Title: TRMG
1TRMG
IS THERE..
..A BETTER WAY
To Get PAID?
- St. Louis October 9-11, 2011
2Trends in Payments
St. Louis October 9-11, 2011
3Most Common EFT Payment Types
EDI (Electronic Data Interchange) - usually
used by large companies for large payments WIRE
Transfers - usually used for same day payment -
international payment - final payment ACH
(Automated Clearing House) - universal
usage Credit Card - primarily used for smaller
payments - customer convenience -
perks
St. Louis October 9-11, 2011
4Obstacles To Change
- One size DOES NOT fit all
- Difficult Integration with Operating Systems
ERP/Accounting/Payment Process/Technology - Customer Willingness/Ability to Adopt
- Paretos Principle ??
St. Louis October 9-11, 2011
5Pareto's Principle
Part of the Problem
Vilfredo Pareto-Italian Economist
-
- aka the vital few and trivial many
- Dr Joseph Juran, PHD .1906
- aka
- The 80-20 Rule
St. Louis October 9-11, 2011
6PULLED ACH Single Payment Entry
16354
084000084
156564163
(OPTIONAL)
5525.50
ABC Plumbing
Apply transaction to invoice 1165339
info_at_abcplumbing.com
St. Louis October 9-11, 2011
7Remittance Upload
Eliminate the labor intensive process of entering
your remittance information. Now you can simply
attach a file containing this critical
information along with your payment!
Transaction 646053
St. Louis October 9-11, 2011
8PULLED ACH Multiple Invoice Entry
Transaction 646054
16354
084000084
156564163
(OPTIONAL)
995
1001.50
997
100.00
999
500.50
ABC Plumbing
No. of Invoices 3
Apply transaction to invoice 1165339
Amount 1602.00
Deduct late fees on all invoices
St. Louis October 9-11, 2011
9PULLED ACH Scheduled Payment Entry
Transaction 646055
16354
084000084
156564163
(OPTIONAL)
ABC Plumbing
5525.50
Apply transaction to invoice 1165339
St. Louis October 9-11, 2011
10Transaction Report
Lonardo Food Services
Goodsteins Crown Molding Inc.
Halpern Industries
94156
Fountains Fence, LLC
St. Louis October 9-11, 2011
11PULLED ACH CTX Formatting
Transaction 646054
16354
084000084
156564163
(OPTIONAL)
995
1001.50
997
100.00
999
500.50
ABC Plumbing
No. of Invoices 3
Apply transaction to invoice 1165339
Amount 1602.00
Deduct late fees on all invoices
St. Louis October 9-11, 2011
12CTX Reporting (EDI-820)
Paper is no longer needed to store or transfer
data. Computers may now retrieve and exchange
payment remittance advices.
- Significantly reduce lockbox fees
- Automated cash applications
- Automated posting
- Eliminate admin tasks such as data entry
- Improve efficiency of A/R operations
St. Louis October 9-11, 2011
13 PUSHED ACH Via YOUR COMPANY WEBSITE
St. Louis October 9-11, 2011
14PUSHED ACH Sample Registration
User
Online Bill Pay Customer
paymentconfirmation_at_abc.com
St. Louis October 9-11, 2011
15PUSHED ACH Payment Entry
Transaction 646053
16
084000084
156564163
(OPTIONAL)
1001.50
995
100.00
997
999
500.50
No. of Invoices 3
Amount 1602.00
ABC Plumbing
Apply transaction to invoice 1165339
Deduct late fees on all invoices
St. Louis October 9-11, 2011
16PUSHED Credit Card Entry - Option
Transaction 646053
16
1525 SW
33193
Miami
ABC Plumbing
41111111111111
4141
1001.50
995
997
100.00
500.50
999
No. of Invoices 3
Amount 1602.00
Apply transaction to invoice 1165339
St. Louis October 9-11, 2011
17Credit Card Merchant Services
Reduce your processing fees and the cost of
accepting payments by credit card.
St. Louis October 9-11, 2011
18Ecosystem of a credit card transaction
Three key entities manage the payment system.
OTHERS
St. Louis October 9-11, 2011
19Ecosystem of a credit card transaction
St. Louis October 9-11, 2011
20- If a customer is going to pay by credit card, can
I force them to make the payment right away
without extending terms? - YES, the merchant is not required to offer
delayed payment via card. You may establish a
policy whereby cards are accepted only when the
customer is paying in full at the time of the
transaction. This policy must be applied to all
types of cards.
