Content Provided By:Payex

Browse Categories

Recent Posts

Posts filed under 'News'

Backoff Point-of-Sale Malware Alert

On July 31, 2014 the US-CERT issued an alert pertaining to Point of Sale malware dubbed “Backoff”, which enables attackers to extract consumer payment data. Attackers are using publicly available tools to locate businesses that use remote desktop applications. Commonly known names of these types of remote desktop solutions are: Microsoft’s Remote Desktop, Apple Remote Desktop, Chrome Remote Desktop, Splashtop 2, Pulseway, PC Anywhere and LogMeIn.

To gain access to the system, they are using brute force attacks, a method used by an attacker to attempt to guess a password using dictionaries of commonly known passwords, to obtain administrator account credentials to log into these solutions. Once access to administrator accounts is gained, an attacker can use administrator or privileged access to deploy Backoff malware on point-of-sale systems, enabling the attacker to extract consumer payment data.

Mitigation
This Security Alert is provided for information purposes only. Consistent with your PCI DSS compliance requirements, Payex is encouraging partners and merchants to not only control the remote access to their networks using two factor authentication, but to also implement periodic password change requirements, complex password requirements and minimum password length requirements and to keep all computer systems and anti-virus engines patched to the latest versions thereof that are available.

Add comment September 3rd, 2014

MasterCard Adds a New Fee

A month ago, we told you about the new fee coming your way courtesy of Visa: the Fixed Acquirer Network Fee. Now, in response to the Durbin Debit laws, MasterCard is making some changes as well.

So, what is happening exactly?

MasterCard is introducing a new Annual License and Registration Fee (ALRF) as well as a new annual Type III Third Party Processor (TPP) Registration Fee. The fees will be charged to merchant acquirers, who will likely have little choice but to pass these charges along to merchants.

According to MasterCard spokesman Seth Eisen:

“What we did is took a look at the value access to MasterCard’s network provides to acquirers as well as those who work with them … and reevaluated our acquirer fee constructs and then have made the decision to institute new or increased fees based on the value the network is providing,”

 

The really disappointing thing about all the changes from the Durbin Amendment and subsequent interchange rate changes is that big box retailers will see real savings, while small businesses will likely only see increases from the new interchange costs.

 

What will this end up costing you?

Unlike the Visa FANF which has an explicit (if not easily understandable) fee structure, the specifics of the ALRF are not clear. What we do know is that the fees will be directly proportional to all MasterCard volume excluding PIN debit volume.

MasterCard will begin collecting the fee in July, but it gets slightly more complex from there. For starters, MasterCard will be charging this new fee based on volume from 2011. However, the amount collected for 2012 will be 50% of the total fee calculated because it covers only half of 2012 (July 1, 2012 – December 31, 2012).

Remember, changes to Visa and MasterCard pricing affects all merchant processors across the United States. However, the method in which each processors chooses to pass the fees along to you can vary greatly. So, be on the lookout for both the MasterCard ANLF/TPP and the Visa FANF on future statements, and plan for how they might affect your business.

Check back at www.WhatEveryMerchantShouldKnow.com for more specifics about the ALRF and TPP charges when they become available.

Add comment May 14th, 2012

Revisiting Visa FANF

 

Just last month, we told you about the newly imposed Visa Fixed Acquirer Network Fee (FANF). Introduced by Visa in response to the Durbin Amendment, FANF is affecting merchants and the payment industry in more ways than a simple price increase.

When Visa first announced the fee, which has technically been in effect since April 1st, they gave acquirers and merchants only 36 days notice. Such short notice was especially tough on payment processors because the new fee structure is setup in a way that processors have never seen before and therefore did not have the systems in place to account for..

So, why did Visa push through the Fixed Acquirer Network Fee so quickly? There doesn’t seem to be a good answer to that question. In fact, The Electronic Transactions Association (ETA) sent a request to Visa on behalf of acquirers, processors, and merchants asking for implementation to be delayed until all parties had a chance to review the complete details of the new fee and prepare for it properly.

The ETA’s request was quickly denied.

FANF is just another example of the card brands putting processors in a position to have to pass along new charges to their merchants.

