The payments sphere was on its toes throughout 2007. Reports of a security breach that compromised nearly 100 million consumer bankcards created a media tempest in February. And the stage was already set for federal and state-level scrutiny, as well as stepped up enforcement of the Payment Card Industry (PCI) Data Security Standard (DSS). Indeed, security concerns swept the industry with machine gun speed.
Additionally, merchants fed up with interchange made their voices heard on Capitol Hill, and the Federal Trade Commission flexed its muscles to clamp down on alleged processing abuses. Against this backdrop, the industry sped on, fueled by the hard work of you, the ISOs and merchant level salespeople (MLSs).
To help you stay abreast of rapid-fire developments over the past year and provide you with tools to deal with the ever changing payments landscape, The Green Sheet covered big picture business strategies and shifts, as well as nuts and bolts tips and tricks for success.
Here are The Green Sheet's top picks for 2007: five attention-grabbers having broad industry impact followed by five hot-button business issues for ISOs and MLSs.
The Payment Card Industry (PCI) Data Security Standard (DSS) loomed large for the payments industry in 2007. The September 2007 issue of GSQ, Vol. 10, No. 3, entitled "Defend the data," covered PCI and data security in depth. Plus, we published news, educational or analytical articles on the topic in every issue of The Green Sheet because it has become increasingly obvious to payments professionals just how critical this issue is.
Data breaches in the news included the cloning of debit and credit cards used by patrons in Huntsville, Ala.-area restaurants; a hacker accessing credit card information of 11,500 customers of Johnny's Selected Seeds; and the stunning TJX Companies Inc. breach that compromised an estimated 94 million credit and debit account numbers.
The card brands set deadlines for merchant PCI compliance, set hefty fees for businesses found to be noncompliant and even offered financial incentives to the tune of $20 million to parcel out to acquirers that get merchants on board with PCI. The good news is that more resources were developed to help the effort. These include formation of the PCI Security Standards Council, an independent standards board that manages global training and compliance certification. It is now working on PCI DSS version 2.
Additionally, American Express Co., Discover Financial Services, Visa Inc. and MasterCard Worldwide offer on their respective Web sites resources to assist merchants and acquirers with compliance. (For more details, see "Resources for ISOs, MLSs, clients and partners" in GSQ, Sept. 2007, Vol. 10, No. 3.)
Some lawmakers at both federal and state levels think the payments industry is not doing enough on its own to secure cardholder data. Industry experts urged all ISOs and MLSs to keep apprised of any legislation in the works and to get involved to affect the outcomes. (See more on this topic under "3. Politics unusual" in this article.)
Despite ongoing educational efforts and success in bringing a greater percentage of merchants into compliance, the National Retail Federation's David Hogan claimed in October that the PCI DSS has failed to protect sensitive customer information from theft and fraudulent use. PCI compliance is obviously going to be a major issue in the industry for the foreseeable future.
In January, Visa introduced the PCI Compliance Acceleration Program, an additional security incentive to merchants. Those whose transactions were PCI compliant became eligible for lower interchange rates.
In February, Congress started to poke around on the issuing side, examining costs linked to debit and credit cards - a warning that an investigation on the acquiring side could be next. Almost simultaneously, a 2004 federal lawsuit in California challenging interchange fees was moving through the courts.
The card Associations implemented new interchange fee schedules, a common occurrence in the springtime. Visa U.S.A. implemented a new credit card type - Signature Preferred - that raised rates on certain transactions. Visa also modified its existing commercial card rate schedule. It created three interchange categories by which it now identifies each commercial card transaction.
Dissatisfied with the status quo, the NRF appealed to lawmakers in an effort to force major changes to interchange, claiming the fees are exorbitant, arbitrary and unjust. In June, lines were being drawn in the sand. Congress stepped on the battle field in August to make sense of the mess and cool everyone's jets. But it didn't take long to heat back up; interchange hit the Congress floor again in October.
Arkansas lawmakers approved Arkansas Act 911, which imposed strict disclosure requirements on merchant processing agreements, as well as caps on certain fees. The legislation also capped fees that can be assessed for early termination of card processing contracts. The bill applies only to nonbank providers of merchant services.
On Aug. 14, 2007, the U.S. District Court, Eastern District of Texas ruled against AdvanceMe Inc. in a patent infringement suit. AdvanceMe filed the suit against Business Capital Corp., First Funds LLC, Merchant Money Tree Inc., RapidPay LLC, Reach Financial LLC and Fast Transact Inc. (doing business as Simple Cash).
The court found that the defendants directly infringed the asserted claims of the U.S. Patent No. 6,941,281, but the patent itself was invalid for two reasons: There was prior art, and the patent was obvious and anticipated.
The Federal Reserve Board and the Reg. GG), set out how the government intends to enforce a 2006 law that aims to stop most forms of Internet gambling by U.S. residents by making it illegal for banks and other payment companies to process transactions tied to Internet gambling.
Meanwhile, California Gov. Arnold Schwarzenegger vetoed a California consumer data protection bill on Oct. 13, 2007, citing overlap with the PCI DSS. If it had become state law, AB 779 would have made merchants follow data security standards, provide easily accessed information about breaches to affected consumers and compel merchants to pay consumers reimbursement costs for credit or debit card replacement.
Much like the PCI DSS, the proposed California bill, AB 779, attempted to limit the amount of consumer data stored by merchants. But, unlike PCI DSS, the bill would have required "specified reimbursement and notice provisions" to consumers.
It was a bad year for Merchant Processing Inc. In April 2007, the FTC filed a complaint in the United States District Court of Oregon against MPI; its owner, Aaron Lee Rian; and two other firms Rian controls, Vequity Financial Group Inc. and Direct Processing Inc.