St. Louis October 9-11, 2011
21- If a customer has been extended terms and then
wants to pay an invoice 30 to 60 days later, can
I refuse to accept their card and require that
they pay with another form of payment other than
credit card? - Yes, you may take cards just for payments in full
provided that it is clear to customer at the
outset (card acceptance terms must be clear)
St. Louis October 9-11, 2011
22- Can terms for credit card paying customers be
different than those paying by check? - You must honor all valid cards without
discrimination when properly presented for
payment. A merchant must maintain a policy that
does not discriminate among customers seeking to
make purchases with a card. - Mastercard 5.8.1
St. Louis October 9-11, 2011
23- If I accept cards for regular sized payments that
are usually 1,500, and then a new customer wants
to place an order that will cost 50,000 and
wants to pay by credit card, can I refuse to
accept payment by credit card because it is a
sizable payment or can I renegotiate terms or the
price? - You must not require, or indicate that it
requires, a minimum or maximum transaction amount
to accept a valid and properly presented card.
St. Louis October 9-11, 2011
24- Can I pass the cost of the credit card processing
along to my customer in the form of a fee? - No, Visa and MasterCard regulations do not allow
you to charge a fee or pass back the interchange
to the cardholder for accepting their card for
payment.
St. Louis October 9-11, 2011
25- Can I charge my customer a Convenience fee?
VISA - Charged for a bona fide convenience in the form
of an alternative payment channel outside the
Merchants customary payment channels - Disclosed to the Cardholder as a charge for the
alternative payment channel convenience - Added only to a non face-to-face Transaction1
- A flat or fixed amount, regardless of the value
of the payment due - Applicable to all forms of payment accepted in
the alternative payment channel - Disclosed prior to the completion of the
Transaction with an option for the cardholder to
cancel the transaction - Included as a part of the total amount of the
transaction (single transaction which has
Convenience Fee Amount and Principal Payment
Amount combined in the total amount field) - Not added to a recurring transaction.
St. Louis October 9-11, 2011
26- Can I charge my customer a Convenience fee?
Mastercard - A merchant must not directly or indirectly
require any MasterCard cardholder to pay a
surcharge or any part of any merchant discount or
any contemporaneous finance charge in connection
with a MasterCard card transaction. - A merchant may provide a discount to its
customers for cash payments. - A merchant is permitted to charge a fee (such as
a bona fide commission, postage, expedited
service or Convenience Fees, and the like) if the
fee is imposed on all like transactions
regardless of the form of payment used. - Common Convenience Fee practices associated with
MasterCard include - The Convenience Fee can vary based on the amount
of the transaction - MasterCard believes the best practice is to
utilize the two-transaction method where there is
a separate transaction for the Principal Payment
Amount and a separate transaction for the
Convenience Fee. However, if the merchant is also
accepting Visa for a non-tax, a single
transaction is required. To simplify processing
in this case, a single transaction method would
be used for all card types.
St. Louis October 9-11, 2011
27- If I cant charge a fee to cover the credit card
processing fees, is there a way to reduce the
cost of processing fees? - Process directly with the Processor not ISOs
(which may include Banks) - Consider including the cost of processing in the
cost of goods so that cash discounts may be
offered - Review processing procedures and policies
regularly to assure best practices
St. Louis October 9-11, 2011
28- Negotiate for better rates with your processor
- Bundled vs. Unbundled pricing model
- Make sure you are set up with the correct MCC
code with your processor - Make certain that your processor does not
practice padding of the Interchange fees - Make sure there are no hidden fees
- Make certain you are being billed on NET
processing.
St. Louis October 9-11, 2011
29- CNP transactions should most often include the
use of a PC for processing. - Make certain that all necessary data is being
included with the transaction - Use of Level III processing
- Use of Level III large ticket
St. Louis October 9-11, 2011
30Level I, II and III Data Requirements
Level-I and Level-II data elements can be
transmitted via a standard credit card point of
sale terminal. Level-III line item detail
requires greater system capability, which is
provided via Fifth Third-partnered payment
processing applications.
