Tuesday, January 31, 2012


Description: Breaking News
Updated: Monday, January 30, 2012
A European perspective on EMV in U.S.
Description: Arecent white paper issued by Dutch international digital security firm Gemalto N.V., a strategic partner of VeriFone Inc., gives a European perspective on the drive to introduce the Europay/MasterCard Worldwide/Visa Inc. (EMV) chip technology to the United States. The free paper, titled The Migration to EMV Technology – EMV Implementation in the U.S., discusses the importance of Visa's EMV push in the United States and looks at the consequences and costs of EMV implementation here for merchants and issuers.
VeriFone and Gemalto are working together on new chip card solutions and technology for U.S. retailers and card networks.
Visa forces issue
The paper acknowledged Visa's effort to promote EMV. Visa said in 2011 it would bring its Technology Innovation Program (TIP) to the United States beginning in October 2012. Under the TIP program eligible merchants will no longer have to validate Payment Card Industry (PCI) Data Security Standard (DSS) compliance in any year in which at least 75 percent of the merchant's Visa transactions originate from chip-enabled terminals.
To be eligible for this cost-saving TIP benefit, terminals must support both contact and contactless chip acceptance, including mobile near field communication (NFC) technology. Merchants must also still comply with the PCI DSS.
"With this announcement from Visa, the United States payments landscape is no longer a future of magnetic stripe technology, but one of EMV chip technology and contactless and mobile payments," the paper stated.
Benefits
Gemalto pointed to a number of merchant and acquirer benefits when the switch to EMV chip and PIN technology is made – not the least of which is fraud prevention. The encryption embedded in the EMV technology makes captured data worthless to criminals.
"When [card not present] fraud is included in the equation, the picture gets even more attractive for the merchants," the paper said, noting that fraud concerns are among the most compelling reasons for moving to EMV technology. "It is the consensus among observers … that physical world fraud in the U.S. is already above the global average today and is on the rise. The lessons learned from the many migration activities worldwide clearly indicate that fraud migrates toward those regions which have not yet migrated to EMV technology."
The introduction of EMV will also make U.S. payments compatible with payments in the rest of the world, meaning when U.S. citizens travel they will be able to use their credit and debit cards virtually anywhere.
Implementation
Gemalto approved of Visa's request to issuers and merchants to move at the same pace as they begin EMV implementation. "The stakeholders are well advised to consider forced replacements of cards and devices outside of the normal replacement cycles," Gemalto said in the report. "The additional investment has a clearly identifiable return.
"It is even more important to initiate the migration of the ATM installed base synchronously with the cards and devices. If ATMs are not made EMV compliant in sync with the POS devices, the life of the magnetic stripe technology will be prolonged, and ATMs become the single point of failure (or fraud for that matter) in the card payment system."
Gemalto believes contactless and mobile payments are the industry's future but it noted the "bulk of the hardware and software upgrades are still in front of the industry in order to make contactless and mobile payments a success. It would only take a small incremental investment to also provide EMV contact transaction capabilities in these new devices and thereby open up the U.S. acceptance infrastructure for the globally accepted EMV standard.
"Because of lower costs of terminals and cards, as well as Visa's TIP program, migrating to EMV will be easier and less costly than it was even a few years ago."

Payments by the numbers
Friday, January 27, 2012
Description: Following are research highlights from recently released payments industry reports.
Data breach aftermath detailed
A study released Jan. 25, 2012, by Experian Data Breach Resolution, a division of Experian Information Solutions Inc., and the Ponemon Institute LLC offers lessons in best practices for companies that have experienced data breaches. The study, titled Aftermath of a Data Breach, surveyed 500 information technology (IT) professionals at companies victimized by fraudsters.

