Tag Archives: E-Commerce

Hackers find new target: Mariott [2023 Update]

Holiday Inn, Marriott Hotels Suspected Targets of Data Breach

The Official Merchant Services Blog has breaking news regarding the ongoing series of credit card data breaches. One the heels of the major hack of discount retailer of Target that stole credit and debit card data from 40 million accounts right smack dab in the middle of the holiday shopping season, there’s yet another target of hacker greed: Holiday Inn. Lodgers at Holiday Inns, Marriott and Renaissance hotels may have had their payment card details compromised for much of 2013 as revealed a hotel management company on Monday.

White Lodging Services, a hotel management company, warned in a news release it suspects point-of-sale systems at restaurants and lounges on 14 of its properties were compromised between March 20, 2013 and Dec. 16, 2013. Guests who did not use their card at restaurants and lounges, as well as those who used their room account for purchases from those outlets, were not affected, the press release revealed.

The Merrillville, Indiana-based company said it manages hotels like Holiday Inn under agreement with hotel owners. The company is a separate entity from the specific hotel brands it operates. White Lodging Services said it has contacted federal law enforcement and initiated a forensic review of its properties. It runs more than 169 hotels in 21 U.S. states.

The Full List

The full list of the food and beverage outlets affected by the suspected breach were located at the following hotels:

Marriott Midway, Chicago, IL
Holiday Inn Midway, Chicago, IL
Holiday Inn Austin Northwest, Austin, TX
Sheraton Erie Bayfront, Erie, PA
Westin Austin at the Domain, Austin, TX
Marriott Boulder, Boulder, CO
Marriott Denver South, Denver, CO
Marriott Austin South, Austin, TX
Marriott Indianapolis Downtown, Indianapolis, IN
Marriott Richmond Downtown, Richmond, VA
Marriott Louisville Downtown, Louisville KY
Renaissance Plantation, Plantation, FL
Renaissance Broomfield Flatiron, Broomfield, CO
Radisson Star Plaza, Merrillville, IN

White Lodging last week told the New York Times it was investigating a potential security breach, covered in a report from security writer Brian Krebs. The same Krebs who broke the news on the Target Data Breach as well as the Global Data Breach.

What Was Hacked?

The unlawfully accessed data may have included names printed on customers’ credit or debit cards, credit or debit card numbers, the security code and card expiration dates. Guests who used or visited the affected businesses during the nine month-period and who used a credit or debit card to pay their bills at the outlets might have had such information compromised and are encouraged to review their statements from that time period.

One idea posited on how this happened is RAM scraping. Attackers are planting malicious software, known as “RAM scrapers,” on POS devices, which capture unencrypted card details after a customer has swiped a card, defeating other security measures in place intended to protect sensitive details. White Lodging said customers’ names as printed on credit or debit cards, the card numbers, the cards’ security code and expiration dates may have been unlawfully accessed.

What’s Next?

Financial institutions have reissued some payment cards and are monitoring other credit and debit cards for unauthorized activity, the company said. White Lodging is also arranging to offer one year of complimentary personal identity protection services to all affected cardholders.

The unfolding disclosures have drawn the attention of the U.S. Congress. The House Energy and Commerce Committee is scheduled on Wednesday to hear from senior executives from Target and Neiman Marcus along with the U.S. Secret Service about how data breaches can be prevented.

Host Merchant Service’s PCI Compliance Initiative

Looking at the threat of a data breach, Merchants must wonder what the solution can be. Is there protection available? PCI Compliance is a great foundation for transaction security. The standards and protocols set up by the PCI-DSS Council are the first step a merchant needs to take to protect their data. And Host Merchant Services offers a PCI Compliance Initiative that helps its merchants quickly and seamlessly take that step.

Also, one thing to consider if you are a merchant and you are worried about data breaches affecting your bottom line: Host Merchant Services Data Breach Security Program. Click that link to download a PDF explaining the value-added service HMS provides its merchants that goes above and beyond just simple PCI Compliance and helps ensure a merchant’s peace of mind.

Can Chip Cards Stop the Hax? [2023 Update]

Leave a reply

The massive data breach at Target is a big shining beacon illuminating exactly how behind the times the United States remains when it comes to credit card security — namely EMV® chip technology.

EMV is a worldwide standard for credit and debit card payments based around the use of chip card technology. The acronym stands for Europay, MasterCard, and Visa, who collaborated to create the technology. The goal of this project was to create a card that worked based off of a microprocessor chip that is read by the payment terminal. Because the U.S. has yet to widely deploy embedded chip technology, the nation has increasingly become the focus of hackers seeking to steal such information. The stolen data can easily be turned into phony credit cards that are sold on black markets around the world.

In fact, KrebsOnSecurity, the website that broke the news of the Target hack, has reported that the card information stolen in the Target Data Breach has been showing up on the black market. Credit and debit card accounts stolen during the security breach have reportedly flooded underground black markets, going on sale in batches of one million cards. The cards are being sold from around $20 to more than $100 each.