St. Louis October 9-11, 2011
31Sample Transaction CostsInterchange Expense
Visa Purchasing Card 500 transaction
- Purchasing B2B Rate (Level I) 2.10
.10 10.60 - Purchasing Level II Rate 2.05 .10 10.35
- Purchasing Level III Rate 1.80 .10 9.10
14 reduction in cost by processing Level III
versus Level I data
MasterCard Purchasing Card 500 transaction
Purchasing Data Rate I (Level I) 2.65 .10
13.35 Purchasing Data Rate II (Level II) 2.40
.10 12.10 Purchasing Data Rate III (Level
III)1.80 .10 9.10
32 reduction in cost by processing Level III
versus Level I data
Interchange only -- Not showing all interchange
categories
St. Louis October 9-11, 2011
32Breakdown of Cost
Total Cost 12.46
Interchange represents 85 of the cost of this
transaction. Based on Average Ticket currently
qualifying for the Visa Commercial B2B
(Purchasing, Business, Corp) rate
St. Louis October 9-11, 2011
33Sample Transaction CostsInterchange Large
Ticket Expense
Visa Purchasing Card 7500 transaction
- Standard Rate 2.95 .10 221.35
- Business Electronic 2.40 .10 180.10
- Business Card Not Present 2.25 .10 168.85
most commom - Purchasing Level II Rate 2.05 .10 153.85
- Purchasing Level III Rate 1.80 .10 135.10
- Large Ticket .95 35.00 106.25
Effective Rate 1.41
48 reduction in cost by processing Level III
versus Level I data
Interchange only -- Not showing all interchange
categories
St. Louis October 9-11, 2011
34Sample Transaction CostsInterchange Large
Ticket Expense
Visa Purchasing Card 25,000 transaction
- Standard Rate 2.95 .10 737.60
- Business Electronic 2.40 .10 600.10
- Business Card Not Present 2.25 .10 562.60
most common - Purchasing Level II Rate 2.05 .10 512.60
- Purchasing Level III Rate 1.80 .10 450.10
- Large Ticket .95 35.00 272.50
Effective Rate 1.09
60 reduction in cost by processing Level III
versus Level I data
Interchange only -- Not showing all interchange
categories
St. Louis October 9-11, 2011
35- Can I pass the cost of the credit card processing
along to my customer in the form of a fee? - No, Visa and MasterCard regulations do not allow
you to charge a fee or pass back the interchange
to the cardholder for accepting their card for
payment.
St. Louis October 9-11, 2011
36- Why can some companies/industries pass along the
fees to their customers and we cannot?
Convenience Fee Compliance Summary Convenience Fee Compliance Summary Convenience Fee Compliance Summary Convenience Fee Compliance Summary Convenience Fee Compliance Summary Convenience Fee Compliance Summary Convenience Fee Compliance Summary Convenience Fee Compliance Summary Convenience Fee Compliance Summary
Industry/Card Network Fixed Fee Variable Fee Face-To-Face Registration Required Single Transaction Support Two Transaction Support Recurring Transaction Third Party Processor Support
Utilities (MCC 4900) Â Â Â Â Â Â Â Â
Visa 1 Yes No No No Yes No No No
MasterCard Yes Yes Yes Yes 2 Yes 3 Yes No Yes
Discover Yes Yes 6 Yes No Yes 4 Yes No Yes
Amex Yes Yes Yes No No Yes No Yes
        Â
Government Tax (MCC 9311) Â Â Â Â Â Â Â Â
Visa Yes Yes/No7 Yes Yes No Yes Yes Yes
MasterCard Yes Yes Yes Yes Yes Yes Yes Yes
Discover Yes Yes 6 Yes No Yes Yes No Yes
Amex Yes Yes Yes No No Yes No Yes
        Â
Education Government Non-Tax        Â
Visa Yes No No No Yes Yes No Yes5
MasterCard Yes Yes Yes Yes Yes Yes Yes Yes
Discover Yes Yes 6 Yes No Yes 4 Yes No Yes
Amex Yes Yes Yes No No Yes No Yes
        Â
Other Industries        Â
Visa Yes No No No Yes No No No
MasterCard Yes Yes Yes No Yes Yes No TBD
Discover Yes Yes 6 Yes No Yes 4 Yes No Yes
Amex No No No No No No No No
St. Louis October 9-11, 2011
37- How are the rules enforced and what are the
consequences of non-compliance? - Generally enforced reactively instead of
proactively but fines may be levied. Severe
cases can cause your company to be blacklisted.
St. Louis October 9-11, 2011
38- What card data can be stored?
- Customer Name
- Credit Card Number
- Expiration Date
- (security code should NEVER be stored)
St. Louis October 9-11, 2011
39- Is it true that the credit card processing
activity will be reported to the IRS beginning
2011? - Yes, income through credit and debit card
transactions will be reported to the IRS starting
in 2011. No real reporting mechanism is known at
this time.
St. Louis October 9-11, 2011
40The Reality of Card Data Compromise
Card Data Compromise Statistics
1
- In contrast to common belief, Card Present
merchants are twice as likely to be compromised
than Card Not Present merchants.
Card Present 73
24
As a consumer, you are more likely to have your
card stolen making a face-to-face transaction,
than when shopping online.
