bit. Rather than swiping your card, you may soon insert it into or tap it against a card reader so the chip on your card and the reader can “talk” and establish a secure connection.

Q.  Why Isn’t the U.S. Currently Using Chip Card Technology?

Historically, countries with higher fraud rates switched to chip cards earlier than countries with lower fraud rates.

Q. What will I see as a Cardholder?

First, you will see new card readers or payment terminals in your favorite stores and restaurants. Many of the new readers are already in place, especially if the business caters to travelers from outside the U.S.

Next your bank or credit union will send you a new chip card. Some EMV cards are already available in the U.S. However, the chip cards are provided predominantly on an “at request” basis and, as mentioned, most often to international travelers. SOURCE

 Facebook   Twitter   LinkedIn   Website

Is your business PCI DSS compliant and why it matters?

What is PCI compliance ?

The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to protect your customers’ payment card information. As a matter of fact, it’s the security your customer is looking for. In scope cards include any debit, credit and pre-paid cards branded with one of the five card association (isa International, MasterCard, American Express, Discover Card, and JCB)

To whom does PCI apply?

PCI compliance is required for all merchants that store, transmit, or process payment card information regardless of size or number of transactions that accepts, transmit or store any cardholder data. Another way, if any customer of that organization ever pays the merchant directly using a credit card or debit card, then the PCI DSS requirements apply.

What are the PCI compliance ‘levels’ and how are they determined?

All merchants will fall into one of the four merchant levels based on Visa transaction volume over a 12-month period. Transaction volume is based on the aggregate number of Visa transactions (inclusive of credit, debit and prepaid) from a merchant Doing Business As (‘DBA’). In cases where a merchant corporation has more than one DBA, Visa acquirers must consider the aggregate volume of transactions stored, processed or transmitted by the corporate entity to determine the validation level. If data is not aggregated, such that the corporate entity does not store, process or transmit cardholder data on behalf of multiple DBAs, acquirers will continue to consider the DBA’s individual transaction volume to determine the validation level.
Merchant levels as defined by Visa:

Merchant Level	Description
1	Any merchant — regardless of acceptance channel — processing over 6M Visa transactions per year. Any merchant that Visa, at its sole discretion, determines should meet the Level 1 merchant requirements to minimize risk to the Visa system.
2	Any merchant — regardless of acceptance channel — processing 1M to 6M Visa transactions per year.
3	Any merchant processing 20,000 to 1M Visa e-commerce transactions per year.
4	Any merchant processing fewer than 20,000 Visa e-commerce transactions per year, and all other merchants — regardless of acceptance channel — processing up to 1M Visa transactions per year.

* Any merchant that has suffered a hack that resulted in an account data compromise may be escalated to a higher validation level.

SOURCE 

What are the PCI compliance deadlines?

All merchant that stores, processes or transmits cardholder data must be compliant now. However, as a Level 4 merchant, you will have to refer to your merchant bank for their specific validation requirements and deadlines. All deadline enforcement will come from your merchant bank.

Can I deal with PCI compliance on my own?

Businesses that want total control of their online payment process can choose to meet the requirements themselves. These measures include implementing quarterly scans and audits, passing security assessments, building and maintaining a secure network, and other controls.

SOURCE

 

Facebook   Twitter   LinkedIn   Website

What are your responsibilities as a merchant?

With having a merchant account, comes great responsibilities. Rules and regulations established by the credit card industry can be stringent and failure to comply can lead to account termination. The credit card industry maintains a list of merchants who have been terminated in the past, and if you land on this list then you will find it is extremely difficult to get a new merchant account.

Here are a few of the main responsibilities you have as a merchant:

Preventing Credit Card Fraud

Your primary responsibility as a merchant is to accept credit only from the person to whom it was issued. This is much easier to accomplish in the retail business where the cards are swiped and you have evidence of signatures to compare. However, when you accept an online credit card payment, ensuring the identity of the buyer becomes more difficult. This is one reason why internet purchases have the highest rate of credit card fraud. Moreover, credit card fraud criminals intentionally target new merchants because generally, they are comparatively inexperienced. The offenders believe that due to inexperience, a merchant would already have dispatched the order before discovering that a crime has been committed.

Let’s take a look at several steps that you can take to ensure that you don’t become the victim of credit card fraud:

• As soon as you set up your merchant account, call your bank and discuss the kind of risks you might be exposed to and the best way to deal with them.
• Understand the characteristics of a fraudulent transaction:

1. Orders for your highest-priced product  in bulk
2. Order might be from outside of your country and may be from countries that statistically have the highest rate of credit card crime.
3. The email account is usually untraceable.
4. Orders are placed with a request for quick or instant overnight delivery.
5. Shipping address might be different from the billing address.
6. The billing address might by suspicious. You can now use a map service to ensure that address provided is valid.
7. Delivery instructions might be to leave the order at the door. Make sure that you employ delivery services that require the signature of the receiver.

All of these characteristics can also be of true of valid transactions so make sure that you are sure before accusing the customer of criminal activity. In such a situation, you can ask for assistance from your bank as they can advise you on how to confirm the transactions.

Chargeback

This occurs when the holder of the credit card disputes the transaction with the card issuer. In this case, the account of the customer is credited, and yours is debited. In such a situation, you will have to prove that the product or service was delivered to the customer. If there is even the slightest doubt, the customer will get the benefit of the doubt—not you, the merchant. Chargeback may occur due to following reasons:

• The ordered product or service was not received by the customer. In order to ensure that this does not happen, you need to have a delivery confirmation system in place.
• The customer might think that the service or product was not delivered.
• The customer can also forget that he made the purchase. To avoid this situation you need to ask your merchant bank to identify your company’s name on the credit card statement of your customers as well as in the delivery confirmation system.

These are just some of the many responsibilities that rest on your shoulders as a merchant. Act conscientiously by carefully going through all the rules and regulations in order to avoid any unpleasant circumstances. Your bank and a reliable online payment company should be able to help answer many of your questions and give solutions to your concerns.

 

 

Facebook:  https://www.facebook.com/paymundo

Twitter: https://twitter.com/PaymundoSales

LinkedIn: http://www.linkedin.com/company/paymundo

Website: http://paymundo.com/