Author Archive

Why paying for stuff is so complicated now

A cash register among debris
ADAM HUNGER / REUTERS

I’m standing at the counter of a Vietnamese restaurant in Berkeley, ordering a pork bun. There was a time when I knew exactly what would happen next. I’d hand over my card, the cashier would swipe it, a little receipt would curl out of a machine, I’d sign it, and I’d crumple the bottom copy into a pocket. Easy.

Now all kinds of things can happen. I might stick my card directly into a point-of-sale (POS) system. Maybe I swipe; maybe the cashier does. Perhaps a screen is swiveled at me. I could enter my pin on a little purpose-built machine; I could sign with my finger on a screen; I could not have to sign or enter a pin at all. I could tap my phone on a terminal to pay. Usually, there’s a chip reader for my no-longer-new chip card. When I put the card in one of the machines, sometimes it takes four seconds; other times, I have time to pull out my phone and stare at it, which means I forget about the card until the reader begins to beep at me, at which point I pull it out, mildly flustered, as if I’d caused too much ice to pour out of a soda fountain. Ah! Okay. Sorry.

The act of paying for stuff is undergoing a great transformation. The networks of machines and code that let you move your imaginary money from your bank account to a merchant are changing—the gadget that takes your card, the computer that tracks a restaurant or store’s inventory, the cards themselves (or their dematerialized abstractions inside your phone). But all this newness must remain compatible with systems that were designed 50 years ago, at the dawn of the credit-card age. This combination of old and new systems, janky and hacky and functional, is the standard state of affairs for technology, despite the many myths about how the world changes in vast leaps and revolution.

If some areas of financial technology, or Fintech, promise a new elegance, the point of sale serves as a reminder of the viscosity of the everyday technologies on which most Americans rely. If you want to divine the future of transportation, you’d probably learn more thinking about the bus than the rocket. If you want to know how money is gonna change in the future, you need to look at the cash register as much as the blockchain.

But the most powerful and ambitious companies in the world have tremendous incentive to take interest in the cash register. It’s there where the two great data streams of the modern world flow together: what people do on their phones and what they buy in the physical world. In the first stream, the tech one, the rule is that data becomes money, after it is fed into machine-learning systems tuned to show you better ads. In the other, the data is money. If these two streams fully merged, a company could have a perfect ledger of what you saw and then everything you bought. The ads would get better, so you’d buy more stuff, and in buying more stuff, you’d make the ads better. Online, Facebook (and others) can already track all kinds of activity. But about 90 percent of purchases are still made IRL. Imagine the vast sums of money that could be made if every transaction became part of the ledger. Unsurprisingly, the big tech companies want a piece of this action—as do the banks, as do many start-ups and established, niche players.

So Americans are living through what Bill Maurer, the director of the Institute for Money, Technology, and Financial Inclusion at the University of California, Irvine calls the “Cambrian explosion in payments.” The “point of sale”—once a poky machine or just a person with a calculator or a pencil—is now a computer like everything else, tied deeply into the operations of the restaurant or store. The labor of making a payment could fall to the cashier, as in the old days, or to me, the customer, but we’re both accessing a complex, evolved system of reckoning between banks and their attached remoras, feeding on whatever money ends up in the water.

For your average fast-casual restaurant or mom-and-pop store, new point-of-sale systems promise easier bookkeeping, strategic business insights, and the kind of synoptic view of operations that is irresistible to managers. But to get all those analytics, those efficiencies, requires becoming part of the Silicon Valley world, with all the potential and pitfalls that entails. Players such as Square and Toast are fully technology companies, thinking about payments as a “stack” of different pieces of hardware and software, and they want to capture more of those layers than the banks and hardware makers of yore. Apple and Google and Amazon see locking people into their ecosystems and accumulating payment data to be as valuable as any transaction fees that can be wrung out of consumers.

Which is why the biggest trends in technology—platformization, data hunger, iteration, venture-capital-backed disruption, hype—have made their way to payments. Point-of-sale systems used to change slowly, with restaurants upgrading over years or even decades. Now they can be an app on an iPad with a new UX as often as engineers can push the updates.

A butcher customer using a point-of-sale machine (Marco Bello / Reuters)

Even the literal way that the machines plug into one another has changed. A credit-card reader almost always used to be a standalone brick of a machine, a Verifone or an Ingenico perched on a countertop. Maybe it was tied to a point-of-sale system. Maybe it sat there alone, next to an electronic cash register or someone with a big-buttoned calculator. The Squares of the world seek to internalize all the components of a transaction into a sleek screen mounted on some futuristic enclosure. The legacy companies such as Northstar and Cayanhave tried to keep pace, and new systems are proliferating as quickly as salespeople can harangue merchants into upgrading.

In payments, everything is categorically more convenient than in previous decades and yet also sort of broken in new ways, which I guess makes them pretty much like everything else that has been touched by technology in recent years. The last time things changed this much, Richard Nixon was president.


Take out your credit card, the piece of plastic. Run your finger over its embossed characters: your name, the expiration date. The embossing is a holdover from the earliest days of charge cards, an early-20th-century invention that was generally issued by a retailer, say a department store, and looked basically like a dog tag with raised figures enumerating your account. Stick one in an imprinter, with some carbon-copy paper, and it could create a receipt for a customer as well as one for the store. When the merchant brought the receipts to the bank, they got funds deposited in their account. It was simple, but laborious.

In the mid-century, banks came to take over issuing credit cards. To know if a customer’s account could be drawn on to make a purchase, the merchant had to call the bank. I mean this literally: They had to pick up the phone and dial, according to David L. Stearns’s history of the development of payment systems. And the cards only worked within one bank’s system, which meant that every bank had to sign up the merchants who would accept their card. Banking was much more tightly regulated back then too, so in some states, there were only local banks. If you left the zip code, your card wouldn’t work. One 1950 charge card only worked “in a two-block radius” of its issuing bank.

