GS Logo
The Green Sheet, Inc

Please Log in

A Thing A Bigger Thing

Friday, August 17, 2018

Payments prominently featured in Inc. 5000

T he latest ranking of fastest-growing privately held U.S. companies, compiled annually by Inc. Magazine, includes numerous payments industry firms, which reflects growth and diversity in financial services. Inc. editor James Ledbetter noted that American companies encourage and depend on continual growth, which can present a unique set of challenges. For example, it is not easy to find good talent, Ledbetter pointed out. "A business that is doubling or tripling in size every few months usually needs new staff constantly--and that pace of hiring brings risk," he wrote.

CardFlight's founder and CEO, Derek Webster attributed his company's 139th ranking in the 2018 Inc. 5000 to his staff's talent and dedication, stating, "Our motivated team of almost 40 professionals work hard to enable our partners to serve small businesses everywhere."

Andy Powell, co-founder and CEO at CallRail, said his entire team is "ecstatic to make a second appearance on the Inc. 500. The ranking is a testament to our customer-centric culture."

Payments honorees represented numerous business categories across several industry sectors. The partial listing set forth in this article reflects the payments industry's expanding role in retail, hospitality and software as electronic transactions become increasingly embedded into U.S. lives and livelihood.

Advertising, marketing, business services

Merchants increasingly rely on service providers to help them solve business problems beyond payment card processing. Advertising and marketing solutions are delivering smart metrics and analytics that deliver real-time insights into customer behavior and campaign effectiveness. Exponential growth in emerging technologies has also benefitted payments industry companies working with ancillary industry service providers.

Following is a sampling of companies that blend these offerings:

Financial services

Numerous payments industry technology companies and service providers were grouped in the financial services sector, including the following organizations:


Omnichannel and bring-your-own-device solutions are increasing demand for intelligent software solutions that are compatible with mobile, online and in-store commerce. These companies provide cloud-based subscription service offerings:

Qualifying criteria

Ledbetter noted the companies listed in 2018 collectively amassed $206.2 billion in revenue in 2017, a 158 percent increase from $79.8 billion in 2014. Companies must meet the following standards to qualify:

Ledbetter additionally noted that companies on the 2018 Inc. 5000 list have all grown by at least 50 percent over the last three years.

Neil Randel, CEO of FAPS (No. 4271), called his company's listing in the 2018 Inc. 5000 list "a wonderful affirmation of the advancements we've made in the payments space, particularly given the rapid disruption happening within our industry. It also reinforces the critical role of payment-related service providers, and how a well-deployed payment technology solution can help businesses of all sizes achieve positive cash flow and increased profitability."

This article does not purport to contain every company on this year's list that is associated with the payments realm. If your payments-related business was named to the 2018 Inc. 5000 list and is not mentioned here, send a press release to, and we'll post it under News From the Wire on our home page.

This article does not purport to contain every company on this year's list that is associated with the payments realm. If your payments-related business was named to the 2018 Inc. 5000 list and is not mentioned here, send a press release to, and we'll post it under News From the Wire on our home page.

FBI warns of impending global ATM cash-out blitz
Wednesday, August 15, 2018

T he FBI is warning banks, transaction processors, and operators of ATMs and ATM networks of an impending cyberheist involving ATMs. This is according to a confidential alert sent by the FBI to U.S. banks and obtained by Krebs on Security, which tracks cybersecurity breaches and trends.

The impending ATM cash-out scheme is imminent and will be global in reach, the FBI said, and it's not apt to be a one-off occurrence.

ATM cash-out schemes start with crooks hacking into bank or card processor systems to purloin account numbers and PINs, and to knock out fraud controls (such as ATM cash withdrawal limitations). Using the account information, they clone debit cards and enlist foot soldiers who work simultaneously, hitting ATMs and draining as much money as possible from accounts.

Virtually all such attacks to date have been launched on weekends. Recently, for example, news broke of a series of ATM cash-outs that resulted in several million dollars being siphoned from accounts at a small Virginia bank between May 2016 and January 2017. All of those heists occurred over holiday weekends, according to published reports.

The scheme the FBI is warning about now could result in crooks emptying millions of dollars from bank accounts worldwide in just a few hours, Krebs reported.

"The FBI has obtained unspecified reporting indicating cyber criminals are planning to conduct a global automated teller machine cash-out scheme in the coming days, likely associated with an unknown card-issuer breach," the alert stated. "Historic compromises have included small-to-medium-sized financial institutions, likely due to less robust implementation of cyber security controls, budgets, or third-party vendor vulnerabilities. … The FBI expects the ubiquity of this activity to continue or possibly increase in the near future."

