U.S. merchants inch toward EMV compliance
A s the U.S. payments industry approaches the one-year anniversary of the Oct. 1, 2015, EMV (Europay, Mastercard and Visa) liability shift, a majority of card-accepting merchants have not implemented chip card technology, according to a study issued Sept. 20, 2016, by The Strawhecker Group, a payments industry consultancy. TSG researchers based their findings on 79 payment service providers responsible for more than 3.4 million merchants. This represents nearly half of the U.S. merchant services market.
A large number of EMV terminals have been deployed but not activated, and approximately 71 percent of merchants who remain noncompliant have seen a sharp uptick in chargebacks, the study noted. "After the October 2015 liability shift, U.S. card-accepting merchants without the ability to accept EMV cards may be liable for fraudulent transactions," TSG stated.
Payments analysts have observed the report's statistics are at odds with TSG's more bullish January predictions, which forecasted a 50 percent adoption rate by October 2016. TSG has subsequently adjusted expectations to 51 percent compliance across all U.S. merchant segments by December 2016. Some analysts attribute the slowdown to expensive and time-consuming certifications by device manufacturers, processors and payment gateways. Others cite a lack of education among small to midsize merchants, many of whom are neither fully aware of the benefits associated with smart cards nor potential consequences of failing to implement the technology.
Jared Drieling, Business Intelligence Manager at TSG, observed that the quick service restaurant (QSR) category has been particularly slow to implement chip card technology. "EMV merchant adoption has slowed down a bit, at least comparatively speaking to our last EMV survey results in January 2016," he said. "EMV terminal vendor supply and delays in the terminal activation/certification process are the bottlenecks in the migration."
Contact, contactless options
Drieling expects the increase in chargebacks combined with a plethora of market-ready, certified EMV card reading devices and peripherals to spur EMV adoption. "It is clear that non-EMV compliant merchants have felt the impact of the liability shift," he stated. "The good news is that as merchants refresh their terminals for EMV, they are also adopting the contactless capability which lays down the foundation for future payments such as mobile proximity payments."
An infographic capturing survey highlights includes commentary from payment service providers, who alternately call the EMV payments landscape "a nightmare" and "a mess." A copy of the infographic is available at http://bit.ly/EMV-Anniversary.
Despite the grumbling, consumers and merchants are acclimating to behavioral changes at the POS, including the additional wait times for chip card authentication, analysts noted. An Aug. 5, 2016, article by New York Times reporter Karen Workman, titled "Confused by Chip Cards? Get in Line," expressed cautious optimism, sharing viewpoints from TSG's Drieling and Electronic Transactions Association Chief Executive Officer Jason Oxman.
"We're really one of the last G20 nations to adopt EMV," Drieling said. The chip cards work differently in the 150 other countries using them, where cardholders enter PINs at payment terminals, which lets the verification process happen offline, Oxman noted. The United States opted for using signatures with chip cards at the POS instead of PINs.
Workman also noted that many chip-enabled terminals have built-in near field communication readers designed to accept contactless payments used in mobile wallet schemes such as Apple Pay and Android Pay. She believes mobile payments may eventually replace contact cards at the POS. Drieling agreed, stating, "There is a perfect storm brewing for mobile wallets."
New York set to enact cybersecurity law
Wednesday, September 21, 2016
N ew York State Governor Andrew Cuomo, in cooperation with the state's Department of Financial Services (DFS), proposed legislation requiring New York banks, insurance companies and financial institutions to implement cybersecurity programs aimed at protecting consumers and financial services. Introduced Sept. 13, 2016, the bill will be subject to a 45-day public comment period prior to being enacted into law.
Cuomo called New York the financial capitol of the world and said it leads the nation in protecting U.S. consumers and financial system from economic harm by rogue state-sponsored organizations, global terrorist networks and other criminal enterprises. "This regulation helps guarantee the financial services industry upholds its obligation to protect consumers and ensure that its systems are sufficiently constructed to prevent cyber-attacks to the fullest extent possible," he stated.
Cuomo's interest in protecting against cybersecurity threats dates to 2011, when he was first elected to office, according to Mahesh Nattanmai, Executive Deputy Chief Information Officer in New York's Office of Information Technology Services. Nattanmai is leading efforts to streamline and improve consumer access to government services. "We have to know what we run, what we own," he said. "We need to take standardization as our first step, then get into security and transforming the applications."