California was a little looser with its banking regulations, which made it possible for Bank of America to scale up the highly successful BankAmericard throughout the populous state. It used its many retail locations to sign up merchants and sent cards to people’s homes unsolicited. What they lost in fraud and unpaid bills, they made up for by taking a hefty cut from merchants for the ability to accept cards.

By the mid-1960s, other banks began to launch widely used credit cards. But what would happen if the bank issuing the card was different from the merchant’s bank? There wasn’t a way to exchange those funds. And what about traveling to different cities, let alone states or countries? The banks knew they needed a way to authorize transactions and exchange money with each other. So they developed new systems of cooperation, which became known as Visa and Mastercard. The card networks allowed someone whose bank was in San Francisco to use their card in Los Angeles or Louisiana or La Paz. This is so basic to how money works now that it seems like it always existed. It is such an ordinary miracle, like photosynthesis, that it’s only when you slow down to explain it, as if to an alien or a child, that it becomes striking, even amazing.

The prophet of this new system was Dee Hock, then a local banker whose branch had become a licensee of the BankAmericard. Hock became a central figure in knitting together the banks, not just technically, but through the organization he helped create, Visa.

Hock believed that Visa was the embodiment of a new type of decentralized organization, one that would help usher in what he called the “chaordic age.” He realized, he wrote, that “everything was changing with accelerating speed” and the world needed a new kind of institution on the same level as the “nation-state, corporation, and university.” The answer, as he saw it, was in the “chaord,” “the behavior of which harmoniously blends characteristics of both chaos and order.”

To create the “chaordic organization,” core notions and oppositions would have to be discarded, Hock contended. “What if the very concept of separability (mind/body—cause/effect—mankind/nature—competition/cooperation—public/ private—man/woman—you/me) is a grand delusion of Western civilization, epitomized by the industrial age; useful in certain scientific ways of knowing but fundamentally flawed with respect to understanding and wisdom?” Hock wrote.

Hock was not a philosopher, a countercultural icon like Stewart Brand, or some theorist at the Santa Fe Institute (although he did speak there). He was the first CEO of Visa, which he called a “transcendental organization linking together in wholly new ways an unimaginable complex of diverse institutions and individuals.” It did this by emptying out the old idea of money as “hard” currency, bills and paper checks and gold, subbing in a new definition of money: “alphanumeric data in the form of arranged energy,” bits in a computer. And using this idea, Visa built a new standard for computers to talk about money—now known as ISO 8583. Like Internet Protocol or containerization, this low-level agreement on how to move things around the modern world came to organize vast swaths of economic activity. Put all three of these late 1960s innovations together and you have the infrastructure of globalization.

“Visa provides an infrastructure … in which multiple competing financial institutions can cooperate, just enough, to provide a service that none could have realistically provided alone,” Stearns wrote. “In short, Visa makes money move.”

Visa wasn’t the only such organization. A different consortium of financial institutions banded together into Master Charge, which became Mastercard. Then those systems learned to work together (perhaps too well, according to retailers who have long-running antitrust litigation against the companies).

But there was one other key step in creating the modern point-of-sale system. Flip your card over now. Take a look at the magnetic stripe toward the top. It’s what made your card machine-readable. The system was developed by IBM in the late 1960s, and according to one of its architects, “The original information standards—the way the data is physically laid out on the mag stripe—has survived every migration of transaction media, from mag-stripe cards to smart cards, from smart cards to smartphones.”

The stripe itself is not unlike the tape in the cassettes you put in a boom box. But instead of encoding music in a form that can be played back from your shoulder, that little strip of iron oxide contains your account number. Swiping it through a reader plays it back. That’s why Square’s original card reader was designed attached to the headphone jack: The whole device merely sent the signal from the audio read head to the mic input, and then the app could take it from there. (Some beautiful nerds took advantage of this capability and converted the Square reader into a kind of instrument.)

“The payment card is merely an access device, a means for identifying the cardholder to the vast electronic financial network that lies behind it,” Stearns wrote in an essay in Paid: Tales of Dongles, Checks, and Other Money Stuff. Your card is a fob for walking into the vast digital storehouse where the “alphanumeric data” formerly known as money is kept.


From the very beginning, American credit cards have been relatively insecure. If Square can build a dirt-cheap way to read your credit card, so can fraudsters who built devices called “skimmers” which can steal the data off cards, reencode it onto a new one, and, voila, someone is swiping their way around with your account. You might think your signature is a security measure, but it’s basically theater. The only real security in the system is on the network level, where banks process transaction data to look for “suspicious activity.”

Chip-card technology—known as EMV in the industry—is more secure. The data can’t be easily skimmed from the chip, as it stores important information in an encrypted format. For these reasons, it’s been standard in Europe for more than two decades. But not in the United States.

Paying with a chip card (Michalis Karagiannis / Reuters)

Some of that was timing. One, if you installed a brand-new system in the 1970s, you probably didn’t want to buy all new hardware in the 1980s. Two, swiping is super fast and super easy. “Swiping is a really good experience,” said Jesse Dorogusker, the head of hardware at Square. “It sets a really high bar for convenience and speed.” Even if Square can spend the development resources to get its chip-card processing down to three seconds, other systems might take much longer—try counting, you might get to 10 or even 12 sometimes. “It makes for an inconsistent ecosystem,” Dorogusker said. Three, IBM, the developer of the mag-stripe card, was in the database business, so promoting more back-end data processing seemed like a good idea to them.