The study found:
  • 60 percent of respondents said the customer data lost or stolen was not encrypted
  • 70 percent of participants reported email breaches, 45 percent said credit card or bank payment information was compromised, and 33 percent said social security numbers were hacked 
  • 34 percent of the companies said the cause of breaches turned out to be employee negligence, 19 percent said the beach occurred when data was outsourced to third parties, 15 percent said the breach was insider fraud related
Only half the respondents thought their companies adequately protected consumer information prior to the breach. Fifty-six percent of the respondents said hiring lawyers after breaches was critical to lessening the impact of the hacks on the companies.
Only 50 percent said the highest priority following the breach was determining how badly victims were damaged. Many of those surveyed (64 percent) said companies did not offer credit monitoring services to their customers following breaches and even more (73 percent) said companies did not offer customers any identity protection products or services.
Following the breach, 61 percent of the companies increased their security budget and 28 percent hired additional IT security staff.
The survey participants offered suggestions in four categories they believe will reduce the opportunity for data breaches in the future. Those categories are:
  • Education: Train employees and contractors, and enforce security policies need to be prioritized
  • Support: Organizations need to spend more money to enhance online security
  • Hire: The impact of data breaches on companies can be reduced by hiring legal counsel, assessing the damage to the victims and carrying out complete forensic exams of the breached systems
  • Learn: Limit the amount of personal data collected and stored, and decrease the number of outside people with access to the system
 .
Effects of Durbin remain uncertain
New debit card regulations have created a confusing environment where 70 percent of consumers believe the Durbin Amendment to the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 benefits banks and 30 percent think the new Durbin rules benefit merchants, Javelin Strategy & Research said in its 2011 Consumer Payments Behavior Report released Jan. 24, 2012.
"Consumers love their debit cards, but the majority would choose different payment options if they were charged a fee for using debit," said Beth Robinson, Javelin Director of Payments Research. "Our data shows that if [financial institutions] implemented debit card fees, 32 percent of consumers would choose cash as their payment option, 25 percent would pay with a credit card and 26 percent would switch to another bank that didn't charge for debit cards."
Javelin President James Van Dyke added, "The full effects of Durbin remain to be seen. The recession led many people to turn away from credit cards in favor of debit and prepaid cards as ways to control debt, but this trend seems to be slowing as the economy stabilizes."
 .
E-commerce channel growing in importance
Retailers are turning more and more to e-commerce platforms as the primary way to interact with customers online, according to a RSR Research LLC study released Jan., 26, 2012. The company surveyed 94 retailers and discovered many are investing in content management and product-level social media integration rather than spending on POS terminals and add-ons.
Steve Rowen, study co-author and RSR Research Managing Partner, said, "You really can't overemphasize the importance of having an exciting online shopping experience that understands the customer's lifestyle – and how the brand and products can engage and suit that lifestyle. This report shows how the best performers understand that, how they are thinking and acting differently, and as a result, offers up some valuable lessons for all retailers to consider."
Short takes on payments
Thursday, January 26, 2012
MasterCard mobile payments
MasterCard Worldwide said it is launching a pilot in Australia to test its new QkR (pronounced "quicker") mobile payment application. The new application will allow movie goers to peruse menus, order, and pay for food and drinks from their seats using smart phones. The purchases are delivered to the customer at their seats. QkR works by scanning a QR code or by entering a special QkR label.
Fed looks at authentication
A new article on the Atlanta Federal Reserve Board Retail Payments Risk Forum website compares and contrasts PIN authentication versus signature authentication. It reported that 91 percent of the debit card fraud in 2010, an estimated $804 million out of a total fraud loss of $880 million, was connected to POS signature debit transactions.
"Although the fraud rates for both signature and PIN transactions have increased over time, signature transactions still exhibit significantly higher loss rates, especially when comparing the transactions on a per-dollar volume basis," the Atlanta Fed stated. "Ultimately, PIN debit offers an additional and superior layer of authentication not offered on credit and signature debit transactions."
The Fed noted there are few merchants who have a POS PIN-based transaction capability and said statistics clearly show that if more people used PIN authentication, there would be less fraud. It added, "However, given recent EMV-related statements that Visa and the Merchant Advisory Group have issued, it remains unclear whether or not PIN authentication will become the standard in the United States."
Visa Inc. said recently on a corporate blog it does not believe PIN authentication will be necessary in the United States as the more secure Europay/MasterCard Worldwide/ Visa Inc. card becomes an accepted standard here.
NACHA clarifying language
NACHA – the Electronic Payments Association wants people to watch their language. NACHA has launched a campaign to popularize the phrase "via ACH" rather than other, more vague, terms such as "e-check" or "easypay." The motive behind the effort is to help people understand what the automated clearing house (ACH) system is and how it works.

Survey says fraud declined in 2011 as costs rose
Wednesday, January 25, 2012
Description: Anew study from fraud management company and Visa Inc. subsidiary CyberSource Corp. concluded that the e-commerce fraud rate dropped in 2011 to its lowest level in the 13-year history of the CyberSource fraud survey. However, the study also found that the cost of fraud is rising. In 2011, fraud prevention costs increased, dollar losses rose and merchants reported fraud is getting harder to detect, according to CyberSource.
Merchants that participated in the fraud survey said they found mobile commerce fraud is equal to, or lower than, they expected relative to online order fraud. The survey said there was a 33 percent drop in the incidents of e-commerce fraud in 2011 compared to 2010. Merchants reported, however, fraud losses as a portion of revenues rose to 1 percent of online purchases in 2011, representing about $3.4 billion.
"This is the first time merchants have cited an increase in the fraud rate by revenue since 2004," CyberSource said in the report. "The lower fraud rate by order, accompanied by higher estimated revenue loss, means fraudsters are stealing more expensive items – $250 on average vs. $150 on average for a valid order." The study found electronic and digital goods were the favorite targets of cyber criminals.
Beware international transactions
The study determined merchants used more fraud detection tools and more manual screening of orders in 2011, resulting in more expensive fraud prevention programs. "Merchants in 2011 ultimately accepted 75 percent of the orders that they manually reviewed, of which 6 percent turned out to be fraudulent – 10 times higher than the overall 0.6 percent fraud rate by order," the researchers said. "These figures suggest better pre-screening and more reviewer training are called for."
Rejection rates for international orders ran about 2.5 times that of domestic orders. "This prudence is warranted – the international fraud rate by order was 2.0 percent, over three times higher than the fraud rate by order for North American orders (0.6 percent)," the study said. The researchers further stated that merchants working internationally may want to add more sophisticated fraud detection tools, such as global transaction activity modeling, website behavior analysis, device fingerprinting and Internet protocol geolocation technology.
For a copy of the study, go to 