Over the last decade, most countries have moved toward using credit cards that carry information on embeddable microchips rather than magnetic strips. The additional encryption on these aptly named smart cards has made the kind of brazen data thefts suffered by Target almost impossible to pull off in other countries. Which is why as of Q4 2012, there were roughly 1.62 billion EMV cards in consumers’ hands and 23.8 million terminals deployed throughout Europe, Asia, and Africa. About 80 countries have adopted the technology as a standard. By comparison, about 1% ofcredit cards issued in the U.S. contain such technology, making the United States a tasty target for hackers.

“The U.S. is one of the last markets to convert from the magnetic stripe,” Randy Vanderhoof, director of the EMV Migration Forum told the LA Times. “There’s fewer places in the world where that stolen data could be used. So the U.S. becomes more of a high-value target.”

The credit card industry reports the U.S. accounted for only 24 percent of global credit card payments by volume in 2012, but it accounted for 47 percent of the fraud.

So Why No Chips in the U.S.?

According to experts the reasons the U.S. lags so badly in adopting smart cards are complicated. In part, there hasn’t been the political will to demand that businesses and financial institutions make the change. One might think the Target data breach would spur politicians to action or at least get consumers to light a fire under those politicians. But the Target hack is just one in a growing list of data breaches, and the 40 million compromised cards are rather mundane.

In April of 2011, the Playstation Network was hacked, compromising the vital information of 77 million accounts, and 24.5 million Sony Online Entertainment accounts. This has been touted as one of the largest personal data heists recorded in history, and prompted Sony to shut down its services for a month. In 2009, credit card processor Heartland Payment Systems disclosed that thieves had broken into is internal card processing network, and installed malicious software that allowed them to steal track data on more than 130 million cards.

If neither of those data breaches could spur on the adoption of EMV cards, it’s unlikely the Target hack will move the needle. The inertia built up against the smart cards then must be due to some other reason Analysts also say the payment processing system in the U.S. is more complicated, with merchants, credit companies and banks reluctant to spend the big bucks it would take to convert a system with 1 billion credit cards to EMV from magnetic stripes. But that’s still too murky.

The primary reason such technology has taken so long to make its way into the U.S. is far more simple: Chip-embedded cards are more expensive to produce. Each merchant would have to purchase new equipment to hand them.

What the Future Holds …

The good news for consumers is that the U.S. is indeed moving to embrace smart credit cards. The Official Merchant Services Blog reported almost two years ago that the United States was moving slowly but surely toward adopting chip cards. Visa took the lead in the U.S. push, reporting that as of December 31, 2011, the credit giant had issued more than 1 million credit cards that use “chip” technology to store consumer payment information. Visa made an announcement in August 2011 hat it planned to start issuing more EMV — Europay, Mastercard, Visa — smart cards to push the industry toward better security and an easier transition to mobile payments.

In the last couple of years major card issuers have laid out road maps for upgrading the card technology, and many have set out to achieve this by October 2015.

TransFirst, Host Merchant Services’ acquirer and one of the premier providers of transaction processing services and payment processing technologies in the U.S., issued a mandate in response to the EMV push. TransFirst said that Visa will require U.S. acquirer processors and sub-processor service providers to be able to support merchant acceptance of chip transactions no later than April 1, 2013. Visa also intends to institute a U.S. liability shift for domestic and cross-border counterfeit card-present point-of-sale transactions effective October 1, 2015, and for fuel-selling merchants by October 1, 2017.

Ocotber 2015 was chosen because at that point major credit card companies will change their rules about who is liable for fraudulent purchases caused by security breaches. Under the new rules, the entity in the payment chain — merchant, credit card, banks — deemed to have the weakest security will be liable. Credit card companies can’t make anyone adopt the technology, but they’re giving them a hard nudge.

The Bottom Line

While the Target Data Breach once again brings up the topic of credit card security, it seems like the U.S. is still poking along with its slow adoption of EMV chip cards. Hackers will still continue to target the low hanging fruit that the largely magnetic stripe based U.S. credit card industry still works with. But EMV chips and increased digital security of cardholder information is coming. October 2015 looms closer and closer.

Marketplace Fairness Act Looms [2023 Update]

Leave a reply

With the 2014 holiday shopping season about to grind down to the home stretch, the sales figures are already rolling in. And once again, online transactions have maintained their brisk and healthy growth from years past.

Cyber Monday chalked up record sales, rising a reported 17 percent from 2012 according to USA Today. Cyber Monday, the Monday after Thanksgiving, has been embraced by the media as a flashpoint date for online retail sales during the traditional holiday shopping cycle. The convenience of online shopping versus the hassle of holiday shopping traffic gets the consumers interested. Combining that convenience with the staggeringly low sale prices of the time period and suddenly the appeal of online shopping becomes apparent for folks looking to get their holiday shopping done inexpensively and hassle free.