And so, authorization and fraud detection took place in the bank’s mainframes, while the reader and the card were basically dumb access devices hooked up to a network. This was convenient for customers, but if you were a merchant, not only did you need a special account with a bank that allowed you to transact with cards, but you also had to deal with the whole front-end to that system. As Lana Swartz, a media-studies professor at the University of Virginia and the co-editor of Paid, said to me, in the era before anyone was on the internet, accepting cards required “putting a modem in your shop, maintaining this dial-up thing, maintaining swipe equipment, dealing with errors.”

This gave rise to the POS industry as we now know it. The banks were not going to develop and service the ecosystem of hardware and modems necessary to accept credit cards, and so a whole constellation of businesses rose up to offer these services to mom-and-pop players. Over decades, Ingenico (mostly in Europe) and Verifone (mostly in the U.S.) came to dominate the actual payment hardware, and different point-of-sale hardware and software systems took over different niches. Then middlemen called Independent Sales Organizations, or ISOs, popped up to simplify the complexity of this world for someone who just wanted to sell futons or run a hamburger shop. They created whole packages of card-processing machines, POS systems, and accounts, which they’d roll up into a “solution” for individual merchants, and they also become responsible for assuming the risk of bad transactions. In other words, the ISOs are the complex, sometimes essential, sometimes shady layer between your corner bodega and the world of global finance.

The point of sale, to this day, is shaped by what these companies offer. Philip Parker, who runs cardpaymentoptions.com, has dedicated the last decade of his life to figuring out what a merchant should do, faced with these realities. When he was in college, he got hired by an ISO, and when he started going into stores, he’d get run out by merchants angry at the last ISO guy who screwed them. “These business owners would be yelling at me, ‘I’ve already been burned by you guys one time!’” Parker told me. Basically, if you got laid off from the used-car-sales lot, this industry might be your next gig.

Parker has now reviewed dozens of different card-payment systems from all kinds of different companies. There is huge variability in the fees that merchants have to pay, he told me, not just based on their systems but the cards that customers use. According to Cayan, a provider of point-of-sale equipment,there are “more than 700” different rates for different cards, transaction types, retail environments, and other factors. “My belief is that the confusion and complication are there on purpose because it allows these financial institutions and ISOs to make more money and charge more without anyone understanding what’s happening,” Parker said.

It’s dizzying. The contracts ISOs have merchants sign also slow down the speed at which restaurants upgrade their equipment. They can get locked into multiyear leases on the one hand, and on the other it can be such a hassle to get the point-of-sale equipment set up that once it’s working, they don’t want to mess with anything.

Josh Bays, a San Francisco resident, has worked in retail and restaurants for the past decade. One place he works uses Square. The other uses a legacy system that runs off Windows 95. “It runs about as slow as you’d expect,” Bays told me. “It’s a four-hour ordeal to add potato salad to the menu.”

But the owners don’t want to change that system out for something new and potentially better. “They know it will continue to work for as long as the hardware does,” Bays said. Whereas with a new system, they’ll be on the hook for a lease. “It’s kind of analogous to how Adobe doesn’t sell Photoshop anymore. They sell a license,” he said. “You never actually own anything.”

Even the chip readers, which would presumably reduce fraud, don’t always seem worth the investment to small-business owners. “There is nowhere I’ve ever worked where the management says, ‘I want to invest in infrastructure,’” Bays said. So they do it when they have to or when they finally get around to it.

The point of sale at Macy’s (Andrew Kelly / Reuters)

There are now dozens of point-of-sale systems offering different kinds of payment integrations and experiences. At their best, they integrate a whole restaurant’s or store’s business. They make it possible to take online orders and simplify accounting. They can keep track of important customers and offer them incentives. At worst, they present unwanted complexity, new problems, and the disruption of systems that worked.

“It’s all kind of a complete mess,” said Maurer, the anthropologist. “There are so many different systems. So many different POS manufacturers each promising different services. So many different payment systems and protocols.”

It’s not just outside scholars who have taken this position. The Aite Group, a financial-services research firm, found in a 2017 report that the POS is moving from “a highly concentrated industry” into one that’s wilder, a “new reality of an open ecosystem facilitating innovation and competition.”

Even the legacy industry-standard POS system for restaurants, NCR’s Aloha, would like to be known as something more. “The way we’ve been talking about Aloha in the last few years is as a platform of sale,” said Jon Lawrence, a senior director at NCR. “It’s more than a play on words: If you think about what Facebook has done, or Uber or Airbnb, these are software platforms that have helped transform industries.”

This is a crazy world that requires hundreds of thousands of small businesses to work through hundreds of vendors to reach thousands of banks. Every company is trying to extract some bits (of data, of money) from every single transaction, building fortunes out of pennies. That’s why Google Pay and Apple Pay didn’t take off like Facebook or Uber. There are just too many human hands reaching for pockets that need to get on board.

And it’s into this environment that Silicon Valley companies—and other VC-backed start-ups like Boston’s Toast—have plunged. Square could hack the technology of the credit-card reader, but the greater system’s complexity affords no elegant solution.

So, the next time you’re waiting for the chip-card reader to beep at you, consider that money has been data for a long time, arranged energy, but like every other part of the world that software is digesting, the gap between the mega-trend and the lived reality is where the money is made.

We want to hear what you think. Submit a letter to the editor or write to letters@theatlantic.com.

3 Ways to Celebrate National Small Business Week

3 Ways to Celebrate National Small Business Week

By Brooke Preston, Manta Contributor – April 22, 2018

3 Ways to Celebrate National Small Business Week

The SBA’s annual celebration is your chance to share with customers what it means to be a small business owner.

