Category - News

Is COVID-19 the Tipping Point for Contactless Payments Adoption?

Is COVID-19 the Tipping Point for Contactless Payments Adoption?

Credit: Getty Images by Tom Werner

COVID 19 Forces Contactless Adapters

More Than Half of U.S. Consumers Now Use Some Form of Contactless Payments, Mastercard Says

Contactless payments may finally be gaining further adoption by U.S. consumers. Spurred by prevention efforts in reaction to the Covid-19 pandemic, many consumers—51%—use some form of contactless payment, Mastercard Inc. says.

In what may be the most detailed data yet publicly released about U.S. consumers and contactless payments, Mastercard’s survey of 1,000 U.S. banked consumers between April 10 and 12 also found that 88% of those who had an opinion said adoption was easy. More telling may be that 56% say they will continue using a contactless payment method when the pandemic ends.

Mobile Credit Solutions | AllCardUSA

Mastercard, the other card brands, and Silicon Valley tech giants like Apple Inc. and Google, have been promoting contactless payments for years. The tipping point, it appears, may have come with concerns over cleanliness and social distancing driven by the Covid-19 pandemic. Much of the marketing for contactless payments centered on convenience in drive-throughs and in transit. In the first quarter, global contactless payment use increased 40% from a year ago.

A consumer taps a contactless card at a point-of-sale terminal in a Target store.

These perceptions of safety and convenience, however, prompted nearly 33% to put a contactless card in the coveted top-of-wallet position. That figure climbs to 43% for those under 35 years old and to 35% for affluent consumers. Overall, 57% say paying via contactless is a little or much more top-of-mind now than pre-pandemic.

Indeed, 51% say they are using cash less often or not at all since the pandemic began. Globally, 80% of contactless transactions are less than $25. Mastercard also conducted the survey in 18 other countries. In many international locations, the card brands have increased the limits for contactless transactions.

“Social distancing does not just concern people’s interactions with each other. It includes contact with publicly shared devices like point-of-sale terminals and checkout counters,” said Blake Rosenthal, Mastercard’s executive vice president and head of acceptance solutions. “Contactless offers consumers a safer, cleaner way to pay, speed at checkout, and more control over physical proximity at this critical time.”

Seventy-seven percent of U.S. consumers surveyed say contactless payment is a cleaner way to pay and 70% say it’s more convenient than cash.  Sixty-seven percent view it as faster than cash and 45% say it is their preferred in-store payment option. A majority—51%—view contactless payments as more secure than cash and 49% say Covid-19 prevention efforts inspired them to use contactless.

COVAD-19 Relief Program

COVID-19 RELIEF LOAN PROGRAM!  This program is designed to help merchants who have been affected by the COVID-19 pandemic.  It doesn’t matter if their businesses are shut down, or simply have little to no revenue, WE CAN STILL LEND TO THEM.

Holiday’s Bring Rise in Payments Fraud

While consumers spent nearly $3 billion holiday shopping on their smartphones this year, more than any other Black Friday and Cyber Monday in history, a new report from iovation has found that suspected online retail fraud also increased this holiday season.
According to the report, suspected online retail fraud increased 29 percent during the start of the 2019 holiday season when compared to the same period in 2018. What’s more, the report indicated a 60 percent increase in suspected eCommerce fraud during the same period from 2017 to 2019.
The growth in suspected online fraud means that 15 percent of total suspected fraud during the holiday season so far took place online, up from 13 percent in 2018 and 11 percent in 2017. Online fraud in general accounts for 10 percent of suspected fraud across the rest of 2019, the report found.

ETA Expert Insights: PCI PIN Security Update 3.0

By Donna Gem, GEM Security Solutions; Greg Leos, Bank of America Merchant Services; Sam Pfanstiel, ControlScan, members of the ETA Risk, Fraud and Security Committee.

The Payment Card Industry Security Standards Council (PCI SSC), published version 3.0 of the PCI PIN security requirements in August 2018, and which has now gone into effect on October 1, 2019. This updated version was a collaborative effort between the PCI SSC and the American Standards Committee (ASC) X9. Together they integrated the ASC TR-39 into the PCI PIN security requirements to amalgamate it into PCI PIN 3.0. Here we examine the changes and what you need to know about the latest requirements order to ensure your organization remains compliant.