“Any nominal increases we try to absorb the cost ourselves and avoid passing it to our merchants,” said Doug Mack, President of Payex. “Unfortunately in this case, Visa’s new fee structure is too significant for us to eat. We will, however, pass the charge along at cost,” he continued, “and not use it as a means to profit, as some processors are likely to do.”

The Fixed Acquirer Network Fee is determined from a somewhat complicated formula including card present vs. card not present charge types, merchant type, number of locations, and Visa gross monthly sales volume.

To help you understand how the new fees affect your particular business, the following tables lay out the charges for each merchant type and sale type.

Card Present (excluding High Volume MCCs)

Tier
Locations
Fee Per Location
1-3 1-3 $2.00
4 4 $2.90
5 5 $2.90
6 6 – 10 $2.90
7 11 – 20 $4.00
8 21 – 50 $4.00
9 51 – 100 $6.00
10 101 – 150 $8.00
11 151 – 200 $10.00
12 201 – 250 $14.00
13 251 – 500 $24.00
14 501 – 1,000 $32.00
15 1,001 – 1,500 $40.00
16 1,501 – 2,000 $50.00
17 2,001 – 4,000 $60.00
18 4,001 (max) $65.00

 

Card Not Present, Fast Food Restaurants, Merchant Aggregators

Tier
Monthly Gross Volume
Fee Per Month
1 < $50 $2.00
2 $50 – $199 $2.90
3 $200 – $999 $5.00
4 $1,000 – $3,999 $7.00
5 $4,000 – $7,999 $9.00
6 $8,000 – $39,999 $15.00
7 $40,000 – $199,999 $45.00
8 $200,000 – $799,999 $120.00
9 $800,000 – $1,999,999 $350.00
10 $2,000,000 – $3,999,999 $700.00
11 $4,000,000 – $7,999,999 $1,500.00
12 $8,000,000 – $19,999,999 $3,500.00
13 $20,000,000 – $39,999,999 $7,000.00
14 $40,000,000 – $79,999,999 $15,000.00
15 $80,000,000 – $399,999,999 $30,000.00
16 >= $400,000,000 $40,000.00

 

Card Present High Volume MCCs*

Tier
Locations
Fee Per Location
1 1 $2.90
2 2 $2.90
3 3 $2.90
4 4 $4.00
5 5 $4.00
6 6 – 10 $4.00
7 11 – 20 $5.00
8 21 – 50 $5.00
9 51 – 100 $8.00
10 101 – 150 $12.00
11 151 – 200 $18.00
12 201 – 250 $25.00
13 251 – 500 $35.00
14 501 – 1,000 $45.00
15 1,001 – 1,500 $55.00
16 1,501 – 2,000 $65.00
17 2,001 – 4,000 $75.00
18 4,001 (max) $85.00

 

*High Volume Merchant Types & SIC Codes

The following business types qualify as high volume and are subject to the High Volume MCC table:

3000-3299, 4511 – Airlines
3300-3499, 7512 – Auto Rental
3500-3999, 7011 – Lodging
4411 – Steamship/Cruise Lines
4829 – Wire Transfer Money Order
5200 – Home Supply Warehouse Stores
5300 – Wholesale Clubs
5309 – Duty Free Stores
5310 – Discount Stores
5311 – Department Stores
5411 – Grocery Stores and Supermarkets
5511 – Car and Truck Dealers/ New / used
5532 – Automotive Tire Stores
5542 – Automated Fuel Dispensers
5651 – Family Clothing Stores
5655 – Sports / Riding Apparel Stores
5712 – Furniture / Equipment Stores
5732 – Electronic Stores
5912 – Drugstores and Pharmacies
5943 – Stationary Stores
7012 – Timeshares
7832 – Motion Picture Theaters
5541 – Service Stations

 

Of course, what all of this means is that merchants will have a brand new monthly fee to contend with. FANF is billed to all payment processors in the United States, who will have little choice but to pass the fee on to merchants.

Please feel free to weigh in.  How do you feel these fees will impact your costs?  Do you feel it will be necessary to increase your prices as a result of this imposed fee from Visa?

Make sure to watch WhatEveryMerchantShouldKnow for more updates, and sign up for our newsletter to receive all the latest industry news and advice.

Add comment May 14th, 2012

New Fees Starting April 1

With a mere 36 days notice, Visa is imposing another fee category on acquirers. Starting April, 2012, Visa will roll out the Fixed Acquirer Network Fee (FANF) which will have a noticeable effect on merchant account pricing. Let’s take a closer look at what FANF is all about and how it might affect you and your business.