More than 50% of all Americans either own or work for a small business, according to the U.S. Small Business Administration, and they create two out of three new jobs in this country. Now that’s something to shout about! The SBA’s annual National Small Business Week — April 29 to May 5 this year — is your chance to celebrate the big impact small business owners have on the economy, the job market and your customers’ daily lives.

Here are three easy ways your business can participate:

Shop Local

It’s a simple step with a big impact: Shop at locally owned small businesses, hire local contractors, and support your peers in the local business community. Not only will you be helping their businesses, every dollar you spend in your own neighborhood gives your local economy a boost, which can only help your own business.

Spread the Word

Let your followers know it’s Small Business Week with relevant posts to your business’ social media accounts. Get creative! You can host a live Twitter chat with your customers; post an update on Facebook saying how much it means to you to be a small business owner in your community; or offer a special sale or promotion to your loyal local followers. Tell your social followers about other small businesses you partner with or love—they’re likely to return the favor! Don’t forget to use the SBA’s official hashtag, #smallbusinessweek, so your social media content shows up in user searches.

Sharpen Your Business Skills

Whether you participate in one of the week’s official events or sign up for a local workshop, use Small Business Week as an opportunity to learn about the trends, technology and marketing tactics that can help take your small business to the next level.

If an official event is not being held in your town, consider hosting your own open house or networking get-together for your local peers. It can be hard to step away from the daily demands of running a small business — use Small Business Week as an excuse to take a little break and connect with fellow small business owners.

For a complete schedule of the week’s official online and in-person events, visit the SBA’s National Small Business Week website.

Signing Off On Signatures

Is the End of Credit Card Signatures Here?

ig-webfeat-mobym70-launch-643x483Credit card signatures are going away. You may have seen many articles delivering this news, and might wonder if it matters to you as a merchant. Ultimately, the decision on whether or not to accept signatures is up to you, so it’s important to understand the benefits of each option. In this article, I provide some insight into how and why credit card signatures are being phased out. Let’s start with the basics.

What’s happening?

Effective in mid-April, it will be optional for merchants to capture a signature on receipts in card-present retail transactions. This means that merchants won’t need their customers to sign any paper or digital receipts to complete a transaction. The rules vary by card brand, but they generally apply to transactions on the Visa, Mastercard, American Express and Discover networks.

This may raise several questions for merchants:

Why are card brands doing this?

The payments industry has been re-examining the value of signatures for several reasons.

Over half of card-present transactions are already being processed without signatures under small-ticket card brand programs. For higher ticket items, the original idea was that merchants could compare the signature on the card with the signature on the receipt to validate that the cardholder is the actual owner of the credit card. This put an unfair onus on merchants, as they are not handwriting experts, and customers often sign in a hurry on credit card receipts, making comparisons unreliable.

As technology advanced with options such as electronic signature capture and NFC/contactless on customer-facing devices, managing both paper receipts and digital signature images became cumbersome and problematic for merchants. Over time, it became clear that this unreliable and inefficient process was not meeting the needs for which it was intended.

How are the card brands implementing this?

Before we get into the “how” question, let’s look at what purpose these signed receipts have for both the customer and the merchant. The customer’s signature on receipts serves two functions:

1. For the consumer, it is an acknowledgement that the merchant’s receipt is accurate.

2. For merchants, the signed receipt provides “insurance” against a potential chargeback from the card issuer in cases where the consumer disputes the transaction.

All the card brands are implementing this in slightly different ways. American Express is removing signature requirement all over the world, whereas Visa is making it optional only in the U.S. on chip-enabled devices. Mastercard on the other, is only removing signature requirement from U.S. and Canada and Discover is eliminating signature requirements in U.S., Canada, Mexico and the Caribbean.

The card brands are also removing the ability for issuers to chargeback based solely on signature validation. Other chargeback reasons remain unchanged.

Can merchants still collect signatures if they want to or if needed for other business reasons?

Yes, merchants can still collect signatures if they need to for any other business reasons. Some merchants, such as lodging, car rental and dining businesses, as well as merchants that integrate sales contracts into their receipts, may choose to continue collecting signatures. However, they no longer have to accept them specifically for chargeback protection.

Do merchants have to change their payment applications?

In the long term, merchants should update their payment application to allow the option of not printing or displaying a signature line on receipts. In the short term, they can just tell customers they don’t need to sign.

4 Things to Do Before Starting a Business

4 Things to Do Before Starting a Business

eCommerce Solutions | AllcardUSA.net

Credit: Arseniy Krasnevsky/Shutterstock

Starting a business requires many steps, and it certainly doesn’t happen overnight. As an entrepreneur, you must be willing to dedicate most of your time to the process.

“The first thing to do when contemplating starting a business is to understand the commitment required,” said Todd Rhoad, managing director of BT Consulting and partner with Peachtree Recovery Services Inc.

To make sure you’ve covered all your bases before opening your doors, Business News Daily asked experts for their best advice on starting a business.

You want to make sure you understand the industry you’ll be involved in so you can dominate. No matter how unique you might think your business idea is, you should be aware of competitors, said Ian Wright, founder of British Business Energy.

“Just because you have a brilliant idea does not mean other people haven’t also had the same idea,” said Wright. “If you can’t offer something better and/or cheaper than your competitors, you might want to rethink starting a business in that area.”

You should also consider your target demographic, which will be the driving force in each decision you make. You can’t earn a profit without your consumers, so make them your priority.

“It is crucial to make sure you are delivering what your customer wants, not what you want,” said Sonia F. Lakhany, attorney at Lakhany Law. “This will give you insight into your customer’s buying decision and save you lots of experimenting down the road.”

One of the first steps you should take in starting your business is choosing its legal structure, said business attorney Mason Cole of Cole Sadkin LLC. According to Cole, the most common structure is a limited liability company (LLC) because of its flexibility and the protection it provides owners from personal liability.

