What Merchants Should Know About the UX Journey

Rik van ‘t Hof •  •

ingenico-rik-mobile-online.jpgIn the past, my family used to have a single computer that we all shared. My wife, kids and I used it for everything: doing homework, watching videos, catching up on work, etc. Now we all have our own devices, and it’s rare that my family members use my laptop or phone, and vice versa. Our devices aren’t communal anymore – they are personal, and have greatly impacted our individual user experiences.

eCommerce is getting personal

Roughly 60% of the global population now uses smartphones, a figure which rises to roughly 80% in some of the tech-savvy countries around the world. Technology is getting more personal, and by extension, so is eCommerce. Consumers are interacting with money in ways that never existed before. When combined with personalization and advances in financial technology, powerful opportunities arise for both businesses and consumers who want to connect in new ways.

It’s already possible to create accounts with certain supermarkets, order groceries online, and confirm your order with a thumbprint. The entire process can happen within minutes on your mobile phone, and the more often you use it, the more customized it becomes with relevant suggestions and personalized information. Now imagine a world where grocery stores can identify your shopping habits with such precision that they anticipate when you will run out of items in your home. Already today, Amazon’s Dash Replenishment Service enables your connected devices to monitor usage of basic staples and automatically orders them as needed.

These offerings may seem futuristic, but we are already getting close, thanks to some technological advancements:

  • Personalization – new technologies have led to a world where mobile devices can be used as an extension of the individual. Biometrics, such as thumbprints, iris scanning and even Apple’s enhanced facial recognition, all offer authentication possibilities that make purchasing quicker and easier.
  • Digital marketing and tracking technologies – companies can now gain a deeper understanding of their customers’ preferences and online behaviors. By analyzing data, companies can pinpoint what people actually want and develop more personalized offers and incentives. This in turn increases brand engagement, drives more mobile transactions and leads to higher conversion rates.
  • Social apps and social commerce – social apps have led to increased usage of mobile devices, especially among millennials. These platforms open up new channels for brands to engage with their customers and offer tailored product recommendations.

Consumer expectations keep evolving

Today’s consumers are using a combination of devices to make purchases, both in-store and online. In fact, a 2016 study showed that nearly 100% of millennial shoppers checked prices or compared merchandise on their smartphones before making in-store purchases during the holiday season.

Imagine that you buy something online from your favorite brand, but it doesn’t fit and you have to return it. In today’s world, you could either mail it, or go to a store and deal with the hassle of the checkout line. In the future, you might be automatically identified upon entering the store, and your phone could send you a notification with the location of the same item in a different size. Or perhaps you will place your thumb to the fitting room mirror and the item will be automatically purchased and sent to your home.

The bottom line is that brands need to be anywhere and everywhere their customers are and facilitate easy journeys across all touchpoints. On and offline borders are blending, and are rapidly changing consumers’ expectations of a good shopping experience. As we move closer to an omnichannel world, a smooth and consistent journey will be a big differentiator.

Nothing happens without trust

Retailers can now truly get to know their customers and create individualized purchasing journeys, but none of this is possible without a strong sense of trust between the customer and the company. Establishing trust, especially when it comes to online payments, is critical. People need to feel secure and confident that their personal boundaries won’t be crossed or their information misused.

Companies that create safe and trustworthy environments when asking for an online payment are much more likely to convert the sale than companies that don’t. This includes small but meaningful details, such as offering recognizable payment products, using branded URLs and activating familiar security measures, to reduce friction and build trust in the process. In fact, mobile money is actually quite safe compared to other payment methods.

Connect to future UX expectations

With so much opportunity to personalize the UX it’s surprising that so many online shopping carts are still regularly abandoned. In fact, only 37% of all transactions occur when customers browse across multiple devices, and only 31% of these transactions are actually completed on a mobile device.

The more customers use mobile devices to make purchases, the more likely they are to become repeat shoppers. Orders made with one or more mobile devices have shorter time-to-next-orders than PC-only orders. This means that as consumers continue to adopt mCommerce, their purchasing behaviors will grow stronger.

Although abandoned carts are still fairly common, potentially 60% of lost mobile sales globally could be recovered by merchants who make it easier for customers at the checkout stage. This includes offering local payment methods and currencies, being transparent about shipping costs and delivery times, and even including personalized messages and offers to recognized customers. Opportunities to expand mobile commerce abounds, especially as consumers become more assured of safety and buying experiences become more seamless.

