Newsletter
In This Issue
Protecting You and Your Business Against Fraud
Security?...Privacy?...Differences?
Impact of MasterCard and Visa Settlement
Upcoming Holiday Processing Season
Quick Links
 
Join Our Mailing List!
 

As the summer season is left behind and the holiday season rapidly approaches, some may feel that this is the "break" in  between two extremely busy periods.  Letting down your vigilance in this time, however, can be dangerous.  ProPay's risk experts provide some tips and tricks for protecting your business from fraudulent transactions. 

While the shopping may have slowed down a bit, the regulatory and legal arenas in the payments industry have been busy. A major settlement in the industry may impact the way merchants do business.  Our legal team offers some insights as to how the recent settlement between the card brands and the Department of Justice may affect merchants. 

We also address the relationship between security and privacy.  While these terms are often used interchangeably, understanding the difference between the terms and how they are related may help companies build a comprehensive program for protecting consumer data. 

As always, we hope that the information provided in this newsletter is helpful.  Please feel free to forward this to anyone that you feel may be interested. 

Sincerely,
 
The ProPay Team
newsletter@propay.com
888-227-9856
Protecting You and Your Business Against Fraud
by Jesse Hutcheon, Underwriting Officer, Risk Management
The fight against fraud requires all people involved in a transaction to be vigilant. Fraud can mean an assortment of offenses, for example, using a stolen credit card you are not authorized to use to make a purchase. Merchants are also committing a fraudulent activity when not fulfilling their customer's orders.
 
ProPay has systems in place that monitor transactions and accounts continuously. Through this procedure, ProPay is able to help prevent fraudulent transactions and help protect our merchants. However, it is imperative that our merchants also actively monitor and review their transactions.
 
There are a few simple tasks that can help protect a merchant from becoming the victim of fraud. First, make sure you obtain the cardholders billing address. You will want to use that address when processing the transaction. With each transaction you process, you will receive an AVS (Address Verification Service) code. This code helps you know whether or not this is the address the cardholder's bank has on file for the account. The second step is to make sure you always ship to the verified billing address. If you receive an 'N' it is recommended that you reach out to your customer to get the correct billing address prior to fulfillment. We also recommend shipping with delivery confirmation. Having as much documentation for each processed transaction will help fight against a possible chargeback to the account. A third step is to enter the card verification value 2, CVV2, for each transaction. This number is found on the back side of the card and is another source which can be verified through AVS. The AVS codes are listed below for your reference.
 
Fraudulent activity is a constant factor and requires not only merchants, but processors to be dedicated in fighting the trend of data thieves capturing sensitive information.  Fraud is not limited to only a couple of processors and only some merchants. ProPay is constantly working to prevent fraud causing losses to our merchants. This is an ongoing fight and not one that ProPay will ever take lightly.
 
If you would like ProPay to work with you to verify the billing address for a credit card, please contact our knowledgeable and friendly customer service at 1-866-573-0951.
 
AVS Code Definition:
A: Street address matches, but 5-digit and 9-digit postal code do not match.
N: Street address and postal code do not match.
Y: Street address and 5-digit postal code match.
Z: Street address does not match, but 5-digit postal code matches.

Security?...Privacy?...What's the Difference?
by Dr. Heather Mark, PhD., Sr. Vice President, Market Strategy

I was doing some research today and was struck again at how often Privacy is "back-burnered" in the data security discussion.  There is a feeling among some that as long as industry best practice security protections are in place,  privacy will take care of itself.  To my mind, it's often the other way around - Security is a means to an end. The "end" in this case is privacy.  Security is the protection of information, while privacy is the appropriate use of information.  It is entirely possible for a company to have very good security practices, and have an abysmal data privacy program.   For instance, a company can ensure that its environment is PCI DSS compliant, undergo SAS 70 assessments and SOX audits, but use consumer data for marketing purposes without gaining consent of the consumer.  In this example, while the data is appropriately protected, it is used for a purpose that the consumer did not approve.  Despite all the efforts and resources spent on data security, the data is still being used inappropriately and it is the company itself that is perpetuating that misuse.

 

It is important to keep the objective in mind when creating a comprehensive data protection program.  Data Protection should encompass both security of the information and privacy of the information.  There are a number of resources available to help design and implement data protection programs.  The Federal Trade Commission offers its Fair Information Practices.   The AICPA has provided the Generally Accepted Privacy Principles to help companies create programs that incorporate international privacy standards.    For small businesses, the Better Business Bureau also offers some basic tenets on the protection of consumer privacy.  

 

Privacy is vitally important in today's regulatory and business environment.  Assuming that it is "covered" by data security programs can be a very dangerous assumption for any business, large or small.  Understanding how security can be leveraged to protect privacy is a crucial step in creating a comprehensive data protection program.

Impacts of the Recent MasterCard and Visa Settlement
by Stanton Huntington, Associate General Counsel

On October 4, 2010, the United States Department of Justice announced it settled with Visa and MasterCard on the issue of the card brand networks' practice of prohibiting merchants from offering discounts, rebates, or other incentives to customers who pay by cash, check, an alternative payment method, or even a specific type of card.