Summary of PCI PIN Update 3.0:

  • The usage of multi-purpose personal computers for key loading is phased out. Clear-text secret and/or private keys and/or their components that exist in unprotected memory outside the secure boundary of a secure cryptographic device (SCD) are to be phased out.
  • Allowance for the injection of clear-text secret or private keying material into point of interaction (POI) devices or other SCDs will be phased out starting with key injection facilities (KIFs) in 2021. Only encrypted key injections will be allowed after that time.
  • The requirement that encrypted symmetric keys must be managed in structures called key blocks has been broken into three separate phases with different implementation dates, the first of which went into effect for service providers this past June.
  • Host support for Advanced Encryption Standard (AES) PIN block for both encryption and decryption will be required over the next five years to facilitate adoption of this stronger encryption algorithm by POI devices.
  • A new PCI PIN Assessor program includes the creation and management of the new Qualified PIN Assessor (QPA) designation by the PCI SSC, along with a listing of approved QPAs on the website.

In addition, the PCI PIN 3.0 update has brought with it a multitude of changes to the requirements specifically for having comprehensive documentation to attest that procedures exist and are documented and followed by an organization’s personnel.

Existing in-flight PCI PIN 2.0 assessments by a Visa SA must be completed and submitted prior to December 31, 2019; with all other assessments being performed by a QPA against the PCI PIN 3.0 requirements, testing procedures, and reporting template. Organizations for which PCI PIN applies need to review their documentation and look at the new requirements to ensure they will be compliant when the QPA comes onsite.

Understanding “Convenience Fee” payment models.

Understanding the difference between compliant and non-compliant “Convenience Fee” payment models.

High Risk Merchant Processing

By Cleveland Brown, Chair of the ETA Payment Sales and Strategy Committee.
There has been a lot of movement in the payments industry recently regarding fee-based payment processing models. While there are compliant ways to implement these solutions, many non-compliant models exist.
Recently, we highlighted a pattern of surcharge programs masquerading as Cash Discount solutions. A similar trend is emerging with Convenience Fees models: There are solutions available on the market that add fees to purchases or payments as a separate transaction. While these programs are often billed as “Convenience Fee” models, charging a convenience fee as a separate transaction is expressly prohibited by the card brands.
Often times, ISOs, ISVs, and resellers are unaware of the non-compliance of the solutions they’re promoting, which opens their business to risks of liability and leading to potentially severe consequences.
Click here to read the full article.
Interested in contributing to payments industry thought-leadership? Apply to join an ETA committee for 2020 here

Learn How Easy It Is To Accept Crypto With Allcard USA

How Does Crypto Work?

Anyone can invest in cryptocurrency. To use it, a consumer must first purchase a crypto amount. Let’s use Bitcoin as an example. The current cost for 1 Bitcoin is about $11,000. If you accept crypto payments, a consumer can purchase a Bitcoin at that amount, and then sell a fraction of it when they want to make a purchase at your store. For example, if they had purchased one Bitcoin at $11,000 and wanted to use it to make a $100 purchase at your store, they would need to sell 1/110 of that coin to make their purchase with you.

Bitcoins or other cryptocurrencies are securely stored in a digital wallet that is protected with a secret key. Everyone has two keys, one public and the other private. The public key can be shared with others so they can send you Bitcoin, while the private key is what you would use to send a payment. If someone else discovers your private key, your Bitcoin are at risk of being stolen. Therefore, make sure your private key is safely stored at all times.

When a payment is made it is first encrypted, then broadcast to the cryptocurrency’s network and prepared to be added to the public ledger. Next, transactions are recorded on the public ledger using a process called “mining”. Anyone who uses a certain cryptocurrency (such as Bitcoin) can access the full ledger if they choose. The amounts paid for each transaction are public, but sender information is encrypted. Many transactions are posted at the same time and added in sequence to the ledger.

Accept Bitcoin and Other Cryptocurrencies

If this seems complicated, don’t worry. All of the work and any of the risk associated with a transaction like this is the responsibility of the consumer. Accepting crypto payments with Electronic Merchant Systems simply means you’re giving your customers an additional way to pay. We’ll take care of processing their payment and will fund you the money in cold hard cash.

Other than the obvious customer convenience factor, there are unique benefits to accepting crypto payments for your business.

  • Forget About Fraud and Chargebacks
    Crypto transactions are virtually fraud-proof and eliminate chargeback risks for merchants. Purchases made with cryptocurrency are exact and final (unless you choose to process a refund). You are in complete control of the cash you receive. Check out The Truth About Cryptocurrency Processing for more information.
  • Encourage Innovation
    Gain a competitive advantage by being one of the first to offer this alternative payment method and cater to digital wallet users.
  • Speed Up the Process
    Payments move more quickly, which helps you to avoid the traditional wait time associated with global transactions.
  • Make International Payments Easy
    Simplify international payments by eliminating foreign transaction fees and currency conversions.