To gain insight into what will be required to consistently safeguard sensitive information, the state surveyed nearly 200 banks and insurance companies regarding their data security practices, according to the DFS. The agency also met with cybersecurity experts to explore the evolving threat landscape and due diligence processes, policies and procedures related to working with third-party solutions providers. Three reports resulting from these meetings, along with the surveys, were used in the rulemaking process, the DFS stated.
In June 2016, leading security analysts were among 1,200 attendees at the 19th annual New York State Cyber Security Conference, held in Albany, N.Y. The event, co-hosted by the New York State Office of Information Technology Services, the NYS Forum Inc. and the State University of New York's Albany School of Business, highlighted New York's continuing commitment to improving security awareness, education and best practices. A threat simulation exercise enabled attendees to role play incident response scenarios. Additional presentations and breakout sessions addressed a range of issues facing end users and IT professionals.
"Consumers must be confident that their sensitive nonpublic information is being protected and handled appropriately by the financial institutions that they are doing business with,' said DFS Superintendent Maria T. Vullo. "Regulated entities will be held accountable and must annually certify compliance with this regulation by assessing their specific risk profiles and designing programs that vigorously address those risks."
New York was the first state to introduce cybersecurity regulations. If enacted, a Chief Information Security Officer will be appointed to oversee and enforce policies and procedures. The regulations are designed to be flexible and promote innovation. Additional information is available at www.governor.ny.gov/sites/governor.ny.gov/files/atoms/files/DFSCybersecurityRegulations.pdf .
October 2016 will mark the 13th anniversary of National Cyber Security Awareness Month, a public effort to raise cyber security awareness in public and private sectors. The multi-agency initiative is co-sponsored by the U.S. Department of Homeland Security, National Cyber Security Alliance, National Association of State Chief Information Officers and Multi-State Information Sharing and Analysis Center.
WSAA: Acquiring with smarts and heart
Tuesday, September 20, 2016
W hile Arizona's warm, desert breezes whispered through palm trees on the grounds outside the Hyatt Regency Scottsdale Resort and Spa; inside, the Western States Acquirers Association wowed attendees and exhibitors who came from as far away as Florida, Puerto Rico and Ireland. Vibrant and informative, the show was a reminder that WSAA and other regional acquirers associations provide unparalleled value for the industry's feet on the street for several reasons.
While exhibitors prepared for the opening reception on Wed., Sept. 14, 2016, the knowledge imparted to attendees began with the ETA University's Introduction to Electronic Processing by Payment Alliance International's Chief Payments Advisor, Donna Embry. This was followed by Mark Dunn's Field Guide for ISOs, an afternoon of talks by industry experts on building a strong ISO – from starting with a solid foundation, to using big data and other tools to create long-term value, to monetizing and selling a merchant portfolio.
Thursday morning's educational sessions included two panels: one on corralling big data, and the other on the pitfalls of mergers and acquisitions and portfolio sales. In the afternoon, the major card brands, Visa, Mastercard, Discover and American Express, each reached out to agents and ISOs with presentations about their latest products and programs, and how agents can take advantage of them. Two additional panels took place in the afternoon: one consisted of merchants, who discussed, with passion, the ongoing issues they have with card processing and fraud prevention; the other featured industry experts discussing the state of EMV after the liability shift.
In addition to the ample chances to chat with old friends and meet new ones throughout the event, official networking opportunities on Wednesday included a mixer for women in payments sponsored by Women's Network in Electronic Payments (W.net) and an opening reception in the exhibit hall, where approximately 392 attendees had an opportunity to talk with representatives of the 307 exhibitors. Exhibitors included a range of companies from large enterprises that have been in the industry for decades to small startups exhibiting for the first time.
Networking continued on Thursday with time to mingle in the exhibit hall at breakfast, lunch and during the closing reception.
Particularly inspiring at WSAA this year were the opening remarks on Thursday by Xavier Ayala honoring WSAA co-founder and payments leader Ken Elderts, who passed away unexpectedly in August. Ayala's remarks were preceded by a moving slideshow with gentle music highlighting moments from Elderts' life, most of which centered on his beloved family.