So with the boom in online shopping, there exists a disparity in sales tax in some instances. This isn’t something that comes up too often in Delaware, the original home base of Host Merchant Services. But many states have sales tax for purchases, and are finding it difficult to compete with the surging online retail business.

While legislation in some states requires sales tax be paid on some online transactions, most sales are still untaxed. In many states that translates into a 5-10 percent price advantage for the online vendor. But it also is a 5-10 percent disadvantage for local brick-and-mortar stores that not only collect sales taxes, but also pay property taxes, employ local residents and support local causes.

Thus there’s been a movement to level the playing field by attacking the sales tax disparity. The Marketplace Fairness Act is the solution to the sales tax disparity. The marketplace fairness act is:

“Marketplace Fairness Act of 2013 – Authorizes each member state under the Streamlined Sales and Use Tax Agreement (the multistate agreement for the administration and collection of sales and use taxes adopted on November 12, 2002) to require all sellers not qualifying for a small-seller exception (applicable to sellers with annual gross receipts in total U.S. remote sales not exceeding $1 million) to collect and remit sales and use taxes with respect to remote sales under provisions of the Agreement, but only if such Agreement includes minimum simplification requirements relating to the administration of the tax, audits, and streamlined filing. Defines “remote sale” as a sale of goods or services into a state in which the seller would not legally be required to pay, collect, or remit state or local sales and use taxes unless provided by this Act.”

Which means out-of-state online, catalog or remote would need to collect sales tax at the time of the transaction, just as local retailers are required to do. For this to happen each state would have to simplify their sales tax laws, making it easier for national vendors to calculate the tax and manage it.

The Marketplace Fairness Act would pave the way for states to require online sellers from out of state to begin paying the sales tax they’ve escaped for years. Senator Dick Durbin (D-Ill.) said “The Marketplace Fairness Act would level the playing field for small businesses by allowing states — if they so choose — to treat brick and mortar retailers the same as remote retailers.” Durbin, who is sponsoring this bill, is best known for authoring the Durbin Amendment, a piece of legislation that caused much controversy in the Payment Card Industry when enacted.

The act passed the Senate. But has yet to be voted on in the House, with all signs pointing to it not passing the House.

There’s been an uptick in media coverage and analysis of this bill. Essentially the verdict is that the increased sales volume from the holiday shopping season is going to push the political infrastructure to once again address the issue of state sales tax and online merchants.

And that raises the most interesting question of all for the credit card processing industry: Is the global aspect of online shopping going to take a huge step towards pushing sales tax to a federal layer and remove it from the states?

That’s a very big picture outlook on the issue. But as online shopping becomes more and more prevalent, the issue gains traction. The world is becoming a pretty tiny place due to the saturation and convenience of communication. You can video-call people on the other side of the globe instantly with your smartphone right now. Mobile Wallets and NFC are seeking to make it so that you can wave your magic wand, or iPhone, and pay for things instantly. State based sales tax laws look to fall behind the curve of quick evolving technology. Five, ten, even fifteen years down the line the way we make purchases and the marketplace wherein we make those purchases may have evolved past the scope state sales tax. The Marketplace Fairness Act seems to be just a precursor to a larger movement afoot in the retail sales industry.

Isis Mobile Wallet is Here

Leave a reply

Isis Mobile Wallet Debuts Using NFC Technology

A joint venture between AT&T, Verizon Wireless and T-Mobile known as Isis Mobile Wallet has released a revolutionary mobile payments app that promises to change the way people pay for goods and services. The trio of mobile service providers are ecstatic to finally debut this mobile payment platform right before Black Friday and the rush of the holiday shopping season, as this technology lets consumers conveniently utilize their mobile phone to pay for goods and services. Use of the platform makes it easier for merchants to accept a wider variety of payments and the Isis system itself encourages repeat purchases through loyalty programs tied into the app and its software.

The debut of Isis also heralds a huge step forward for Near Field Communication technology (NFC), a topic we’ve been consistently covering since our Official Merchant Services Blog began.

What Is the Mobile Wallet Platform?

The Isis Mobile Wallet platform is a completely free mobile application that utilizes NFC technology to allow consumers to pay for purchases by waving their mobile device in the air at a terminal that captures the pertinent information out of thin air. The mobile payment industry has been dealing with one large obstacle from NFC recently, as Apple hasn’t made its iPhones compatible with NFC. And so an Isis representative said that iPhone support would come at a later time. Until then, the app is available on all other compatible phones, but users should be aware that downloading the app could cost money if they are not subscribed to a monthly plan with unlimited data.

How the Platform Works

The NFC technology used in the mobile payments app allows mobile devices to transfer information when they are tapped together. Merchants who use devices with this technology can accept payments quickly and securely from customers who have compatible devices. But wait, there’s more.

