Author Archives: Payment Gateway

Magento Payment Gateway Setup

@

Magento Shopping Cart Setup and Configuration

Magento has several options for accepting payments and these are the steps for setting up The Fast Charge Payment Gateway:

Magento Admin Settings:

Login to your Admin Panel and open the “Payment Methods” setting for Authorizenet.

Steps:

  1. Login
  2. Select System
  3. Click Configuration
  4. Select Payment Methods
  5. Select “Authorizenet Direct Post”

Magento gives you a choice select several payment modules but the only one you need is the Authorizenet Direct Post module because this will allow customers to stay on your site when they purchase from you. Once you get to the settings you can enter the following information:

  • Enabled = Yes
  • Payment Action = Authorize and Capture
  • Title = “Pay by Credit Card”
  • API Login ID: This is your Fastcharge Account ID (FCXXX)
  • Transaction Key: This is your Fastcharge “Merchant Pin”
  • MD5 Hash: We ignore this but you need to enter something “7gt77lyst555r7677yt”
  • Mode: Always Select “Live Mode”
  • Gateway URL: You need to enter this URL:  https://trans.secure-fastcharge.com/cgi-bin/authorize.cgi
  • New Order Status = Processing
  • Accepted Currency = US Dollar
  • Debug = No
  • Email Customer = Yes
  • Merchant’s Email = Your Email Address
  • Credit Card Types = Visa, MasterCard and Discover (If you have Amex you can select this)
  • Authorize or Capture: We recommend you select Authorize and Capture

magento-setup

 

Chip Cards Will Only Stop 15% of Fraud

@

Over the past several months, Visa, MasterCard, American Express and others have replaced magnetic stripe cards in the United States with “EMV” versions.

Chip cards are already the standard in Europe and other parts of the world, where they have proven to be far more expensive and difficult to counterfeit than magnetic strip cards. Card companies say the change is needed because while just over a quarter of the world’s credit card transactions originate in the United States, the U.S. accounts for almost half of the world’s fraudulent transactions, a disparity many attribute to obsolete technology.

EMV

The change is being touted as the dawn of a new era in credit card fraud prevention. However, there are doubts it will make a significant difference.

For one thing, EMV security only addresses the issue of counterfeit cards, which account for around 10 to 15% of credit card fraud in the United States. The bigger problem, by far, is first-person fraud. Cardholders refuse to pay what they rightfully owe, which accounts for roughly half of all fraudulent transactions.

EMV also fails to address another significant source of credit card fraud: lost or stolen cards. Other countries have addressed this by pairing the counterfeit protection of EMV with the user-verification protection of a PIN. U.S. card issuers, reasoning that Americans would balk at being asked to do two new things, split the difference, opting for chip-and-signature instead of the more-secure chip-and-PIN.

 

Finally, it will have no effect on the third and fastest-growing type of card fraud – online and phone transactions, where the merchant never sees a physical card. By all accounts, card-not-present fraud has been rising exponentially as other fraud avenues become limited.

There is no mistaking that EMV is a positive step. It’s high time the United States join the rest of the world. Yet some retailers may be reluctant to invest in what amounts to a stop-gap solution with limited protection.

Yes, under the new rules, retailers will be liable for fraudulent card purchases, but given the credit limits on most cards and the need for a fraudster to be physically present, the actual exposure is going to be relatively small. So small that it may not justify the investment in new point-of-sale technology.

Of note, we expect there may be an initial run on fraudulent activities immediately after the deadline that will likely tail off over time.

Credit card security is a moving target. Fraudsters are resourceful and persistent, which means there is no single magic bullet that will fix this problem. Merchants and card companies both need to be constantly vigilant and use a layered security approach that combines data encryption with user verification and behavioral analytics that screen every transaction against prior purchases to flag aberrant activity.

Like it or not, that’s the price of playing the game.

Scott Laliberte is a Managing Director with Protiviti.