In addition, the keynote address by Frank Abagnale ‒ whose life story was the basis for the book, Catch Me if You Can, which was adapted into a movie and a Broadway musical ‒ brought home the fact that it's not money, glitter and glory that make for a good life; it's being ethical in all of your dealings. For him, this means his roles as husband and father are the center of his life, and his renown as a reformed confidence man who became an authority on forgery, embezzlement and secure documents can never compare to the importance of his family. That said, he imparted significant insights about how to prevent identity theft and related crimes to an attentive crowd.
Fourth, the many extras
In addition to providing a free shuttle to and from the Phoenix airport and delicious, free meals in the exhibit hall throughout the show (compliments of several industry sponsors), the organizers of this event ‒ who did all the work involved as volunteers ‒ scheduled gatherings (also funded by industry sponsors) where participants could socialize in a relaxed way. Among these were an early morning golf tournament in honor of Ken Elderts, a "cowboy up or cowgirl down" casual evening where flip flops or boots were the preferred footwear, and a special meet and greet with Frank Abagnale.
Speaking on behalf of WSAA, Steve Eazell, President Emeritus of WSAA and Senior Vice President, Sales and Marketing at Mavenstech/DayGot, said, "We are thrilled to be associated with such a successful show. We want to thank all of the participants that made this year's 2016 Western States Acquirers Association's Annual Show one of the best ever. We were told over and over again how much the attendees loved the venue, the food, the exhibit hall and, most of all, the content. Thank you, again, to Frank Abagnale, our keynote speaker, for knocking it out of the park with his overwhelming knowledge of the payment space and its pitfalls. We are so grateful and humbled to be a part."
Remote deposit capture evolves beyond checks
Friday, September 16, 2016
E xperience the Magic of RDC was the theme of the 2016 RDC Summit Conference, hosted by RemoteDepositCapture.com. The ninth annual event, held Sept. 14 to 16 in Orlando, Florida, drew more than 200 executives from banks, credit unions and technology solution providers.
Sponsors and exhibitors included Burroughs Inc., Cachet Financial Solutions, Canon U.S.A. Inc., Digital Check Corp., Epson America Inc., Ensenta Corp., Fiserv Inc., Mitek Systems Inc., Panini and RDM Corp. A range of in-depth sessions covered industry trends in risk management, pricing strategies, mobile deposit, integrated receivables and emerging digital technologies.
In his opening remarks at the General Session, RemoteDepositCapture.com founder and Chief Executive Officer John Leekley said remote deposit capture (RDC) has evolved from a simple imaging methodology into a robust payments platform that "continues to expand, evolve and create new opportunities for financial institutions, solution providers and businesses of all sizes."
Improving lives, businesses
Leekley commended RDC solution providers for transforming banking practices, challenging the industry and changing lives for the better. He shared a poignant story about a housebound retiree, unable to travel to her local bank to deposit checks. The woman personally thanked a conference presenter, sharing how the mobile banking app had changed her life. Leekley said, "If we're going to continue to be successful in this industry, we can't be complacent. We must continue to solve problems for our clients and move beyond simple [check] truncation."
For the past eight years, RemoteDeposit.com has given DonorsChoose.org gift cards to RDC Summit presenters. The not-for-profit organization, established by a teacher in 2000, raises funds for classroom projects. The cumulative effect of these annual donations has made a measurable difference for more than 22,000 students and a multitude of programs.
Key findings, benchmarks
Mitek released a new report at the conference, titled 2016 Mobile Deposit Benchmark Report: Customer Experience Rankings for the Top 15 Banks. The analysis, conducted by research firm Futurion, found a direct correlation between customer experience and mobile deposit adoption.
Author Jim Van Dyke, CEO of Futurion, said "Regional banks are catching up to giants; credit unions are catching up almost as quickly, and community banks are getting left behind."
User adoption and usage varied at each of the 15 banks studied. Capital One and BBVA Compass Bancshares Inc. received the highest ratings. Van Dyke told his audience of bankers to use the study as a "GPS" to determine how to implement a successful mobile deposit program. "Look at your competitive landscape; see where you're strongest and weakest, and determine the areas where you need to focus," he added. A complete version of the study is available at www.miteksystems.com .