Crypto Processing with Allcard USA

Currently, we and our partners can help you to accept Bitcoin, Ethereum, and Litecoin payments. There are various options for how you can receive these payments, depending on your business type. These options include:

  • Invoice
    Create an invoice and email it to your customer.
  • Face to Face
    Accept a crypto payment directly from your customer’s digital wallet.
  • Payment Button on Website
    Add a button to your website for online crypto payments.
  • Custom Integration for Your Website
    This option requires some advanced coding and will allow you to accept crypto payments through your eCommerce website.

Report: Gen Z Trend Setters on Alternative Payment Types

A new Lost in Transaction report from ETA member and global payments technology company Paysafe has found that Gen Z, defined as consumers aged 16 to 24 years old, are embracing new and different ways to pay at higher rates than older generations.

According to the report, 40 percent of Gen Z consumers have some experience making in-app payments, and 15 percent make them regularly. That’s significantly higher than all other consumers, at 27 percent and 9 percent respectively. Further, one in three (34 percent) of Gen Z have used a mobile wallet, a full eight percent higher than other consumers. Whereas one in non Gen Z consumers currently use mobile wallets regularly, 14 percent of Gen Z consumers use them regularly.

Mobile eCommerce is also a popular way to shop and pay for Gen Z, but it is equally as popular with the older Millennials (aged 25-39). Just under half – 47 percent – of Gen Z and Millennials buy goods on their mobile phone more often than any other platform. That is much higher than older generations. Just 28 percent of Generation X (aged 40-54) and 10 percent of Baby Boomers (aged over 55) prefer mobile shopping.

For in-store payments, Gen Z prefers options, the report found. Fifty-three percent prefer to shop in stores that accept contactless payments, and physical cash is still used by eight in ten Gen Z shoppers when they are making purchases in brick-and-mortar stores. Voice payments are also exciting options to Gen Z, the report says.  Over half said they would use voice technology to sign up for a subscription service (52 percent) or make a one-off entertainment purchase (51 percent), and 43 percent would be prepared to pay for groceries using voice commands to their smart fridge.

“This generation is naturally more comfortable with technology but has also been exposed to a much broader set of ways to pay,” said Phillip McHugh, CEO of Paysafe Group, in a press release. “Accepting new payment types and expecting lots of flexibility and ease will be table stakes going forward.”

According to a press release from Paysafe, Lost in Transaction: Gen Z expectations at the checkout is an independent research project commissioned by Paysafe and supported by London-based agency Loudhouse in Q2 2019. The research was completed among 6,197 consumers from the US, UK, Canada, Germany, Austria and Bulgaria. Respondents came from six different age groups and a variety of different professions.


Wednesday, April 10, 2019

by APG Cash Drawer

Counting cash tips

The debate over whether we should become a cashless society shows no signs of abating soon, but in the meantime plenty of compelling reasons remain for using cash in a variety of situations.

While some businesses are embracing cashless payments, and the whole country of Sweden is moving in that direction, cash isn’t about to disappear. Too many businesses still depend on coins and bills to sell their wares. Cash remains king at fast food restaurants, for instance, where 41% of the business accounts for cash transactions. Cash also remains a significant portion of business at gas and convenience stores (33%), mass merchants (32%), restaurants and bars (26%), and warehouse clubs and food stores (25%), according to IHL.

With so much business still conducted in cash, don’t expect it to disappear any time soon. Besides, some customers cannot pay with anything but cash, since they are unbanked or under-banked.

When Banking Isn’t Available

Currently, the number of Americans without bank accounts is 5%, according to a Federal Reserve report. In Europe the number is higher – 14%. And the World Bank estimates that globally 2 billion people are unbanked.

ATM Machine for cashIf forced into a cashless system, unbanked and under-banked people would be disenfranchised, unable to buy food, clothing and other life necessities. Most people don’t choose to be unbanked or under-banked; they simply have no access to the banking system. In some cases that’s because they live in rural or inner city communities where bank branches are scarce.

Banks also deny people accounts if they fail a background check or they’ve had too many overdrafts of bounced checks in the past. Other reasons for unbanked or under-banked people include distrust of banking institutions, unemployment, illiteracy and banking fees.