Mobile payments represent just one of the benefits of the Isis app. Merchants can offer loyalty rewards to customers through the app. These rewards can be earned and stored directly on a mobile device. We’ve delved into some of these types of incentives in our coverage of the Barclays bPay app, as well as social gifting articles. The basic idea of what’s happening is the app is giving customers yet another avenue for savings through their mobile device, in hopes to spur more purchases. Discounts are automatically deducted from a sale when Isis is used to pay for a product or service. There’s no need for merchants to have cards or keychains printed, and customers do not have to worry about keeping track of dozens of loyalty cards.

Some specific incentives that are tied with the Isis debut: Isis Mobile Wallet customers can use My Coke Rewards and Isis to get three free drinks at select vending machines, while Jamba Juice is giving away 1 million free smoothies to Isis users. Purchases made from an American Express Serve account through the Isis wallet are eligible for a 20 percent discount (up to $200).

A PIN is used to protect personal information if a phone is lost or stolen. The wallet can be locked when a phone is lost to prevent information from being breached.

Phone Compatibility With NFC Technology

NFC technology requires a cellphone user to have personal payment information stored on their phone. The sensitive nature of this information means that extra precautions must be taken. An enhanced SIM card that specifically details that it has been made for secure data storage must be used in conjunction with the application. Interested customers will have to get an enhanced SIM card to run Isis. They will also have to download the app on Google Play or get signed up at retail stores run by the three carriers.

The iPhone and NFC issues [2023 Update]

Leave a reply

Apple’s Latest iPhone 5S and iPhone 5C Lack NFC Support, Market Setback Expected

The iPhone and NFC issues can lead to a market setback. The sphere of influence of the iPhone apparently extends into industries that develop products for mobile payments. Mobile credit card processing and various merchant services, including various point-of-sale applications, are also influenced by Apple’s decisions. The close relationship between these technologies is most visible in the market for mobile payments.

Specifically, there is a lack of near-field communication, or NFC, support inside the iPhone 5. The absence of this capacity could delay the standardization and adaptation of associated applications. This restriction is already creating waves, which are rippling throughout Western Europe as well as North America; however, Asian markets are not expected to sustain any substantial impact.

Apple’s main competitors fully embrace NFC technology, and the mobile credit card processing market is also doing very well. This situation certainly begs the question: Is this a part of a larger marketing strategy, or did Apple simply drop the ball when developing compatibility for merchant services?

Facilitating mobile credit card processing and other instant transactions does not constitute small potatoes, so it is worth taking a closer look at the situation.

iPhone and NFC issues – Motives and Methods

Two items seem to be present and capable of driving the decision to scrap the addition of NFC compatibility within the iPhone. First, it is possible that Apple might be attempting to undercut certain competitors. Since these products are targeted at initiating a new method for making fast and secure mobile payments, there could also be a conflict of interest lurking in the background.

Apple could also be attempting to establish a position of influence in the market for merchant services by changing the company tune only when outcry for their support reaches a high point. In addition, Apple has elected to develop the iPhone technology by using iBeacon, which employs similar transmission functions, but it is done via Bluetooth Low Energy or BLE.

Analysts observe that this single decision could put certain product developments for processing mobile payments behind for at least two years. Retailers have certainly responded by delaying their financial commitments for relevant point-of-sale devices and supporting products.

Since several alternatives to NFC are already in development, it seems like a stretch of the imagination to assume that this move is indeed strategic or even deliberate. Perhaps Apple is simply unresponsive to the various market dynamics created by its key decisions; however, this decision could also be motivated by its desire to control the technology and shift market dynamics with iBeacon. Only time will reveal the details.

About NFC

One remarkable technological innovation that has transformed our interaction with devices is NFC! Abbreviated as Near Field Communication NFC has gained attention in years, particularly in the realm of ecommerce business. So, what exactly is NFC? How does it work its enchantment?

What is NFC?

NFC, also known as Near Field Communication is a technology that enables devices to communicate and share information within distances. It works on the principle, of Bluetooth and Wi-Fi connections by utilizing radio frequency waves. However, what makes NFC unique is its ability to establish a connection by bringing two devices close together.

Unlike communication methods that require complicated setup processes or pairing codes, NFC allows for seamless interaction with just a tap or touch. This convenience has made NFC widely popular across applications such as payments, ticketing systems, smart home automation, and data transfer between smartphones.

One of the features of NFC is its compatibility with existing infrastructures. Many modern smartphones already come equipped with an integrated NFC chip that enables users to make payments using wallets like Apple Pay or Google Wallet. Additionally, businesses can utilize NFC-enabled point-of-sale terminals for transactions without the need for cash or physical cards.

NFC tags are another aspect of this technology. These small adhesive stickers can be programmed with instructions such as launching apps connecting to Wi-Fi networks or even triggering actions, on your device when tapped against them.

NFC is a way of communicating that makes it easier for devices to connect through close interactions. Its flexibility and user-friendly nature make it a valuable tool, for improving user experiences in industries and everyday situations alike.