“It will dictate the taxes, paperwork, liability of the owner(s) [and] other legal aspects, as well as whether or not the company can have employees,” he said.

Additionally, you should acquire proper registration from the government to open your business.

“This means the entrepreneur will need to create the articles of incorporation, obtain an employer identification number and apply for necessary licenses, which will vary by state and industry,” Cole added.

Starting a business requires money that you likely won’t have right away, which is why it’s encouraged to seek capital.

“Most entrepreneurs start a business with a very limited amount of capital, which is a large hurdle to many,” said Cole. “However, there are plenty of options available to a budding business owner. The first and most common place to seek capital is with friends and family. If that is not enough, expand the search to angel investors and venture capitalists. Should these options not provide the amount needed, then apply for business loans through banks and small business associations.”

You don’t want to start your business with poor credit. Make sure your score is as high as possible, considering it won’t be once you open your company.

“You will probably get into a lot of debt starting out,” said Marc Prosser, small business expert and co-founder of Fit Small Business. “So, you’ll have to be able to finance [your personal life] through your own savings. If your credit score isn’t so great, you’ll [only] be able to borrow less money at higher interest rates. If you want to start a business, increase your credit score so you have a [greater] ability to borrow as much as you need.”

Travis Sickle, certified financial planner of Sickle Hunter Financial Advisors, advised entrepreneurs to be organized with taxes and fees. There are multiple payments you’ll need to make, and you don’t want to file late for any.

“You have to figure out how much your payroll is going to be in order to make your tax payments timely,” said Sickle. “The timing can vary depending on your payroll. You also have to figure out other business taxes, such as city, county and state.”

Starting a business should not be an independent journey, no matter how tempting. Hiring help along your journey will set you up for success. Ben Walker, founder and CEO of Transcription Outsourcing, said that the No. 1 piece of advice he’d give business owners is to have a coach or mentor.

Another smart hire is an accountant. It’s nearly impossible for one person to handle every aspect of a company, and above all, your finances should not be put at risk.

“I had a full-time job as I considered starting my own business in 2009, but I did a lot of groundwork before I started, and bringing on an accountant was an important step,” said Sarah Burningham, president and founder of Little Bird Publicity. “It helped me understand what I needed to do to make this work from a profit standpoint, [as well as] the ins and outs of state, federal and local taxes.”

It’s important to have assistance on the legal side of the business especially, ensuring you are protected and going about the process the right way.

“We often make the assumption that legal counsel is for when we get ourselves into trouble, but preventative and proactive legal preparation can be the very best way to set your business on the path to long-term success,” said Katy Blevins, co-founder and CEO of Modern Femme. “When you call on legal counsel after you’ve run into a problem, it’s often too late or could critically impact your business in both the short and long term. Investing in their insight at the start of your business can pay a huge return later on by keeping you out of trouble before you even get into it.”

For a step-by-step guide to starting your business, visit this Business News Daily article.

Additional reporting by Business News Daily staff.

What Merchants Should Know About the UX Journey

Rik van ‘t Hof •  •

ingenico-rik-mobile-online.jpgIn the past, my family used to have a single computer that we all shared. My wife, kids and I used it for everything: doing homework, watching videos, catching up on work, etc. Now we all have our own devices, and it’s rare that my family members use my laptop or phone, and vice versa. Our devices aren’t communal anymore – they are personal, and have greatly impacted our individual user experiences.

eCommerce is getting personal

Roughly 60% of the global population now uses smartphones, a figure which rises to roughly 80% in some of the tech-savvy countries around the world. Technology is getting more personal, and by extension, so is eCommerce. Consumers are interacting with money in ways that never existed before. When combined with personalization and advances in financial technology, powerful opportunities arise for both businesses and consumers who want to connect in new ways.

It’s already possible to create accounts with certain supermarkets, order groceries online, and confirm your order with a thumbprint. The entire process can happen within minutes on your mobile phone, and the more often you use it, the more customized it becomes with relevant suggestions and personalized information. Now imagine a world where grocery stores can identify your shopping habits with such precision that they anticipate when you will run out of items in your home. Already today, Amazon’s Dash Replenishment Service enables your connected devices to monitor usage of basic staples and automatically orders them as needed.

These offerings may seem futuristic, but we are already getting close, thanks to some technological advancements:

  • Personalization – new technologies have led to a world where mobile devices can be used as an extension of the individual. Biometrics, such as thumbprints, iris scanning and even Apple’s enhanced facial recognition, all offer authentication possibilities that make purchasing quicker and easier.
  • Digital marketing and tracking technologies – companies can now gain a deeper understanding of their customers’ preferences and online behaviors. By analyzing data, companies can pinpoint what people actually want and develop more personalized offers and incentives. This in turn increases brand engagement, drives more mobile transactions and leads to higher conversion rates.
  • Social apps and social commerce – social apps have led to increased usage of mobile devices, especially among millennials. These platforms open up new channels for brands to engage with their customers and offer tailored product recommendations.

Consumer expectations keep evolving

Today’s consumers are using a combination of devices to make purchases, both in-store and online. In fact, a 2016 study showed that nearly 100% of millennial shoppers checked prices or compared merchandise on their smartphones before making in-store purchases during the holiday season.

Imagine that you buy something online from your favorite brand, but it doesn’t fit and you have to return it. In today’s world, you could either mail it, or go to a store and deal with the hassle of the checkout line. In the future, you might be automatically identified upon entering the store, and your phone could send you a notification with the location of the same item in a different size. Or perhaps you will place your thumb to the fitting room mirror and the item will be automatically purchased and sent to your home.