A cashless society would disproportionally affect the poor and other vulnerable communities, such as recent immigrants who haven’t had enough time to build up credit or open a bank account.

Security Issues

Credit card data security

Some consumers choose to pay for purchases with cash because of security concerns. Every time another big company suffers a breach that compromises payment card information, consumers worry about how that impacts them.

In 2017, the consumer credit reporting agency Equifax suffered one of the biggest breaches to ever grab headlines. It compromised personal data of almost half of all Americans (145.5 million), including driver license numbers birth dates, addresses and Social Security numbers.

Consumers have good reason to worry about a potential cashless society. One of the possible consequences of having personal data stolen through a security breach is identity theft, which can cause years of headaches for victims. Through identity theft, cybercriminals can empty a person’s bank account, use their credit cards, get government benefits and even apply for a job in the victim’s name.

Paying Cash for Online Purchases?

While there is an undeniable push for cashless systems, there is just as persistent a movement to continue using cash. It is even possible to pay for online purchases with cash, thanks to a product called Paysafecash. It allows buyers to go to a nearby location to pay with cash for an online purchase. How successful Paysafecash will be remains to be seen, but one thing is for sure: As long as initiatives and technology like Paysafecash are introduced, you can bet cash will stick around for a long while.

To read the article from APG Cash Drawer, click here.

The Withdraw Cash Wednesday campaign is designed to promote consumer cash usage by reminding consumers to withdraw cash from the ATM the Wednesday before the U.S. Thanksgiving holiday for their Christmas Black Friday shopping needs and every Wednesday for their weekend endeavors. Backed by ATMIA, the campaign is also designed to educate consumers about the benefits of cash such as using it as a budgeting tool, reducing debt and saving money by not having to pay credit card interest fees and saving time at the checkout.

You can learn more about WCW by visiting the website and cash blog.

Banks face a tough job to lure small businesses from payment fintechs

Banks face a tough job to lure small businesses from payment fintechs


  • May 06 2019, 12:01am EDT

Consumer banking is being redefined by new payment services and challenger banks while Enterprise customers have always received tailored banking services.

Relatively little innovation has happened in the small to medium enterprise segment, however, because SMEs are often seen as too small to offer tailored services to, but too complex and varied for mass-market services.

But there is a road map for SMEs. In his book “The Innovator’s Dilemma,” Clayton Christensen used the phrase “jobs to be done,” to describe a method that can help businesses better understand why their customers use their products.

Chart: Top 6 SMB mobile app moves

Clayton Christensen defines a job as the progress that a person is trying to make in a particular circumstance. To illustrate this, let’s look at a simple example. When a smoker takes a smoke break, he’s meeting a need for nicotine. But he’s also using the cigarette to calm and relax himself. And in a work environment he will also go outside for some social contact and gossip with fellow smokers. So the “job to be done” includes not only the obvious “nicotine fix” but also the not-so-obvious social engagement.

There are a few ways that a jobs-to-be-done analysis can help businesses.

Segmentation. It’s likely that your product is used for a number of different “jobs” by different customers. Understanding what they are will help you better segment your market.

Marketing communications. Marketing messages should be aligned with the “jobs” your customers are trying to achieve.

Innovation. Understanding your customers’ jobs will help you identify other ways in which you can make those jobs even easier for your customers, and also importantly, which steps you should eliminate because they don’t help.

Banks find new relevance and loyalty with SMEs that are fleeing to payment apps and other fintechs by making the jobs those customers use banks for easier.

Entrepreneurs want to grow, or at least sustain, their businesses. This job involves many tasks that don’t involve banks: finding customers, developing a great product or service, etc.

The part of the “grow my business” job that does involve banks is making sure there is sufficient cash available to grow. At a high level, the promise to SMEs, therefore, is to have a relationships that will help grow the business.

That comes down to several subjobs that involve payments, such as making more informed decisions, controlling spending and getting paid on time.

There are emerging payment innovations and strategies, such as card controls and online payment technology and analysis that can help banks and financial institutions reach small businesses better.

The 2019 PCI Compliance Annual Plan

The 2019 PCI Compliance Annual Plan

January 16, 2019 • Published CategoriesBest PracticesTags

How are those New Year’s resolutions coming?

We’re now a few weeks into the new year and already people are asking: “How are those New Year’s resolutions coming?” Ugh.