Buy Buttons on Social Media Getting More Use

@

Social media’s year-long experiment with “buy” buttons is shifting into high gear as Facebook, Google, Twitter and Pinterest incorporate impulse buying features into their websites. The four social linkedinfacebooktwitterpinterestnetworking leaders reportedly completed pilot tests and plan to make ‘buy’ buttons available to broader segments of the merchant community. While the brands did not disclose detailed test results, their collective march toward broader implementation validates consumer interest in purchasing products and services on social networking sites.

Ronald G. Mazursky, Managing Director of New York-based Marketing Innovations Inc. views buy buttons as a natural next step for blogging and social media sites that dispense information about products and services. Consumers are generally ready to make a purchase when they complete their research, he stated.

“Anything that reduces customer buying friction in the purchase process is a positive to the merchant and a positive to the customer,” he said. “Putting the buying decision at the point of discussion (with an expert or with someone who has firsthand knowledge of the product/situation) will only enhance the likelihood of the impulse sale.”

Payments embedded in relationships

Mazursky said Amazon Inc.’s patented 1-Click purchase method introduced in 2006 “works beautifully within their walled garden and oils the payment process.” He expects merchants and consumers to look for ways to expedite the buying process as payments get pushed further into the background, which he said will motivate financial institutions to push for their cards to be embedded into the buying decision.

“Merchants are still learning how to drive online spend,” Mazursky said. “Buy buttons are an important step toward monetization but only part of the answer.” He added that merchants will ultimately require multiple mechanisms to reach consumers. He cited Uber as an example of a company that successfully embedded payments into a product that people want to buy. Consumers don’t have to think about how they will pay because the payment product is already built into the relationship, he noted.

Enabling technology platforms

New embedded payment models have also opened up competition in the fintech space. Mbeddo, a European e-commerce platform with offices in London and Geneva launched a new social commerce platform on Aug. 26, 2015, calling it an “immersive solution whereby anyone with something to sell can upload a product, post it on their wall (and by extension anyone’s newsfeed) with a ‘Buy Now’ button.” The solution enables buyers and sellers to complete transactions without leaving the Facebook website. The service reimburses registered sellers every 14 days.

Canadian-based Shopify, with offices in Montreal, Toronto and Ottawa, has also been testing a buy button on social media news feeds that enables consumers to purchase products and complete transactions inside a news feed. The test, which initially began in 2014 in a limited pilot with Facebook, is being expanded into more markets following a successful trial run.

Twitter has also been testing the Shopify platform with 100,000 merchants since September, 2014 and has broader implementations planned. Product pages, introduced on Twitter in June 2015, direct targeted, personal advertising to customers with an invitation to buy. These pages, according to the company’s blog, will “show you images and a description right above the tweets that are most timely and relevant to you.” These images and references may originate in tweets from accounts that a consumer follows, related news items or similar, popular content.

After successfully adding advertising and sponsored posts to its website, Pinterest introduced the first ‘buyable pins’ in 2014, enabling in-app purchases. Macy’s, Nordstrom and Nieman Marcus are reportedly participating with Pinterest in a limited test of the blue “buy this” pins, which are adjacent to traditional red “pin it” buttons in the mobile app. Participating consumers can push the blue button to purchase pinned items. The buttons can be linked to credit cards or Apple Pay, the Pinterest stated.

Mobile Payments – Shopping Abandonment Improving, But Still a Problem

@

While 56 percent of smartphone owners say they have abandoned an e-commerce transaction on a mobile device, that number is down from two years ago when two-thirds said they had done the same, according to a new report from mobile authentication technology provider Jumio. The survey, conducted for Jumio by Harris Interactive, found purchase uncertainty to be the top reason for abandonment (identified by 45 percent of respondents), but usability issues closely followed with 36 percent indicating slow loading times forced them to abandon a purchase while 31 percent said it was too difficult to navigate the checkout process. Despite the decrease in abandonment, Jumio said businesses still are leaving nearly $25 billion on the table.