The bottom line is that brands need to be anywhere and everywhere their customers are and facilitate easy journeys across all touchpoints. On and offline borders are blending, and are rapidly changing consumers’ expectations of a good shopping experience. As we move closer to an omnichannel world, a smooth and consistent journey will be a big differentiator.

Nothing happens without trust

Retailers can now truly get to know their customers and create individualized purchasing journeys, but none of this is possible without a strong sense of trust between the customer and the company. Establishing trust, especially when it comes to online payments, is critical. People need to feel secure and confident that their personal boundaries won’t be crossed or their information misused.

Companies that create safe and trustworthy environments when asking for an online payment are much more likely to convert the sale than companies that don’t. This includes small but meaningful details, such as offering recognizable payment products, using branded URLs and activating familiar security measures, to reduce friction and build trust in the process. In fact, mobile money is actually quite safe compared to other payment methods.

Connect to future UX expectations

With so much opportunity to personalize the UX it’s surprising that so many online shopping carts are still regularly abandoned. In fact, only 37% of all transactions occur when customers browse across multiple devices, and only 31% of these transactions are actually completed on a mobile device.

The more customers use mobile devices to make purchases, the more likely they are to become repeat shoppers. Orders made with one or more mobile devices have shorter time-to-next-orders than PC-only orders. This means that as consumers continue to adopt mCommerce, their purchasing behaviors will grow stronger.

Although abandoned carts are still fairly common, potentially 60% of lost mobile sales globally could be recovered by merchants who make it easier for customers at the checkout stage. This includes offering local payment methods and currencies, being transparent about shipping costs and delivery times, and even including personalized messages and offers to recognized customers. Opportunities to expand mobile commerce abounds, especially as consumers become more assured of safety and buying experiences become more seamless.

The user experience matters more than many brands realize. As consumers, we are naturally inclined to interact more with companies we recognize and trust. Offering a smooth and engaging UX journey across all touchpoints – existing ones and future ones – is a powerful opportunity for businesses that want to exceed their customers’ expectations.

Rik van ‘t Hof, Director of Front-End Product Management, Ingenico ePayments

eCommerce Solutions | AllcardUSA.net

Signatures for Payments to Be a Thing of the PAST

Mastercard, Discover, AmEx will ditch signatures

Not scribbling your name will speed checkout, won’t affect card security

John Egan
Personal Finance Writer
Writes trendy stories about credit cards.


Signature on payment slips may be going the way of the dodod

You may not be jotting your name on payment slips and checkout terminals much longer. Mastercard, Discover and American Express plan to ditch the signature requirement at merchants April 2018, and experts say Visa likely will do the same.

  • Mastercard, which announced the move in October, says more than 80 percent of the in-store transactions (also known as point-of-sale purchases) it processes now don’t need a signature.
  • Discover said on Dec. 6, that it, too, would abandon the signature requirement. “With the rise in new payment security capabilities, like chip technology and tokenization, the time is right to remove this step from the checkout experience,” Discover’s Jasma Ghai, vice president of global products innovation, says.
  • American Express announced Dec. 11 that it will drop the signature requirement globally in April 2018.

Signatures are no longer necessary to fight fraud

“The payments landscape has evolved to the point where we can now eliminate this pain point for our merchants,” said Jaromir Divilek, executive vice president of global network business for American Express. “Our fraud capabilities have advanced so that signatures are no longer necessary to fight fraud.”

Jack Jania, senior vice president of strategic alliances at Gemalto, expects Visa also will follow Mastercard, Discover and American Express in ditching the need for signatures within a year.

If Jania’s prediction holds true, that would spell the end of a decades-old ritual for cardholders: scribbling your name on payment slips.

“This is a good move for both consumers and merchants, as it will speed up the in-store purchase experience,” Jania says.

And when might Visa join the no-signatures-required party?

Jeanette Volpi, head of North America communications at Visa, declined to say. She added, though, that more than three-fourths of Visa’s face-to-face transactions in North America don’t require signatures.

“Visa supports multiple technologies to bring speed, security and consumer convenience to the authentication and authorization process,” Volpi said in a statement.

“THIS IS A GOOD MOVE FOR BOTH CONSUMERS AND MERCHANTS, AS IT WILL SPEED UP THE IN-STORE PURCHASE EXPERIENCE.”

‘A costly yet feeble means of securing transactions’

The Retail Industry Leaders Association and even Walmart, the nation’s largest retailer, say it’s time to say so long to the signature requirement.

“Mastercard’s decision to end signature verification acknowledges what retailers have long argued, that signatures are a costly yet feeble means of securing transactions,” says Austen Jensen, vice president for government affairs at the Retail Industry Leaders Association. Discover and American Express announced in December that they, too, will eliminate requiring signatures at point-of-sale terminals.

“Going forward, the payment industry needs to focus on finding solutions to the growth of fraud both in stores and online, where current measures are inadequate for protecting consumers and merchants.”

Walmart said in a statement about just saying no to the signature:

“Removing this step at checkout will save time for our customers and decrease the expense associated with storing and presenting signatures back to the issuer, all while preserving security for customers.

“We anticipate this will result in savings that can be used to continue to lower prices for our customers.”

Is safety in jeopardy?

Industry insiders don’t think the rollout of no-signature policies will endanger cardholders’ data.

Philip Andreae, a consultant in the digital payments industry, questions whether the signature requirement for in-store card purchases really improves the security of transactions.

Why? Merchants typically don’t check a cardholder’s signature – either on a paper receipt or an electronic screen – against the signature on the back of a card, he says, and many cardholders fail to sign their cards anyway.

“If merchants were doing what they are supposed to do, then maybe it has added a level of security,” says Andreae, of Philip Andreae and Associates. “Otherwise, as it is today, there is no value.”

