Accepting credit cards for coins after October 1st 2015 alert
mrdq
Posts: 1,186 ✭✭✭
The rules governing credit card abuse/fraud change October 1st. If your credit card machine doesn't accept the smart chip transactions the liability for a stolen or otherwise fraudulent credit card falls completely on you. The new laws in effect say that whoever uses the LEAST technology in a transaction accepts the liability. I'm spending thousands in my restaurants over the next few weeks upgrading my machines. I don't handle online or phone credit card transactions being in the restaurant business but I thought I'd let you store owners know. If you're using smart chip technology and still someone uses a stolen/fraudulent card the liability falls on the issuing bank.
--------T O M---------
-------------------------
0
Comments
I quit takin cards a long while back. Used to have people come in , want a good/ good price on silver or gold bullion, then whip out a card. I put that to a stop in a hurry.
Btw...smart chip isn't an end-all. Had my CC company call me up last week...some charges were suspect. I check every statement every month it comes in...these charges were just days old. 4 of them were from California (I haven't been there for years).
This was on a new card (~2-3 months old as they had just upgraded me to a smart chip card). Their records showed it was manually swiped at a Shell station and a subway. I didn't see my card skimmed, used it in mostly all the same places (and none of them shady), etc......
Took 2 days and I have a new card. This is why I don't use debit cards....money would still come back to me, but I would have temporarily been out that money and wouldn't have known right away if I were running short when I decided to buy something.
I've been told I tolerate fools poorly...that may explain things if I have a problem with you. Current ebay items - Nothing at the moment
<< <i>The rules governing credit card abuse/fraud change October 1st. If your credit card machine doesn't accept the smart chip transactions the liability for a stolen or otherwise fraudulent credit card falls completely on you. The new laws in effect say that whoever uses the LEAST technology in a transaction accepts the liability. I'm spending thousands in my restaurants over the next few weeks upgrading my machines. I don't handle online or phone credit card transactions being in the restaurant business but I thought I'd let you store owners know. If you're using smart chip technology and still someone uses a stolen/fraudulent card the liability falls on the issuing bank. >>
We only do online. How do the new rules impact us?
Specializing in 1854 and 1855 large FE patterns
<
Years ago Europay, MasterCard and VISA developed a new standard called EMV (for their names) that was implemented in Europe. These cards have a microprocessor and memory chip embedded in the card. For over a decade you’d hear reports on the new about “smart cards” that were coming to the USA. Well they are finally here.
The EMV standard supports a number of different Card Verification Methods (CVM). Two of which are chip-and-PIN and chip-and-signature.
Both of these CVM’s require new terminals at the Point of Purchase (POP) in order to read the new cards since the customer or cashier will insert the card in the POP terminal instead of swiping it. EMV cards cost about $3 to produce and POP terminals cost between $100 and $1000 each, depending on features and quantities. That’s a lot of money to update every card and POP in the country, but it is finally happening.
We all pay for fraud with higher prices, but currently the issuing banks are absorbing the costs.
In October the liability will shift to the merchants unless they upgrade their POP terminals to support EMV.
The US will implement the chip-and-signature CMV for EMV for now and no PIN numbers will be required from the customer.
These are for face-to-face transactions. For Card Not Present (CNP) transactions, EMV won’t do anything to prevent fraud. You will still have to cover chargebacks the same as you do now. And about 50% of the transactions today are CNP. So if you sell coins online or via mail order, EMV will have no impact on you and you still are liable for chargebacks as you are today.
You can subscribe to an Address Verification Service (AVS) or use 3rd party web services like Verified By VISA or MasterCard Secure Code to help reduce fraud. But EMV only addresses fraud in face-to-face transactions.
All merchants have to comply with PCI-DSS (Payment Card Industry Data Security Standards). These outline how you handle the storage and processing of sensitive data. Check the PCI site to make sure your business is compliant.
Tom and other retail merchants – there will still be chargebacks after you switch over to EMV, but it will probably be about 80% of what you currently get. And there are some ways to get around EMV. One trick is to put the card in backwards so it can’t read the chip. This will force a manual entry of the card number, so a fraudulent card can get through this way. You should train your cashiers to insert the card themselves before doing a manual entry.
Rick and other online merchants – EMV won’t help you since you are doing CNP transactions. You’ll still get the same chargebacks as you do now. You can subscribe to an AVS service or a web service like Verified By VISA or MasterCard Secure Code to validate your online sales. If you use PayPal, they do AVS. But you don’t need to do anything differently for EMV since it won’t help you with online or mail order fraud.
<< <i>The magnetic stripes on today’s credit cards are 1960’s technology and are very easy to copy.
Years ago Europay, MasterCard and VISA developed a new standard called EMV (for their names) that was implemented in Europe. These cards have a microprocessor and memory chip embedded in the card. For over a decade you’d hear reports on the new about “smart cards” that were coming to the USA. Well they are finally here.
The EMV standard supports a number of different Card Verification Methods (CVM). Two of which are chip-and-PIN and chip-and-signature.
Both of these CVM’s require new terminals at the Point of Purchase (POP) in order to read the new cards since the customer or cashier will insert the card in the POP terminal instead of swiping it. EMV cards cost about $3 to produce and POP terminals cost between $100 and $1000 each, depending on features and quantities. That’s a lot of money to update every card and POP in the country, but it is finally happening.
We all pay for fraud with higher prices, but currently the issuing banks are absorbing the costs.
