Transaction Trends March 2014 by Content Communicators, LLC

ETA ANNOUNCES EXCLUSIVE DATA BREACH SUMMIT AT TRANSACT 14 |

PAGE 8

Transaction trends | March 2014

The Official Publication of the Electronic Transactions Association

EXCLUSIVE FIRST LOOK!

Everything You Need To Accelerate Your Business Today. The ETA Annual Meeting & Expo Is Now

CONNECTING THE PAYMENTS TECHNOLOGY WORLD

04.08 .1 4 - 0 4 .1 0 .1 4

M A N D A LA Y B A Y LA S VE GA S ALSO INSIDE: Will Target Breach Change Consumer Spending Behaviors? Best Practices for ISO Underwriting and Risk Monitoring Tips for Securing the Merchant Environment

Join A True Partnership. Weâ&#x20AC;&#x2122;re Cheering You On All The Way. EARN $10,000 BONUS Join Us at the 2014 ETA Show and learn how you can earn a $10,000 bonus selling Go Pago, Buzzspace and merchant services. Call for details. Online Reporting Management System Secure Online Portal for both merchants and our partners. Detailed reporting which includes real time information. Emails and text message alerts confirming account activity and deposits. Custom price any merchant from industry type, SIC code, risk and geographic location.

Mobile Marketing Send to thousands of customers instantly at the exact moment you want. Blast text messages such as coupons, events, sales, updates and much more. Build landing pages from tablets in minutes. Manage your own mobile app and website. CRM Track your growth with real time dashboards. Respond to leads, log calls and track growth. Boost sales productivity anytime from any device.

Contact Jennifer Stadler Marketing Representative Director of Business Development (855) 600-2437 x808 email: jstadler@chfs.us

C&HFinancialServices, Inc 1 1 1 0 W. K E T T L E M A N L A N E , S U I T E 4 8 , L O D I , C A 9 5 2 4 0 â&#x20AC;˘ W W W. C H F S . U S

INQUIRE ABOUT OUR $1000 BONUS C&H Financial Services, Inc. is a registered ISO of BMO Harris Bank N.A. Chicago, IL

Transaction trends The Official Publication of the Electronic Transactions Association

Vol. 19 | No. 2

FEATURES

14 Best Practices and Self-Regulation By John Manasso In light of increased government scrutiny, processors need to adopt robust self-regulation practices. An ETA working group recently identified several “best practices,” including closer examination of merchants’ histories, periodic merchant reviews, designation of a staff risk prevention officer, and enhanced due diligence for highest-risk merchants.

18 Cash or Credit? By Julie Ritzer Ross Have recent high-profile data breaches may have caused some consumers to revert to cash as a preferred payment method? Industry experts say prepaid debit cards, alternative payment methods, and even credit cards may be on the rise as well.

Page 23

PLUS:

TRANSACT 14 Exhibitor Listing Plan your visit to the Exhibit Hall in Las Vegas.

20 TRANSACT 14 Preview:

A Conversation You Can’t Afford To Miss

By Bryan Ochalla Payments professionals from across the globe will meet in Las Vegas next month to experience the all-new TRANSACT 14: Powered by ETA. This leading industry event features a Data Breach Summit, an expanded trade show floor, and CEO Roundtables for acquirers and processors.

departmentS 4

ETA Gateway

Industry News

Insights from ETA’s CEO, Jason Oxman Trends, strategies, and news in the payments business and ETA member community

29 S PE C I A L S E RI E S Startup Stories: Filling the Void

By John Manasso 1st Pay Gateway has built an iPad-based POS solution that brings Big Data to small merchants—and incorporates top-notch security.

Risk in Review

Follow five steps to go beyond PCI DSS to ensure secure payment data—particularly when it comes to mobile devices and Cloud services

31 Ad Index 32 The Last Word

ETA’s strategy for cybersecurity advocacy

Transaction trends | March 2014 3

ETA Gateway

TRANSACT 14 – Connecting the Payments Technology World

reetings from ETA! Over the course of the past three months, ETA has been gearing up for our re-branded and re-energized annual show “TRANSACT: Powered by ETA.” ETA has owned and produced the world’s largest payments industry trade show for more than 20 years (2014 will be our 24th year, to be precise), and we expect this year to be our biggest to date! More payments industry business gets done during our show than any other place on earth. If you haven’t already done so, I suggest you register today—the future of your business could depend on connections you make at TRANSACT 14. ETA has experienced explosive growth in the past year as our membership has expanded to more than 550 global payments technology com-

Editorial Policy: The Electronic Transactions Association, founded in 1990, is a not-for-profit organization representing entities who provide transaction services between merchants and settlement banks and others involved in the electronic transactions industry. Our purpose is to provide leadership in the industry through education, advocacy, and the exchange of information. The magazine acts as a moderator without approving, disapproving, or guaranteeing the validity or accuracy of any data, claim, or opinion appearing under a byline or obtained or quoted from an acknowledged source. The opinions expressed do not necessarily reflect the official view of the Electronic Transactions Association. Also, appearance of advertisements and new product or service information does not constitute an endorsement of products or services featured by the Association. This publication is designed to provide accurate and authoritative information in regard to the subject matter covered. It is provided and disseminated with the understanding that the publisher is not engaged in rendering legal or other professional services. If legal advice and other expert assistance are required, the services of a competent professional should be sought. Transaction Trends (ISSN 1939-1595) is the official publication, published eight times annually, of the Electronic Transactions Association, 1101 16th St. N.W., Suite 402, Washington, DC 20036; 800/695-5509 or 202/828-2635; 202/828-2639 fax. POSTMASTER: Send address changes to the address noted above. Copyright © 2014 The Electronic Transactions Association. All Rights Reserved, including World Rights and Electronic Rights. No part of this publication may be reproduced without permission from the publisher, nor may any part of this publication be reproduced, stored in a retrieval system, or copied by mechanical photocopying, recording, or other means, now or hereafter invented, without permission of the publisher.

4 March 2014 | Transaction trends

panies. ETA represents the nation’s largest and most successful ISOs, acquirers, processors, and financial institutions, as well as the nation’s largest mobile network operators, technology companies, equipment manufacturers, security providers, and apps companies. As our association has grown, so too have our annual events. In 2013, our annual trade show (formerly called the ETA Annual Meeting & Expo) and our executive forum (the ETA Strategic Leadership Forum) hit all-time attendance, exhibitor, and square footage records. Why are companies coming together through ETA? To TRANSACT! And so, at TRANSACT 14: Powered by ETA, which runs April 8-10, 2014, at the Mandalay Bay Convention Center in Las Vegas, some 4,000 executives will gather to TRANSACT business. TRANSACT is where the world’s top payments and technology companies come together in one place, over three days, to do business. With a newly expanded education and conference

schedule, speakers from top global payments and technology companies, a 95 percent sold-out exhibit floor, and 4,000 attendees from 1,000 companies representing 24 countries, TRANSACT 14 is the gathering place to make connections with the biggest players in payments. TRANSACT 14 includes an increased selection of educational opportunities with seven conference tracks, longer trade show floor hours, and unlimited industry networking opportunities—all culminating in the TRANSACT Party at the Shark Reef Aquarium at Mandalay Bay. For more information about TRANSACT or to register today, visit www. electran.org/transact14. We can’t wait to see you there at the greatest payments technology show on earth! Kind Regards, Jason Oxman Chief Executive Officer Electronic Transactions Association

Electronic Transactions Association 1101 16th Street NW, Suite 402 Washington, DC 20036 202/828.2635 www.electran.org ETA CEO Jason Oxman COO Pamela Furneaux Director, Education and Professional Development Rori Ferensic Director, Membership and Marketing Del Baker Robertson Director, Communications Meghan Cieslak Publishing office: Stratton Publishing & Marketing Inc. 5285 Shawnee Road, Suite 510 Alexandria, VA 22312 703/914.9200; fax 703/914.6777 Subscriptions: 202/677.7411

Publisher Debra Stratton Associate Publisher & Editor Josephine Rossi Managing Editor Lia Dangelico Editorial/Production Associate Christine Umbrell Art Director Janelle Welch Contributing Writers Lia Dangelico, Douglas Klotnia, John Manasso, Bryan Ochalla, Julie Ritzer Ross, and Scott Talbott Advertising Sales Linda Baker Advertising Sales Manager Phone: 703-964-1240, ext. 13 Fax: 866-466-9187 Lbaker@conferencemanagers.com

INDuSTRYnews fast FACT

Less than 10 percent of merchants accepted mobile payments in 2013, according to LexisNexis, but approximately 25 percent expect to have the capability to do so by the end of 2014.