Use Of NFC

One of the applications of NFC is for making mobile payments. With a tap of your smartphone or smartwatch, you can conveniently and securely make purchases at stores and restaurants without having to take out your wallet.

Another purpose of NFC is to transfer data between devices. By touching two devices together you can easily share photos, videos, contacts, and more. No need for cables or complicated setup processes.

NFC also finds its usefulness in access control systems. Imagine the convenience of entering your office building or hotel room by tapping your phone on a reader. This eliminates the need for keys or swipe cards. Provides a seamless experience.

Moreover, NFC tags have the ability to automate tasks on your device. For instance, you can program an NFC tag in your car to automatically launch navigation apps or enable Bluetooth connectivity with a tap using your phone.

In addition, to these applications, NFC technology is also being incorporated into marketing strategies. Brands are leveraging this technology to offer engaging interactions, for their customers through posters and product packaging. These interactive elements can activate content when touched with a device that supports Near Field Communication (NFC).

As demonstrated by these examples Near Field Communication has a range of applications, in our lives. It enables us to make payments share files, access buildings, and even enhance marketing initiatives. The potential seems limitless!

How Does NFC Interact With My Device?

When you tap your smartphone against another NFC-enabled device like a payment terminal or another phone the two devices establish a connection. This connection enables them to exchange information without any delay.

The interaction between your device and the NFC-enabled one happens because of fields. When the devices come close to each other their antennas generate these fields that facilitate communication between them.

Once the connection is established data can be transferred between the two devices. This could include making payments at stores or sharing files like photos and videos between smartphones.

One of the things about NFC is its simplicity. There’s no need, for setups or passwords – just a simple tap is all it takes to initiate communication.

It’s worth noting that both devices involved in an NFC transaction must have hardware and software for it to work correctly. Fortunately, most modern smartphones already come equipped with NFC capabilities.

NFC interacts with your device by utilizing fields generated by antennas. It makes things easier, such, as paying and sharing files by creating connections, between devices that work together with a simple tap. So the time you come across that NFC” symbol on a device you’ll have an understanding of its functionality!

Know more about NFC here.

Bitcoin Craze Generating Big Profits For Some [2023 Update]

Leave a reply

Bitcoin is a topic that most people who spend time on the Internet have heard about. A Bitcoin is not a tangible coin like traditional currency. It is a virtual currency that can be bought, sold and mined electronically. For Andreas Kennemar and Marcus Erlandsson, an idea involving Bitcoins turned out to be beyond profitable.

Mining Computers

In the short span of four days, Kennemar and Erlandsson earned $3 million in revenue. How did they do this? KnCMiner, their company, does not actually own the virtual coins or trade them. Instead, they crafted a computer that is designed to mine the currency online. At $7,000 per unit, these computers are certainly more of an investment than the average desktop or laptop. During the second week of November, KnCMiner sold off all of its inventory when Bitcoin prices were skyrocketing. In a record four minutes, the men made an impressive $600,000.

How To Mine Coins

At first mention, the idea of mining a virtual currency may sound like an easy treasure hunt game to the average person. However, the process is very complex. Without the right electronic tools and equipment, mining a Bitcoin is difficult for a regular computer. There are several cryptographic puzzles that must be solved, and the average computer does not have the ability to compute them. This is where the two men who created the mining computers developed their idea. They used a special chip, which is called an Application-Specific Integrated Circuit or ASIC.

To build a coin, a computer has to calculate an encryption problem that is called SHA-256. The graphic card or ASIC does the processing, and the algorithm must be solved in order to create new coins. The process is commonly called solving a block. When a computer is successful in creating new Bitcoins, it will be verified with other processing computers in the network. The first person to solve a new block is the one who receives the coins. Currently, there are 25 Bitcoins per block with a limit of 3,000 per day before it becomes significantly harder to produce more coins.

The idea of this virtual currency certainly provides opportunities for creative people to make money, but some detractors also argue that the system is flawed or unsustainable. If anything, the value of a Bitcoin has certainly proven volatile. Here at “The Official Merchant Services Blog” we’ve covered a variety of aspects concerning virtual currency. We delved into tokenization just recently, which facilitates the processing of payments by creating virtual tokens instead of storing cardholder data in a way that is susceptible to breaches and hacks. We have also covered aspects of micro-transactions and how video games embrace both the concept of virtual currency and the sale of virtual items for real currency. Bitcoin and the ongoing developments in Bitcoin mining takes these concepts to a whole new level of depth and economic intrigue. We will continue to monitor and report on the Bitcoin story as it unfolds.

The Death of E-Commerce? [2023 Update]

Leave a reply

I just sat down at my desk and took a few moments to read Antonio Regalado’s fascinating column on E-Commerce from MIT Technology Review. I recommend it to anyone who runs a business, or really anyone who plans to buy something in the next month or two — you know, during the Holiday Shopping Season.