In October the liability will shift to the merchants unless they upgrade their POP terminals to support EMV.
The US will implement the chip-and-signature CMV for EMV for now and no PIN numbers will be required from the customer.
These are for face-to-face transactions. For Card Not Present (CNP) transactions, EMV won’t do anything to prevent fraud. You will still have to cover chargebacks the same as you do now. And about 50% of the transactions today are CNP. So if you sell coins online or via mail order, EMV will have no impact on you and you still are liable for chargebacks as you are today.
You can subscribe to an Address Verification Service (AVS) or use 3rd party web services like Verified By VISA or MasterCard Secure Code to help reduce fraud. But EMV only addresses fraud in face-to-face transactions.
All merchants have to comply with PCI-DSS (Payment Card Industry Data Security Standards). These outline how you handle the storage and processing of sensitive data. Check the PCI site to make sure your business is compliant.
Tom and other retail merchants – there will still be chargebacks after you switch over to EMV, but it will probably be about 80% of what you currently get. And there are some ways to get around EMV. One trick is to put the card in backwards so it can’t read the chip. This will force a manual entry of the card number, so a fraudulent card can get through this way. You should train your cashiers to insert the card themselves before doing a manual entry.
Rick and other online merchants – EMV won’t help you since you are doing CNP transactions. You’ll still get the same chargebacks as you do now. You can subscribe to an AVS service or a web service like Verified By VISA or MasterCard Secure Code to validate your online sales. If you use PayPal, they do AVS. But you don’t need to do anything differently for EMV since it won’t help you with online or mail order fraud. >>
Thanks for the great explanation, TO. We use Authorize.net, so I guess we are as set as we can be, for the time being.
Specializing in 1854 and 1855 large FE patterns
<
"Seu cabra da peste,
"Sou Mangueira......."
<< <i>We use Authorize.net, so I guess we are as set as we can be, for the time being. >>
Yes.
You should still review the PCI standards for merchants if you are storing any CC info.
This guy, Albert Gonzales, stole 90 million credit card numbers from TJMaxx and others by hacking into their computers.
He got 20 years in Federal prision back in 2010, so he'll be out in 5 more years.
<< <i>
<< <i>We use Authorize.net, so I guess we are as set as we can be, for the time being. >>
Yes.
You should still review the PCI standards for merchants if you are storing any CC info.
This guy, Albert Gonzales, stole 90 million credit card numbers from TJMaxx and others by hacking into their computers.
He got 20 years in Federal prision back in 2010, so he'll be out in 5 more years.
Thanks.
Specializing in 1854 and 1855 large FE patterns
<
Coin Club Benefit auctions ..... View the Lots
<< <i>The rules governing credit card abuse/fraud change October 1st. If your credit card machine doesn't accept the smart chip transactions the liability for a stolen or otherwise fraudulent credit card falls completely on you. The new laws in effect say that whoever uses the LEAST technology in a transaction accepts the liability. I'm spending thousands in my restaurants over the next few weeks upgrading my machines. I don't handle online or phone credit card transactions being in the restaurant business but I thought I'd let you store owners know. If you're using smart chip technology and still someone uses a stolen/fraudulent card the liability falls on the issuing bank. >>
How will this affect "online" transactions or is it solely addressing "in person" transactions?
The name is LEE!
<< <i>So the new terminals can tell if I'm swiping a stolen credit card? >>
No, not if it hasn't been reported as stolen. EDIT - But if the EMV was inserted and not swiped, then the merchant is NOT liable. That's the change.
In Europe, EMV uses chip-and-PIN so customers have to enter a PIN just like debit here.
VISA and MC have decided to start here in the US with chip-and-signature, so customers will still sign a "Promise to pay" receipt just like now.
Requiring a PIN makes it much more secure, but VISA and MC decided Americans need to be eased into that. They make a fortune in fees so they don't want people to stop using them. The PIN will be implemented later (also fuel pumps have until 10/16 to implement EMV readers).
EMV is meant to prevent the fake credit cards from being created. The magnetic stripes are easy to make. Hackers steal account numbers and sell them on the dark web for $10 - $20. Thieves make their own cards and use them until they are reported stolen, then throw them away and buy a new account number.
The computer chips can't be copied. Data stored on the card is updated each time they are used with new encryption keys. They also store your balance so they can still be used if the merchant is offline from the credit processing host.
The EMV cards still have the mag stripe. What is changing next month is if a merchant processes a swiped card and it is fraudulent, the merchant is out the money.
If they INSERT the EMV card in the reader, the issuing banks will be responsible for the fraudulent transaction. So the liability is shifting, which is why merchants are spending a fortune on buying new EMV terminals.
None of this affects online transactions where the card is not present. The merchant will still be liable for fraudulent charges just like today.
Processors, like PayPal, do some validation in the backround and if you comply with their requirements (like shipping to the address they supply) they will cover the merchant.
Customers still have the right to dispute charges so chargebacks will still exist.
EMV only prevents fake cards from being used when the merchant has the customers insert the card into the new terminals. Swiping a card is not covered.
<< <i>so customers will still sign a "Promise to pay" receipt just like now. >>
For Mr. DQ, there is a "small ticket" exception to having to have a signed receipt.
If the transaction is less than $25, merchants do not need to supply a signed receipt if the customer disputes the transaction.
Some terminals do electronic signature capture, whcih saves the merchant from having to store all the signed paper receipts.
So if you are upgradng your POP terminals for EMV, having an electronic signature capture feature may be worth the extra money they cost.