GS Logo
The Green Sheet, Inc

Please Login

Banner Ad
Skyscraper Ad

Thursday, March 23, 2017

How does PCI compliance impact merchant retention?

M anaged security service provider ControlScan, in partnership with Merchant Acquirers' Committee, released findings from the 2017 Acquirer PCI and Security Survey. Completed by 133 ISOs, acquirers, processors and payment facilitators, the survey's results support an ongoing effort to understand and share Payment Card Industry Data Security Standard (PCI DSS) compliance program practices among payments industry stakeholders. This is a priority for ControlScan, which prides itself on taking a proactive approach to protecting businesses from cyber threats while helping ensure their compliance with security and privacy standards.

One key finding highlighted in a press release about the survey was that while merchant service providers agree their merchants' PCI compliance is important, retention concerns are creating a struggle between promoting convenience and enforcing compliance.

"One-quarter (25 percent) of survey respondents said their PCI compliance approach has caused attrition among their merchants," researchers noted. "By contrast, 22 percent credited their approach with helping them retain more merchants. These numbers are significant, because they show that nearly half of respondents believe their compliance approach impacts overall merchant satisfaction."

'Authentic compliance' a must

Chris Bucolo, Director of Market Strategy at ControlScan, stated, "Easing their merchants' PCI compliance pain is certainly to the acquirer's competitive advantage, but for risk reasons, it's important to actually get the merchants compliant. Acquirers who become a trusted advisor to the merchant will be more knowledgeable, consultative and communicative, and that will strengthen merchant retention."

The survey also found that 75 percent of respondents saw their portfolio compliance rate increase in 2016. Of those, 47 percent indicated it was because they had increased the amount of merchant education pertaining to compliance.

According to Bucolo, the survey's findings indicate acquirers are taking a deeper look at how adjustments to PCI compliance program variables can maintain simplicity for the merchant and at the same time, lead to "authentic compliance," which he said means "the merchant has actually learned something versus simply checking the boxes." ControlScan defines authentic compliance as "an ongoing state of security awareness, demonstrated by a merchant who understands and continuously employs the fundamental technologies and processes required to protect sensitive data."

MAC, an organization of bankcard professionals involved in the risk management side of card processing, is "pleased to continue to partner with ControlScan on the annual Acquirer Study in an effort to educate our members and the payments ecosystem on the importance of PCI compliance," said Vadeene Sisk, MAC Board Secretary.

The survey took place between Dec. 15, 2016, and Jan. 26, 2017, and included respondents with Level three and four (small to midsize merchant) portfolios ranging from less than 1,000 accounts to more than 50,000. Results, which were released March 22, 2017, were further discussed in a MAC webinar. A replay is available at http://bit.ly/2nHsmDh .


Distributed ledger technologies gain support
Wednesday, March 22, 2017

D uring the 2017 DC Blockchain Summit, held March 15 to 16, the Chamber of Digital Commerce celebrated the launch of the Blockchain Intellectual Property Council (BIPC). The new council's purpose is "to promote innovation in blockchain and distributed ledger technologies (DLT) by addressing intellectual property issues." The council will help balance the protection of proprietary information with the openness necessary for innovation, the chamber added.

The BIPC has three co-chairs: Marc Kaufman, Partner at Rimon Law; Patrick Murck, Special Counsel, Cooley & Fellow at Berkman Klein Center at Harvard; and James Murdock, Chief Business Officer and General Counsel at Blockstream.

"I am honored to help shape one of the most important discussions for the blockchain community," Kaufman said. "Many players are aggressively pursuing patents in the DLT space, and managing patent risk must be a shared priority."

"Balancing the open source mindset with proprietary technology is an early and critical challenge faced by the blockchain community," Murck stated. "An effective solution must be constructed with input from experts in both law and technology ‒ with an eye to preserving opportunities for permissionless innovation."

"Openness and collaboration are crucial to ensuring that permissionless innovation both thrives and evolves," Murdock said. "Preserving these elements as the industry develops will be key to the success of the blockchain ecosystem."

The Washington, D.C.-based Chamber of Digital Commerce promotes the understanding, acceptance and use of digital assets and blockchain technology. "Through education, advocacy, and working closely with policymakers, regulatory agencies, and industry, our goal is to develop a pro-growth legal environment that fosters innovation, jobs and investment, "the council stated. In addition to establishing the new BIPC, the chamber previously founded the Smart Contracts Alliance, the Blockchain Alliance, the Global Blockchain Forum and other key industry initiatives.