The user experience matters more than many brands realize. As consumers, we are naturally inclined to interact more with companies we recognize and trust. Offering a smooth and engaging UX journey across all touchpoints – existing ones and future ones – is a powerful opportunity for businesses that want to exceed their customers’ expectations.

Rik van ‘t Hof, Director of Front-End Product Management, Ingenico ePayments

eCommerce Solutions | AllcardUSA.net

Signatures for Payments to Be a Thing of the PAST

Mastercard, Discover, AmEx will ditch signatures

Not scribbling your name will speed checkout, won’t affect card security

John Egan
Personal Finance Writer
Writes trendy stories about credit cards.


Signature on payment slips may be going the way of the dodod

You may not be jotting your name on payment slips and checkout terminals much longer. Mastercard, Discover and American Express plan to ditch the signature requirement at merchants April 2018, and experts say Visa likely will do the same.

  • Mastercard, which announced the move in October, says more than 80 percent of the in-store transactions (also known as point-of-sale purchases) it processes now don’t need a signature.
  • Discover said on Dec. 6, that it, too, would abandon the signature requirement. “With the rise in new payment security capabilities, like chip technology and tokenization, the time is right to remove this step from the checkout experience,” Discover’s Jasma Ghai, vice president of global products innovation, says.
  • American Express announced Dec. 11 that it will drop the signature requirement globally in April 2018.

Signatures are no longer necessary to fight fraud

“The payments landscape has evolved to the point where we can now eliminate this pain point for our merchants,” said Jaromir Divilek, executive vice president of global network business for American Express. “Our fraud capabilities have advanced so that signatures are no longer necessary to fight fraud.”

Jack Jania, senior vice president of strategic alliances at Gemalto, expects Visa also will follow Mastercard, Discover and American Express in ditching the need for signatures within a year.

If Jania’s prediction holds true, that would spell the end of a decades-old ritual for cardholders: scribbling your name on payment slips.

“This is a good move for both consumers and merchants, as it will speed up the in-store purchase experience,” Jania says.

And when might Visa join the no-signatures-required party?

Jeanette Volpi, head of North America communications at Visa, declined to say. She added, though, that more than three-fourths of Visa’s face-to-face transactions in North America don’t require signatures.

“Visa supports multiple technologies to bring speed, security and consumer convenience to the authentication and authorization process,” Volpi said in a statement.

“THIS IS A GOOD MOVE FOR BOTH CONSUMERS AND MERCHANTS, AS IT WILL SPEED UP THE IN-STORE PURCHASE EXPERIENCE.”

‘A costly yet feeble means of securing transactions’

The Retail Industry Leaders Association and even Walmart, the nation’s largest retailer, say it’s time to say so long to the signature requirement.

“Mastercard’s decision to end signature verification acknowledges what retailers have long argued, that signatures are a costly yet feeble means of securing transactions,” says Austen Jensen, vice president for government affairs at the Retail Industry Leaders Association. Discover and American Express announced in December that they, too, will eliminate requiring signatures at point-of-sale terminals.

“Going forward, the payment industry needs to focus on finding solutions to the growth of fraud both in stores and online, where current measures are inadequate for protecting consumers and merchants.”

Walmart said in a statement about just saying no to the signature:

“Removing this step at checkout will save time for our customers and decrease the expense associated with storing and presenting signatures back to the issuer, all while preserving security for customers.

“We anticipate this will result in savings that can be used to continue to lower prices for our customers.”

Is safety in jeopardy?

Industry insiders don’t think the rollout of no-signature policies will endanger cardholders’ data.

Philip Andreae, a consultant in the digital payments industry, questions whether the signature requirement for in-store card purchases really improves the security of transactions.

Why? Merchants typically don’t check a cardholder’s signature – either on a paper receipt or an electronic screen – against the signature on the back of a card, he says, and many cardholders fail to sign their cards anyway.

“If merchants were doing what they are supposed to do, then maybe it has added a level of security,” says Andreae, of Philip Andreae and Associates. “Otherwise, as it is today, there is no value.”