It’s That Time of Year Again

With that holiday shopping season right around the corner the media spotlight on E-Commerce is about to get dialed up a few notches. The standard media grind of finding a new story to keep things fresh, yet rehashing the same old topics over and over again, is really quite fond of the E-Commerce tale since it basically hits every mark needed in a story this time of year. It’s well trod ground (retail sales figures during the time of year when people flock to shop retail), it’s fresh and flashy (buying with a smartphone is the new “it” thing) and it’s easy to write about (everyone’s got a smartphone and in between texts can probably offer an opinion about the story).

So there’s going to be a flood of “E-Commerce, it’s not just for kids anymore!” style pieces written, along with chart after chart of how many billions of dollars are being spent on products through the whiz bang-up new gimmicks of smartypants phones and interwebs tubes (it’s not a truck, but it powers a fleet of delivery trucks!)

It’s this pending recycle of the news cycle that Regalado’s piece really underscores. It’s starts with the subhead of the article, “E-commerce is an idea whose time has come and gone. Here’s why.” A bold statement when placed up against the pending flood of stories that are going to tell us that E-Commerce is (still) the next big thing.

But that’s the hook of Regelado’s article. And it certainly worked its magic on me and got me to read it.

More Than Meets the Eye

Regalado’s point isn’t that E-Commerce is done. It’s more that it’s becoming part of the everyday fabric of retail business. So he’s saying that E-Commerce has been merged into a total shopping experience and is no longer a new gimmick.

The article really slams this point home when it quotes Chris Fletcher, a research director at Gartner (who we here at HMS have used data and graphics from on this very topic). Fletcher told the MIT Technology Review’s Business Report, “we should stop calling it E-Commerce and call it just commerce,” and suggested that it’s really just a part of the shopping experience now.

This quote called up more than a few variants of the corny joke, “In China, they just call it food.” But the point is very well taken this year, and is something we’ve been alluding to for two years now at Host Merchant Services: The whole shopping experience has blending together with Online and Brick and Mortar since the very beginning.

Days of Future Past

This has really obvious but powerful ramifications for our company. As more and more people just accept online shopping as much a part of the process as window shopping or catalog shopping, the amount of credit and debit card transactions continues to increase. Those are the two most common methods of payment in this online environment. And so as the business evolves to the point where popping into a Macy’s ends up auto-texting you a free discount code on your next Macy’s purchase, payment card transactions become the norm.

Keeping an Eye on Heat Mapping

Oh and Regelado’s article really dives into that bit with your location spawning discounts:

” Threatened by the growth of low-cost online merchants, traditional retailers are reacting by following customers onto the Internet. Macy’s does it as well as any. On its website, it installs 24 different tracking cookies on a visitor’s browser. On TV, it runs ads with Justin Bieber that urge millennials to download its mobile app, which tells them which of the chain’s stores is closest to their location. Once inside, they can use the app to scan QR codes on a pillowcase or a pair of shoes. Online orders now ship from the backrooms of 500 Macy’s stores that this year began acting as mini distribution centers.”

Omnichannel marketing is the buzzword associated with this. But it’s something we’ve been discussing at HMS for awhile now. Our partnership with Barclay’s Mobile app opened this slick marketing tactic up to us ages ago. It’s really quite clever. The business uses its connection to your phone (and thus your own transaction history, your GPS location, as well as data that it can find in various places like social media) to track your buying habits.

I remember the first time the heat mapping aspect of Omnichannel Marketing was explained to me by HMS Tech expert Ken Hemmel.

He described a system where I’d be walking along on Main Street in Newark, which was where the Barclays app was being targeted, and I’d pop into a restaurant. I’d buy a meal and have a glass of a particular wine with that meal. The information would then prompt my phone the next time I walked past a wine and spirits store that was participating in the program. And I’d be given a coupon code to save money on a bottle of that kind of wine I had with my meal. This would combine transaction history, with GPS location and turn into an aggressive marketing tactic to get my business.

A Whole Store in Your Pocket

Another salient point Regelado’s article made really resonated with me personally. The article cites US Census economic data and states that only 5.2 percent of US retail purchases were made online in 2012. But then the article cites the effect of online research, noting that 80 percent of BestBuy customers said in a survey that they already searched for price information online before making a purchase in person. And that a third of them do so on a phone while inside the store.

So the last two purchases I made at BestBuy were an HD TV, which I searched for information on while in store, and a computer which I was shopping for online before I went there. I fell right into those statistics. I wanted to comparison shop and read reviews before making the purchase and had the device right there in my hand that let me do exactly that.

The only thing that held me back from ordering either of these items completely online was impatience. I wanted the item that day. Which is exactly what Relegado’s article also gets into:

“But now [Amazon] and other Internet companies, including eBay and Google, are investing in same-day delivery—getting goods to people just hours after they order them. With their drop boxes and fleets of delivery cars, they’re bidding to eliminate one of physical retailers’ main advantages: immediate gratification.”

The suggestion is that technology is pushing retailers to evolve. They embrace social media, and online power, and create a shopping experience once again tailored to meet the needs and convenience of their customers.

