Developers Work To Combine NFC With Blockchain for POS Transactions

So far, neither near-field communication nor blockchain has been a blockbuster technology for payments in the U.S. market, but now developers are working on combining the two in a way they hope will give cryptocurrencies a big boost at the point of sale.

 

The idea is to create a standard for a new protocol called the Lightning Network that would allow consumers to make a tap-and-go payment with Bitcoin or another digital currency, just as she might with a contactless card or with Apple Pay.

 

Lightning, which has been in development since 2015, is the fruit of an effort to vastly expand the processing capacity for cryptocurrencies by taking much of the activity off the blockchain. The network then broadcasts to the blockchain only when the transaction is culminated. Indeed, estimates are that the network could handle, in theory, millions of transactions per second. Currently, traffic logjams have plagued currencies like Bitcoin, moving some major merchants and processors like Valve Corp. and Stripe to stop accepting Bitcoin.
With the first version of Lightning going live late last month, a developer has proposed combining the system with NFC to make digital currencies more practical at the point of sale. The developer, Igor Cota, says in an online post that he has succeeded with an NFC experiment that links both a mobile device and a contactless terminal to the Lightning network and to each other. “I feel that one of the biggest promises of Lightning lies in it being used for everyday retail payments,” says Cota in his post.

 

One problem with this approach is that the adoption of contactless payments, even with chip cards, has been spotty in the United States, though it has met with much more success in Europe. Visa estimates that less than 1% of payments on its network so far are contactless. That could change soon as the card network is gearing up to push NFC in the American market.
NFC is a sophisticated protocol that allows cards or mobile devices to link via radio waves to specially equipped terminals in the blink of an eye, vastly speeding up transactions. A competing protocol that relies on quick-response codes has met with success in China and other markets, but Cota in his post calls QR codes “a bit unwieldy,” particularly in instances where consumers are buying a good many items, say, in a grocery run. “This relatively large amount of data makes them impractical to scan,” he argues.

 

Payments providers that have been early proponents of Bitcoin, Ether, Litecoin, and other digital currencies applaud the move to incorporate NFC and Lightning for POS transactions. “I think it’s great,” says Eric Brown, chief executive of Aliant Payment Systems Inc., a Fort Lauderdale-based independent sales organization. “Crypto processing has made another step into mass adoption utilizing the NFC technology the credit card companies use to initiate digital wallet transactions.”

 

Aliant has been working with a Canadian processor called NetCents Systems Ltd. to sign merchants for cryptocurrency acceptance.

Retailers Must Adjust to Fraud’s Faster Pace

In today’s fast-paced, digital age, when smartphones are “outdated” six months after they’re released, nothing stays the same for long, and that includes payments fraud.

Fraudsters have been busy adopting new techniques and adapting old ones to take advantage of weaknesses in payments systems. Credit cards and debit cards have become especially vulnerable. While checks remained the top payments vehicle for fraud in 2013, credit and debit card fraud jumped 48% compared to 2012, according to the 2014 AFP Payments Fraud and Control Survey.

What’s new in payments fraud? What’s ahead? Here’s a look at three ways that fraud is evolving—and how retailers can protect themselves.

Skimming.Thieves have been using card skimmers for years. The small electronic devices attach to credit card machines at ATMs, stores, gas pumps and other locations and gather account information, including PINs and CVV numbers. The stolen numbers are then used to make purchases or sold on the black market.

In recent years, skimmers have gotten even more sophisticated. Some thieves are using undetectable hidden cameras to record PIN numbers or placing phony keypads over real ones to record keystrokes. Sometimes, they’ll use Bluetooth technology to transfer and capture the information in real time, eliminating the risk involved in retrieving skimming devices.

Fortunately, the rollout of EMV in the United States will help combat skimming-related fraud. Unlike magnetic stripe cards, most EMV cards are “dipped” in machines, not swiped, and the chip-and-pin technology they contain makes it difficult for thieves to counterfeit cards based on stolen information.

After EMV was rolled out in the United Kingdom, card counterfeit fraud dropped 30% over the next 10 years. Skimming hasn’t been eliminated in countries where EMV has been widely adopted (U.K. fraudsters have begun exploiting weaknesses in POS terminals and shoddy algorithms) but retailers should expect to see a significant reduction in skimming-related fraud once EMV is fully rolled out in the United States.

Fast fraud. Unfortunately, while EMV adoption will significantly reduce skimming and other point-of-sale fraud schemes, it will likely lead to an increase in card-not-present scams, or “fast fraud.”

With fast fraud, scammers exploit weaknesses in online and mobile commerce security to steal digital goods—like e-books and music downloads—which can then be easily resold on the secondary market.