Gemalto’s Jania believes not requiring signatures will have no effect on card security, since existing chip technology and other high-tech tools for verification of a cardholder’s identity aren’t going away.

Laura Townsend, senior vice president of operations at the Merchant Advisory Group, agrees. In a statement, she praised the no-signature move and noted that “new and improved” digital authentication tools – such as face, voice and fingerprint recognition – will bolster the security of in-store transactions via credit or debit card.

“WHAT CONSUMERS WILL FIND REASSURING IS THAT REMOVING THE NEED TO SIGN FOR PURCHASES WILL NOT HAVE ANY IMPACT ON SAFETY.”

Not a ‘radical’ idea

Mastercard describes dropping the signature as “another step in the digital evolution of payments and payment security.”

“At first glance, this might sound like a radical proclamation, especially to people who have had credit and debit cards for decades,” Linda Kirkpatrick, Mastercard’s executive vice president of U.S. market development, wrote in a blog post announcing elimination of its signature requirement.

“However, the change matches all of our expectations for fast and convenient shopping experiences.”

Mastercard says merchants such as retail stores and restaurants will be offered the option to ask for signatures, though.

Discover says the change is part of its efforts to continually improve the payment experience by speeding up the time spent at checkout all while maintaining a high level of security for both customers and merchants. Discover has already implemented a number of digital authentication technologies such as tokenization, multi-factor authentication, and biometrics that are more secure than requiring a signature and provide a more seamless payment transaction.

“As the payments industry continues to evolve and introduce new methods of transacting, we’re making sure that Discover is providing customers and merchants with a smooth and more secure payments experience,” Ghai says.

Kirkpatrick stresses that ensuring the security of credit and debit card transactions continues to be a top priority for Mastercard.

“What consumers will find reassuring is that removing the need to sign for purchases will not have any impact on safety,” she wrote. “Our secure network and state-of-the art systems combined with new digital payment methods that include chip, tokenization, biometrics and specialized digital platforms use newer and more secure methods to prove identity.”

Mastercard research shows most cardholders and merchants are ready for the signature requirement to die, particularly since that will accelerate the checkout process.

“While security remains paramount,” she writes, “we know that convenience is also a large part of what consumers want when they are shopping and paying. … The move will help merchants speed customers through checkout, provide more consistent experiences for every customer with every purchase and should decrease costs associated with safely storing signatures.”

Thank You to ALL Veterans!

12 Common Cybersecurity Mistakes and How to Help Avoid Them

12 Common Cybersecurity Mistakes and How to Help Avoid Them

While it may not constitute end times for a business, an incident that can result in stolen data, diminished customer confidence, reputational harm, compliance penalties and legal fees isn’t exactly a drop in the bucket either.

A study last fall found that the average data breach costs victim companies $15.4 million, up 19 percent year over year. Nobody in good faith wants to cost their company money because of a compromise, CEOs included.

Look, we all do dumb things. The key is learning from them and not making them habits. Because, as you know, the definition of insanity is doing the same thing over and over again – and expecting a different result.

Here is a list, in no particular order, of 12 cybersecurity mistakes you should avoid making in the current era of modern cybercrime. If something is missing from the list that you think should be on it, please drop us a note in the comments.

1) Failing to Map Where Data Flows and Lives

It can’t be said enough: Your data is your company’s lifeblood. Assessing and charting where that data flows (especially if it’s going outside of your organization), with whom it’s shared and where it lives at rest is paramount to knowing what you need to protect. When challenged with being right all the time – and the attackers typically needing to be correct just once – visibility is everything.

2) Neglecting Security Testing

Vulnerabilities reside across your databases, network and applications – and now also extend to devices like mobile and Internet of Things. These require regular testing through both automated vulnerability scanning and deep-dive penetration testing. Remember: Test, don’t guess.

3) Concentrating Too Much on the Perimeter

Prevention is not exactly an anachronism, but considering how advanced threats have become, attackers will inevitably make it through your border defenses. And once they’re inside, they will look to acquire privileges that will camouflage them as trusted users. They may evade you for a long time, unless you have strong visibility and an actionable understanding of indicators of compromise.

4) Blanking on the Basics

Oftentimes, it’s the simple things that will get you. To avoid having that “Doh!” moment, make sure all of your staff uses strong passwords (passphrases are preferred) and are following the principle of least privilege, and all of your network components are properly segmented to minimize access to confidential data, adequately configured to avoid undesirable changes, and up to date with the latest patches.