Been There, Done That?

It reminds me of Warren Ellis and Darrick Robertson’s groundbreaking comic book, Transmetropolitan. Set in a Bladerunner-on-acid style future and revolving around a pastiche Hunter S. Thompson-inspired Gonzo journalist named Spider Jerusalem, the comic had a very humorous but also telling take on marketing and advertising in our near future. It suggested neural advertising bombs delivered directly to our brains, tracked by our own viewing habits, to offer us the products we’d be most interested in. As deft and powerful as that future marketing blitz was shown to be in the imaginary world of Transmet comics, the reality is we’re about to be in on the beta test of that entire concept with the way retail is evolving through E-Commerce.

iCloud Keychain to Now Store Credit Card Data [2023 Update]

Leave a reply

Apple’s recent software update includes a new product called the iCloud Keychain. With the feature, consumers can save sensitive information in a secure online file. Specifically, Keychain will save passwords and credit card information for all of their Apple devices. The program also helps Internet users create safer passwords. Given the new functionality allowing users to store credit card data and synchronize with the cloud, we thought this functionality would be of particular interest to our customers and blog readers.

Keychain Details

The Keychain service operates on Safari in iOS as well as OS X Mavericks. Once it has helped a consumer select a secure password, it will store the information and synchronize it to the consumer’s iOS and Mac units. The software upgrade also makes credit card processing easier for consumers as Keychain saves the user’s credit card number and expiration date. To abide by MasterCard and Visa regulations, the program is unable to store the Card Verification Value, or CVV, code.

As a result, consumers will still need to input this information manually. Users should keep in mind that the software can only operate in Safari on Mac. Therefore, users of Chrome or FireFox will need to use a different password storage provider. In addition, consumers must have the iOS 7 upgrade installed on their devices.

Installation Overview

While installing the OS X Mavericks upgrade, the system will automatically ask the user if he or she would like to establish iCloud Keychain. When the user approves the setup, the program will direct him or her through the security key creating and linking process. If consumers prefer to establish the program manually, then they can access Keychain through the iCloud settings screen on a Mac device. Once a user has accessed the program, he or she will need to enter the password information manually into the system for the Apple program to save it. Keep in mind that other devices can be added to the program. However, the system will require approval for each extra unit. Once Keychain receives authorization, it will automatically begin updating on that unit. If a user decides to remove Keychain from his or her device, then the cancelation procedure is easy to complete. To remove the program, just click on the settings option and turn off the “Approve with Security Code” feature. Users who change their mind can easily reactivate the program.

Keychain Offers Convenience

Credit card processing is easier for consumers who have Keychain on their iOS and Mac devices. The Apple program is secure and helps users create better passwords to safeguard sensitive information. Keychain is a system feature that provides extra security and overall convenience.

Tokenization Makes Card Use Safe

Leave a reply

Safeguarding Stored Cardholder Data with Tokenization

In this era of connectivity, consumers are increasingly concerned about the safety of their personal data. Leaders in the merchant services industry are actively engaged in developing new ways to protect customer information. Here at Host Merchant Services, we commit to security by providing our clients with tokenization, the most secure type of cardholder information storage available today. This system has enormous potential for any company that regularly utilizes credit card processing.

Tokenization involves taking in cardholder data and returning a token, a string of letters, numbers, and characters that represents and stands in place of the original data. Each token serves as a pointer for cardholder information, which is securely stored offsite in a cloud-based database. Since tokens do not contain cardholder data in and of themselves, they are essentially immune from the threat of hackers and identity thieves.

Tokenization And PCI Compliance

Through data tokens, merchants can safely store customer information with payment gateway providers like Host Merchant Services. This system is particularly well-suited for companies that charge customers on an ongoing basis. For example, businesses that offer subscriptions or memberships generally charge clients around the first of the month.

Storing large amounts of cardholder data for this purpose can create PCI compliance headaches. Essentially, when a merchant retains and stores a customer’s card information, it changes the level of compliance they have to adhere to for PCI DSS standards. You can review PCI Compliance in more detail here, but Tokenization helps to alleviate some PCI issues for merchants and boost transaction security at the same time.

Instead of storing cardholder data on-site, merchants can store tokens and simply pass these tokens to their payment processors at the appropriate times. Upon receiving these tokens, processors use the tokens to pinpoint cardholder data and generate unique credit card transactions. This system is fast and efficient while minimizing the risk of fraud and identity theft.

Helping Businesses Small And Large

Token systems are ideal for smaller companies seeking to reduce their PCI compliance burdens while maintaining impeccable customer security. That said, companies of all sizes use data tokens to simplify their operations. For example, a tokenization-based payment processing system is useful for closely managing even a large-scale customer rewards program. The ability to store the tokens securely while not compromising customer cardholder data, lets a large company deftly keep track of and maintain their rewards program.