The FTC alleged the company engaged in fraudulent and deceptive trade practices while selling debit and credit card processing services by failing to disclose the true terms of contracts to some of its merchants. The court froze the assets of the defendants and appointed Michael A. Grassmueck as MPI's Receiver.
In the aftermath, MPI, under the control of Grassmueck, took steps to correct the problems that prompted the FTC's action. MPI went through a dramatic restructuring, affecting everything from its merchant agreements to its staff.
The demise of cash is predicted every year, but we're not there yet. However, the 2007 Federal Reserve Payments Study released in December indicates electronic payments, especially debit cards, are America's preferred form of payment.
Three years after implementation of the Check Clearing for the 21st Century Act - federal legislation commonly referred to as the Check 21 Act or Check 21 - it now seems conceivable that a majority of checks will some day clear and settle electronically.
Contactless payments grows every year, and some experts believe it's only a matter of time before this technology pushes other payment forms off the path.
Prepaid card purchases continue to climb, especially during the holiday season. The cards are increasingly favored as a way to give employees bonuses.
Alternative payments such as PayPal and Google Checkout appeal to online shoppers looking for extra security. Plus, they help merchants slash credit and debit card processing fees - uh oh.
Shrinking margins and rising costs were an unpleasant fact of life in 2007. And they created their own set of challenges - small mistakes can have big consequences; inattention can lead to insolvency; and business techniques that might have been labeled "nickel-and-diming" a decade ago have become many a business owner's best friend.
The most successful businesspeople in this industry are those who can pinpoint what exactly their hairline-thin profit margin is. And they are constantly on the watch for tips and tricks to cut costs or increase profits. (You'll find them reading industry publications like The Green Sheet, sharing or exploring new strategies on the GS Online's MLS Forum and attending industry events to stay current.)
With razor-thin profits the industry norm, tips that save (or earn) even small amounts of money are analyzed for their return on investment (ROI) and implemented. While small mistakes can lead to big problems, small savings can lead to large profits. During 2007, some businesses nickel-and-dimed themselves to failure, and others nickel-and-dimed themselves to success. But everyone found themselves watching their pocketbooks like never before.
Unless you've just come out of a coma, you've heard of value added services. In 2007, you likely heard about value added services a lot. And the reason has everything to do with (you guessed it) shrinking margins and rising costs. In addition to razor thin margins, 2007 brought increased competition for a shrinking pool of new merchants.
In 2007, you would have been hard pressed to get rich on volume alone. But with some ingenuity, a little luck, a lot of work and value added services, wealth was still possible.
Value added services - whether additional products like prepaid or gift cards, or your own expertise and consulting in something like the business-to-business (B2B) market - help you earn additional income from existing merchants (improving your ROI), improve your customers' "stickiness," and help you stand out in a competitive field.
A little knowledge can go a long way in creating a business plan rich in value added services. That's why The Green Sheet covered a huge range of value added services during 2007, from prepaid products to merchant cash advances.
Another 2007 trend was to prospect outside the retail/restaurant box. One nonretail market that shows a lot of promise is B2B - with over $2 trillion in annual sales in the United States alone.
Celent LLC believes over half of all B2B transactions will be made electronically by 2012. However, the B2B market is sluggish, encumbered by manual processes, legacy systems and proprietary formats.
Still, B2B's projected 30% to 35% growth and the higher average tickets are enough to garner some close attention even though these sales require more MLS expertise and a longer time from initial contact to closing.
The move to a cashless society is still excruciatingly slow, but emerging sales strategies in 2007 showed business sectors MLSs neglected 10 years ago may soon become hot prospecting territory.
Every scandal involving unethical behavior on the part of an MLS (and every threat of increased regulation) brings up the discussion of MLS certification.
Most agree that a voluntary certification program could help prevent a government regulated one and help cure the lingering bad reputation MLSs have with some merchants. It would also provide ISOs a way to differentiate potential star agents from the bad apples. And certification would be an effective marketing tool that showcases the knowledge of certified MLSs.
But creating a certification program that would cover all aspects of an ever-changing industry is gnarly enough; finding an impartial organization willing to take on the administering of the certification process - and any potential liability - is a show stopper.
Even though 2007 didn't see the launch of a MLS certification program, it did see the National Association of Payment Professionals begin researching just what it would take.
The fact that NAOPP was looking at the issue was enough to pull a lot more attention on the need for education, which meant more ISOs providing or paying for continuing education, and more MLS improving their skills and knowledge.
Red or blue, Coke or Pepsi, toilet seats up or down - some issues just don't seem to have much middle of the road, and the 1099 (contractor) versus W-2 (employee) debate is one of those.
Some ISOs insist on their MLSs being W-2 employees; they say it ensures their salespeople's undivided attention and makes it more likely that the employee will represent them in the way they want.
Others insist the investment an ISO must make to bring in a W-2 employee is so high that they are less likely to take a chance on a new employee. They also believe 1099 independent contractors are more motivated to sell.
MLSs, too, are divided. Some say the lack of benefits and a long period before substantial residuals build up in the 1099 model discourage anyone new from entering the industry unless they're moonlighting or supported by someone else.
Others say they gravitated toward this industry because of the freedom to run their own show. They insist a W-2 model could limit their potential profits. All might agree that flexibility in terms of employment status is a plus.
All in all, 2007 was a very good year for payments professionals. And for those who continue to improve their industry knowledge and insist on the very best business practices among their partners and clients, 2008 ought to be even better.
The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.
Prev Next