 

In the proposed final judgment, Visa and MasterCard agreed to abandon rules or practices and allow merchants to, among other things: 

  • Offer consumers a discount, rebate, free or enhanced service, or other benefit at the point of sale when they use a particular card network or even a particular card within a specified card network;
  • Express a preference for one card network over another or for a card type within that network or even for another form of payment;
  • Promote one card network or particular card-type over another; and
  • Communicate to consumers the cost of accepting a particular card network, card within that network or other form of payment. 

While this settlement seems to enhance a merchant's ability to affect its cost of accepting Visa or MasterCard, the short term impacts could potentially be minimal.

 

First, while merchants that accept only Visa or MasterCard can take advantage of the settlement immediately, those merchants that also accept American Express will not be able to provide incentives or encouragement to customers who want to use different payment methods lest those merchants would likely violate their agreements with American Express.  Because American Express did not agree to the settlement, the same rules prohibiting preferential card or payment practices, if previously applicable, would still apply.  The Department of Justice and American Express will move forward with the lawsuit to determine whether American Express can continue to enforce its rules.

 

Second, merchants may be unlikely to take on the potential issues that arise with such programs.  Training employees to discern card networks may not be prohibitively difficult, but training them to discern specific card types will require significant effort and becomes an area ripe for error.  Merchants will be faced with the analysis of whether providing such discount or incentive programs outweighs the cost of a potentially more complex checkout process for their customers.

 

In the longer term, this settlement could bring about significant change to the way merchants accept payments.  For example, the settlement allows Visa and MasterCard to continue to enforce or enter into agreements where only its own cards are accepted at a merchant.  Perhaps this settlement opens the door for more arrangements where an individual merchant accepts only a single card network's products, similar to the way beverage companies arrange exclusivity with their products and their merchants.

 

The settlement creates an interesting opportunity for the card networks and their associated merchants.  In the short run, the impacts could be minimal, but in the longer term, the impacts of this and other legal and regulatory activity will be felt all across the payment chain. 


Holiday Processing Season - Process Securely and Efficiently
by Scott Nelson, Vice President, Marketing
Is the upcoming holiday season the busiest time for your business? ProPay recognizes the holiday season rings in an increased number of sales! As you work harder to complete more sales, it is also important for you to work smarter. Anything that will help you process orders more efficiently and securely will enable you to spend more time with family and friends during the upcoming holiday season! ProPay provides a few different ways to help you conduct your business more efficiently and securely.
 
The MicroSecure™ Card Reader is a small device enabling you to capture card data with a single swipe. No writing down or keying in credit card numbers. When the card is swiped, the card data is immediately encrypted ensuring the data is secure. If you have an internet connection available, you can connect the card reader to your computer and receive a real-time authorization on the transaction. If you are offline, simply swipe the card and when you are able to connect to your computer, the stored transaction will automatically be processed. As you process these transactions, you can choose to store your customer's information with ProPay, through ProtectPay®, in a secure environment for repeat purchases.
 
Fall promotional pricing exists for the card reader, which can be purchased for $60 off the normal retail price of $149.95. To learn more please visit: http://www.propay.com/products-services/accept-payments/microsecure-card-reader/. Accepting cards with the MicoSecure™ Card Reader is a simple, secure, and affordable way to accept payments during the busy holiday season.
 
ProPay recently announced ProPay Mobile-a web interface enabling credit and debit card payment processing on any Smartphone with an active data plan. With ProPay Mobile, merchants with a Smartphone and a ProPay Account can process credit and debit card transactions virtually anytime, anyplace. ProPay Mobile is automatically available to all ProPay merchants. To access ProPay Mobile, go to http://m.propay.com, login with your ProPay credentials, and begin processing payments, check account balances, or move funds.
 
Both the MicroSecure™ Card Reader and ProPay Mobile provide simple and secure ways for you to increase you business during this holiday season!
ProPay Happenings
ProPay is pleased to announce PODCasts (voice) and VODCasts (video) to our suite of educational materials.  These casts will be short lessons on relevant industry information. Topics will include PCI DSS, risk, small business information, merchant information, regulatory compliance, and privacy.  To view the Podcasts and Vodcasts, please visit http://mypropay.libsyn.com.  Future casting will be available for download through iTunes.

 

Sign up for a FREE 45 min. webinar to learn more about the MicroSecure Card Reader & ProtectPay!

 

This webinar provides an overview of ProPay's MicroSecure Card Reader and ProtectPay service along with the benefits they provide for small merchants and businesses.

 

Choose your date and time below: (click on the date to sign up):

Wednesday, October 27, 2010 at 12:00 PM - 12:45 PM MDT

Wednesday, October 27, 2010 at 5:00 PM - 5:45 PM MDT

Customer testimonial: "I love this Reader! It's so professional and easy to use and my customers love the ability to use their charge cards."

MSCR

 

DISCLAIMER:  ProPay, Inc. provides this newsletter only for general information or educational purposes.  Nothing herein should be relied upon without seeking the advice of an attorney or other professional appropriate to the subject matter.  While ProPay, Inc. strives to ensure information in this newsletter is accurate and current, ProPay, Inc. does not guarantee or represent that the information is correct, complete, or up-to-date; nor shall ProPay, Inc. be liable for any indirect, incidental or consequential damages (including lost data, information or profits) sustained or incurred in connection with the use of, operation of, or reliance upon any information contained in this newsletter.