5) Disregarding Security Awareness Training

You’re likely familiar with the campaign “If you see something, say something.” Just as in the physical world, security enforcers rely on the population at large to stop attacks at their source – or at least make them aware of malicious attempts. Train your staff in everything from laptop protection to social engineering identification. And don’t forget to retrain because the scams continue to get sneakier.

6) Ignoring Security Monitoring

If you’re like most businesses, you don’t have the budget to stand up your own security operations center. But that doesn’t relieve you from needing around-the-clock monitoring and intelligence that will help you investigate automated alerts, hunt for threats, escalate serious incidents and minimize attacks.

7) Resisting Vendor Risk Assessments

Some of the most ignominious breaches of late were caused by attackers first infiltrating one of the victim company’s vendors. You must have a plan in place with the third-party entities to which you outsource to ensure that they are taking security and risk as seriously as you are.

8) Overlooking “Shadow IT”

Your endpoints are like ivy – growing mightily and quickly getting out of control. The good ol’ days of only needing to concern yourself with desktop and laptop computers are long gone. Your employees are now accessing so-called shadow applications and devices that are not supported by IT. If you can’t stop it, at least don’t be blind to it. First profile your risk, then institute controls.

9) Thinking it’s Just About Malware

Malware is still a critical part of attackers establishing their initial foothold. But once inside, they often use different strategies to laterally advance across your network. In many cases, that means flying under the radar by using legitimate administrator or ethical hacking tools to harvest sensitive data and detect vulnerabilities.

10) Believing a Breach Won’t Happen to You

Perhaps you’re still holding out hope that cybercriminals will show you mercy and pass over your business, but the reality is that companies of any size are targets. Preparing your defenses to also include response will help you react faster and minimize the fallout if – or more likely, when – your day comes.

11) Dismissing Your Bosses and the Boardroom

Security maturity is the holy grail of any infosec professional’s job objectives. In instances where businesses have reached high levels of maturity, security is ingrained in the culture, from the corner offices on down. Obtaining boss- and board-level support may be uncomfortable, but in today’s climate, it is imperative.

12) Trying to Do It All On Your Own

The cybersecurity skills shortage is no joke. Estimates place the worldwide shortage at one million positions and growing. Whether you’re a small business that lacks any security skills at all, or a larger outfit that needs help enhancing certain areas like penetration testing, security monitoring or incident response, doing more with less just isn’t going to work.

Partnering with a managed security services provider like Trustwave is a viable option. And such an arrangement doesn’t have to result in reduced headcount either – it just means you and your team can instead focus on and expedite IT projects that will have real effect on the top line of your business, while leaving security responsibilities to someone else with deep expertise and scale. This can actually result in elevated job security for your IT staff and fewer worries over losing a skilled in-house security staffer due to the industry’s notoriously high turnover.

Dan Kaplan is manager of online content at Trustwave and a former IT security reporter and editor.

What Could Mobile / Digital Payments Save Your City?