What exactly is Visa doing?

In response to federal legislation regarding debit card fees and regulations, Visa is attempting to protect its Debit network by restructuring its pricing strategy. On one hand, there will be a reduction in the Acquirer Processing Fee, which will go down 21%, from 1.95 cents per debit authorization to 1.55 cents. However, as part of this restructuring, Visa is instituting a new charge known as the Fixed Acquirer Network Fee. Most likely, the acquirer will have to pass this fee through to merchants as a fixed monthly cost.

Bottom line: what will it cost you?

Unfortunately, it is not a straightforward answer. According to Keefe, Bruyette & Woods, a New York-based securities firm, the new fees should work as follows:

  • For card-present merchants, the monthly FANF will start at $2 per month, per location, for business with one to three locations and $65 per month, per location, for merchants with more than 4,000 locations. High-volume merchants may see an even higher fee depending on volume and number of locations.
  • For card-not-present merchants and fast food restaurants, the fee will be based on volume and will carry a charge from $2 per month, per location for sales volume of $50 or less up to $40,000 per month, per location for merchants with more than $400 million in gross sales. The fee table for card-not-present merchants will reportedly have at least 16 tiers.

Overall, the new pricing structure can result in lower overall fees for merchants, but likely only those with high volume and low average ticket price. For many other businesses, though, there will not be an overall decrease in charges and the new monthly fees can be quite high.

So, when will you start seeing these new fees?

Technically, the new fees were put in place starting April 1st, leaving very little notice for acquirers and merchants.

In response, the Electronic Transaction Association submitted a request for Visa to put off the changes until acquirers had enough time to prepare and adjust for the new price structure. On March 12, Visa overruled the request made by the ETA.

Though Visa put the fee in place on April 1st, FANF will be collected on a quarterly basis and Visa won’t actually start collecting from acquirers until July 1.

So, right now you have a short window in which to prepare for the new pricing. To help get an idea of what you might soon be paying, hop over to this Fixed Acquirer Network Fee Calculator.

 

As always, stay tuned to What Every Merchant Should Know for more updates on FANF and everything else happening in the world of Merchant Services.

Add comment April 12th, 2012

What Does The Global Payments Security Breach Mean For You?

If you’ve been paying attention to the news this week, you may have read about a security breach of credit card information at the processor Global Payments. But you probably haven’t heard much of anything about what this means for you the merchant.

So what actually happened?

Global Payments, a merchant acquirer based out of Atlanta, reported on March 30th an unauthorized breach of security. The hack, which reportedly occurred sometime in late February or early March, accessed Track 2 card data which does not include cardholder names, addresses, or social security numbers.

While the attack was initially reported to be a “massive” hack with up to 10 million accounts at risk, Global Payments has since confirmed the total number of compromised accounts to be fewer than 1.5 million. It is possible for the stolen data to be used to counterfeit new credit cards, and so end users’ accounts could be at risk. Luckily for affected cardholders, Global Payments is fully on the hook for any damages or necessary card replacements.

But what does this mean for merchants?

The news for you, the merchant, is even better. After self-reporting the security breach, Global took the proper steps to isolate and report the problem. This means that you are not at any risk as a business owner, and you will have no issues with terminal or POS hardware or software security.

It is too early to tell how or if this breach might affect overall industry security changes, but for now the news is mostly good. Still, this incident is a great reminder of how important it is to stay up to date on all security regulations to protect you and your customers.

As always, make sure to check back here for all the latest industry news and analysis on how it all impacts you, the merchant.

 

Add comment April 4th, 2012

Another Class Action Suit Shakes Up Payment Processing

 

The payment industry, banks, merchants, and ultimately consumers are likely to see some changes from yet another looming class-action lawsuit against Visa and MasterCard. A class of nearly 5 million retailers, including heavy hitters like the National Restaurant Association and National Association of Convenience Stores, have filed a suit claiming antitrust violations due to collusion between Visa and MasterCard (card brands) and the member banks. Some of the notable banks named in the suit are Bank of America, Citigroup, Wells Fargo, JP Morgan Chase, Fifth Third, and HSBC.