U.S. Identity Fraud Skyrockets, Amount Stolen Falls The total number of fraud victims in the United States increased by more than 500,000 to 13.1 million people in 2013, according to a new study from Javelin Research. Account takeover fraud hit a new record in incidence for the second year in a row and accounted for 28 percent of all identity fraud. Criminals increasingly turned to eBay, PayPal, and Amazon to make purchases

with the stolen information. In 2013, data breaches became more damaging, with one in three people who received a data breach notification letter becoming an identity fraud victim. However, the amount criminals stole decreased by $3 billion to $18 billion, reflecting more aggressive actions from financial institutions, identity theft protection providers, and consumers, says Javelin.

info GRAPH

Mobile Adoption Grows Across Travel, Gaming

Acquirersâ&#x20AC;&#x2122; Portfolio Compliance Rates Continue to Climb Percentage of respondents

30%

2011 2012 2013

20%

10%

<11%

11%-25%

26%-40%

41%-60%

Portfolio compliance rates Source: ControlScan, PCI Compliance and Small Merchants Infographic

6 March 2014 | Transaction trends

>60%

Mobile payments accounted for nearly 20 percent of all transactions worldwide in December 2013, a growth of 55 percent year-over-year, up from 13 percent the prior year, according to Adyenâ&#x20AC;&#x2122;s Mobile Payments Index. The report notes that tablets are the preferred device for higher-value mobile transactions. Mobile payment adoption through Q4 of 2013 and into 2014 has been rapid across all sectors. Nearly 30 percent of all travel transactions were made with a smartphone or tablet, up 22 percent from last year. Gaming has seen the greatest increase in mobile payments, up by 35 percent to 12 percent. Mobile transaction volume in retail also rose by one third to 23 percent.

News from the association

AROUND THE HORN First Atlantic Commerce is now integrated with Bookeo, an online reservation and scheduling system. First Data and The Members Group (TMG) are offering an expedited EMV implementation to qualifying TMG clients. Groupon is launching Deal Builder, a 24/7 self-service option for local businesses to build their own Groupon deal. Hybrid PayTech is partnering with Relation Payment Gateway Co. to develop and launch the HybridMPOS mobile payment solution for credit and debit cards in Japan. Infinite Peripherals (IPC) is partnering with Mercury Payment Systems to deliver cost-effective and secure payment solutions that are compatible with all of IPC’s products. In-

Data Breach Summit To Be Held at TRANSACT 14

Don’t be a mark—leverage the wealth of industry expertise delivered in the Data Breach Summit featured at TRANSACT 14: Powered by ETA. Industry innovators, security specialists, and top federal regulators bring you up-to-speed on how to avert risk, address incursions, and meet the evolving regulatory landscape through four top-propriety conference sessions: • Fraud Trends for Merchants and Payment Pros • EMV, Encryption, Tokenization, Mobile Security • Cyber Attacks, Data Breaches • Target Aftermath: Can Merchants, Payment Companies, and Consumers Work Together to Prevent the Next Breach? Register today at www.electran.org/transact14.

ETA Names Scott Talbott as Senior VP of Government Affairs

ETA announced the next step in its continued expansion of government relations activities with the hiring of seasoned financial industry and government affairs professional Scott Talbott as the association’s new senior vice president of government affairs. In this position,Talbott will be responsible for developing and executing ETA’s federal and state legislative and regulatory strategies on behalf of ETA’s more than 500 member companies.

genico is bringing together its European business and transactions business under the management of Pierre-Antoine Vacheron, EVP SEPA. Mercury Payment Sys-

tems introduced the Mercury Developer Network, a broad technical resource program for POS developers who want to connect with peers in building commerce solutions. OTI launched EasyFuel Plus, a consumer-oriented automatic payment solution for gas stations. Pay-

scape Advisors opened an office in Dallas, and hired Andy Laudenslager as district sales manager. RDM Corporation released its patented Simply Deposit Mobile remote deposit capture solution for mobile devices. Shift4 Corporation is celebrating 20 years in the payments industry. Shopify launched Shopify Plus, a one-stop eCommerce solution for large companies. USAePay released its mobile payment application serving Infinite Peripherals mobile peripheral devices in the iTunes App Store.

8 March 2014 | Transaction trends

CALENDAR: TRANSACT 14: Powered by ETA Mandalay Bay Las Vegas, NV April 8-10, 2014

2014 ETA Strategic Leadership Forum The Breakers Palm Beach, FL October 7-9, 2014

New Members

ETA is pleased to welcome the following companies to its membership.To inquire about a membership with ETA, please contact Del Baker Robertson, director of membership and marketing, at dbaker@electran.org. 1stPayGateway LLC Cherry Hill, NJ www.1stpaygateway.net

Ethoca Toronto, Ontario, Canada www.ethoca.com

ONPEX Munich, Germany www.onpex.net

Accord Business Funding Houston, TX

First Class Payment Systems LLC Spring Valley, CA www.firstclasspayment systems.com

Pagos LLC Chattanooga, TN www.pagosecure.com

Baker & Hostetler LLP Cincinnati, OH www.bakerlaw.com Bay Bank, FSB Columbia, MD www.baybankmd.com BillPro Newstead, Australia www.ipspbill.cc Blackstone Merchant Services Miami, FL www.blackstoneonline.com

FLYPOS San Sebastian de Los Reyes, Madrid, Spain www.flypos.es Keynetics Inc. Boise, ID www.keynetics.com Longitude Partners Inc. Terra Ceia, FL www.longitudeinc.com

SB Payment Systems LLC Germantown, TN www.sbpaymentsystems. com Skrill USA Inc. New York, NY www.skrill.com Vision Payment Solutions Portland, ME www.visionpayments.com

ZDS Financial LLC South Ogden, UT Maxwell Paper Canada Inc. www.zdsfinancial.com CRi Belleville, Ontario, Canada Omaha, NE www.clientresourcesinc.com www.maxwellpaper.ca

RISK IN REVIEW

Payments Security: So Much More Than ‘Checking a Box’

How acquirers can help merchants mitigate risks and better secure payment data By Douglas Klotnia

he Payment Card Industry Data Security Standard (PCI DSS) has been the standard bearer for payment security and has consistently increased awareness surrounding data security in line with the changing threat landscape. Some believe it is the single best documented security standard and enforcement methodology in any industry. Others have the somewhat unrealistic expectation that PCI’s charter should be able to eliminate card compromises, period.With tens of millions of entities touching cardholder data daily and using a myriad of technologies and acceptance types, PCI is setting a security standard for the most diverse, widespread network business co-op in the world—but it’s not a “silver bullet.” In today’s complex payments landscape where new technologies are being introduced every day, keeping up with the standard simply isn’t enough. When it comes to protecting cardholder data, the payments industry must understand that the PCI DSS is the floor, not the ceiling. Merchants need help identifying the risks they face even if they are following the standard, and the acquirer community can help mitigate those risks by providing programs that encourage more security surrounding sensitive data.

Mobile Vulnerabilities Protecting cardholder data is only getting more difficult. For example, an increasing number of retailers are using mobile point-of-sale (POS) devices for payment card transactions, 10 March 2014 | Transaction trends

such as an iOS device with a card reader attached, for the many benefits they offer. While the introduction of mobile payments may add value to the shopping experience, it also brings along risk and increased availability of cardholder data. Trustwave researchers recently discovered that some mobile devices have serious security vulnerabilities. While ethically hacking iOS mobile POS devices, a team of researchers found security weaknesses that enabled access to hundreds of customers’ payment card information in just 20 minutes. Simulating a real-life criminal, researchers “jail broke” the device, gaining control of its operating system and identifying that its software did not encrypt payment card information the moment a card was swiped. The team also was able to plant malware on the device and extract payment card numbers as the cards were swiped. Unfortunately, the PCI DSS doesn’t include requirements that specifically address mobile security. A retailer meeting the minimum requirement wouldn’t be protected against this sort of attack; and while the business may be PCI compliant, it would still be at risk of a serious cardholder data theft. As far as risks go, mobile is hot. According to the 2013 Trustwave Global Security Report, mobile malware increased 400 percent in 2012 alone. This increase shows the importance of securing all mobile devices, including bring-yourown-device (BYOD) equipment or, especially in the case of

When we say People-Centered Payments ®

We’re talking about you. Payments should revolve around people — not the other way around. That’s why we’ve committed to bringing you the platforms and partnerships you need to take your payments to the next level. For more than 30 years, we’ve provided ISOs and Acquirers with unmatched service and unwavering dedication. It’s payments with a purpose.

Get to know us

+1.480.333.7799 acq-sales@tsys.com www.tsysacquiring.com

Visit us at

14 TRANSACT m meeting roo

150

retail merchants, mobile POS devices. For the first time in three years, retail was the number one compromised industry in 2012, followed by food and beverage and hospitality, according to the report’s findings. Cardholder data was the primary data type targeted in 2012 and 2011. There is a well-established underground marketplace for stolen payment card data; it is bought and sold quickly for use in fraudulent transactions.