WHAT COULD DIGITAL PAYMENTS
SAVE YOUR CITY?
Over the last decade, the world has gone
digital. Communications, entertainment and
commerce have moved online—bringing
significant benefits to consumers, businesses
and economies.
In this new digital society, payments are more
important than ever—providing the foundation
for new experiences and business models. With
this explosion of connectivity, digital payments
are growing exponentially as well.
It took 60 years for Visa to reach 3 billion
accounts, but we’re now on the cusp of a true
revolution that will see this number explode.
Hundreds of millions of new connected
devices are coming online and they’re all ways
to pay or be paid. The Internet of Things is
expected to reach 20 billion devices by 2020
and these connected devices will be able to
facilitate a range of commercial experiences,
including payments.
However, alongside the digitization of
commerce and payments, cash continues to
play a large role in certain sectors and markets
around the world, which could potentially
hinder economic growth in these communities
and industries.
To better understand the impact cash
can really have on economic growth, Visa
By Visa commissioned economics consulting and
research firm, Roubini ThoughtLab, to analyze
the use, acceptance and cost-benefit impact
of physical versus digital money in 100 cities
across the world. “Cashless Cities: Realizing
the Benefits of Digital Payments” is a unique
study that quantifies the net benefits that
cities, their residents and businesses could
realize by significantly increasing the use of
digital payments.
The study demonstrates that economies that
are moving toward digital payments and away
from cash, could benefit substantially. The
study estimates that reaching an “achievable
level of cashlessness”—defined as the entire
population moving to digital payment usage
equal to top 10 percent of users in that city
today—across the 100 cities examined, could
result in total direct net benefits of up to
US$470 billion per year. These benefits are
derived from many factors, ranging from
time savings among consumers from cashrelated
activities, to increased sales revenues
among businesses, to reduced government
administrative costs.
There are many instances where cash is more
costly than digital payments. The study found
that cash and checks cost businesses 7.1 cents
of every dollar received compared to 5 cents of
every dollar collected from digital sources.
Unbanked consumers across the 100 cities
spend an average $7 to $15 a month on cash
withdrawal activities like check cashing. By
reducing their reliance on cash, each unbanked
consumer could save an estimated $84 to $180
per year, on average. Furthermore, the study
shows the greater adoption of digital payments
could lead to a reduction in cash-related crime,
which benefits not just consumers, but also
governments by reducing criminal justice costs.
The shift to digital payments could also have
a catalytic effect on the city’s overall economic
performance, including GDP, employment,
wage and productivity growth. The study
predicts the combination of greater economic
activity, lower crime and greater ease of living
could make these cities more attractive to
businesses, talent and tourists.
We’ve seen what immediate and longterm
benefits could stem from the greater
adoption of digital payments. So, what now?
What can cities and governments do to help
usher in a more cashless future? The study
sets out 61 actions in a detailed roadmap for
policy makers.
Here are just five immediate and
actionable steps they can consider
taking to reduce cash reliance:
1Undertake targeted financial literacy
programs to help welcome the unbanked
into the banking system and offer secure digital
payment solutions for government benefits to
those who do not have bank cards.
2Phase out cash and check payments to and
from the government by adopting an allelectronic
payment and disbursement system,
meaning all government benefits, relief funds, tax
disbursements, collection and other payments
made to and from government institutions are
shifted to digital format.
3Promote a clear, innovationfriendly
regulation framework
4Ensure that digital payments are a
key component to all “smart city”
plans and strategies
5Implement secure open-loop
payment systems across all
transportation networks
The report is also supplemented by an
online data visualization tool, which
can be used to explore the benefits of
a more cashless world.
From mobile payments using
scanned codes to cards using
biometric authentication, billions
of connected devices such as
smartphones, watches, cars and
fitness trackers are now able to
send (and receive) payments. The
data shows that as communities and
cities become less reliant on cash
and better equipped to offer fully
digital payment experiences, their
businesses and economies could
grow, allowing their populations to
benefit and thrive

Payment Security Questions That Keep Merchants Up at Night

Payment Security Questions That Keep Merchants Up at Night

Payment Security Questions That Keep Merchants Up at NightBeing a part of a payments and security company, my colleagues and I have the opportunity to speak with merchants on a regular basis, during which we hear a lot of questions. Some are confused about which payment solution is the best fit for their business needs, while others are looking to understand how they can do more with their terminals. One of the biggest concerns they have is payment security.

Below are some of the most common security questions we hear from merchants. I’ll go more into depth on these in our upcoming webinar, “PCI at the POS / What’s New, What’s Next and What Merchants Can Do to Simplify Compliance.”

The webinar will take place this week, but I want to give you a glimpse of some of the topics we’ll be covering. Let’s take a look at some of the most commonly asked security questions that are keeping merchants up at night:

“What is PCI-DSS?”

It is extremely important for all merchants to understand the Payment Card Industry Data Security Standard (PCI DSS). The security standard set by the council not only protects customers’ data but the merchant’s business as well. PCI recently announced the release of its PCI DSS version 3.2. Following these security guidelines is one way for merchants to stay ahead of the changing requirements.

We also hear lots of questions around the difference between PCI DSS, PCI PA-DSS, and PCI PTS, and with all of these different acronyms, we understand why this is creating so much confusion. During the webinar, we’ll break down the differences between these standards so you can finally have a clear understanding of what each one means and which ones apply to you.