This case is quite similar to a 1996 suit in which another class of 7 million retailers, spear-headed by Walmart and Limited Brands, accused the card networks of a monopoly because their merchant agreement forced acceptance of branded debit cards along side of credit cards under the “honor all cards rule”. The case was settled in 2003 when the defendants agreed to pay more than $3 billion in monetary damages. In addition to the cash payout, Deutsche Bank analyst Bryan Keane estimates resulting changes in business practices cost another $25 billion conservatively.

More recently, Visa and MasterCard saw two other significant blows to their practices and profits this past October. First, provisions from the Durbin Amendment went into effect capping the fees merchants would have to pay to accept debit cards. Next, the card brands announced a settlement agreement with the U.S. Department of Justice and the attorneys general of seven states to resolve antitrust investigations into the companies’ merchant acceptance rules in the U.S. As part of the settlement, Visa will allow U.S. merchants to offer discounts or other incentives to steer customers to a particular form of payment including to a specific network brand or to any card product, such as a “non-reward” Visa credit card. While the second settlement hasn’t meant much in terms of direct monetary damages yet, the Durbin Amendment “is expected to cost banks about $6.6 billion a year in revenue,” according to Javelin Strategy and Research.

So what can we expect from the pending suit slated to be tried this September?

First, we can expect that there won’t be a trial at all. The case will be settled. Why? Because the circumstances are eerily similar to the 2003 settlement: both were antitrust cases, both brought by a similar plaintiff class of merchants, and both are under the supervision of U.S. District Judge John Gleeson. Yes, the same judge that approved the 2003 settlement. And as Yale law professor George Priest stated in his Wall Street Journal essay about the 2003 case, “MasterCard and Visa could have had Oliver Wendell Holmes and Clarence Darrow on their legal teams and it still would have been foolish to try the case.”

Second, we can expect the damages to Visa, MasterCard, and the member banks to amount to the largest antitrust settlement in U.S. history. One claim of the suit is that when Visa and MasterCard spun off into public companies through initial public offerings in 2006 and 2008, the action was “disingenuous” and only to avoid the appearance of a monopoly. The suit seeks compensation for alleged overcharges “for the fullest time period permitted” by statutes of limitations. This “fullest time period” goes all the way back to 2004.

JPMorgan notes that, “based on publicly available estimates, Visa and MasterCard branded payment cards generated approximately $40 billion of interchange fees industry-wide in 2009.” According to Dan Free in his article for Mainstreet.com, “Those numbers cited by JPMorgan would appear to point the way to a very large settlement, since the case covers at eight years and counting… even if one assumes an overcharge of just 10%–the figure used by the Justice Department in its antitrust cases–that would suggest $32 billion of overcharges over eight years. That number, however, would be trebled, as is the rule in antitrust cases, meaning damages could conservatively be estimated at $96 billion.”

Third, we can expect serious shockwaves in the banking industry resulting from potential revenue shortages. Another allegation of the suit is that interchange costs are too high due to lack of sufficient competition. If credit card interchange rates were capped in a manner similar to debit card rates under the Durbin Amendment, it would mean a 75% reduction in fees to merchants and revenue to the banks.

But what exactly does “too high” mean?  To put things in perspective we can look at how the same fees work in other parts of the world.  In the United States the overall average cost to a merchant to accept a credit card is 2%. Mexican merchants pay 1.66%, Canadians and Germans pay 1.50%, merchants in the U.K. pay an average of .79%, Australians pay .5%, and EU member merchants pay around .30%.

As bank analyst Matt O’Connor states in his January 4 report, reducing credit card interchange fees by 75% would cost US Bancorp about $1.2 billion of 2012 revenues, would cost JPMorgan Chase $5.38 billion, and would cost Bank of America $3.68 billion. These losses in revenue are between 2 and 5 times the total impact of the Durbin Amendment.

So come this September we will see what the final price tag is likely to be. Regardless of the final settlement amount, look for Visa and MasterCard to remain dominate players in the game, for the banks to scramble to replace lost revenue, and for consumers to see little to no change at the register.

Add comment March 5th, 2012

Credit Card Processing Fees Increasing This April?
Do They Need To?

April is almost here—the time when merchants often see the cost of processing credit cards increase. Are you aware of what changes are in store for your business this April? Do you know if your processor needs to raise their rates to remain profitable, or are they using April to simply increase their bottom-line?