Understanding the Risks But mobile devices are not the only new technologies that could open the door to cybercriminals if not properly secured. Many merchants also are embracing Cloud services to cut down on costs and better serve multiple customers. However, it’s difficult to ensure that Cloud products are secure, and PCI doesn’t provide information that specifically addresses threats in a Cloud environment. Acquirers should help their merchants learn what kinds of security measures they need to take to secure their information while embracing the Cloud. Conducting a risk assessment, including penetration testing (or ethical hacking), can help merchants identify any potential attack vectors and better understand exactly what security controls they need to help secure those vectors before it’s too late. Here are a few steps acquirers and their merchants can take to understand the risks and security techniques to protect their environments: 1. L everage the PCI standard as a starting point; it remains the best roadmap to securing sensitive data in any industry. 2. Share the broader objectives of the business and how those objectives impact technology and data management with your security partners, Qualified Security Assessor, and any other internal or external entity. 3. Consider advanced security testing for environments with access to cardholder data—penetration testing and more advanced, forensic-like analysis are highly valuable and cost effective, particularly versus the cost of a clean-up post-compromise. 4. Evaluate endpoint security technology that integrates with a variety of platforms and performs malware defense, identification of sensitive data storage and egress, and other core security functionalities. 5. Mandate compliance of third-party partners, follow the “trust but verify” strategy, and force evidence from third parties that secure your organization’s sensitive data. As merchants continue to embrace new technologies such as BYOD, mobile POS devices, and Cloud services, they also face new threats. To best combat those threats, they should achieve PCI compliance as an outcome rather than a primary objective. “Checking the box” for security is no longer enough. To best secure their valuable information, merchants must understand attack sources, sequences, and tools surrounding attacks and update their security controls accordingly. TT

12 March 2014 | Transaction trends

Douglas Klotnia is general manager of compliance and risk management at Trustwave. Reach him at dklotnia@trustwave.com.

SIMPLIFYING PAYMENTS AROUND THE GLOBE

As an innovative leader in the payments industry, our mission is to forge partnerships through our innovative, reliable and secure payment solutions. We deliver value-added products and services and process over 50 billion dollars in transaction volume annually. These customized solutions reach more than 400,000 merchant businesses, in a variety of industries and sizes worldwide. Our strong infrastructure and state-of-the-art payment platforms ensure safe and secure payment transactions, allowing us to provide the most advanced payment options needed in the market today. ■

Card Processing Services

■

E-commerce Solutions

■

Smart Mobile Payments

■

Cash Advancements

■

Fraud & Security Prevention

■

Online Payment Acceptance

■

Risk Management

■

Recurring Billing

■

Accelerated Funding

■

Merchant Reporting

■

Terminal Support

■

Gift and Loyalty

> Smart partnerships build success. Learn more by visiting us at www.evopayments.com or calling 1.800.227.3794 United States | Canada | Europe

[ FEATURE ]

Best Practices and Self-Regulation

Inside the making of ETA’s guidelines on ISO underwriting and risk monitoring By John Manasso

KEY NOTES 8 ETA has issued the “ETA Guidelines on Merchant and ISO Underwriting and Risk Monitoring” guidelines in conjunction with 38 member companies.

8 With the FTC and other regulatory bodies taking a more proconsumer stance, the industry now must pay much closer attention to the cardholder experience.

8 While considered an extreme measure, the document suggests termination of an ISO partner when the ISO is not changing its behavior. Those actions could put the processor at risk.

ois Greisman admits that she is a “huge fan” of self-regulation. Greisman is the associate director for the divi-

sion of marketing practices at the Federal Trade

Commission (FTC), a division of an agency that increasingly is taking a closer look at the payments industry and using lawsuits and its other legal powers to regulate it. In a press release involving a lawsuit against Independent Resources Network Corp. (IRN) the agency issued on June 5 of last year, the FTC references its “ongoing crackdown on payment processors that turn a blind eye to fraud.”

14 March 2014 | Transaction trends

In March 2013, the FTC banned Automated Electronic Checking Inc. (AEC) and two of its principals from processing electronic payments as part of a legal settlement and ordered that the company pay $950,000, a sum that the agency said would be redirected to consumers. As a result of actions like these, the Electronic Transactions Association formed an industry working group of 38 ETA member companies to develop an educational program for the use of any ETA member company looking to learn about the best merchant onboarding and monitoring practices in the industry. It is entitled, “ETA Guidelines on Merchant and ISO Underwriting and Risk Monitoring.” “Best practices are a terrific start,” Greisman says. However, as that fan of self-regulation, she would like to see ETA put more teeth into its relationship with members. By definition, best practices are suggested minimum requirements. Greisman proposed the possible expulsion of members who are not in compliance with industry standards. “Sure, I’d like to see baseline requirements, not baseline suggestions,” she says. “I understand the dynamics of any given industry and how a trade association works, how it has to work through its membership or member organizations.” In terms of the issues at stake, Greisman offers her views on where the industry needs to be. She says the building block is that processors “must know the client” to avoid directly or indirectly facilitating fraud. Merchants who engage in deceptive or illegal business practices are among those the FTC is seeking to root out. Other federal agencies, such as the Consumer Financial Protection Bureau, also are zoning in on payments industry companies for similar reasons. “What the merchant is doing, how they are marketing the product,” Greisman says. “It’s a pretty basic business model…. You cannot stick your head in the sand because your fingers don’t di-

rectly know what’s going on. It’s just not acceptable…. “It’s your responsibility to know what they’re doing. It’s not enough to monitor chargebacks. Know how the product’s being marketed. Keep an eye out for high refunds or return rates… Why does one merchant have more than one merchant account? Why does one merchant have more than one descriptor? Why do they change merchant accounts from time to time? Tell-tale signs are not hard to spot if your eyes are open.” She also doesn’t distinguish between processors that have signed up tens or hundreds of thousands of merchants or those with many orders of magnitude fewer. “I don’t buy that,” she says. “‘I have 10,000 or 100,000 clients, I can’t keep an eye on them.’ This is your client. It’s your choice to increase portfolio.” As she put forth the concept that processors make a choice to add to their

portfolios, Greisman says if companies have to add staff or pay more to train existing staff on compliance issues, then that is a natural consequence of the businesses’ choices. “I think what they’re going to have to do is train staff and do what I think they should have been doing all along,” she says. “The Visa rules have been in place for many, many years. Acquiring banks will say you have to know merchant clients. You’re on the hook for them. I actually don’t think there’s anything remotely radical about knowing your client.”

Document Genesis ETA’s guidelines document was produced with input from executives representing 38 ETA member companies in conjunction with Deana Rich of Rich Consulting. She will travel to industry-specific events around the country, at which she will discuss the ETA guidelines developed by the working group. ETA also plans on creatTransaction trends | March 2014 15

[ FEATURE ] ing an educational outreach program that will be available at individual ETA member-sponsored events. Rich, in assisting ETA in this project, brings more than 20 years of industry experience—all on the risk, compliance, and fraud side. She has worked at a member bank, a high-risk ISO, and an aggregator and seen compliance, from numerous angles. She has worked with all of the card brands in helping them to monitor the implementation of their rules and to ensure that companies are following them properly. She also conducts classes for ETA University. In assembling the educational program, the group that Rich led considered state and federal laws, regulations, and guidance from materials issued by Visa and MasterCard, the FTC, Federal Communications Commission, the Office of the Comptroller of the Currency, the Federal Deposit Insurance Corporation, the Financial Crimes Enforcement Network (FinCEN), which is a division of the U.S. Treasury Department, and the Consumer Financial Protection Bureau. Jamie Graham, ETA’s senior government affairs manager, says ETA has been engaging the FTC to help define the areas that will keep members out of risk. In late 2013, Greisman met with some members of the group who were working on the best practices document to provide her input. She also has spoken at the ETA Annual Meeting & Expo and to other trade association groups in the past. She explains the FTC’s scrutiny on the payments industry is not necessarily new but says that perhaps the agency’s focus might have broadened. “I think the past law enforcement has not included the acquiring side,” she says. “Our cases have involved the check system, ACH processors, or what’s called remotely created checks, so I realize that it seems that there is a sudden whirlwind of interest, but the legal principles, the business practices are by no means new.”

Sales Tensions With the FTC and other regulatory bodies taking a more pro-consumer stance, the industry has had to react to something of a sea change, says Rich. 16 March 2014 | Transaction trends

“In the past when we underwrote merchants and brought in our sales, which is the merchants, we made sure their businesses were legal and so we made sure we knew who they were and what they did, and we made sure that they were complying with what we understood to be the existing laws,” Rich explains. “What we never did was look at it from a consumer point of view, and we never said, ‘Are they duping the cardholder? Are they lying to the cardholder?

our industry specifically, it’s now making more sense and this is going to help them do that.” Rich notes that most large processors already have chief compliance officers.

Best Practices Participation among the 38 member companies that helped to create the ETA guidelines was excellent, according to Rich, and discussions were filled with “great debate, healthy debate.”

“What we never did was look at it from a consumer point of view, and we never said, ‘Are they duping the cardholder? Are they lying to the cardholder? Where do they stand on that?’” —Deana Rich, Rich Consulting

Where do they stand on that?’ We really never went into the cardholders’ shoes, and that’s something we’re doing more now with the current regulatory focus… We now have to pay much closer attention to the cardholder experience.” According to Rich, some of what is in the ETA guidelines—smaller ETA member companies without in-house compliance resources possibly having to add staff on the compliance side—is simply bringing out a tension that has long existed in companies between the sales side of the house and the “non-sales” side. She has spent her entire career on the nonsales side. “Compliance falls on the non-sales side,” she says. “Any time you’re adding staff on the non-sales side, it’s a tough road because that doesn’t also generate income. So it’s not that people can’t; it’s that the proper incentive will have to be there. With increased government scrutiny on third parties in general and on

“I would say (the discussions) were overwhelmingly positive in that the people that chose to be on the committee wanted to be on the committee, wanted to give their input,” Rich says.“Some of the smaller companies wanted to give and learn all at the same time. I had some ISOs in the group that gave great contact in one vertical—maybe it was underwriting—but picked up great information in risk and that was their goal: to give and to get.” The document that the committee created and which was voted on and approved by the ETA board of directors has three sections and runs to a length of more than 100 pages.The sections are merchant underwriting, risk management of merchant accounts, and sponsoring and monitoring of ISOs. The guidelines make clear that some ETA members already have developed and deployed their own legal and compliance programs and may choose not to utilize ETA’s recommended guidelines.