A return engagement of the popular Lightning Round series gave executives from Burroughs, Digital Check, Panini and RDM 10 minutes each to deliver an overview of their competing technologies. A timer was set at the beginning of the presentations, which highlighted similarities and differences in product designs and software. Presenters also shared various approaches to keeping devices both secure and discoverable in a networked environment.
Rick Ooten, Vice President of Product Management at Digital Check, shared advances in imaging technology that enable users to detect anomalies, adjust grayscale images and perform verifications on signatures, endorsements and markings on documents. He noted that consumers are also taking a more active role in verification, blocking questionable incoming transactions using a method called Positive Pay. These digital tools and adaptive, rules-based thresholds facilitate same-day detection of image fraud, he said.
Evolving industry landscape
A roundtable discussion with industry leaders provided updates on the faster payments initiative recently launched by the Federal Reserve. The Faster Payments Task Force members are working collaboratively to develop approaches that will accelerate and enhance implementation of real-time payment capabilities in the United States. The group introduced a virtual online marketplace where solutions providers can showcase their services and interact with consumers.
"I appreciate the Fed being supportive of checks. If you look at the effectiveness outline created by the task force, it includes a wide range of criteria that facilitates a 360-degree view of the payments landscape," said David Walker, President and CEO of ECCHO.
"The task force has received 22 proposals and is now in a qualified assessment phase," added Dan Gonzalez, Vice President, Industry Relations at the Federal Reserve Bank of Chicago. "These proposals are being analyzed according to evaluative criteria and will be opened up to the task force in October. At the end of the task force effort, there won't be a magic wand; there will still be challenges and things being addressed going forward, leading up to recommendations on how to move forward."
Gonzalez went on to describe the 36 effectiveness criteria categories covering ubiquity, efficiency, speed, governance, safety and security. The task force achieved a 97 percent consensus rate on what Walker called "aspirational criteria." The group agreed that availability of "Good Funds" that can be used right away by a recipient would ideally occur in one minute or less.
Keynote speaker and master magician David Ben took the audience behind the scenes to demonstrate the hard work and preparation that goes into every one of his card tricks, drawing parallels between his craft and the "magic" of remote deposit capture. Sometimes we can get caught up in the minutiae of day-to-day work and miss out on what matters most, Ben said. He credits Leonardo da Vinci for one of his favorite truisms: "Detail makes perfection, but perfection is no detail."
In an interview with The Green Sheet, Leekley observed significant strides in remote deposit capture, particularly related to real-time capabilities, a trend he expects to continue as the technology improves. "Real-time capability is a great feature, until you ping the database and find out most of that information is irrelevant," he said. "As we continue to collaborate and add new elements, we will further refine the technology into real-time actionability."
Fintech in sync with smartphone OEMs
Tuesday, September 13, 2016
F intech companies met Apple Inc.'s Sept. 7, 2016, launch of the iPhone 7 series with an array of market-ready solutions. Many had anticipated the company's decision to eliminate the iPhone's audio jack. Apple's move ‒ hailed as "courageous" by the company and widely panned by consumers and merchants who rely on audio jack access for their ear buds and payment card reading peripherals ‒ spawned an immediate array of aftermarket solutions.
Payments analysts expect some products to have longer shelf lives than others. Many view wireless payment card readers as more future-proof than dongles designed to convert the Lightning port on iPhones into makeshift audio jacks. "Dongles were introduced as a bridge technology during early stages of EMV adoption," said Kathleen Houseman, Senior Vice President Sales and Marketing at Castles Technology Co. Ltd., a global POS device manufacturer with U.S. headquarters in Atlanta. "Many merchants hated the dongle and have since moved on to newer forms of technology."
Derek Webster, Chief Executive Officer at New York-based CardFlight, a mobile payments technology company, said, "In a BYOD [bring your own device] world, service providers must have the flexibility and range to work with whatever technology their merchants are using. The future of technology will be based on digital communications, so moving away from analog technology is an inevitable and necessary step. It will be interesting to see where the industry as a whole takes it from here."
Fintech companies were also quick to react to Samsung's global recall of the Galaxy Note7 in the weeks following its Aug. 2, 2016, launch. The smartphone was recalled due to its highly combustible lithium battery. "We are asking users to power down their Galaxy Note7s and exchange them as soon as possible," stated Samsung President of Mobile Communications Business D.J. Koh. "We are expediting replacement devices so that they can be provided through the exchange program as conveniently as possible and in compliance with related regulations."