Anyone who has accepted credit cards for more than one year knows the card brands (Visa, MasterCard, Discover, and American Express) consistently evaluate the fees merchant service providers pay to process transactions (interchange). Price changes typically take effect twice each year, April and October.  Did you know that it is not uncommon for interchange to DECREASE?

When the card brands conduct their review, they decide to either increase or decrease interchange, and sometimes even add new categories to make accepting credit cards more attractive for certain markets or to accommodate new types of cards.

This April, the card brands are increasing certain fees and adding several new categories. For example, MasterCard increased the cost of most transactions over $1000 by 0.01% and they increased the cost of many World Card transactions by .04%. Visa introduced new categories for chip-based cards and had no notable changes otherwise. This is just a high-level overview of a very complex system.   (You can see the actual cost of processing transactions at www.visa.com and www.mastercard.com – Search: Interchange)

So savvy merchants are asking themselves:

·    How many of these types of obscure transactions do I process?
·    Will new pricing affect all of my transactions or just these lonely few?  And ultimately…
·    Does my processor need to increase my fees this April?

The answer for our clients is no. The changes this April are so minimal that there is very little, if any, justification to pass along an increase to merchants.

This is one more example of what sets Payex apart from other credit card processors. It is our policy to only increase client’s fees if and when it is absolutely necessary. Still, many other merchant service companies will take this opportunity to raise rates regardless of how deeply the adjustments actually impact their bottom-line.

So remember to always look at your March, April, September, and October statements to learn how much your processor is increasing your fees. Then, tune into What Every Merchant Should Know to learn if an increase in your fees is justified!

Add comment March 22nd, 2011

So This Is The New Year?

As the calendar changes and the challenges of 2010 fade into the background, there seems to be a new energy in the air. For the first time since the financial crisis began in 2007, businesses, and more importantly the people behind those businesses, have a palpable sense that the New Year will be a great one. If 2010 was a time for recovery, this New Year is a time for creativity and confidence both personally and professionally. Do you feel it? I know I do.

Despite a growing optimism, we understand that fulfilling these hopes requires a multitude of changes. What Every Merchant Should Know is no exception, and you can expect to find some pleasant surprises and upgrades in the coming weeks.

The one thing that will not change is our dedication to offering unbiased support, advice, and discussion on the topics you are interested in. Take a moment with me to reread that last sentence. Discussion. We all understand what is meant by the word, and we all know that we like being part of a true discourse, yet how often are we really part of the discussion? Merely commenting at the bottom of a blog post may seem like discussion, but it is really just scratching the surface.

When blog author X finishes his ramblings and clicks submit, you see only one carefully crafted statement, to which a few readers attach their own deeply held beliefs and ideas. Do you see the problem that I see? This blogger-reader relationship is a two-way mirror of sorts; I get to see who you truly are, but all you see of me is the dull reflection of unanswered comments against a static blog post background. This, simply put, is not good enough.

Though I can (and will) continue to pass along information and stories I find relevant to the world of credit card processing and merchant accounts, I would much rather talk about what you find relevant. Email me. Tweet me. By all means comment, challenge, question, and converse. What Every Merchant Should Know is here for you, but just as importantly you are here for us. Have a question? Send it along and I promise to find you the best answer in a timely manner in the form of a reader mailbag or standalone post. Have a comment, question, or criticism of something in a post? Say what is on your mind, and expect feedback. Help us put the social into social media.

2011 has the potential to be an incredible year of growth, but only if we reach out and make it so. Do not sit back and get overwhelmed by Merchant Services. Become a part of the process by joining the What Every Merchant Should Know community today.

Twitter- @WEMSK

Add comment January 13th, 2011

Housing and Recovery Act of 2008- What It Means For You and Your Business

It is a new year, and unfortunately the change in date brought along a little known change related to credit card acceptance. Congress and the IRS, in their infinite wisdom, tucked legislation within the Housing and Recovery Act of 2008 requiring, among other things, reporting of your credit card transactions to the IRS. This legislation, though passed back in 2008, came into full effect at the start of the 2011 calendar year.

So what does this mean for business owners and merchant service providers?

First, credit card processors will now need to validate every Tax Identification Number (TIN) with the IRS that you provide to your merchant service provider. In the event there is a mismatch, the processor will require a prompt update to the correct TIN or be forced to withhold deposits from you.