Mobile payments, also referred to as mobile money, mobile money transfer, and mobile wallet generally refer to payment services operated under financial regulation and performed from or via a smart mobile device. Instead of paying with cash, check, or credit cards, a consumer can use a mobile phone to pay for a wide range of services and digital or hard goods. It is only recently that the technology to support such systems has become widely available.

A simple mobile web payment system can also include a credit card payment flow allowing a consumer to enter their card details to make purchases. This process is familiar but any entry of details on a mobile phone is known to reduce the success rate (conversion) of payments.

‘Order Ahead’ apps

Order Ahead Apps Apps are intended to reduce wait times for guests and continues the brand’s commitment to enhance the in-store experience and improve its implementation of technology as consumers increasingly turn to mobile for retail transactions. It also incorporates an updated brand look and feel and an improved digital customer experience.

About The Fast Charge Payment Gateway

The Fast Charge Payment Gateway™ is a payment gateway and e-commerce application service provider that authorizes payments for online businesses, retail retailers, mobile merchants or traditional brick and mortar merchants. Fast Charge is the equivalent of a physical point of sale terminal located in most retail outlets.

Payment gateways protect credit card details by encrypting sensitive information, such as credit card numbers, to ensure that information is passed securely between the customer and the merchant and also between merchant and the payment processor.

The Fast Charge payment gateway works with over 5200 shopping carts. Fast Charge is approved on the following payment networks.

First Data (Omaha)

FDMS Nashville

FDMS North

World Pay

Check 21 Payment

CyBrCollect Payment

ECHO

EFSNet

E-NETS

EPay

Flying J

Global e Telecom

Global Payments East

Global Payments Central (Mapp)

IPCommerce Host Capture

Jack Henry

Network One

Nova

Paymentech-Tampa

RBSLynk

TSYS/Vital

WireCard Asia Pacific

Many Others…

Many payment gateways also provide tools to automatically screen orders for fraud and calculate tax in real time prior to the authorization request being sent to the processing networks. Tools to detect fraud include geolocation, velocity pattern analysis, OFAC list lookups, ‘black-list’ lookups, delivery address verification, computer finger printing technology, identity morphing detection, and basic AVS checks.

Stolen Data Threatens Unaware Merchants

@

Data breaches happen so frequently these days that many consumers have “breach fatigue.” However, the threat does not die when public interest does. Stolen data moves faster than breaches can be detected, heightening the risk for merchants.

All of the stolen data from all of those breaches ends up in the hands of bad actors. Data thieves sell this information to aggregators, who cross-reference and compile full identities, called “fullz” on the data black market. This increases the value and usefulness of the stolen data, which may have been gathered from multiple data breaches.

And that data moves quickly. A “Where’s Your Data?” experiment recently discovered that it took only 12 days for the account information of 1,500 fake “employees” to travel from California to 22 countries and five continents. In that time, it was viewed over 200 times, and in another 12 days, over 1,100 times. This is especially disturbing when you consider it takes an average of 200 days for most corporations to detect a breach has taken place.

http://www.paymentssource.com/news/paythink/stolen-data-speed-threatens-unaware-merchants-3021903-1.html?utm_medium=email&ET=paymentssource%3Ae4988932%3Aa%3A&utm_campaign=-jul%2022%202015&utm_source=newsletter&st=email

Accept New Chip Credit Cards Without Leasing Equipment or Long Term Contracts

@

Benefits of Using New EMV Chip Credit Card Technology:
1. Using a chip cards makes it nearly impossible to counterfeit stolen cards
2. The computer chips allow for ‘one time use’ transactions
3. Stolen chip data cannot be duplicated
4. Less risk of fraud
5. Liability shifts from the merchant to the card holder’s Bank.

EMV (Chip and Pin and/or Chip and signature in the U.S.) is basically a chip in the credit or debit card that replaces the magnetic strip on the back of the credit or debit card. With the old cards the merchant would swipe a card and the credit card terminal would read the data in the magnetic strip and process the card. With the new EMV requirements the credit card terminal, pin pad or ATM, will have to read the chip instead of the magnetic strip. Once the credit card terminal reads the chip the customer enters their 6 digit “Pin Code for ATM Transactions” or sign with their signature.