ETA anticipates that many of its smaller ISO member companies will find the guidelines helpful, because many smaller companies simply do not have the inhouse resources to gather information about best industry practices. In terms of underwriting, the ETA guidelines will include specific recommendations for looking at a merchant’s prior history. These include suggestions for creating refund- and chargeback-ratio thresholds, which can help to identify an issue with a merchant that needs to be reviewed more deeply. Processors should conduct periodic reviews to ensure that merchants’ businesses have not changed. Those reviews also should include oversight to see whether sales, chargebacks, and refunds meet with what a processor expected when it signed up the account. Another suggestion is that processors set up a system of monthly reporting so that if issues need to be communicated to senior executives, a mechanism exists. Among the realities that processors will have to accept is that they will have to have a risk prevention officer.

That is particularly necessary for processors that sponsor higher-risk merchants. A staff that has an in-depth understanding of marketing practices is recommended in these cases. In terms of merchant risk management, processors should investigate activity that does not align with industry-established averages, especially those for defined verticals (an example of a vertical being the restaurant industry). If necessary and appropriate, processors should report suspicious activity to FinCEN. The ETA guidelines go so far as to suggest that for the highest-risk merchants, members engage in what the document calls “enhanced due diligence.” This includes reputation monitoring of these merchants and “secret shopping” to verify that merchants are complying with card scheme requirements, merchant account conditions, and consumer satisfaction practices. When it comes to sponsoring and monitoring ISO partners, ETA guideline suggestions include a review of the ISO’s principals, their background, their finan-

cial stability, and their methods of doing business. Formal training for ISOs also is recommended. If necessary, the document suggests such practices as on-site audits, portfolio analysis, reduction in underwriting authorities, increased oversight, and shadow-monitoring of the ISO’s underwriting process. While considered an extreme measure, the document suggests termination of an ISO partner when the ISO is not changing its behavior. Risky practices by the ISO partner could put the processor at risk. Some ETA members might already be following many of the steps outlined in the document. For others, it could mean significant, and perhaps painful, change. But in the current regulatory climate, members are best served by ensuring that robust compliance practices—whether their own in-house policies, or the ETA guidelines suggestions, or a combination of both—are in place. TT John Manasso is a contributing writer to Transaction Trends. Reach him at john_manasso@yahoo.com.

We Are Processing Network The

everywhereProcessingNetworkSM

More Than Your Payment Gateway... We’re Your Trusted Partner For close to two decades, eProcessing Network has carefully established a reputation for developing payment industry software and tools for online, brick & mortar and mobile merchants and developers in a variety of industries. ePN attributes its longevity and strong reputation among Resellers to anticipating trends within the payments industry, but more importantly, developing strategic partnerships Cloud-Enabling Payments Everywhere to help you attain and retain new merchants. Smart Phones

3 Mobile plans & pricing strategies allow Resellers to offer affordable, yet competitive solutions. Earn 100% residuals above the buy rate.

(800) 296-4810 eProcessingNetwork.com POS

Bill Pay

Customer Data Manager Accounting Recurring 123

123

Tablets

Websites

Inventory

In-Store Computers

123

Transaction trends | March 2014 17

[ FEATURE ]

cash credit? Are consumers changing their payment habits in the aftermath of the Target breach? KEY NOTES 8 Anecdotal evidence points to increased cash usages; however, this is not verified by Visa or MasterCard.

8 Long-term, consumers likely will be unable to permanently abandon the lifestyle choices that have led them to utilize credit and debit cards, such as automatic payment setup, and using a card for even the smallest of purchases.

8 Technophobia and insecurity of PIN debit is inducing a cadre of middle-aged and older consumers who prefer not to carry cash to “go back” to using their credit cards.

18 March 2014 | Transaction trends

By Julie Ritzer Ross

ince late December of 2013, the industry has been abuzz with speculation as to how the data breach at Target Corp., which exposed credit card and personal data on more than 110 million consumers, will impact the evolution of payment technology. However, there also are other burning questions—perhaps most significantly, how the Target breach, along with subsequent incidents at Neiman Marcus and other retailers, will alter consumers’ choice of payment methods. Statistics indicate that fewer credit and debit card transactions, and more cash payments, may be a byproduct of the breaches. Thirty-seven percent of respondents to a poll released in late January by The Associated Press and global market research firm GfK of Palo Alto, California, said they

had made an effort to cover their purchases with cash instead of credit or debit cards following the Target incident. Fewer participants (29 percent) changed passwords or requested new cards in the wake of the incident. Anecdotal evidence points in a similar

direction. In numerous newspaper articles published immediately and soon after the news broke, myriad consumers were quoted as saying that they now plan to carry and use cash rather than plastic, either all or some of the time and at other stores as well as at Target. Comparable sentiments appeared on the Facebook pages of Target and other retailers, with comments in the media and on the social media sites ranging from an emphatic,“I am carrying cash from now on,” to a succinct,“Cash! Simple as that.” When approached by Transaction Trends in mid-February, spokespersons for Visa and MasterCard declined to reveal if card usage rates had indeed declined in the two months since the breach was first announced. The same holds true for Target, while an American Express spokeswoman claims card usage was consistent with seasonal trends identified during the same period in prior years.

Permanent or Temporary? But whether and to what degree consumers have swapped credit and debit cards for cash, there also is the issue of how permanent the switch will prove to be. “Consumers’ habits will change; they will continue to use credit cards less and cash more,” asserts payments expert Lori Breitzke, president, E&S Consulting,Atlanta. Breitzke says the move away from this mode of electronic payment will remain the status quo until the banking industry “does something about security,” in turn rendering consumers sufficiently comfortable to return to their old payment patterns. She adds that merchants may suffer an unpleasant side-effect from a card-tocash trend in the form of a reduction in sales, as consumers typically tend to spend less per shopping trip when cash, not a credit card or even a debit card, is their mode of payment. Other pundits don’t quite see it that way. “From what we have observed for our (merchant) clients, consumers may be more nervous than before about using credit and debit cards, but it isn’t altering their behavior and shouldn’t going forward,” states Terry Redding, vice president, marketing and product development, CFI Group, Ann Arbor, Michigan. Redding,

whose firm applies analytics to consumer behavior to provide insight to companies in such markets as financial services, retail, and hospitality, claims consumers will be unable to permanently abandon the lifestyle choices that have led them to utilize credit and debit cards—if they do so at all. “We haven’t seen much of a real difference,” he says. “There is too much in the way. Consumers have their automatic payment setups, which they don’t want to abandon. They have become accustomed to swiping a card for even the smallest of purchases. They don’t want to carry wallets full of cash.” The executive believes the one move some—and only some—consumers may

of middle-aged and older consumers who prefer not to carry cash to “go back” to using their credit cards.“They figure that should they be scammed, they enjoy far more protection under federal law if they have used a credit card than with a debit card, because it’s the bank’s money, not theirs, to worry about,” he says.“Additionally, they know that debit cards are linked to bank accounts— and they are concerned about hackers getting in. Credit is less of a worry for them.” The expert relates an incident that occurred on the day before he spoke with Transaction Trends, in which he used a Visa-branded debit card to complete the purchase of office supplies at a big-box retailer.“I was sorry I had picked that card the

Thirty-seven percent of respondents to a poll released in late January... said they had made an effort to cover their purchases with cash instead of credit or debit cards following the Target incident. make in light of past and future data breaches will entail substituting prepaid debit cards for their traditional debit and credit counterparts.Although prepaid debit cards have typically been marketed to the unbanked and under-banked populations, he says, it is not inconceivable that consumers with bank accounts and/or lines of credit could be attracted to prepaid debit products. His rationale: The latter provide the same options as regular debit and credit cards (e.g. ATM withdrawals for cash; online and bill payment capabilities; access to loyalty, reward, and affinity programs; and the like), without housing sensitive personal account information found on those products. “Yes, the prepaid boom has reared its head,” concurs Scott Tivey, president of Weston, Connecticut-based payment advisory firm CNP-Solutions LLC.“But anecdotally, in looking at our merchant clients since the breach, we are seeing some other things starting to happen.” Tivey notes that technophobia and a lack of trust in issuers’ ability to shore up the security of PIN debit is inducing a cadre

minute I finished my PIN-based transaction,” Tivey admits.“I realized I would have felt safer had I gone with my corporate American Express card.” Based on feedback from CNP-Solutions’ merchant customers and personal observations,Tivey also cites a growing trend among younger consumers to seek other “bulletproof” alternatives to credit and debit cards. “Google Wallet is a case in point,” he elaborates. So, too, are platforms that enable payments to be set up and executed through consumers’ bank accounts;Western Union’s WU Pay comprises a key example. Like Breitzke and Redding, Tivey concedes that while the adoption of EMV chip technology has strong potential to minimize the incidence of data breaches, it will not eliminate them entirely.This may spur consumer migration to other alternative payment methods.“Nothing,” he concludes,“is written in stone.” Julie Ritzer Ross is a contributing writer to Transaction Trends. Reach her at jritzerross@gmail.com. Transaction trends | March 2014 19