Gemalto’s Jania believes not requiring signatures will have no effect on card security, since existing chip technology and other high-tech tools for verification of a cardholder’s identity aren’t going away.

Laura Townsend, senior vice president of operations at the Merchant Advisory Group, agrees. In a statement, she praised the no-signature move and noted that “new and improved” digital authentication tools – such as face, voice and fingerprint recognition – will bolster the security of in-store transactions via credit or debit card.

“WHAT CONSUMERS WILL FIND REASSURING IS THAT REMOVING THE NEED TO SIGN FOR PURCHASES WILL NOT HAVE ANY IMPACT ON SAFETY.”

Not a ‘radical’ idea

Mastercard describes dropping the signature as “another step in the digital evolution of payments and payment security.”

“At first glance, this might sound like a radical proclamation, especially to people who have had credit and debit cards for decades,” Linda Kirkpatrick, Mastercard’s executive vice president of U.S. market development, wrote in a blog post announcing elimination of its signature requirement.

“However, the change matches all of our expectations for fast and convenient shopping experiences.”

Mastercard says merchants such as retail stores and restaurants will be offered the option to ask for signatures, though.

Discover says the change is part of its efforts to continually improve the payment experience by speeding up the time spent at checkout all while maintaining a high level of security for both customers and merchants. Discover has already implemented a number of digital authentication technologies such as tokenization, multi-factor authentication, and biometrics that are more secure than requiring a signature and provide a more seamless payment transaction.

“As the payments industry continues to evolve and introduce new methods of transacting, we’re making sure that Discover is providing customers and merchants with a smooth and more secure payments experience,” Ghai says.

Kirkpatrick stresses that ensuring the security of credit and debit card transactions continues to be a top priority for Mastercard.

“What consumers will find reassuring is that removing the need to sign for purchases will not have any impact on safety,” she wrote. “Our secure network and state-of-the art systems combined with new digital payment methods that include chip, tokenization, biometrics and specialized digital platforms use newer and more secure methods to prove identity.”

Mastercard research shows most cardholders and merchants are ready for the signature requirement to die, particularly since that will accelerate the checkout process.

“While security remains paramount,” she writes, “we know that convenience is also a large part of what consumers want when they are shopping and paying. … The move will help merchants speed customers through checkout, provide more consistent experiences for every customer with every purchase and should decrease costs associated with safely storing signatures.”

Thank You to ALL Veterans!

12 Common Cybersecurity Mistakes and How to Help Avoid Them

12 Common Cybersecurity Mistakes and How to Help Avoid Them

While it may not constitute end times for a business, an incident that can result in stolen data, diminished customer confidence, reputational harm, compliance penalties and legal fees isn’t exactly a drop in the bucket either.

A study last fall found that the average data breach costs victim companies $15.4 million, up 19 percent year over year. Nobody in good faith wants to cost their company money because of a compromise, CEOs included.

Look, we all do dumb things. The key is learning from them and not making them habits. Because, as you know, the definition of insanity is doing the same thing over and over again – and expecting a different result.

Here is a list, in no particular order, of 12 cybersecurity mistakes you should avoid making in the current era of modern cybercrime. If something is missing from the list that you think should be on it, please drop us a note in the comments.

1) Failing to Map Where Data Flows and Lives

It can’t be said enough: Your data is your company’s lifeblood. Assessing and charting where that data flows (especially if it’s going outside of your organization), with whom it’s shared and where it lives at rest is paramount to knowing what you need to protect. When challenged with being right all the time – and the attackers typically needing to be correct just once – visibility is everything.

2) Neglecting Security Testing

Vulnerabilities reside across your databases, network and applications – and now also extend to devices like mobile and Internet of Things. These require regular testing through both automated vulnerability scanning and deep-dive penetration testing. Remember: Test, don’t guess.

3) Concentrating Too Much on the Perimeter

Prevention is not exactly an anachronism, but considering how advanced threats have become, attackers will inevitably make it through your border defenses. And once they’re inside, they will look to acquire privileges that will camouflage them as trusted users. They may evade you for a long time, unless you have strong visibility and an actionable understanding of indicators of compromise.

4) Blanking on the Basics

Oftentimes, it’s the simple things that will get you. To avoid having that “Doh!” moment, make sure all of your staff uses strong passwords (passphrases are preferred) and are following the principle of least privilege, and all of your network components are properly segmented to minimize access to confidential data, adequately configured to avoid undesirable changes, and up to date with the latest patches.

5) Disregarding Security Awareness Training

You’re likely familiar with the campaign “If you see something, say something.” Just as in the physical world, security enforcers rely on the population at large to stop attacks at their source – or at least make them aware of malicious attempts. Train your staff in everything from laptop protection to social engineering identification. And don’t forget to retrain because the scams continue to get sneakier.

6) Ignoring Security Monitoring

If you’re like most businesses, you don’t have the budget to stand up your own security operations center. But that doesn’t relieve you from needing around-the-clock monitoring and intelligence that will help you investigate automated alerts, hunt for threats, escalate serious incidents and minimize attacks.

7) Resisting Vendor Risk Assessments

Some of the most ignominious breaches of late were caused by attackers first infiltrating one of the victim company’s vendors. You must have a plan in place with the third-party entities to which you outsource to ensure that they are taking security and risk as seriously as you are.

8) Overlooking “Shadow IT”

Your endpoints are like ivy – growing mightily and quickly getting out of control. The good ol’ days of only needing to concern yourself with desktop and laptop computers are long gone. Your employees are now accessing so-called shadow applications and devices that are not supported by IT. If you can’t stop it, at least don’t be blind to it. First profile your risk, then institute controls.