Vigilance as 'table stakes'

The FBI urged banks to review and boost security measures, such as strong password requirements and two-factor authentication. Other offered advice included:

While the advice is sound, Jonathan Sander, CTO at STEALTHbits Technology, said it points to obvious failures on the part of many banks. "[W]hat the FBI is advising should be considered table stakes for any organization operating infrastructure as sensitive as ATMs," he said. "To imagine that security pros at a bank can't force IT to have strong password policies and two factor for administrative users is very shocking."`

Sander urged banks and processors to do more. "Not only should these networks have their admins locked down with multi-factor [authentication] and strong passwords, they ought to be using specialized privilege access workstations or at least be using session controls," he said. He also recommended strict procedures for automated actions that require privilege, such as backups and patches. And real-time monitoring.

"The general idea is that the basics for these sorts of systems ought to be in the rear view," Sander added. "It's a bit surprising that the FBI must see enough shops without those basic controls that they feel they need to give that advice."

U.S. in cybercrime crosshairs, researchers say
Tuesday, August 14, 2018

D ata protection methodologies and legislation have made little impact on international cybercrime, according to a new study published Aug. 8, 2018 by U.K.-based Juniper Research Ltd. The Future of Cybercrime & Security: Threat Analysis, Impact Assessment & Leading Vendors 2018-2023, predicts a plethora of attacks will continue to grow, defrauding organizations of more than 146 billion personal records worldwide over the next five years.

Researchers place the United States at the epicenter of criminal activity due to the country's disparate methodologies for storing and transmitting data. The resulting patchwork of vulnerabilities makes U.S. firms vulnerable to opportunistic criminals, researchers noted. Without additional protections in place, experts said, more than half of international data breaches are expected to originate in U.S. companies by 2023.

Ryan Wilk, vice president of delivery - customer success at NuData Security, a Mastercard company, said Juniper's projections make a strong case for implementing multilayered security across a range of industries and financial institutions. Advanced technologies such as passive biometrics and behavioral analytics protect individuals and organizations from the credential theft, because consumers' unique behaviors cannot be duplicated by hackers, he added. "With these technologies, the massive amounts of stolen credentials cannot be used to log into someone else's account or otherwise used for fraud," Wilk stated. "The user's identity is established using hundreds of indicators derived in part from the user's unique online behaviors instead of static 'known knowns' such as passwords, challenge questions, and government identification numbers."

Protect critical infrastructure

Juniper researchers recommend that a multilayered approach to security combine recent data protection legislation, such as GDPR and PSD2, with strong technology mandates to reinforce cybersecurity across network endpoints, cloud security, identity and access management and the Internet of Things. These efforts are critical for small and midsize businesses, which account for 99 percent of all companies but contributed just 13 percent of cybersecurity spending in 2018, researchers noted.

One reason small business owners spend so little on cybersecurity is their tendency to use consumer-grade products that cost less than $500 per year to install and maintain. Researchers pointed out that these retail products are insufficient protections against newer forms of malware, which require a more holistic approach than simple endpoint and perimeter protections. Failure to implement advanced security strategies will leave numerous small businesses vulnerable to data breaches, which can cost millions of dollars and have devastating impacts on consumers and businesses alike, noted research author James Moar.

"Juniper's strategic analysis of 48 leading cybersecurity companies shows that AI and predictive analytics are now table stakes for this market," Moar said. "These technologies need to be made available to all businesses, regardless of size."

Wilk added that Juniper's findings should serve as a "terrifying reminder for every organization transacting online to substantially tighten and continually test their security and authentication strategies and ensure that payment data, sensitive records, and personally identifiable information are secure."

Treasury's regulatory easement may benefit fintechs
Friday, August 10, 2018

I n response to Executive Order 13772, issued in February 2017, the U.S. Department of the Treasury has been easing restrictions pertaining to key financial services sectors. The department previously published guidelines for the bank and credit union, capital market, and asset management and insurance sectors. The fourth and final report of the series, published July 31, 2018, provides guidance for fintech firms.

U.S. Secretary of the Treasury Steven T. Mnuchin said Treasury staff members who crafted the reports met with numerous stakeholders in consumer financial data aggregation, lending, payments and credit servicing sectors, and he expects ensuing recommendations to drive rapid adoption of competitive technologies, data security and operational efficiencies. The goal is to simplify regulatory standards and create a financial system that supports all stakeholders, including nonbank finance and fintechs, he added.

"American innovation is a cornerstone of a healthy U.S. economy," Mnuchin stated. "Creating a regulatory environment that supports responsible innovation is crucial for economic growth and success, particularly in the financial sector."

Core principles, recommendations

Treasury reports, which include extensive glossaries of commonly used acronyms and abbreviations, are organized under the following core principles:

Critics remain skeptical

Critics appreciate U.S. government efforts to create a fintech-friendly environment but say more can be done. Forbes contributing writer Sarah Kocianski suggested proof of concept will be achieved when recommendations are implemented.