“How do I become PCI compliant?”

Merchants are also concerned about becoming PCI compliant. The PCI Council has fined merchants that aren’t following their security regulations. Moving to PCI compliance is a multi-step process that can vary by merchant.

We’ll be talking about PCI-DSS in depth during our webinar, and about the steps you need to take to ensure compliance with the latest standard.

“What is point-to-point encryption (P2PE)?”

This is a very common question that comes from all types of merchants. With the U.S. EMV migration still underway, retailers have been upgrading their payment technology to support chip cards, but they have also taken the opportunity to implement encryption services to protect their businesses from data breaches.

Even though these major retailers remain a major target for cyber criminals, small merchants are also vulnerable to such attacks. According to the U.S. Department of Homeland Security, 31% of all cyberattacks now target small businesses with fewer than 250 employees, and 44% of small businesses have reported being victims of hacking.

This threat environment should encourage merchants of all sizes to gain a better understanding of how they can protect their business and their customer’s sensitive data.

This is where point-to-point encryption (P2PE) comes into play. According to the PCI Security Standards Council, P2PE “is a combination of secure devices, applications and processes that encrypt data from the point of interaction until the data reaches the solution provider’s secure decryption environment.”

In simple terms, this means converting confidential payment card data and information into encrypted code at the time the card is swiped, so it cannot be hacked or stolen. A P2PE system provides the infrastructure and processes to perform this encryption and protect payment data from the point of sale to the point of the payment processor, which safely decrypts the data for bank authorization.

“How do I know if I’m already using P2PE?”

A lot of merchants we speak to are under the impression that they’re already using a P2PE solution, but the reality is that this isn’t always the case. There is a common misconception that encryption solutions, such as P2PE, are already part of the payment solution provided to the merchant. A P2PE solution doesn’t come built into a point of sale device and needs to be added to existing payment solutions. Merchants should check with their payment solution provider or seek third party expertise to review their current system and ensure they are actually using P2PE.

Do you have similar questions regarding payment security? Ingenico Group’s VP of Security Solutions, Dr. Rob Martin and I discussed the most commonly asked payment security questions we hear from merchants in our recent webinar “PCI at the POS / What’s New, What’s Next and What Merchants Can Do to Simplify Compliance.”  Get the answers you’ve been looking for around P2PE, PCI compliance, and other payment security related topics.

Rounding Up The Chip Card Hold Outs

 

What Might It Take for the EMV Holdouts To Join the Chip-Card Fold?

Jim Daly  2 hours ago Acquiring, Breaking News, Competitive Strategies, Credit Cards, Debit Cards, Fraud & Security, News, Smart Cards, Transaction Processing

 

The number of U.S. merchants that accept EMV chip cards at the point of sale is increasing rapidly, according to recent figures from Visa Inc.,  but it’s going to take some work by merchant acquirers and payment card networks to convince the holdouts to convert.

Executives from two of those holdouts on Wednesday explained their EMV skepticism at the Electronic Transactions Association’s Strategic Leadership Forum in Dana Point, Calif. One came from Aaron’s Inc., an Atlanta-based furniture retailer. Aaron’s stores have EMV-capable POS equipment, according to Seth Pelletier, senior manager of payment technology at the 1,100-store chain, but the company has yet to turn on chip card acceptance.

“That business case doesn’t work out in our favor,” Pelletier told the conference attendees.

The risk Aaron’s is taking is that under the card networks’ October 2015 liability shifts, it will be responsible for counterfeit fraud on any transaction in which the cardholder presented an EMV chip card but the store’s POS equipment couldn’t read it, forcing its system to use the card’s more vulnerable back-up magnetic stripe. Some retailers that did not have chip card readers at the ready after the liability shifts took effect complained of massive increases in chargebacks.

But the costs to train staff in EMV procedures and related operational expenses far outweigh the chargebacks Aaron’s is incurring by not taking EMV cards, according to Pelletier.

“I have a very drastically different chargeback profile than most retailers,” he said. “The amount of money that I’ve seen in EMV-related chargebacks wouldn’t even cover the learning and development effort to roll it out with you for even two days.”

Aaron’s would rather spend money that would otherwise go to EMV on technology that “increases my top-line revenue” or helps it operate more efficiently, Pelletier said.