Second, processors will now be required to report all credit card transaction processing information to the IRS in January for your prior year’s processing. While credit card transactions and checks were always much more traceable than cash, this direct reporting seems to be another instance of “Big Brother” flexing its muscles.

Finally, and in our opinion worst of all—you better hope you and the IRS are on good terms. If you happen to owe them a little money, your credit card processor could be forced to withhold all or a portion of your funds and forward them to the IRS.

While the IRS claims the new legislation is a simple way to help track money between small businesses and merchant account providers, we believe that the policy change is both unnecessary and threatening to business owners. In our opinion, and likely many within our industry, this is simply another instance of big government sticking its nose in a business it doesn’t understand.

For example, the systems required for merchant service providers to validate TINs, provide reporting, and withhold funds were or are not fully in place. Software development costs to ensure proper handling of such can be extreme. With profit margins of processors being compressed more than ever, most if not all are resorting to passing these costs on to merchants in the form of higher rates, annual fees, or increased monthly charges. So if you as a business owner are paying more to accept credit cards, does that mean you need to increase the prices your customers pay? If so, what effect does that have on their ability to spend what little money they have with other merchants like you?

For that matter, what effect would it have on your business if the IRS ordered your credit card processor to withhold 30% of your credit card sales to repay a tax liability you may owe? Could your business survive?

We would love to know what you think of these new requirements and how they might impact your business or your industry in general. Do you think the changes are positive or do you concur that “Big Brother” stuck his nose where it doesn’t belong yet again? While there is little that can be done about it, we would really like to know your take on this matter. Please comment with your thoughts or questions.

You can check out the full IRS legislation (all 48 pages) here.

Add comment January 7th, 2011

Is your POS system leaving you –exposed?

Let’s face it… Point of sale systems are common place in many retail and restaurant environments. In fact, they’re practically a necessity. Clearly there are millions of businesses across the US run without computers and inventory management solutions and other fancy gadgets that make life easy. For those of you who DO have the luxury of such devices–could you imagine running your business without them?

The only problem with any computer attached to a network and specifically the internet, is that it is now subject to being hacked. Furthermore, there is NO fool proof way to ABSOLUTELY guarantee that your systems will not get hacked–unless of course you don’t connect to the web. It’s like your car… you can lock your doors, install an alarm and even use a theft deterrent like “The Club”, but if someone really wants your car–you may as well kiss it good bye… or leave it in your underground bomb shelter… but what fun is that?

So let’s say you have your sweet POS System that helps you run your business. Are you able to afford the hefty fees to keep your software updated year after year? It would be interesting to know–statistically speaking–what percentage of businesses do subscribe to these plans for their POS. From our experience, considering the exhortation cost, the percentage is low. This is a very serious issue because often times those updates include security patches to prevent hack attempts in the first place.

Why is this important? Well, consider this unfortunate Columbus, OH restaurant. Press coverage is fantastic–when it’s for the right reason. What’s worse is Tip Top is not alone. This is an every day occurrence. Of course we do not know–nor are we implying that Tip Top or it’s POS vendor did not keep it’s systems up to date. The fact is–just like your car… it may not matter.

So what’s the solution? Use your POS system to handle all of the intricate details of your business like inventory, time clock, etc. and even as a cash register–but leave the credit card processing portion to a good old fashioned credit card terminal! Well… it doesn’t have to be old fashioned of course.

For example, Payex and it’s resellers across the nation are working hard to help restaurants combat fraud from hackers or even their own employees by bringing payment right to the customer. For example, in this video GGL Processing, a reseller for Payex, helped well known Joe Roots Grill and Lucky Man’s Pizzeria in Erie, PA with just that…

Keeping Payments Where They Belong!

When you’re are ready to:

  • reduce your cost of expensive software upgrades
  • reduce the number of times a server has to visit a table
  • protect your client’s credit card information from hackers
  • protect your client’s from skimming

     
    Or, if you just simply want to upgrade to the latest and greatest way of accepting credit cards for your pay at the table restaurant or delivery business, remember to call your friends at Payex. A Payex expert will help design a custom solution for your business at the most economical price available!
    [poll id="3"]

    Add comment January 3rd, 2010

  • Previous Posts