[ FEATURE ]

A Conversation You Can’t Afford to Miss By Bryan Ochalla

TRANSACT 14: Powered by ETA brings the latest in payments education, innovation, and leadership to the entertainment capital of the world

f you want to be part of the payments industry conversation, participating in TRANSACT 14: Powered by ETA is a must. Compliance, cyber-security, data privacy and protection, EMV migration, mobile technology, and several other noteworthy topics will form the core of the conversations at the event, set to take place Tuesday,April 8, through Thursday,April 10, at the Mandalay Bay in Las Vegas. TRANSACT 14 is more than a simple re-branding of the Electronic Transactions Association’s signature ETA Annual Meeting and Expo; instead, it’s an all-out expansion of the ideas and topics that were put forth by and discussed at that seminal conference, which routinely has attracted upwards of 4,000 attendees from 1,000 companies in the payments technology and retail industries. Case in point: While last year’s ETA Annual Meeting and Expo featured approximately 15 educational ses20 March 2014 | Transaction trends

sions, TRANSACT 14 will showcase close to 80. And then there’s the fact that those 80 or so sessions will be divided among seven dedicated “tracks”—one each devoted to compliance, international, investment, merchants, mobile technology, policy, and sales.

Laser-Focused Educational Tracks The compliance track—which will cover hot-button topics such as fraud, risk, and security—is sure to be especially popular with TRANSACT 14 attendees in light of the recent and newsworthy data breaches of major retailers like Target, Neiman Marcus, and others. This particular series of sessions, which will be led by a slew of industry experts, will provide attendees with the tools to help prevent future breaches and protect consumer data.This track “presents an unparalleled platform for payments technology leaders to engage in dialogue on real-world solutions protecting our interests

and those of the customers we serve,” says Jason Oxman, ETA’s chief executive officer. TRANSACT 14’s mobile and technology track, on the other hand, will provide attendees with front-row access to experts in this growing segment of the payments ecosystem. “Mobile transactions will represent 30 percent of all retail by 2018, so the importance of a dedicated mobile and technology educational track can’t be understated. The industry expertise provided will be an invaluable resource for companies,” says Oxman. This track, which is being sponsored by PayPal, will feature a keynote by Brad Brodigan, the company’s vice president of retail, North America. Among the topics set to be discussed during the mobile and technology track: convergence, face-to-face models in mobile payments, the future of money, mobile acceptance by vertical market, and mobile payment in a remote environment.

Further Expansion Beyond educational sessions,TRANSACT 14 will expand on the ETA Annual Meeting and Expo in other areas. For example, during the ETA President’s Dinner & Star Awards Gala, which is being sponsored by Visa, the new Member of Congress Payment Advocate Award will be pre-

Bardin

Buse

Galant

Meet the Keynotes The following trio of industry titans will open TRANSACT 14 with keynote addresses covering a wide range of topics that should prove valuable to both veterans and newcomers alike: Ariel Bardin is vice president of product management and payments at Google Inc., where he is responsible for product strategy and business development for Google Payments. As Visa’s executive vice president of global solutions, Elizabeth Buse focuses on implementing, managing, and growing the organization’s wide range of solutions. Before he was named chief executive officer of VeriFone, Paul Galant served as the chief executive officer of Citigroup Inc.’s Enterprise Payments business since 2010. Look for more information about, and brief interviews with, all three of these leaders in the April issue of Transaction Trends.

Las Vegas: Off the Beaten Path Looking to do something unique while attending TRANSACT 14? Here are six options that will take you away from the clamor and craziness of the Strip. Dig This—Have you ever dreamed of getting behind the wheel The Neon Museum and Boneyard—Yes, another of a bulldozer or excavator and playing around in a decidedly adult-

museum. This one focuses on showcasing neon signs that basically

sized sandbox? That’s exactly what you’ll get to do if you wander

were forced into retirement when their businesses shut their doors

over to this off-the-Strip establishment.

(or when they were replaced with more modern variants, in some

The Mob Museum—In a city full of museums of all shapes

cases).

and sizes, this one—housed inside a former federal courthouse,

Ethel M Chocolates—Located in nearby Henderson, this

interestingly enough—has to be one of the most intriguing. After

one’s a bit further away from the action, but who wouldn’t be will-

all, how many others allow visitors to try on a pair of brass knuckles

ing to take a slight trek to not only tour a chocolate factory but also

or sit in an out-of-commission electric chair?

check out a local water-reclamation project?

The National Atomic Testing Museum—Should the

The Springs Preserve—This “oasis in the desert” also is

above prove a bit too scary for you or your companions, this venue

located a bit further from the Strip but should be well worth your

may be a bit more up your alley. Don’t worry, nothing’s detonated

while—especially if you’re a fan of botanical gardens. It’s also a great

here; instead, this museum documents the history of nuclear testing

place for folks who enjoy hiking, as almost two miles of trails sur-

in the desert north of Las Vegas.

round The Springs Preserve.

Transaction trends | March 2014 21

[ FEATURE ]

“For more than two decades, ETA has produced the signature annual payments event, convening and accelerating change within the industry. Now with the re-energized TRANSACT 14 this spring, ETA brings that strength of experience to create the single best place to do business in payments, technology, and commerce.” —Jason Oxman, CEO, ETA sented to a legislator who supports the payments industry and is a champion of causes important to ETA and its members. Also,TRANSACT 14 will feature an expanded trade show floor that’s expected to be filled with more than 200 of the industry’s leading vendors. Not only that, but the exhibit area will include space for two special “zones” that will pique the interest of a wide variety of attendees: the Mobile Pay Zone and the Payments Next Zone. The former is sure to create a buzz considering the mobile economy is undergoing expansive growth and creating exciting opportunities to increase revenue for all involved. It will showcase a wide variety of mobile-based innovations as well as the businesses and partners behind them—companies that represent 22 March 2014 | Transaction trends

the entire mobile payments ecosystem, from the nation’s largest mobile network operators, to payments apps, to handset manufacturers, to POS software and terminal solutions, and everything in between. The Payments Next Zone, on the other hand, has been designed for small companies looking to bring their new electronic payments technology product or service to market. In addition, an innovative startup competition will be held as part of this Bill & Melinda Gates Foundation-sponsored portion of TRANSACT 14. This “Shark Tank”-like experience will showcase new electronic payments technology products that aim to assist underserved people and communities. Another highlight of TRANSACT 14 is

expected to be the pair of CEO Roundtables that will focus on acquirers and processors, respectively. The CEO Roundtable for acquirers will be led by Donald Boeding, president of Vantiv; Brian Mooney, chief executive officer of Bank of America Merchant Services; and Debra Rossi, executive vice president at Wells Fargo. The CEO Roundtable for processors will be led by Robert Carr, chairman and chief executive officer of Heartland Payment Systems; Mark Pyke, president of TSYS; and Jeffrey Sloan, president and chief executive officer of Global Payments. These executives “possess an unmatched depth of knowledge regarding business opportunities and challenges in the payments industry,” Oxman says. “These industry luminaries will impart knowledge applicable in the real world to every company in the payments ecosystem.” Finally, there’s the just-announced Data Breach Summit. During this event, industry innovators, security specialists, and top federal regulators will share their expertise regarding how to avert risk, address incursions, and meet the evolving regulatory landscape through the following conference sessions: •C yber Attacks, Data Breaches • EMV, Encryption, Tokenization, Mobile Security • Fraud Trends for Merchants and Payment Pros • Target Aftermath: Can Merchants, Payment Companies, and Consumers Work Together To Prevent the Next Breach? Whether you’re an electronic payments titan or an industry aspirant, the Data Breach Summit and all of the other TRANSACT 14 events should provide an unmatched opportunity to underscore your commitment to intercepting threats before your clients become the next casualty. TT Bryan Ochalla is a contributing writer to Transaction Trends. Reach him at bochalla@yahoo.com.

Here’s your first look at the exhibitors participating in the all-new TRANSACT 14, April 8-10 in Las Vegas. For more information about the TRANSACT 14 experience, visit www.electran.org/events/transact14/. @Pay

Apriva

BIXOLON America Inc.

Booth #612

Booth #665

1st PayPOS

www.apriva.com

www.bixolonusa.com

Arroweye Solutions

Biz2Credit Inc.

Booth #1454

Booth #361

www.arroweye.com

www.biz2credit.com

Ascert, LLC

Blackstone Merchant Services

Booth #453

Booth #1367

www.ascert.com

Bluebird Inc.