MasterCard defines the liability shift on Oct 1 this way: “The party, either the issuer or merchant, who does not support EMV, assumes liability for counterfeit card transactions”. By issuer, the card companies do not mean themselves; the term refers instead to banks, credit unions, and any other financial institution issuing credit or debit cards. If the issuers can shift any of these costs on to a merchant that is not compliant you can be sure they will.

Merchants must get new payment terminals installed by the Oct 1 deadline, or the retailer bears the responsibility if they accept a stolen card.

Retail merchants still using the less secure “magstripe credit card terminals” will be able to accept credit and debit cards after Oct 1, 2015 deadline. However, they will have no protection if they accept counterfeit credit cards or debit cards as a payment method. It’s also possible they’ll get monthly non-compliance fees of $20-$40 per month and possible surcharges of 1.5%-5.0% on top of whatever their normal transaction fees are.
Electronic Transfer, Inc. offers retail payment services to Restaurants, Retail Stores, Mobile Vendors, Online Merchants and many other legal businesses.

If you have any questions about accepting the new chip credit cards please call 1-800-757-5453

Online fraud down, more chargebacks challenged and being won by merchants

@

E -commerce may be prone to fraud, but merchants are getting a handle on the problem. They also are becoming more adept at challenging chargebacks. These are two key takeaways from a new survey of e-commerce merchants by the Merchant Risk Council.

 

According to results of the MRC’s 2015 Global Fraud Survey, the average fraud rate for online merchants was 0.53 percent of 2014 global sales, down slightly from 2013. At 0.10 percent, the fraud rate for transactions initiated via e-wallets was lower than any other type of fraud, the survey showed. The average fraud rate for credit cards was 0.46 percent; for debit cards it was 0.45 percent.

 

One reason for the lower rate of fraud associated with e-wallets may be that they are not widely used. Also, vehicles like the Apple Wallet include numerous new security features. “Mainstream mobile payments options are pretty secure,” said Markus Bergthaler, Global Director of Programs and Marketing at the MRC.

More merchants taking on chargebacks

 

Results of the MRC survey, conducted in partnership with the international consultancy Edgar, Dunn and Co., also show online merchants are getting serious about tackling chargebacks. Notably, e-commerce firms dispute more than 50 percent of chargeback notices received and are “victorious in nearly 2/3 of cases,” according to the MRC’s survey. Operating from offices in Seattle, the MRC is a not-for-profit global forum for e-commerce fraud and payment professionals.

 

“Merchants are getting better at picking and choosing which chargebacks to fight,” Bergthaler said. For example, many e-commerce stores are winning challenges to “friendly fraud” – cases involving seemingly legitimate transactions that are challenged by cardholders. (These transactions may be contested because customers simply don’t recognize them, or because customers trying to skip out on purchases, among other reasons.)

 

According to LexisNexis, more than a quarter of all card fraud experienced by large e-commerce merchants last year was friendly fraud; among all merchants friendly fraud accounted for18 percent of payment fraud incidents. “There’s an art to challenging chargebacks, and a lot of merchants have gotten really good at it,” Bergthaler said.

The MRC survey further revealed that “clean fraud” is the most common type of fraud reported by e-commerce providers. Clean fraud refers to card-not-present transactions that contain legitimate account information, such as valid account, billing address and card-verification numbers. The other four most prominent types of fraud are: phishing, money laundering, account takeover and identity theft, the MRC found.

 

Few implementing new fraud tools

 

The MRC survey, which queried 400 leading online merchants from around the globe, also provides insights on what steps online merchants are taking to fend off fraudulent transactions. Eighty-five percent identified card verification number as the top tool used to detect online fraud; 82 percent said they use negative lists.