It’s a trend that has higher costs for retailers: every dollar lost to fraud in 2014 cost merchants $2.79, but every dollar lost to online fraud cost $3.10, according to a study from Lexis Nexus and Javelin. And things are only going to get worse. Card-not-present, or CNP, fraud in the United Kingdom rose 79% in the first three years after EMV adoption.

In the coming years, it’s expected that fraudsters will increasingly focus on goods and services that they can quickly monetize, especially digital gift cards and e-tickets to events.

Data breaches.An offshoot of fast fraud, data breaches have become a growing problem for organizations. The number of reported data breaches in the United States in 2014 hit a record high of 783, according to the Identity Theft Resource Center. That’s a 27.5% increase over the number of breaches recorded in 2013.

Similar to fast fraud, data breaches occur when fraudsters take advantage of weaknesses in online security systems, but the costs of a data breach—both monetary and reputational—can be much higher. In 2014, the average organization spent $1.6 million following a breach on response costs, such as legal and consulting fees and identity protection services for victims, according to a study by the Ponemon Institute. Additionally, the average organization loses another $3.2 million-worth of business following a breach due to abnormal customer turnover, reputational loss, diminished goodwill, and the increased customer acquisition activities that are often required.

With skimming scams on the decline and fast fraud and data breaches on the rise, how can retailers protect themselves? Combatting evolving fraud trends will require a new approach to payments security.

Many traditional systems are built to combat old fraud threats, when scammers used to target physical goods. Because orders took a few days to process and because physical addresses were associated with the shipments, these solutions had the time and the information they needed to spot and stop suspicious payments.

Those traditional prevention systems don’t work against fast fraud and data breaches, though. Fraudsters can quickly obtain digital goods and services as well as customer data, delivered digitally and instantaneously with no address requirement, and reap the financial benefits right away. Stolen digital goods and data can be re-sold extremely quickly on secondary markets.

Adopting a secure payments solution, one geared toward dealing with digital transactions, is key. Most retailers will be unable to build a competent in-house solution without pouring a lot of time, money and staff into the effort. For many, the ideal solution will mean partnering with a third-party provider, which can be anything from a do-it-yourself software program to a full-service payments platform.

Whatever route a retailer chooses, fraud is evolving, and transaction security must evolve with it. Choosing the right payments solution can help retailers thrive in today’s fast fraud ecosystem and better prepare for whatever comes next.

Apple Pay Tries to Solve a Problem That Really Isn’t a Problem

I recently bought a cup of coffee, but I did not have any cash handy. I used a credit card, and the result was a veritable dystopia that will surely haunt my sleep forever.

First, I had to reach into my back pocket and remove my leather wallet. Then I had to pick out a plastic card, taking care not to pull out my driver’s license or Metro fare card. Somehow I managed to succeed on the first try. Then I swiped my credit card on a device positioned near the cash register. (Should the magnetic strip face right or left? That was my horrific choice.) Then I returned the plastic card to my wallet and went on with my day, scarred yet unbroken. I understand my credit card company will be including the $2.25 I owe them for that coffee on some sort of invoice later in the month, the receipt of which will surely will be yet another brutal reminder of the burdens of that day.

I kid, of course. Charging a cup of coffee or pretty much anything else is not a big deal. At most stores it is a remarkably seamless process, particularly now that most retailers have gotten out of the habit of requiring signatures for smaller purchases. But that’s not how Tim Cook sees it.

Tim Cook introducing Apple Pay on Tuesday in Cupertino, Calif. The system would replace credit cards.

Mr. Cook, the Apple chief executive, introduced a new mobile payments service Tuesday as part of the company’s big product rollout. The idea is that instead of experiencing the misery of fishing around for a credit card, you put your phone up to a transponder and touch the screen, and your transaction is complete.

It’s a dangerous business to bet against Apple’s ability to make a product that you didn’t think you needed as part of your daily life. But “Apple Pay” looks as if it may be one of those offerings that don’t live up to the company’s hype. It would seem that in Mr. Cook’s mind, the current process of a retail transaction is something actually resembling the series of horrors described above. The core challenge Apple faces is that buying things with a credit card isn’t nearly as onerous a process as they make it out to be.

Mr. Cook showed a video at the product rollout of a woman burrowing in her purse for a credit card, navigating past a box of Tic Tacs — Tic Tacs! — and struggling to open her wallet in order to find her card, then being asked to show her driver’s license before completing the transaction. It had a lot in common, actually, with those infomercials in which actors manage to horribly bungle the most basic tasks until some new product solves a nonproblem.