Booth #668 Booth #622B

www.1stpaygateway.net

Accel

Booth #1057 www.accelexchange.com

ACI Worldwide Booth #1154

www.aciworldwide.com

Actum Processing Booth #327

www.actumprocessing.com

Affirmative Technologies, Inc. Booth #1027

www.affirmativeusa.com

Authorize.Net

Booth #1053

Booth #406

www.bluebirdsoft.com

www.authorize.net

BridgePay Network Solutions

AuthoTrans Digital Marketing

Booth #1254

Booth #1105

www.bridgepaynetwork.com

www.authotransdigital.com

Brighterion

Avalon Solutions Group Booth #1353

Alaric Systems

Azura Leasing

American Express

www.azuraleasing.com

Booth # 1136 Booth #542

American Finance Solutions Booth #339

www.americanfinancesolutions.com

Aperia Solutions Booth #419

www.aperiasolutions.com

APG Cash Drawer, LLC Booth #1166

Booth #1357

www.brighterion.com

Booth #753

Banking Production Center B.V. Booth #1362

www.bpcbt.com

BillPRO Pty Ltd. Booth #767

Bitel Co., Ltd. Booth #1265

www.bitelpos.com

C&H Financial Services

C&H Financial Services is progressive, focused on quality services driven by customers’ needs across the United States and Canada. We offer a broad range of products and services with our advanced technologies, reduction of costs, world-class service and support, small business funding, POS, and innovative next-generation credit card processing solutions. Transaction trends | March 2014 23

Capital Access Network, Inc.

COCARD

Elavon

www.capitalaccessnetwork.com

www.cocard.net

www.elavon.com

Card Resource Group

ControlScan

Electronic Merchant Systems

CardConnect

www.controlscan.com

www.emscorporate.com

Booth #822

Booth #761

Booth #1258

www.cardconnect.com

CardFlight Booth #661B

Booth #516

Booth #844

Booth #860

www.level2kernel.com

Credorax Booth #738

Booth #356

www.credorax.com

www.cardinalcommerce.com

CRI

Booth #427

www.cardwareinternational.com

CarePoint Managed Services, LLC Booth #1134

Casio America, Inc. Booth #1128

www.casio.com

Booth #1032

CreditCall Corporation

Cardinal Commerce

CardWare International

Booth #304

Booth #663

CrossCheck, Inc. Booth #632

www.cross-check.com

Current Components Inc. Booth #568

CUSTOS MOBILE S.L.

eProcessing Network, LLC Booth #617

www.eprocessingnetwork.com eProcessing Network (ePN) specializes in secure, real-time transaction processing services, solutions, and support for all SMBs. ePN is certified to process electronic payments through all major credit card, check/ ACH, and gift card/loyalty processors, selling exclusively through the ISO/reseller sales channels. ePN is PCI/PA-DSS compliant.

Booth #353

Cutter LLC

Epson America, Inc.

www.cutterfinancial.com

www.pos.epson.com

Dejavoo Systems

Equinox Payments LLC

www.dejavoosystems.com

www.equinoxpayments.com

Chetu Inc.

Digicom International, Inc./ POS Bank

Ethoca

http://chetu.com/i_finance.html

www.digicomint.com

Clear2Pay

Digital Donations

Chase Paymentech Booth #638

www.chasepaymentech.com

Checkgateway, LLC Booth #744

www.checkgateway.com Booth #934

Booth #315

Booth #363

Booth #644

Booth #1038

Booth #562

http://clear2pay.com/pages/en/solutions/testing.htm

Dinerware

Clearent

www.dinerware.com

www.clearent.com

Discover Financial Services

Coalfire Systems, Inc.

www.discovernetwork.com

Booth #1028

Booth #365

24 March 2014 | Transaction trends

Booth #958

Booth #600

Booth #620

Booth #412

Booth #1155 www.ethoca.com

ETS Corporation Booth #866

www.etsms.com

FlyPOS

ID Analytics

http://www.flypos.es/

www.idanalytcs.com

Fora Financial

ID TECH

www.forafinancial.com

www.idtechproducts.com

Forte Payment Systems

Impact Payments Recruiting

Futurex

www.go-impact.com

Booth #656

EVO

EVO Payments International is a leading privately held payment processor and merchant acquirer. EVO processes for thousands of merchants, ISOs, financial institutions, government organizations, and multinational corporations throughout the United States, Canada, and Europe. EVO enables merchants to accept payment cards through a variety of methods, including POS terminals, mobile devices, and payment transactions conducted over the Internet.

ExaDigm, Inc. Booth #654

www.exadigm.com

ExecuTech Lease Group Booth #329

www.elgleasing.com

Eye4Fraud Booth #1370

www.eye4fraud.com

FeedZai

Booth #558 www.feedzai.com

First American Payment Systems

Booth #1132

Booth #333 Booth #319

www.futurex.com

Booth #337

Booth #305

Booth #554

Infinite Peripherals, Inc. Booth #653

G2 Web Services

Ingenico North America

www.g2webservices.com

www.ingenico.us

GB Frank International/ROMO Durable Graphics

iPayment, Inc.

Booth #1004

Booth #1033

www.gbfrank.com

General Credit Forms, Inc. Booth #954

www.gcfinc.com

GHL Systems Booth #1364

Givex

Booth #556

Global Payments, Inc. Booth #904

www.globalpaymentsinc.com

GO3 Solution

Booth #754

Booth #1144

www.ipaymentinc.com

ISIS

Booth #454 www.paywithisis.com

IT4Merchant Solution Ltd. Booth #367

JCB International Credit Card Co., Inc. Booth #615

www.jcbusa.com

JetPay LLC Booth #344

www.jetpay.com

Booth #838

Booth #335

www.first-american.net

GRP Funding, LLC

Booth #1130

Booth #316

www.kirkpatrickprice.com

Booth #716

www.grpfunding.com

Kount Inc.

www.firstdata.com

Harbortouch

Booth #667

Booth #1044

www.kount.com

ICG Software - Hio POS

Ladco Global Leasing Solutions

Booth #1120

Booth #303

www.icgsoftware.us

www.ladco.com

First Data

First National Technology Solutions Booth #1015

www.fnts.com

KirkpatrickPrice

Transaction trends | March 2014 25

Layered Technologies Booth #928

www.layeredtech.com

Leaf (Leaf Holdings, Inc.)

North American Bancard

Booth #330

Booth #460

www.leaf.me

MagTek, Inc. Booth #428

www.magtek.com

MasterCard Worldwide Booth #816

www.mastercard.com

Merchant Cash & Capital Booth #1354

www.merchantcashandcapital.com

Merchant Cash Group Booth #331

www.merchantcashgroup.com

Merchant Warehouse Booth #320

www.merchantwarehouse.com

Merchants’ Choice Payment Solutions

National Merchants Association Booth #343

www.nationalmerchants.org National Merchants Association facilitates global transactions for thousands of merchants while educating business owners about merchant services rules and regulations. Through recent global expansion with offices in Canada, Europe, and Australia, National Merchants Association is one of the fastest growing processors in the world for both card-present and high-risk transactions. www.nationalmerchants.org, www.iso4nma.com, 866/509-7199.

Networking Area Booth #762

New POS Technology Ltd. Booth #355

www.mcpscorp.com

www.newpostech.com

Mocapay

Nextwave Enterprises

Booth #1019

Booth #1062

www.mocapay.com

http://www.nextwavefunding.com/

My Clear Reports

Norse Corporation

NACHA - The Electronic Payments Association Booth #1153

www.nacha.org

As an industry leader, North American Bancard offers the best lifetime residual program in the business. Our superior support and business tools, combined with the ability to place free equipment and offer no cancellation fees, all while keeping your bonuses, gives our agents an incredible opportunity to close more deals.

Northern Leasing Systems Booth #422

Booth #362

Booth #1054

www.gonab.com

Booth #332

www.norse-corp.com

www.northernleasing.com Northern Leasing Systems has been the leader in terminal and POS leasing for over 20 years, serving the United States, Canada, Puerto Rico, and the United Kingdom. Contact: richard.hahn@northernleasing.com.

NVMS, Inc. Booth #956

www.nvms.com

On Deck Capital Booth #1016

www.ondeckcapital.com

ONPEX GmbH Booth #755

Paay

Booth #658 www.paay.co

Paragon Application Systems Booth #1115

www.paragonedge.com 26 March 2014 | Transaction trends

PAX Technology, Inc.

Planet Payment Booth #916

Retailcloud

Booth #436

www.pax.us

www.planetpayment.com

www.retailcloud.com

Payment Alliance International

Plug â&#x20AC;&#x2DC;n Pay Technologies Booth #1021

RingCentral

Booth #437

www.gopai.com

www.plugnpay.com

www.ringcentral.com

Payment World LLC

POS Portal Booth #520

Riskified

Booth #1116

www.paymentworld.com

www.posportal.com

ROAM

PayPal

Powa Technologies Limited

Booth #662A

Booth #730

Booth #606

www.roamdata.com

www.paypal.com

www.powa.com

RS2 Software

Payvision

Principis Capital

Booth #1066

Booth #938

Booth #301

www.rs2.com

www.payvision.com

www.principiscapital.com

Salesgenie

PCI Compliance

Priority Payment Systems

Booth #1127

Booth #1103

Booth #854

www.salesgenie.com

www.gotpci.com

www.prioritypaymentsystems.com

SecurityMetrics

PCI Security Standards Council

ProfitStars

Booth #530

Booth #621

www.securitymetrics.com

www.profitstars.com

Settlement Recovery Group

Booth #1355

Pivotal Payments Booth #765

www.pivotalpayments.com

Booth #1029

Booth #1117

Booth #354

Quick Bridge Funding

Booth #763

Booth #1017

www.srgllc.com

www.quickbridgefunding.com

Shift4 Corporation

Quiktrak, Inc. Booth #922

www.quiktrak.com

Booth #1262

ShopKeep POS Booth #1157

Planet Group, Inc.