It takes time to form a habit, but it’s often difficult to invest the kind of time that results in long-term, positive change. Without a plan of action and relentless commitment, the chances are good my New Year’s resolutions will fall by the wayside.

The same goes for your business goals. So many distractions and competing priorities come up each and every day, it’s next to impossible to maintain a steady course. Now add in a task no one wants to deal with—PCI compliance—and you end up rushing through a point-in-time validation that accomplishes nothing.

Make 2019 your year for payment security.

The PCI compliance process is about payment security. It doesn’t just magically happen, nor is it 100% taken care of by your POS system or IT vendor. In other words, your business is responsible for ensuring that specific processes are followed and requirements are met, 24/7/365.

While it can seem like a daunting task, incorporating these processes and requirements into your business doesn’t have to be if you begin with a plan. And that’s where my colleagues and I are here to help!

We’ve mapped out the entire year ahead into a simple, month-by-month plan, to help you integrate the PCI compliance process into your ongoing business activities. Click here for the PDF calendar.

Here’s your 2019 PCI Compliance Annual Plan.

The 2019 PCI Compliance Annual Plan is also outlined below. It is identical to the PDF calendar, plus it includes helpful links to additional research and information on various topics.

  • January: Start the year strong by taking note of when your annual PCI compliance assessment will be due as well as ensuring that your monthly vulnerability scanning program is running smoothly. Now is also a good time to list all third parties and vendors that interact with or influence the security of your company’s or your customers’ payment card data. Include a column that indicates each service provider’s state of compliance.
  • February: Identify all the places that payment card data is stored, processed and/or transmitted within your environment. Make sure you have the appropriate security controls in each location where a system would interact with that data. Perform a formal risk assessment against your company’s business objectives for the year and review your security policies to ensure they are sufficient to cover your risks.
  • March: Reduce your breach risk by reviewing or creating your company’s security awareness trainingprogram. Security awareness training is a must for your employees, especially those who interact with payment card data. We recommend that your program is formal, ongoing and comprehensive so that all staff understand your company’s security policies as well as data security essentials and best practices.
  • April: Review your firewall’s inbound and outbound network rules. Chances are someone will get into your systems, so prevent them from getting data out of the network by setting up alarms and other methods of intrusion detection. Lock down your network traffic to only those ports and services that are required. If possible, lock it down to the destination networks and hosts as well.
  • May: Review and test your company’s incident response plan (IRP). If you don’t have an IRP in place, gather together your organization’s key stakeholders to develop one. This plan should seek to identify the risks your company and its data may face, and put in place specific procedures to be followed in the event that one of those risks becomes a reality.
  • June: Free space for Annual Validation – This open block is here to swap with the month in which your business’s annual PCI Compliance validation takes place.
  • July: Access management is important to strong security. Review your sensitive assets, vendor accounts, unused accounts, remote access accounts, employee accounts, physical access, application accounts, etc., and make sure that all related permissions are current and the level of privileges are justified. If it’s not required, remove the access. Accounts that are not used should be disabled or deleted.
  • August: A comprehensive penetration test should be performed against all entry points into your systems, as well as places where sensitive data is stored. Penetration testing goes much further than vulnerability scanning, because it goes beyond the automated process of looking for basic vulnerabilities. Merchants are required to have a pen test annually and service providers must also validate segmentation controls every 6 months.
  • September: This is the month to remediate all critical, high and medium-level vulnerabilities discovered in last month’s penetration test. Doing so will strengthen your security posture well in advance of the holiday cybercrime spike. Once you have completed remediation, a follow-up test is highly recommended to ensure that nothing was missed and no new vulnerabilities were created in the process.
  • October: By October, most organizations are well underway with the budgeting process for the next calendar year. If your company’s fiscal year is not based on the traditional calendar year, feel free to swap this box with the month when you are typically planning your budget. When considering your budget for the next fiscal year, be sure to give some thought to the ROI advantages of managed security services over in-house resources.
  • November: The holiday season is here! If you’re a brick-and-mortar retailer, that means it’s time to review physical security with your store teams. This includes how to spot the telltale signs that a payment-related device has been tampered with, as well as what to do if a shopper leaves their credit card behind. In addition, don’t forget to review and tighten your processes for securing all physical points of entry to your store/office space.
  • December: Congratulations! You made it through an entire year of “business as usual” PCI compliance—and in doing so, you have established a baseline that will make next year run considerably smoother. What’s more, following this year’s plan has already significantly strengthened your business’s security posture. Now, let’s bring on 2020…