Looking ahead, more than 10 percent of online merchants surveyed are planning to implement one or more of the following four tools within the next year: device fingerprinting, email address verification, customer website visit behavior analysis, and 3D Secure. “3D Secure is very popular across Europe,” Bergthaler said. “I honestly don’t see it catching on in the United States.” Consumers and merchants, alike, complain that it’s cumbersome, he noted.

 

EMV no big deal

 

Bergthaler also downplayed suggestions that online fraud will skyrocket with implementation of Europay, MasterCard and Visa (EMV), the international standard for chip cards and chip-reading terminals. Beginning in October 2015, all cards issued and most card-reading devices installed in the United States are expected to be EMV compliant. The migration to EMV security for card-present transactions has led to dire warnings of impending spikes in card-not-present fraud. Bergthaler said the “EMV scare” is predicated on what happened when the United Kingdom and other European countries moved to EMV, beginning in 2005. “Back in 2005 the online landscape looked a lot different,” he said. It was easier for fraudsters to ply their trade, he noted. Plenty has changed in the past decade, both in terms of available tools and merchant resources. “EMV is not going to have the impact here that it had in Europe in 2005,” Bergthaler predicted.

 

Business Credit Card Processing for Speed – Not Price

@

LONDON—Few businesses accept cards for B2B transactions, dreading an interchange charge of 2% to 5% on sales that total thousands of dollars. But there are instances where the benefits of using cards outweigh the cost.

There is so much focus on pricing and acquirers have not articulated clearly the benefits card payments provide to specific industries, said Alejandro Stein, managing director of global commercial payments at Barclaycard.

“We need to define the win-win for both corporate and supplier,” Stein said during the Global Acquirers Conference in London on May 6.

The use case varies by vertical, but typically addresses the company’s ability to address slow or missed payments. For instance, it might not make sense to push card payments to utility billers since those companies can just cut off service to a client that doesn’t pay its bill. But in the construction industry, where Barclaycard recently struck a deal, workers with a load of gravel in dump trucks must wait for a supervisor to confirm a payment has cleared before they can deliver their cargo. Card payments could provide quicker payment than the traditionally used ACH transfer.

The credit card is “a product that’s been in the market for over 20 years and still only has 3% of the [B2B] market … I’d say it’s still fragmented,” said Kurt Adams, president of corporate payment systems at U.S. Bank.

Acquirers can also promote card payments by making them virtual, Adams said. Virtual card services can associate a one-time card number with a particular transaction, reducing the risk of an employee making unapproved purchases with a company card.

This has become an especially important service for the fleet industry. WEX, a corporate payment provider for several industries, has been bolstering its virtual card programs for more than a year. The company also built a virtual card product for the health care industry and partnered with Alegeus to deliver it. It inked a deal with Vibrant, a U.K.-based events management company to offer its virtual card. Plus WEX’s travel company clients use its virtual card products as well.

For its fleet cards, data — not payment — is the biggest driver for switching to digital and mobile payments, said Myles Stephenson, managing director of WEX Europe. WEX allows the data gleaned from card products to guide its client’s business.

The bigger priority for fleet businesses is mapping routes and being able to detect and manage fuel efficiency and vehicle performance, Stephenson said. WEX also uses this data in its WEX Connect mobile app, which recommends the most cost-effective gas station based on the driver’s location (i.e., the cheapest place to get gas may not necessarily be the one with the lowest price if it’s too far away).

Any adoption of mobile payments in the B2B market would have to come with the assurance that tokenization or some other security feature would drive down fraud, said Barclaycard’s Stein. In the European market where EMV security is more widespread than in the U.S., mobile payment initiatives like Apple Pay are less attractive, he said, especially since Apple is rumored to charge 15 bps per transaction. In most of Europe, interchange has been capped so there’s less for issuers to give.

Magento security flaw puts online shoppers’ data at risk

@

Criminals are exploiting a vulnerability in about 87,000 Magento e-commerce websites that puts information including customers’ stored credit-card data at risk.