Recombo Inc.

Booth #309

Booth #1109

www.planetgroupinc.com

www.recombo.com

www.simplycharged.net

Planet Group, Inc. turns technology into valuable business solutions for the electronic payments industry. The company offers merchant payment processing, gift and loyalty programs, customer e-correspondence, business process management, technology managed services, and more to help payments companies streamline business processes, reduce costs, and enhance productivity. Please visit www.planetgroupinc.com.

Red Oak Payment Solutions

Socure

Booth #657

Simply Charged Inc. Booth #1138

Booth #664

Repeat Returns

www.socure.com

www.RepeatReturns.com

SPECTRA Technologies Holdings Co. Ltd.

Booth #932

Retail Capital LLC Booth #1114

Booth #944

www.spectratech.com

Transaction trends | March 2014 27

Star Micronics Booth #338

www.starmicronics.com

Strategic Funding Source, Inc. Booth #429

www.sfscapital.com

Super G Funding, LLC Booth #1125

www.supergfunding.com

Swift Capital Booth #328

www.swiftcapital.com

Switch Commerce Booth #466

www.switchcommerce.com

Sword & Shield Enterprise Security Booth #1256

Sysnet Global Solutions Booth #1006

www.sysnetglobalsolutions.com

Tarang Software Technologies Booth #666

www.tarangtech.com

The Funding Tree, LLC

Total Merchant Services

Groovv is built to help you open more doors and close more deals. It’s an all-new set of processing, POS, and marketing solutions. It’s launching at ETA TRANSACT 14. It’s something big from Total Merchant Services, and it’s here to help you and your customers grow.

Transax

Booth #1126

TranSEND IT Booth #1161

TransFirst Booth #502

www.TransFirstSales.com

TranzLogic Booth #455

www.tranzlogic.com

Trustwave Booth #810

www.trustwave.com

Booth #1107

Uniform Industrial Corp.

The Phoenix Group

www.uicworld.com

www.phoenixgrouppos.com

UnionPay International

topcreditcardprocessors.com

www.en.chinaunionpay.com

www.eventuresworldwide.com

United Merchant Services

Booth #415

Booth #318

Booth #1268

Booth #626

Booth #444

www.unitedmerchant.com

USAePay

Booth #1008 www.usaepay.com USAePay is a Level 1 PCI-compliant payment gateway provider offering channel-friendly payment solutions for over 15 years, allowing merchants to process secure and safe transactions. The USAePay payment gateway supports all major platforms in the credit card industry and is certified for MOTO, retail, ecommerce, and mobile payment processing.

V12 Group Booth #964

Valutec Card Solutions, Inc. Booth #299

www.valutec.net

Vantiv

Booth #800 www.npc.net

Venable LLP Booth #1121

www.venable.com

Vericheck Inc. Booth #1018

www.vericheck.com

VeriFone, Inc. Booth #702

www.verifone.com

VISA, Inc. Booth #400

www.corporate.visa.com

vPromos, Inc. Booth #1026

www.vpromos.com

World Gift Card Booth #433

www.worldgiftcard.com 28 March 2014 | Transaction trends

Startup Stories: 1st Pay Gateway

Filling the Void Cloud-based POS system helps 1st Pay Gateway’s merchants optimize and secure mobile payments By John Manasso

hen Tom Fraser founded 1st Pay Gateway in 2010, he envisioned the creation of a point-of-sale (POS) system that would incorporate top-notch security. As it would happen, three years later high-profile security breaches at large retailers such as Target and Neiman Marcus—not to mention other incidents along the way—would validate the need for such a product. Forty million debit and credit card accounts were hacked between Nov. 27 and Dec. 15, 2013, at Target. At Neiman Marcus, one of the country’s best known upscale retailers, more than 1 million cards appear to have been compromised. 1st Pay Gateway’s ideal customers are not merchants at as vast of a scale as those. However, in terms of security needs, small merchants are no different than their larger brethren. Fraser says 1st Pay Gateway’s system is “one of the very few” that provides end-to-end encryption. “Out there in the industry we felt there was a void for people providing those kinds of services, especially in the ISO and agent market,” says Fraser, the company’s president and a long-time veteran of the payments industry whose career has included stops at First Data and Walker Interactive Systems, which became Elavon. “So we focused on providing a unique value proposition with superior service and sales support with the combination of innovative products targeted for merchants that are serviced by the ISO and agents but also with an emphasis on credit card data security.”

Analytics Answer Small merchants, seemingly in large numbers, are migrating to iPad-based POS systems. As a result, 1st Pay Gateway con-

1st Pay Gateway | Cherry Hill, New Jersey

Tom Fraser

Ray Kenney

figured its solution to work with the iPad.The system features remote reporting and analytics. The Cloud-based platform brings Big Data to small merchants, says Fraser. 1st Pay Gateway also plans on launching a proprietary gift card platform and a loyalty program to go with its system. “The analytics are really powerful,” he says. “They show small merchants what’s selling, what’s not selling, and also their product margins to help them maximize their revenue and profitability.” Fraser and Ray Kenney, vice president of sales, provided some insight into the granular nature of the analytics that their software provides: Merchants can track what they sell along with what Fraser called “modifiers.” He used the example of a coffee shop that can track the added flavorings that customers purchase for their drinks.

www.1stpaygateway.net

Founder: Tom Fraser Employees: 15 Transaction trends | March 2014 29

Startup Stories: 1st Pay Gateway

But the data can drill down to much deeper levels, especially as it concerns employees. In addition to when employees clock in and clock out, the merchant learns much more about their skills and abilities, or lack thereof. “I can dial in and in real time see what’s going on in my establishment,” Kenney says of a small business owner. “I can see sales by hour. I can see sales by employee. I can see margins by employees so if I can identify an employee who’s doing better than another, I can ask the key questions to find out why that is. “Maybe they’re doing a better job of upselling at the point of sale than the other employees so that [the merchant] can train that employee to do a better job. Using analytics, you can significantly help increase the sales that that business can receive.” Fraser explains another way that some customers of 1st Pay Gateway, which is located in the Philadelphia suburbs in Cherry Hill, New Jersey, are using their system. Some “urban minimarts” in the Philadelphia area might have as many as 5,000 products for sale. Using 1st Pay Gateway’s iPad POS solution in conjunction with a Blue Tooth bar code scanner, the minimarts have used the software to speed up checkout lines and help the merchants keep shelves better stocked with their top-selling merchandise.

Changing the Conversation 1st Pay Gateway’s niche is a fairly competitive one. Fraser estimated that about 10 companies compete in iPad POS sphere. He was polite in not wanting to name the inventor of the technology whose space his company has leaped into, Square. “Probably the most famous one might have created this space, the difference being that they didn’t focus on card security,” Fraser says.“None of their card readers were secure. They don’t provide service. They don’t have an 800 number you can even call for service. “There’s a huge opportunity for the ISO community to evolve into this niche and offer these products to their merchants” that want to use a smart device and have analytics and remote-reporting capabilities.“All these powerful tools we can provide them but at a very low cost and yet add the security and value to it, as well.” 1st Pay Gateway developed the system by listening to the needs of its partners. Fraser says at first the company considered its options, such as the Android phone, but ultimately elected to build around the iPad. He says the system took more than a year, from research to final testing, and a lot of long hours to build. But he says it was a labor of love. The company’s initial concept sprang from a desire to reduce the PCI data security burden for online payments. The system it has built allows consumers to make recurring payments without the need to re-enter card data after the initial payment. 1st Pay Gateway’s method removes the handling, transmitting, or storing of any card data on the merchants’ part, which accomplishes that goal of helping the merchant to meet the PCI standards. 30 March 2014 | Transaction trends

WORDSTOTHEWISE � When starting a new company, long hours are required, and you have to “tough it out,” says 1st Pay Gateway President Tom Fraser. “I think that when you come up with a concept, it’s real easy to start taking shortcuts to get there faster, whether it’s skipping the security part or something else,” he says, “and I would just say you have to tough it out. Make sure you do it right to provide a high-level quality product.” �

The payments industry needs to change the conversation away from pricing, says Ray Kenney, vice president of sales. Try to provide the merchant with something that is new and exciting and that will help the merchant flourish. “What I’ve seen in the industry, we all have for years and years and years, is everyone gets bogged down on focusing on rates all the time,” Kenney says. “That’s well and good. I can save someone a few pennies here and there but try to see the things that are really going to help out the merchant. Are you doing them a service? Are you helping them become successful and then improving the quote-unquote ecosystem by doing that? “If you want to help them succeed then you see it as a win-win-win. We’re delivering technology that the salespeople can sell and the merchants are going to benefit from it. You want to have that differentiation by providing that value proposition.”