The second executive, Hubert Williams, chief information officer of Maverik Inc., a 300-location convenience-store and petroleum retailer operating in 10 Western states, said the company is taking a very deliberate approach to upgrading its unattended fuel pumps for EMV acceptance. New stores and remodeled ones are getting EMV-capable pumps, but upgrades at existing, un-remodeled locations are going much slower.

The reason is that an EMV retrofit costs about $2,000 per pump, and the typical Maverik location has 16 pumps. Plus, while pumps that accept only mag-stripe credit and debit cards can be targets for fraud, including when criminals place skimmers on them to capture cardholder data, Williams said actual fraud losses at pumps are quite low.

“EMV solves one problem, it solves the problem of okay, it’s a secure transaction, but it doesn’t solve the bigger problem, which is theft, and most of it’s online,” he said.

The bank card networks late last year postponed their October 2017 unattended fuel-pump EMV liability shifts for three years in recognition of the problems c-stores and gas stations were having in converting. Even so, Williams predicts that many gasoline retailers will not make the 2020 date because there are, according to him, only 3,000 certified technicians available to perform EMV upgrades at the nation’s 150,000-plus gas stations.

One attendee from a gateway company questioned Williams about the risks of not implementing EMV, but Williams responded that “the cost just does not win … it’s not even close right now.”

EMV might be more attractive, according to Williams, if the card networks and payment-services providers could figure out  ways to make it work smoothly with retailers’ loyalty and target-marketing programs. Maverik’s Adventure Club rewards program includes an automated clearing house debit card that gives the customer 6 cents off per gallon on gasoline purchases. Deals like that are possible with low-cost ACH payments, but not with EMV cards on the major networks, according to Williams.

What Might It Take for the EMV Holdouts To Join the Chip-Card Fold?

Jim Daly  2 hours ago Acquiring, Breaking News, Competitive Strategies, Credit Cards, Debit Cards, Fraud & Security, News, Smart Cards, Transaction Processing

The number of U.S. merchants that accept EMV chip cards at the point of sale is increasing rapidly, according to recent figures from Visa Inc.,  but it’s going to take some work by merchant acquirers and payment card networks to convince the holdouts to convert.

Executives from two of those holdouts on Wednesday explained their EMV skepticism at the Electronic Transactions Association’s Strategic Leadership Forum in Dana Point, Calif. One came from Aaron’s Inc., an Atlanta-based furniture retailer. Aaron’s stores have EMV-capable POS equipment, according to Seth Pelletier, senior manager of payment technology at the 1,100-store chain, but the company has yet to turn on chip card acceptance.

“That business case doesn’t work out in our favor,” Pelletier told the conference attendees.

The risk Aaron’s is taking is that under the card networks’ October 2015 liability shifts, it will be responsible for counterfeit fraud on any transaction in which the cardholder presented an EMV chip card but the store’s POS equipment couldn’t read it, forcing its system to use the card’s more vulnerable back-up magnetic stripe. Some retailers that did not have chip card readers at the ready after the liability shifts took effect complained of massive increases in chargebacks.

But the costs to train staff in EMV procedures and related operational expenses far outweigh the chargebacks Aaron’s is incurring by not taking EMV cards, according to Pelletier.

“I have a very drastically different chargeback profile than most retailers,” he said. “The amount of money that I’ve seen in EMV-related chargebacks wouldn’t even cover the learning and development effort to roll it out with you for even two days.”

Aaron’s would rather spend money that would otherwise go to EMV on technology that “increases my top-line revenue” or helps it operate more efficiently, Pelletier said.

The second executive, Hubert Williams, chief information officer of Maverik Inc., a 300-location convenience-store and petroleum retailer operating in 10 Western states, said the company is taking a very deliberate approach to upgrading its unattended fuel pumps for EMV acceptance. New stores and remodeled ones are getting EMV-capable pumps, but upgrades at existing, un-remodeled locations are going much slower.

The reason is that an EMV retrofit costs about $2,000 per pump, and the typical Maverik location has 16 pumps. Plus, while pumps that accept only mag-stripe credit and debit cards can be targets for fraud, including when criminals place skimmers on them to capture cardholder data, Williams said actual fraud losses at pumps are quite low.