The online shopping websites were susceptible to a chain of weaknesses on the platform Magento, which runs on about one-third of online shops, as of Friday morning, according to the Tel Aviv, Israel-based security company Check Point Software Technologies. Cybercriminals who exploit the security holes could “take complete control of the website with pretty much a single request,” says Shahar Tal, the company’s head of malware and vulnerability research.

“For all the credit cards that are stored in the system, the attackers are going to have access to that,” Tal says.

Through the security flaw, criminals can access databases with customers’ personal information, or inject nasty code into the website so it infects users with malware. Check Point discovered the vulnerability and reported it to eBay EBAY, +0.53% , which owns Magento, in January, Tal says, and made it public this week.

Fast Charge would like all it’s Magento users to know that their Magento needs to be done n their Magento Shopping Cart admin area and not in their Fast Charge Payment Gateway account. If you have any questions please call your Magento support contact.

Shutterstock

Criminals are exploiting a vulnerability in about 87,000 e-commerce websites that puts information including customers’ stored credit-card data at risk.

The online shopping websites were susceptible to a chain of weaknesses on the platform Magento, which runs on about one-third of online shops, as of Friday morning, according to the Tel Aviv, Israel-based security company Check Point Software Technologies. Cybercriminals who exploit the security holes could “take complete control of the website with pretty much a single request,” says Shahar Tal, the company’s head of malware and vulnerability research.

“For all the credit cards that are stored in the system, the attackers are going to have access to that,” Tal says.

Through the security flaw, criminals can access databases with customers’ personal information, or inject nasty code into the website so it infects users with malware. Check Point discovered the vulnerability and reported it to eBay EBAY, +0.53% , which owns Magento, in January, Tal says, and made it public this week.

Magento says it issued an update that fixed the weakness on Feb. 9 and began notifying customers the following day. But Check Point says it has heard that Magento didn’t send alerts to notify all users that they needed to push a security update through until last week. Magento says it is “not aware of any impacted customer data from the vulnerability.

Brands that run online shops on Magento include Nike, Ghirardelli, Sierra Nevada Brewing Company, Rebecca Minkoff, Zumiez and Rosetta Stone, all of which have installed the security update, Magento says.

“Any customer that has not yet implemented the patch is encouraged to visit our customer and partner portals and to do so immediately,” Magento told MarketWatch in a statement. “We are focused on eliminating the vulnerability and are committed to ensuring the Magento platform is safe and secure for commerce.”

Tal says researchers have seen attackers scanning for websites that run on Magento, and then adding additional administrator accounts to those systems so they can log back in later to steal data.

“The vulnerability has been out there for years now,” he says. “The fact that we discovered it right now as part of our vulnerability research efforts does not necessarily mean it just started to be exploited right now.

Online shoppers are generally at the mercy of the websites they’re purchasing from when it comes to security. But there are several security factors customers can bear in mind:

About Magento:

Magento can be easily integrated with your online shopping website to create a dynamic interface that not only sells and compels, but also offers a convenient experience to visitors. Let us see what else makes Magento the most preferred and perfect e-commerce platform.

– Magento comes with many easy-to-use features.
– It enables you to update your shopping website automatically, where this feature is not available in other platforms.
– It makes easy for the visitors to browse and buy any product or service through its simple, quick, and versatile functionality.
– It offers highly interactive and enjoyable shopping experience to consumers.
– Over and above supporting multiple websites, Magento also imparts support to online stores to promote their goods and services on various other domains.
Magento has been designed based on the MVC system; hence, it helps you make your website greatly scalable.
– Magento-based e-commerce websites feature powerful SEO, marketing and management tools so to fulfill particular business needs of the merchants.

Magento is an open-source PHP based e-commerce platform that apart from having robust features, provides extreme flexibility to the business owners to manage the content, appearance, and functionality of their e-commerce store. Furthermore, it offers a flawless administration interface that involves an effective marketing, search engine optimization, and inventory management tools to give sellers an ability to create sites according to their business requirements.