� The primacy of security is “one of the most important things today that we as third-party providers and the ISO can provide their merchants,” Fraser says. Focus on security so that “merchants customers have peace of mind for their card data.”

By talking to ISOs and merchants, the company is helping to “change the conversation,” says Kenney. “Instead of focusing the time on rate and basis points— merchants gets 10 calls a day or a week from an agent or an office about how they can save on processing—they’ve heard that a million times,” he says. “You’re delivering technology, something that’s going to benefit merchants and provide that value proposition. You’re talking to merchants about how’s this going to benefit [them], how it can help [them] better manage [their] day-to-day operations with the security, the reporting, and the Visa training and increasing [their] sales by leveraging those analytics and the gift card and loyalty

program to attract more business.” Another selling point for 1st Pay Gateway’s system is the way it can work with multiple merchant identification numbers (MIDs). Some merchants have multiple locations or business names but they want to process and have the information reported from one gateway as one DBA, or Doing Business As. 1st Pay Gateway can provide what it calls “multi-MID capabilities” so that it can handle multiple identification numbers and multiple merchant accounts on one gateway.

“It makes life easier for them,” Kenney says.“It saves hours and hours for them…. It streamlines that data and makes it easier for financial people to report.” So while 1st Pay Gateway’s niche might not be large retailers, it has been able to attract some high-volume accounts. With such an understanding of needs in the industry, 1st Pay Gateway’s principals did not have a difficult time finding funding for their idea when they wanted to create the company. The company, which is up to 15 employees, is privately funded. Fraser says the combination of customer service and security has gotten 1st Pay Gateway to where it is. “That’s kind of unique for us in our industry—we actually do help,” he says. “ISOs and agents are not technologically well versed—especially the ssalespeople, which you wouldn’t expect them to be—so that’s a void that we really feel we fill. We get on the phone with those salespeople and help them through the technical aspects of any product we have.” TT John Manasso is a contributing writer to Transaction Trends. Reach him at john_manasso@yahoo.com.

Advertisers index Company Authorize.Net

Page

Phone

C2 866-437-0491

Web www.authorize.net

C&H Financial Services, Inc.

855-600-2437

www.chfs.us

eProcessing Network, LLC

800-296-4810

www.eprocessingnetwork.com

EVO Payments International

800-227-3794

www.evopayments.com

First American Payment Systems

817-317-2901

www.first-american.net

Northern Leasing Systems

877-325-6469

www.northernleasing.com

877-859-0099

www.pax.us

Planet Group Inc.

800-979-9166

www.planetgroupinc.com

Security Metrics

801-995-6860

www.securitymetrics.com

TSYS Acquiring Solutions

480-333-7799

www.tsys.com

Total Merchant Services, Inc.

877-498-2807

www.totalpartnership.com

USAePay

12 866-490-0042

PAX Technology, Inc.

www.usaepay.com

Transaction trends | March 2014 31

Get Ahead of the Crowd. Get Certified.

The Standard for the Payments Industry “ETA CPP sets you apart by validating your competency, increasing your value to an organization and demonstrating your commitment to the profession.” —Holli Targan, Jaffe, Raitt, Heuer & Weiss, P.C.

“ETA CPP is a great benefit to the payments industry. Industry-wide certification increases confidence among service providers and demonstrates our industry’s ability to self regulate.” —Deborah Brown, CPP, TriSource Solutions

WHY ETA CPP?

2014 TESTING WINDOWS, DEADLINES, & FEES

Recognition of your knowledge, skills and competence by a third party

Enhancement of your credibility and professional reputation

Demonstration of a high level of commitment to the field of practice

ETA CPP Testing Windows

Application Deadlines

Employer and industry support for continued professional development

May 1 – 31, 2014

April 1, 2014

Potential career advancement and / or increased earnings opportunities

November 1 – 31, 2014

October 1, 2014

ELIGIBILITY REQUIREMENTS n

1 year of industry-related experience* and a high school diploma, associate or bachelor’s degree, OR 3 years of industry-related work experience*.

Recommendation and sign-off of a supervisor or individual in a management position at an industry-related company.

Signature on a candidate attestation.

All requirements must be completed prior to submitting your application for the examination. *Industry-related experience is defined as full-time work experience in: 1) a payments-related company that sells, distributes and/or provides electronic payments-related products, services or solutions to merchants and businesses, or 2) a company that services or is a consultant to a business described above.

1101 16th Street, NW, Suite 402 Washington, DC 20036 800-695-5509

Applications received after the postmark deadline will automatically be deferred to the next available testing window.

Exam fee* Member

$350

Non-member

$450

* Includes a $125 non-refundable application processing fee

For more details about the ETA CPP program: visit www.electran.org/CPP call 1.800.695.5509 email rferensic@electran.org

www.electran.org

Data Breach Mobile Payments Apple Payments Google Wallet Coin Square Bitcoin

may be the most important year in payments history

will be the most important 3 days of the year

MANDALAY BAY / LAS VEGAS be a part of history - www.transact14.com C O N N E C T I N G T H E PAY M E N T S T E C H N O L O G Y W O R L D

The Last Word

Cybersecurity: The View From Washington How policymakers are directly affecting our industry By Scott Talbott

TA’s government relations and policy activities are critical to the success of the payments industry. Every day, we focus on advancing the interests of ETA members before policymakers in Washington. The recent data breaches at national retailers are no exception.The high-profile breaches have resulted in a flurry of congressional hearings as well as the introduction of legislation dealing with the issue. Now, more than ever, ETA’s voice is crucial to help ensure that Congress and federal regulators move forward with good public policy solutions and to keep harmful ideas from advancing. In early February, four hearings were held on: Safeguarding Consumers’ Financial Data (Senate Banking Committee, Subcommittee on National Security and International Trade and Finance); Privacy in the Digital Age: Preventing Data Breaches and Combating Cybercrime (Senate Judiciary Committee); Protecting Consumer Information: Can Data Breaches Be Prevented? (House Energy and Commerce, Subcommittee on Commerce, Manufacturing, and Trade); and Oversight of Financial Stability and Data Security (Senate Committee on Banking, Housing, and Urban Affairs). ETA provided advice and counsel to all committees in advance of the hearings. Many issues, such as protecting the security of customers’ personal information, received significant attention from the legislators. A major theme that resonated is the need for a uniform national standard for breach notification, a position long supported by ETA members. Another issue receiving significant attention is the use of credit cards with embedded chips. We anticipate further debate over the idea of chip and PIN (EMV) versus chip and signature (CVM). ETA’s position is that EMV and CVM are parts of an overall solution that should also include tokenization and end-to-end encryption. We also recognize that security standards and industry self-policing will be discussed in the context of Federal Trade Commission (FTC) oversight. ETA’s position with regard to additional regulatory oversight is that the market is constantly evolving and the FTC, as well as all policymakers, should take a light touch when considering new initiatives in this area. As an integral part of ETA’s strategy for advocacy success, we are partnering with 14 other trade associations on a newly created Cybersecurity Partnership. 32 March 2014 | Transaction trends

This coalition of merchant and financial services organizations will ensure that ETA’s voice continues to help shape and is amplified in public policy discussions on increasing information sharing, better card security technology, and maintaining the trust of customers.We are pleased to be working alongside these partners, including the Retail Industry Leaders Association, the National Retail Federation, the American Bankers Association, and the Financial Services Roundtable. Politics is not a spectator sport and having a voice in politics is crucial for businesses of all sizes. At ETA, we realize that the decisions made on Capitol Hill and in Washington, D.C., have a profound effect on the payments industry. For some of the most important issues facing payments professionals, including mobile payments, privacy, cybersecurity, and others, the road leads through Washington, D.C. This is why in recent months we have expanded our government relations activities.We launched ETA’s Voice of Payments, our new grassroots political engagement program that gives payments professionals the tools and information necessary to ensure elected officials hear the views of ETA members on issues important to the payments industry. To maximize our effectiveness, we have added another tool to our advocacy arsenal: the ETA political action committee (ETAPAC). The PAC is a way for eligible employees of ETA members to pool voluntary contributions to support candidates for federal office who understand the payments industry. If you want to participate in any of ETA’s advocacy efforts, please contact Scott Talbott, senior vice president, government affairs, at stalbott@electran.org, or Jaime Graham, senior government affairs manager, at jgraham@electran.org. Lastly, advocacy will be front and center at TRANSACT 14. ETA has added a timely and relevant Data Breach Summit to the agenda.Additionally, ETA’s advocacy team will report on the latest congressional and regulatory developments on data breach notification and related issues. If you haven’t registered to attend TRANSACT14, do so now at www.transact14.com! Keep up with the latest advocacy developments by signing up at www.electran.org/transact14! to receive Voice of Payments updates. TT Scott Talbott is senior vice president of government affairs for ETA. Reach him at stalbott@electran.org

Get Ready to Sell. Get Ready to Grow. Get Ready to ! Groovv will help you open more doors and close more deals. Learn more now at www.groovv.com or by calling 877.498.2809