9) Thinking it’s Just About Malware

Malware is still a critical part of attackers establishing their initial foothold. But once inside, they often use different strategies to laterally advance across your network. In many cases, that means flying under the radar by using legitimate administrator or ethical hacking tools to harvest sensitive data and detect vulnerabilities.

10) Believing a Breach Won’t Happen to You

Perhaps you’re still holding out hope that cybercriminals will show you mercy and pass over your business, but the reality is that companies of any size are targets. Preparing your defenses to also include response will help you react faster and minimize the fallout if – or more likely, when – your day comes.

11) Dismissing Your Bosses and the Boardroom

Security maturity is the holy grail of any infosec professional’s job objectives. In instances where businesses have reached high levels of maturity, security is ingrained in the culture, from the corner offices on down. Obtaining boss- and board-level support may be uncomfortable, but in today’s climate, it is imperative.

12) Trying to Do It All On Your Own

The cybersecurity skills shortage is no joke. Estimates place the worldwide shortage at one million positions and growing. Whether you’re a small business that lacks any security skills at all, or a larger outfit that needs help enhancing certain areas like penetration testing, security monitoring or incident response, doing more with less just isn’t going to work.

Partnering with a managed security services provider like Trustwave is a viable option. And such an arrangement doesn’t have to result in reduced headcount either – it just means you and your team can instead focus on and expedite IT projects that will have real effect on the top line of your business, while leaving security responsibilities to someone else with deep expertise and scale. This can actually result in elevated job security for your IT staff and fewer worries over losing a skilled in-house security staffer due to the industry’s notoriously high turnover.

Dan Kaplan is manager of online content at Trustwave and a former IT security reporter and editor.

What Could Mobile / Digital Payments Save Your City?

WHAT COULD DIGITAL PAYMENTS
SAVE YOUR CITY?
Over the last decade, the world has gone
digital. Communications, entertainment and
commerce have moved online—bringing
significant benefits to consumers, businesses
and economies.
In this new digital society, payments are more
important than ever—providing the foundation
for new experiences and business models. With
this explosion of connectivity, digital payments
are growing exponentially as well.
It took 60 years for Visa to reach 3 billion
accounts, but we’re now on the cusp of a true
revolution that will see this number explode.
Hundreds of millions of new connected
devices are coming online and they’re all ways
to pay or be paid. The Internet of Things is
expected to reach 20 billion devices by 2020
and these connected devices will be able to
facilitate a range of commercial experiences,
including payments.
However, alongside the digitization of
commerce and payments, cash continues to
play a large role in certain sectors and markets
around the world, which could potentially
hinder economic growth in these communities
and industries.
To better understand the impact cash
can really have on economic growth, Visa
By Visa commissioned economics consulting and
research firm, Roubini ThoughtLab, to analyze
the use, acceptance and cost-benefit impact
of physical versus digital money in 100 cities
across the world. “Cashless Cities: Realizing
the Benefits of Digital Payments” is a unique
study that quantifies the net benefits that
cities, their residents and businesses could
realize by significantly increasing the use of
digital payments.
The study demonstrates that economies that
are moving toward digital payments and away
from cash, could benefit substantially. The
study estimates that reaching an “achievable
level of cashlessness”—defined as the entire
population moving to digital payment usage
equal to top 10 percent of users in that city
today—across the 100 cities examined, could
result in total direct net benefits of up to
US$470 billion per year. These benefits are
derived from many factors, ranging from
time savings among consumers from cashrelated
activities, to increased sales revenues
among businesses, to reduced government
administrative costs.
There are many instances where cash is more
costly than digital payments. The study found
that cash and checks cost businesses 7.1 cents
of every dollar received compared to 5 cents of
every dollar collected from digital sources.
Unbanked consumers across the 100 cities
spend an average $7 to $15 a month on cash
withdrawal activities like check cashing. By
reducing their reliance on cash, each unbanked
consumer could save an estimated $84 to $180
per year, on average. Furthermore, the study
shows the greater adoption of digital payments
could lead to a reduction in cash-related crime,
which benefits not just consumers, but also
governments by reducing criminal justice costs.
The shift to digital payments could also have
a catalytic effect on the city’s overall economic
performance, including GDP, employment,
wage and productivity growth. The study
predicts the combination of greater economic
activity, lower crime and greater ease of living
could make these cities more attractive to
businesses, talent and tourists.
We’ve seen what immediate and longterm
benefits could stem from the greater
adoption of digital payments. So, what now?
What can cities and governments do to help
usher in a more cashless future? The study
sets out 61 actions in a detailed roadmap for
policy makers.
Here are just five immediate and
actionable steps they can consider
taking to reduce cash reliance:
1Undertake targeted financial literacy
programs to help welcome the unbanked
into the banking system and offer secure digital
payment solutions for government benefits to
those who do not have bank cards.
2Phase out cash and check payments to and
from the government by adopting an allelectronic
payment and disbursement system,
meaning all government benefits, relief funds, tax
disbursements, collection and other payments
made to and from government institutions are
shifted to digital format.
3Promote a clear, innovationfriendly
regulation framework
4Ensure that digital payments are a
key component to all “smart city”
plans and strategies
5Implement secure open-loop
payment systems across all
transportation networks
The report is also supplemented by an
online data visualization tool, which
can be used to explore the benefits of
a more cashless world.
From mobile payments using
scanned codes to cards using
biometric authentication, billions
of connected devices such as
smartphones, watches, cars and
fitness trackers are now able to
send (and receive) payments. The
data shows that as communities and
cities become less reliant on cash
and better equipped to offer fully
digital payment experiences, their
businesses and economies could
grow, allowing their populations to
benefit and thrive