Apple Pay does appear to be more secure than plastic credit cards. As Mr. Cook pointed out in the presentation, a credit card reveals all the necessary information for a thief to exploit and go on a shopping spree, whereas Apple Pay requires the purchaser’s fingerprint to run a charge. The only problem from Apple Pay: The costs of fraud are borne by credit card issuers, and sometimes retailers themselves. Just ask Target, and now Home Depot, both of which have faced huge data breaches and are paying the price.

So you can see how banks and retailers will be enthusiastic about switching to a more secure way of paying. Indeed, Apple has already lined up giant banks — including Bank of America, Chase and Wells Fargo — and giant retailers, including McDonald’s, Walgreens and Macy’s, to use the service.

Times technology columnist Molly Wood says consumers may see a rise in the use of mobile payments now that the iPhone has a chip that will work at tap-to-pay payment terminals. So Apple Pay certainly has the potential to revolutionize how people buy goods. But security chips widely in use in Europe are gradually becoming available in American credit cards. The recent breaches are only making that process more urgent for card issuers.

But the bigger question for Apple Pay is whether consumers find it handy enough to convert from credit and debit cards.

Electronic Payment Card Settlement

In the last few months, many businesses should have received letters regarding the large settlement reached in the long-running lawsuit over the interchange rates that Visa and Mastercard have charged businesses and non-profits in the past. Any person, business or other entity that accepted Visa or MasterCard credit or debit cards in the U.S. at any time between January 1, 2004 and November 28, 2012 may be eligible to receive a payment from the $6.05 billion settlement fund.

Under the terms of the settlement, local businesses will be able to collect money from the credit card companies based on past credit card transactions. If you ignored the letter in the mail, it’s not too late to register your business for your share of the settlement money.

This is an opportunity to recoup the money that is owed to you from credit card fees. The more you have paid in fees since 2004, the larger your settlement could be. The amount paid from the Cash Settlement Fund will be based on actual or estimated interchange fees attributable to Visa and MasterCard transactions from January 1, 2004 through November 28, 2012.

You can learn more about the settlement and preregister for reimbursement at the court authorized website – https://www.paymentcardsettlement.com/en.

This is the only website with court authorized information about the settlement. The Judge on this case recently required some groups to change the misleading language on their sites – http://www.reuters.com/article/2013/04/11/usa-antitrust-creditcards-idUSL2N0CY1YQ20130411

Here is some of the media coverage regarding the outreach efforts underway in other parts of California to help businesses recover fees:

In San Diego – http://www.kpbs.org/news/2013/feb/19/national-public-charity-helps-reimburse-swipe-fees/

In Santa Barbara – http://www.noozhawk.com/article/santa_barbara_business_credit_card_class-action_settlement_swipe_fees/

Please contact Aaron or Stefeni if you have any questions – 415-824-0582 or Aaron@JimRossConsulting.com or Stefeni@JimRossConsulting.com.

For more information, please see the FAQ section of the court approved settlement website: https://www.paymentcardsettlement.com/en/Home/FAQ

All Merchants Have to Comply with EMV

Don’t succumb to complacency; become EMV compliant today! Make sure you are informed and prepared with EMV-capable point-of-sale devices to protect against counterfeit-card fraud.

The October 2015 liability shift set by the major card networks to implement the Europay-MasterCard-Visa (EMV) chip card standard will leave unprepared merchants vulnerable to counterfeit fraud for the first time. Merchants that have not installed EMV-capable point-of-sale terminals within the next three years will assume liability for counterfeit-card transactions conducted in their stores.

Acquirers that sell EMV to small merchants will not have an easy task. It is important to stress that this deadline is real and is coming quickly. Even if a merchant’s acquirer isn’t yet ready to process EMV transactions, the merchant can install the equipment now and then be ready to download the EMV application software to the existing device.

Let VeriFone be your guide and partner with us during this transition. We have years of experience helping thousands convert to EMV worldwide and offer an unmatched line of EMV-compliant hardware and software – as well as training and support – to deliver complete solutions for meeting migration plans.

The newest EMV contact and contactless-complaint solution is the VX 805 PIN pad. This powerful, fast PIN pad provides everything needed to securely accept payments and other transactions, with the agility to quickly embrace future technological change, including NFC, mobile commerce and EMV.  It also offers the latest security protections – including full compliance with PCI PTS 3.0 – plus EMV Level 1 and 2 Type Approval.

Click here to find out more about VeriFone’s EMV-compliant hardware and software solutions.

Source: Oct. 3, 2012.  http://digitaltransactions.net/news/story/3707