"There are many obstacles still to be overcome, such as federal and state regulators agreeing to the proposals in the first place, before you even get to a stage where they agree to work together and implement them," she wrote in "We're A Long Way Off from the U.S. Being a Utopia for Fintech," published Aug. 7, 2018. "There is also the fact that some of the recommendations, while being good for businesses, are not so great for consumers."

Kocianski cited the "Payday Rule" as an example, noting it requires lenders to determine a borrower's creditworthiness while failing to protect vulnerable consumers. This would likely "be damaging to both individuals and the economy in the longer run," she noted.

Forbes contributing writer Aaron Stanley expressed disappointment that cryptocurrency and blockchain technologies were only "mentioned in passing" in the Treasury report. "Money transmission licensing rules have been a perpetual thorn in the side of cryptocurrency companies operating in the U.S.," Stanley wrote in a July 31, 2018, article titled "What Does the U.S. Treasury Fintech Report Mean for Crypto?" Activities are regulated on a state-by-state basis, without a unified license passporting structure such as the model being used by the European Union, he added.

On the positive side, Stanley noted the report contains constructive approaches to streamlining regulations."The core theme of the 222-page report is that more governmental support for innovators and entrepreneurs is required across the board, and that Treasury is keen to provide that push when necessary within the regulatory ranks," he wrote.

A full copy of the report is available at: .

Kroger, Visa battle over interchange heats up
Friday, August 10, 2018

B eginning Aug. 14, 2018, Foods Co. Supermarkets, a unit of The Kroger Co., will no longer accept Visa Inc. credit card payments, unless the two parties reach an agreement to reduce interchange fees the card brand charges Foods Co. The ban will impact 21 stores and five fuel centers located in California. Acceptance of Visa debit and other major credit cards, including Kroger's Mastercard-affiliated rewards program, will remain in effect.

Kroger spokesman Chris Hjelm told Bloomberg that Kroger, which operates 2,800 retail food stores under various banner names, could expand the ban to other stores. He added that when the amount retailers pay in card fees "gets out of alignment, as we believe it is now, we don't believe we have a choice but to use whatever mechanism possible to get it back in alignment."

According to market data, Kroger's five-year quarterly profit margin has averaged 1.86 percent, slightly below that of Walmart Inc., at 2.1 percent. Walmart recently severed ties with Synchrony Financial over economic terms, and before that, lifted a 2016 ban on Visa credit cards in select Canadian stores resulting from a dispute over fees. Additionally, in June, sources told The Wall Street Journal that settlement of a 2005 merchant-led antitrust suit over card brand interchange fees may soon be resolved.

Jason Gardner, founder and CEO of Marqeta Inc., an Oakland, Calif.-based payment platform provider, pointed out that cost of acceptance is always something that retailers, specifically slim-margin businesses, monitor closely. "While transaction fees for card payments vary and may be higher than other payment methods on the surface (e.g., cash), they also present operational efficiencies that are often missed when only looking at numbers," Gardner said. "For example, card transactions offer a more secure way to pay and drive higher sales at retailers. In addition, cash is notoriously expensive to handle and is subject to fraud."

Kroger and other high-volume, low-margin retailers are expected to continue to exert downward pressure on interchange fees at regular intervals. All tallied, interchange fees cost retailers approximately $90 billion per year, according to the latest estimates.

Striking a balance

While retailers want to rein in costs, consumers want unlimited choice and to reap the benefits of loyalty to certain brands. "You have this four-party system with the network, bank, acquirer and processor; and then you have consumer sentiment," Gardner said. "Consumers want choice when it comes to their payment method. Many consumers like to use credit. They like the points, the miles, and a lot of this is funded through annual fees that consumers pay the bank and interchange."

Gardner believes that this will reach equilibrium soon. "Visa works hard to keep a balanced ecosystem," he said. "Once this is resolved, consumers will be better off and can go back to paying with their Visa cards when and where they want."

Kroger is at an inflection point. They are competing with newer players like Amazon, since its Whole Foods Market Inc. acquisition, and other online food retailers.

"Kroger just announced their own delivery service, so they're looking to go up against Amazon getting into the grocery business," Gardner said. "Consumers are shopping online for their groceries through services like Instacart, which bring even more options."

Whether Kroger's ban on Visa credit cards will remain in effect over an extended period or expand to other stores is unknown, as much hinges upon conversations around its California unit.

View prior breaking news

Spotlight Innovators:

North American Bancard | USAePay | Super G Capital LLC | Humboldt Merchant Services | Impact Paysystems | Electronic Merchant Systems