"Developing an industry-led defensive patent strategy is paramount to help protect innovation and drive wide adoption of blockchain-enabled technologies," said Perianne Boring, founder and President of the chamber.

The BIPC co-chairs participated in an IP panel at the DC Blockchain Summit and will hold their first official meeting on March 30. Academics, blockchain technologists, financial institutions, IP experts, open source communities and others interested in intellectual property issues are encouraged to participate. For further details contact dan@digitalchamber.org .


Acculynk to boost First Data's ecommerce portfolio
Tuesday, March 21, 2017

W ith an eye for strengthening its suite of ecommerce solutions, First Data Corp. disclosed on March 16, 2017, that it intends to acquire Acculynk Inc. Integrating Acculynk's multifactor security and dynamic routing options into First Data's global payment platform will enable merchants to securely direct debit card transactions to least-cost debit networks, the companies stated.

Frank Bisignano, Chairman and Chief Executive Officer at First Data, said that Acculynk's innovative technologies will enhance First Data's ecommerce offerings and capabilities for its global customer base, enabling merchants to make in-store and online transactions "simple, seamless and secure for their customers."

Ashish Bahl, Chairman and CEO of Acculynk, anticipates the strategic partnership will help business owners around the world streamline ecommerce and lower transaction costs. "First Data's unrivaled global scale and distribution will greatly expand the footprint of PaySecure, providing benefit to merchants looking to simplify debit card ecommerce transactions for consumers around the world," he said.

Both companies expressed a commitment to help clients worldwide implement advanced technologies to grow their businesses.

Expanding global footprints, capabilities

Atlanta-based Acculynk, a former Elavon Inc. subsidiary established in 1999 as ATM Direct, provides ecommerce and mobile commerce solutions to large and small business owners through its international payment gateway. The technology provider works with merchants, financial institutions, payment networks, payment card issuers and governments worldwide. Its suite of software solutions includes PIN debit for ecommerce and m-commerce, person-to-person (P2P), direct-to-debit, online bill pay, and electronic bill presentment transactions.

Analysts noted that the companies' complementary technologies and strategic focus will benefit both enterprises: both Acculynk and First Data serve financial institutions and the public and private sectors; their innovations have reshaped mobile payments, ecommerce, verification and authentication, online banking, check guarantee and POS services worldwide.

Multifactor authentication

Enterprise-scale, as well as small to midsize merchants can use Acculynk's True Debit gateway and EFT networks combined with PaySecure authentication technology to mitigate online and mobile web fraud rates, expedite settlement and enhance the overall shopping experience, Acculynk representatives stated.

Acculynk launched PaySecure in 2009, an Internet PIN debit solution based on its patented encryption and authentication technologies. Two years later, the company introduced PaySecure Mobile, which added PIN debit capability to iOS, Android and Windows mobile platforms.

Acculynk mentioned additional features and benefits of its patented technologies, as follows:

Expanded intellectual properties

First Data and Acculynk representatives said development teams will collaborate on a range of product offerings and routing solutions, leveraging their combined expertise in network engineering and software development.

The deal is expected to close, pending further review. Upon approval, First Data's purchase of Acculynk will bring the company a wealth of intellectual assets, including government bill pay solution PayGov, white-label P2P solution Payzur, and an extensive patent portfolio and suite of product offerings, representatives stated.


Opposed to fintech charter, NYDFS digs in
Monday, March 20, 2017

R einforcing prior statements in opposition to the Office of the Comptroller of the Currency's proposal to establish a new limited-purpose national bank charter for financial technology (fintech) enterprises, the New York State Department of Financial Services, in a March, 15, 2017 press release, voiced strong opposition to the plan, calling fintech an "amorphous category."

In a Jan 13, 2017, comment letter to U.S. Comptroller Thomas J. Curry, New York State Financial Services Superintendent Maria T. Vullo stated the OCC's proposal would bypass state consumer protection laws and create "regulatory arbitrage." New York's Department of Financial Services is better equipped to regulate "cash-intensive nonbank financial service companies" by providing strict oversight and enforcing anti-money laundering, consumer identification and transaction monitoring, she said.

The NYDFS's latest statement on the topic declared the "imposition of an entirely new federal regulatory scheme on an already fully functional and deeply rooted state regulatory landscape will invite efforts to evade state usury laws and other consumer protections, stifle small business innovation, create institutions that are too big to fail, and increase the risks presented by nonbank entities."