Has PayPal hit critical mass with AJB deal?
Tuesday, January 24, 2012
Description: Apparently PayPal Inc., the payment arm of eBay Inc., isn't waiting for the development of near field communication (NFC) or Europay/MasterCard/Visa (EMV) infrastructures to revolutionize payment paradigms for U.S. retailers and consumers. AJB Software Design Inc. said Jan. 16, 2012, it will introduce PayPal payment options to its more than 140 customers (many of whom are tier one retailers) and their more than 250,000 POS terminals.
The companies said the cloud-based, Internet protocol-enabled solution involves a POS application programming interface that allows AJB retailers to offer customers the ability to pay with a PayPal payment card or by using PayPal's Empty Hands solution, where users enter mobile phone numbers and PINs at the POS, with no new infrastructure costs or technology upgrades required by merchants.
AJB said it is building a PayPal interface into its payment solutions platform, Retail Transaction Switch. AJB hasn't disclosed which retailers will be offering the service, but it boasts a customer base that includes "25 of North America's top 100 companies by 2006 sales volume" and "nine of the world's fastest growing merchants." AJB serves customers in the U.K., Europe, Latin America and Asia as well as North America.
The AJB-PayPal rollout will be operational by the end of the current fiscal quarter, confirmed an AJB spokeswoman.
Critical mass
The idea that consumers will have the opportunity to use the PayPal solution at some of the largest U.S. retailers that operate in a variety of retail environments, including clothing, department stores, electronics stores, oil and gas, restaurants, sporting goods and toy stores, means PayPal will have the opportunity to reach what payments consultant Paul Martaus calls critical mass.
"Critical mass in this context means when there is enough buzz, knowledge and awareness on the part of consumers that the technology has the opportunity to go from curiosity to adoption," said Martaus, President of Martaus & Associates. "The test I've applied over 30 years of watching transaction technology in this business is the 'better, faster, cheaper test.' If you have two out of the three, if something provides the consumer with a better, faster and/or cheaper service, it is likely to be adopted."
The question is whether PayPal meets this test, according to Martaus. But the partnership looks promising from his viewpoint. He said, "250,000 terminals may not be a lot of terminals when you consider there are 6 million terminals out there, but these are tier-one merchants and tier-one merchants provide 90 plus percent of all transactions submitted for closure."
Martaus pointed out that less than 4 percent of retailers currently have installed NFC readers at the POS. He believes the push to introduce NFC and EMV in the United States will not curb PayPal's inroads into the retail payments market because PayPal doesn't require that technology to offer retailers proximity payments. Additionally, PayPal's popularity continues to grow. In its recent quarterly report, eBay said PayPal is adding accounts at a rate of 1 million per month.
Pilots and opinions
In September 2011, before Scott Thompson resigned as president at PayPal to join Yahoo! Inc. as Chief Executive Officer, he remarked in a PayPal blog, "Let's be clear about something – we're not just shoving a credit card on a phone. PayPal is re-imagining money and making it work better for merchants and consumers – whatever device you're on, wherever you are in the world, and however you prefer to pay (whether that's cash, credit or installments)."
Thompson said PayPal's goal is to allow customers not to have to stand in line to make purchases. PayPal technology also offers consumers the ability to decide how they want to pay, arrange for payment installments instantly if needed, use any smart device to make payments, and it gives customers the ability to change how they pay even after they've checked out.
Recently, PayPal entered a pilot with Home Depot U.S.A. Inc. to test PayPal's new service. Russ Jones, a Partner with Silicon Valley payments consulting and research firm Glenbrook Partners LLC, tried the solution at a Home Depot store.
Jones summed up his experience in a Glenbrook blog published Jan. 20, 2012. "I felt that paying without having to take anything out of my wallet was nice, and I liked it in a subtle but pleasing way," he wrote. "Now that I think about [it], I don't know why anybody would want a PayPal card if they can use PayPal Empty Hands. … I'm pretty sure that I'll be using PayPal for every one of my purchases going forward at Home Depot."
Karen Webster, CEO of technology consulting firm Market Platform Dynamics, wrote in the January 2012 issue of The Lydian Payments Journal that the biggest hurdle PayPal faces is merchant penetration. However, she said PayPal still drove $56 billion in retail payments in 2010. Webster concluded that PayPal's solution is a "versatile approach to solving POS acceptance for consumers and merchants, leveraging what consumers and merchants have available to use today, including 100 million (and growing) populated wallets.
"Their solutions are also handset and carrier agnostic, which is a big plus. There are already too many moving parts in the mobile payments space to orchestrate. Eliminating this one is pretty huge."
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)