75
Source Trustwave (based upon total number of
breach events)
St. Louis October 9-11, 2011
41The Reality of Card Data Compromise
Card Data Compromise Statistics
Food Service Industry represents the majority of
the compromises (56). Retail Industry is the
next largest industry seeing compromises (22).
2
4
4
4
The challenge for large retailers to meet their
customers needs at the speed with which customers
demand, creates tremendous security issues.
56
22
Source Trustwave (based upon total number of
breach events)
St. Louis October 9-11, 2011
42Challenges by the Numbers
Current State of the Industry
Credit card data remains an extremely valuable
commodity.
The average cost of a data breach is 202 per
record and rising, with the average cost of a
large scale breach reaching 6.6 million dollars.3
A significant data breach at one PCI Level 1
retailer has cost over 250 million dollars so
far..
- 1 Trustwave Global Security Report 2010
- 2 Verizon 2009 Data Breach Investigations Report
- 3 Ponemon Institute, 2008 Annual Study Cost of a
Data Breach
St. Louis October 9-11, 2011
43PCI DSS Compliance Merchant Levels
Level 1 merchants have rigorous compliance
requirements.
4
3
2
1
Level 4 merchants are impacted, as well!
St. Louis October 9-11, 2011
44PCI DSS Compliance Merchant Validation
Note Due to MasterCard Site Data Protection
(SDP) program rules, all level 1 and 2 merchants
that elect to perform their own validation
assessments must ensure that the primary internal
auditor staff engaged in validating PCI DSS
compliance attend merchant training programs
offered by the PCI Security Standards Council
(PCI SSC) and pass any PCI SSC associated
accreditation program annually in order to
continue validation in this manner. The
training deadline is June 30, 2011.
St. Louis October 9-11, 2011
45How It Works
End to End Encryption and Tokenization
St. Louis October 9-11, 2011
46Key Solution Capabilities
End to End Encryption and Tokenization
- Enable encryption at the point of sale without
the need of complex key injection - Provide true end to end encryption from entry
devices all the way to brand handoff - Allows for robust host side capabilities
maximizing reliability and meeting high volume
requirements - Allows for encryption in multiple environments
- Swipe
- Key entered
- E-commerce
Key Customer Benefits
- Risk Mitigation
- Potential PCI scope reduction
- The potential ability to take components out of
scope - Protection of Brand Reputation
- Implement security solution that will be
sustainable and flexible as association and
governing bodies rules develop and change
St. Louis October 9-11, 2011
47PCI ComplianceTypes of Risk
- Systemic Risk
- Primarily Risk associated with large scale data
breaches - Increasingly sensitive due to PR impact and
potential for civil litigation - Often associated with organized crime and
sophisticated IT break ins - PCI ( Payment Card Industry Data Security
Standards) meant to address major challenges - Operational Risk
- Normal fraud risk associated with individual
transactions - Can often be prevented by operational best
practices
St. Louis October 9-11, 2011
4812 Potential Signs of CNP Fraud
- Keep your eyes open for the following indicators.
When more than one is true during a
card-not-present transaction, fraud might be
involved. Follow up, just in case. - First-time shopper Criminals are always looking
for new victims. - Larger-than-normal orders Because stolen cards
or account numbers have a limited life span,
crooks need to maximize the size of their
purchase. - Orders that include several of the same item
Having multiples of the same item increases a
criminals profit - Orders made up a big-ticket items These items
have maximum resale value and therefore maximum
profit potential. - Rush or overnight shipping Crooks want
these fraudulently obtained items as soon as
possible for the quickest possible resale, and
arent concerned about extra delivery charges. - Shipping to an international address A
significant number of fraudulent transactions are
shipped to fraudulent cardholders outside of the
U.S. Visa AVS cant validate non-U.S., except in
Canada and the United Kingdom.
St. Louis October 9-11, 2011
4912 Potential Signs of CNP Fraud (contd)
- Shipping to a single address, but transactions
placed on multiple cards Could involve an
account number generated using special software,
or even a batch of stolen cards. - Multiple transactions on one card over a very
short period of time Could be an attempt to
run a card until the account is closed. - Multiple transactions on one card or a similar
card with a single billing address, but multiple
shipping addresses Could represent organized
activity, rather than one individual at work. - In online transactions, multiple cards used from
a single IP (Internet Protocol) address More
than one or two cards could definitely indicate a
fraud scheme. - Transactions with similar account numbers
Particularly useful in the account numbers used
have been generated using software available on
the internet (e.g., CreditMaster) - Orders from Internet addresses that make use of
free e-mail services These e-mail services
involve no billing relationships, and often
neither an audit trail nor verification that a
legitimate cardholder has opened the account.
St. Louis October 9-11, 2011