The agency also disputes the OCC's claim that it has authority under the National Bank Act to establish a new charter category without congressional authorization. "Nonbank financial institutions are not national banks nor are they similar to the entities encompassed by the National Bank Act," the NYDFS said.

In addition, the NYDFS believes a new type of charter would not be necessary because effective state regulators are in place in all 50 states. "The proposal threatens to create an entirely new federal regulatory program, creating serious regulatory uncertainty that threatens to invade state authority and sovereignty," the NYDFS stated, adding that it already regulates money transmitters, check cashers, virtual currency exchanges, and other nondepository institutions to protect the public against money laundering, terrorist financing, and cyber threats.

The NYDFS also said it will continue "to protect the sovereignty of New York by enforcing state laws and protecting consumers."


CFPB offers more time for prepaid compliance
Thursday, March 16, 2017

T he Consumer Financial Protection Bureau is considering an extension of the effective date for new consumer protection rules covering prepaid debit card accounts. The controversial rules – which some in Congress have threatened to roll back legislatively – are set to take effect Oct. 1, 2017. But in a request for comment issued on March 9, the CFPB offered to extend the deadline for compliance to April 1, 2018.

The CFPB said in a statement the proposed deadline extension was prompted by pleas from prepaid card companies that were having problems making necessary changes to systems, processes and forms in time for the new rules. In a blog post on the CFPB’s latest action the law firm Ballard Spahr LLP noted that several prepaid companies were especially challenged by requirements that they “pull and replace” noncompliant card packaging from retail locations by October 1.

“We believe that delaying the effective date by six months will be sufficient for industry participants to ensure they can comply with the rule,” the Bureau said in a statement.

Diverging views

Not everyone agrees. “Although the proposal to delay the prepaid accounts rule is a move in the right direction, NAFCU has stressed to the CFPB on several occasions that they should have adopted an extended implementation timeline from the outset,” Carrie Hunt, Executive Vice President of Government Affairs and General Counsel at the National Association of Federal Credit Unions, wrote in response to the proposed extension.

The pending CFPB prepaid rule creates new consumer protections under federal Regulations E (EFT) and Z (truth-in-lending) for a full array of prepaid debit accounts – from reloadable cards that are sold through retailers and financial institutions to mobile wallets. They have been panned by many affected parties and lawmakers.

However, at least one leading prepaid company, Green Dot Corp., has gone on record in support of the rule. Steve Streit, Green Dot’s founder and Chief Executive Officer, noted in a 2016 statement that the rule mirrors closely existing Green Dot practices related to prepaid accounts. “It’s gratifying to know that prepaid can now move to a level playing field that can better serve consumers while allowing the entire industry to move past the period of regulatory uncertainty,” he said.

The Electronic Transactions Association described the CFPB’s prepaid accounts rule as “regulatory overreach.” It stated the rule will most negatively impact the financially underserved (unbanked and underbanked Americans who rely on prepaid accounts). “Innovation in prepaid products and services address the financial needs of our nation’s most vulnerable, and the CFPB’s rule will limit consumer access to such tools,” said Scott Talbott, the ETA’s Senior Vice President for Government Affairs.

Lawmakers on both sides of the political aisle have introduced congressional resolutions that would deep-six the pending rule. The action results from a 1980s-era law that allows Congress to override federal agency rulemaking with majority votes in the House and Senate, along with presidential approval.

Changes in the works?

In its March 9 statement, the CFPB said it has no plans to change the controversial prepaid account rule. In an apparent nod to its detractors, however, the consumer watchdog agency did request comments on “any implementation challenges” posed by the new rules. “If we determine that any substantive changes to the prepaid accounts rule are necessary and appropriate, we will issue a separate proposal and provide the public an opportunity to comment on those changes before finalizing,” the bureau stated.

Alan Kaplinsky, practice leader of the consumer financial services group at Ballard Spahr, suggested changes could be in the offing if prepaid companies can make a case for such changes. At a January 2017 American Bar Association meeting to discuss consumer financial services, CFPB officials left open the door to future changes in response to problems or issues that arise as a result of its implementation, Kaplinsky noted in a recent blog post.


View prior breaking news

Spotlight Innovators:

North American Bancard | Electronic Payments | Harbortouch | USAePay | IRISCRM.COM | Humboldt Merchant Services