As credit card processing becomes ever more critical for modern commerce, many more companies will adopt this robust system of safeguarding customer data. Here at HMS, we are proud to offer tokenization as an integral part of our Transaction Express payment gateway.

A payment gateway is a system of technologies and processes that allow merchants to electronically submit payment transactions to various payment processing networks (i.e., the Credit Card Interchange and the ACH Network). Payment gateways may also provide merchants with transaction management, reporting, and billing services. Payment Gateways essentially bridge the gap between web-based payment options and credit card processors. To take payments in a store, you must have a merchant account, to take payments online you must have a payment gateway.

Beyond the in-house Transaction Express gateway, Host Merchant Services also supports a variety of other Payment Gateways for your payment processing needs. We are able to customize a payment processing solution that fits your own individual needs. Here is a brief list of the Payment Gateways we support directly.

Services like the ones Host Merchant Services offers demonstrate how the payments industry is working tirelessly to prioritize information security.

Benefits Of Tokenization In Payments

Tokenization within the realm of payment gateways involves substituting payment information, like credit card numbers with an identifier or token. This token serves the purpose of enabling transactions without exposing the data. There are advantages to using tokenization in payment gateways;

Enhanced Security: Tokenization provides security for information by preventing access and reducing the risk of data breaches. Since intercepted tokenized data is useless without the tokenization system it holds no value for attackers.
PCI DSS Compliance; Compliance with Payment Card Industry Data Security Standard (PCI DSS) is crucial for businesses that handle cardholder data. By minimizing storage and transmission of information tokenization helps reduce the scope of PCI DSS compliance audits.
Risk Reduction: Replacing card details with tokens significantly decreases the risk of transactions. Even if a token is somehow intercepted it cannot be easily exploited for transactions without access, to a system.
Simplified Compliance: Tokenization assists in meeting regulations related to data protection and privacy.
It ensures that customer data, which is sensitive is handled securely and in compliance, with requirements like GDPR, HIPAA, and others.
Efficient Operations: Tokenization simplifies the process of integrating payment gateways into systems. By eliminating the exposure of card data during transactions developers can focus on integrating with the tokenization system making it a straightforward process.
Building Customer Trust: Businesses that prioritize the security of payment information are likely to gain customer trust. Tokenization showcases a commitment to safeguarding customer data fostering trust and confidence in the brand.
Convenient Recurring Payments: Tokenization proves advantageous for businesses offering subscription services. Once a card is tokenized it can be utilized for recurring payments without customers needing to enter their card details.
Accelerated Transactions: ** Processing Speed;** Since tokenized transactions do not involve transmitting the information they can be processed rapidly resulting in enhanced efficiency, in payment processing.
Support, for Multiple Channels: Tokenization can be used in payment channels, such as mobile and in-store transactions. This flexibility makes it a versatile solution for businesses that have payment requirements.

In essence, tokenization in payment gateways offers a security measure that minimizes the chances of data breaches and ensures adherence, to regulations. Improves the overall effectiveness and reliability of payment procedures.

NFC loyalty down by contact for Google [2023 Update]

Leave a reply

Google Wallet dropped NFC Loyalty Points and Gift Cards

Google recently announced fundamental changes to its Google Wallet service. On August 21, Google Wallet stopped supporting NFC redemption for gift cards and merchant loyalty points. In these competitive times, more and more businesses have come to rely on loyalty programs to spur consumer activity. By simplifying the point-of-sale experience, NFC payments are supposed to optimize loyalty programs for mobile shoppers. The new changes to Google Wallet may make some companies rethink joining Google’s bold experiment in merchant services.

Though Google says it is looking for new ways to process loyalty and gift cards, no details are available as of yet. Nor has Google revealed a specific reason for scaling back its mobile wallet service. Furthermore, this newest change caps a string of high-profile personnel shuffles and policy changes for Google Wallet. In the wake of embarrassing security issues, Google discontinued its virtual prepaid debit cards last year. Since prepaid cards are gaining popularity very quickly, Google’s move inspired curiosity and controversy alike. In May, many observers were startled by the sudden departure of Osama Bedier, the vice president and public face of Google Wallet.

The story of Google Wallet demonstrates the complex pitfalls of pushing technological innovation in merchant services. For years, Google has boosted NFC technology as a game-changer for the mobile wallet industry. Though the company remains officially committed to NFC-enabled point-of-sale transactions, the changing dynamics of Google Wallet could herald future troubles for the payment system. In 2013, the public is increasingly worried about privacy and security issues. As details emerge about corporate involvement in NSA snooping and surveillance, many are wondering if Google is fully committed to safeguarding customer data. For many, these concerns may overshadow and obscure the security advantages of Google’s NFC-powered transactions.

Deeply invested in NFC technology, Google’s course is innovative yet arguably too experimental for many companies. Even forward-thinking carriers and vendors have limits to their adaptability. If Google Wallet’s limited market share is any indication, many smaller merchants are still unsure about the practicality of adopting NFC payments.