Payments analysts, banks and third-party developers have been largely unfazed by the recall, and expect the re-introduced, stabilized Note to have Samsung Pay, a mobile wallet scheme that is not dependent on near field communication (NFC) and can be widely used in stores. Many look forward to leveraging the platform's biometric capabilities, which enable users to authenticate purchases with iris and fingerprint scans.
"Battery issues are not limited to Samsung," Houseman said. "Apple and other manufacturers have had flaws and issues. Castles peripherals have battery life of 55 hours in standby mode and 78 hours in sleep mode, eliminating the need to constantly recharge the smartphone."
Apple, Android payment peripherals
New product releases by arch rivals Samsung and Apple typically generate millions of advance orders throughout the carrier networks and downstream supply chains.
While T-Mobile may regret calling the Galaxy Note7 a "sizzling new superphone from Samsung," many Android loyalists are opting for the carrier's offer in which qualifying consumers "can choose between a 256GB microSD Memory Card to store all the pictures and video you take while skydiving, a Samsung Gear Fit2 wearable to respond to texts or track your step count while rocky mountain climbing, or a year of Netflix – over a $110 value – to watch someone else go 2.7 seconds on a bull named Fu Man Chu," T-Mobile noted.
Apple called Apple iPhone 7 and iPhone 7 Plus "the best, most advanced iPhone ever," with advanced camera technology, efficient processors and iOS 10 operating systems for improved image quality, processing speeds and extended battery life. "iOS 10 also opens up incredible opportunities for developers with Siri, Maps, Phone and Messages APIs, allowing customers to do more than ever with the apps they love to use," the company stated.
Concurrent releases of mobile payment peripherals, compatible with Apple and Android operating systems, demonstrate the payments industry's agility and innovation. Many of these portable devices support contact and contactless EMV (Europay, Mastercard and Visa), magnetic stripe payment cards and a range of mobile wallet schemes.
Apple's iPhone 7 launch prompted a series of payment service provider and OEM notifications, advising channel partners and customers that wireless solutions are available. For example, CardFlight disclosed it was taking orders for Miura Systems Bold B500 and Bold B550 payment card readers.
"The Bold B500 is particularly valuable for smaller merchants who want to accept EMV payments or prefer to connect to a card reader via Bluetooth rather than the audio jack connectivity used in CardFlight's other readers," the company stated. "The Bold B550 offers NFC contactless payments acceptance, in addition to EMV chip card and magnetic stripe support."
Also, Castles Technology launched MP200, a fully certified, portable device designed for large and small business owners, stating: "MP 200 offers Bluetooth, Wi-Fi, micro USB and GPRS/ 3G connectivity. It also accepts EMV, mag-stripe card payments and NFC/contactless payments such as Apple Pay."
Advance orders, deployments
Payments industry resellers and downstream channel partners have reported a spike in orders for wireless mobile payment peripherals. Randy Hayashi, Chief Operating Officer at Payment Depot, a CardFlight channel partner based in Orange, Calif., is taking orders for the Bold B500 and B550.
"This is a clear indication that the industry is moving toward Bluetooth and wireless technologies," he said. "Audio Jack is a 50-year-old technology, and with so much emphasis on security in payments today, it's a great time to switch."
Hayashi expects the new readers to generate fewer Help Desk calls. The company frequently receives calls from merchants who ask why their card readers aren't working. Customer service technicians will then ask merchants if the smartphone microphone is turned on and at maximum volume, which usually solves the problem, he said.
As he reflected on ever-changing mobile technologies, Webster said, "The lesson here is product development cycles move very fast. We're no longer in a world of purpose-built payment terminals. As a service provider you need to be nimble and iterative as a core competency or you need to partner with companies that can do that."
Houseman concurred, adding, "It's phenomenal that Apple is taking a leap of faith by changing the most popular smartphone in the world. Payment service providers must continue to offer a range of connectivity and communications options, whether it's 3G, Bluetooth, Wi-Fi or NFC, to give merchants a payment platform they can rely on, no matter what."
View prior breaking news