“EMV solves one problem, it solves the problem of okay, it’s a secure transaction, but it doesn’t solve the bigger problem, which is theft, and most of it’s online,” he said.

The bank card networks late last year postponed their October 2017 unattended fuel-pump EMV liability shifts for three years in recognition of the problems c-stores and gas stations were having in converting. Even so, Williams predicts that many gasoline retailers will not make the 2020 date because there are, according to him, only 3,000 certified technicians available to perform EMV upgrades at the nation’s 150,000-plus gas stations.

One attendee from a gateway company questioned Williams about the risks of not implementing EMV, but Williams responded that “the cost just does not win … it’s not even close right now.”

EMV might be more attractive, according to Williams, if the card networks and payment-services providers could figure out  ways to make it work smoothly with retailers’ loyalty and target-marketing programs. Maverik’s Adventure Club rewards program includes an automated clearing house debit card that gives the customer 6 cents off per gallon on gasoline purchases. Deals like that are possible with low-cost ACH payments, but not with EMV cards on the major networks, according to Williams.

ATM Higher Fees

Credit Card Processing

As Out-of-Network ATM Fees Climb to an All-Time High, Cash Gets More Expensive

John Stewart  2 mins ago              ATMs, Debit Cards, Pricing, Transaction Processing

 

In the age of electronic payments, cash is getting more and more expensive—even when accessed via electronic means. Nationwide, it costs consumers $4.69 to withdraw money from a so-called out-of-network ATM. That’s up 2.6% from a year ago, according to the latest data from Bankrate Inc., a New York City-based consumer-research firm.

 

That may not seem like a whopping increase, but that fee has now reached a record high for the 11th consecutive year, according to Bankrate. In fact, it has climbed fully 55% over the past 10 years, Bankrate said. Over the same time period, debit cards were increasingly accepted in stores, making it less necessary for consumers to carry as much cash as they once did.

 

 

McBride: “No one’s worried about alienating a non-customer.” (Image credit: Bankrate)

Indeed, reduced demand for cash at ATMs figures into the higher out-of-network fee, according to Greg McBride, chief financial analyst at Bankrate. “There are fewer out-of-network transactions, so the cost of maintaining the ATM network is spread over fewer transactions,” he tells Digital Transactions News.

 

Machines must still be depreciated and serviced, and couriers must still be dispatched to load cash. Banks find it relatively easy to pass that cost on to consumers, McBride says. “It’s low-hanging fruit,” he says. “It’s a convenience charge and consumers aren’t terribly price-sensitive.”

 

The out-of-network fee is made up of two components, a fee levied by the ATM owner and a separate charge from the cardholder’s bank. That first fee, known as a surcharge, is significantly higher than the second, but the charge from the cardholder’s bank is rising faster. The former is $2.97 on average, up 2.4% in the past year, according to Bankrate’s data. The latter fee is $1.72, up 3%. Both fees are all-time highs, Bankrate says.

 

McBride, though, predicts surcharges will soon start surging at a faster clip. “I certainly see that continuing to go higher,” he says. “No one’s worried about alienating a non-customer.” That impact could be softened, however, by networks that have adopted no-surcharge policies in recent years.

 

The fee from the customer’s bank, on the other hand, is less predictable. “If it increases, it will be at a slower pace and not in a straight line,” McBride predicts.

 

ATM fees are highest in Pittsburgh, where the average per transaction is $5.19, followed closely by New York City ($5.14), Washington, D.C. ($5.11), and Cleveland $5.11), according to the data. The least expensive place is Dallas, at $4.07, followed closely by Milwaukee ($4.19) and San Francisco ($4.23).

 

In separate findings, Bankrate reported 38% of non-interest checking accounts bear no fees, down by half since 2009. However, another 61% of accounts will waive the fee if the account holder uses direct deposit. The most common monthly fee is $12.

 

The rate at which banks charge for checking accounts has been a closely watched number since the Durbin Amendment went into effect in 2011. The amendment, part of the Dodd-Frank Act, caps the income large banks can earn on debit card interchange, a move that led opponents of the law to argue that banks would rein in free checking accounts.

 

Meanwhile, just 2.5% of accounts levy a fee on debit card transactions at the point of sale. This fee ranges from 35 cents to $2, and when charged it is incurred only by PIN-debit transactions, according to Bankrate’s research.