Author Archives: admin

Card Not Present (CNP) Fraud Post-EMV Rollout in the United States

The introduction of EMV chip cards made huge strides in decreasing fraud, but only for in-store transactions. The increased security of credit and debit cards using chip technology has driven fraudulent traffic to CNP transactions and e-commerce. Card Not Present (CNP) Transactions are those that occur when the card is physically not present (online, over the phone, mobile transactions, etc), and therefore do not utilize the chip feature that EMV cards have. According to Visa, fraud has decreased 70 percent from October 2015 (when chip cards were introduced in the United States) to December 2017. However, chip cards are just as susceptible to CNP fraud as magnetic stripe cards.

CNP fraud has been made easier by data breaches, such as the Equifax breach, that leaked more that 143 million U.S. consumers’ data onto the dark web. In addition to credit card data, users on the dark web were able to access birth dates, driver’s license numbers, and even social security numbers. Equifax is unsure exactly how long the dark web had access to consumer’s confidential information, but they have concluded it lasted about 4-6 months. During this time CNP fraud spiked tremendously. By the end of June 2017, there had been a 29% increase in CNP fraud compared to the previous year.

The United States has the highest number of e-commerce sales, so it’s no surprise that the US is more vulnerable to CNP fraud than other countries. CNP fraud is projected to increase an additional 39% over the course of 2018. With CNP fraud running rampant, many e-commerce merchants have considered limiting international sales or eliminating them altogether, because international transactions are more difficult to authenticate. However, this would cause a huge decrease in sales for vendors who choose to do so.

Instead of trying to avoid fraud, it’s time that merchants adopt vigilant anti-fraud software. These programs help good customers get approval quicker, while vastly reducing the number of fraudulent transactions. Now that people travel more often and own property in more than one country, it is essential that merchants are not shutting out good business because they’re afraid of international fraudulent activity. If your business is looking to adopt a new system to prevent fraud, consider Solupay’s 3D Secure Advanced. It is specifically designed for e-commerce merchants to reduce fraud, while increasing profit margins by eliminating friction at checkout.

To learn more about 3D Secure Advanced, download “The evolution of 3D Secure” Whitepaper.


Download the 3DS White Paper

The New VCR: Updated Visa Chargeback Rules

Visa announced in April 2018 they will be releasing new chargeback rules with a focus on improving the overall process for merchants with a new Visa Claims Resolution (VCR) process. Even for merchants who have taken all the steps and follow all the recommendations to avoid the likelihood of chargebacks, they are an unfortunate and inevitable fact of life in today’s business environment. Whether it’s a chargeback due to fraud, or friendly fraud where a customer disputes a charge they honestly don’t remember making, they happen and can be a process pain for merchants. Visa’s goal with VCR is to make the process simpler.

Visa promises a less costly and more time efficient process with their new rules, “automating and simplifying the dispute-resolution process while also keeping pace with the needs of the payment industry,” as Visa states. They are simultaneously releasing new chargeback rules as part of this release. They plan to leverage existing data that Visa has to reduce the number of illegitimate chargeback disputes and focus on only valid claims: According to Visa:

“VCR provides a foundation to implement enhanced dispute rules, streamline the process with reduced timeframes and offer enhanced tools for proactive resolution,” according to the company. Today, disputes take approximately 46 days to resolve, with the more contentious issues taking more than 100 days.”

The new process is estimated to reduce disputes by a full 15 days:

“Our new expedited resolution process is expected to reduce the time and resources it takes merchants to respond to disputes,” explains Visa. “We expect most disputes to be resolved within 31 days or less, a significant reduction to the time it takes today, which will benefit merchants, cardholders and clients.”

Visa examined the 22 legacy reason codes for chargebacks, combining and organizing them into 4 dispute categories:

  1. Fraud
  2. Authorization
  3. Processing Errors
  4. Consumer Disputes

Additional rules will put a limit on how many “card-absent fraud disputes” a consumer can make on any given account. Specifically, a consumer cannot claim more than 35 disputes in 120 days. According to Visa, “The person making the claim will also have the option to close his or her account. Failing to do so will prevent he or she from being able to report any more disputes on the account in the future.

The launch of VCR is April 15th. To learn more, visit VISA, or reach out to your Solupay Relationship Manager with specific questions.

No Signature? No Problem. Visa on Board with Eliminating POS Signatures

Signatures are no longer needed for EMV (chip) transactions for all major card types. In our recent article No Signature Required – Card Brands Look to Improve Checkout Times, we discussed some significant changes in the POS industry. At the tail end of 2017, MasterCard, Discover, and AmEx announced that they would implement policies that eliminate the need for signatures in point-of-sale EMV transactions. Visa was initially reluctant to comply, but recently gave up the fight and announced they too will eliminate the need for signatures on EMV POS transactions in North America beginning in April of 2018.

The downfall of the signature has been on the horizon for some time. Merchants using e-commerce platforms are at an all-time high. Most of these platforms incorporate a payment application like PayPal, which is authenticated through banks in a myriad of ways. The bottom line is: signatures are no longer a valid means of identification. With emerging technology like fingerprint scanning and facial recognition used by iOS operating systems, or iris scanners used by Android, the signature is a comparatively weak form of authentication.

Merchants should urge their POS providers to update their software to eliminate the need for signatures on EMV transactions.  It slows the sales process, frustrates the consumer, and is no longer necessary.

Signatures are seemingly being phased out for good. Many schools no longer teach cursive writing, and now that POS transactions are doing away with the signature, where would we need to sign? The absence of a signature may seem concerning to credit card users, as it eliminates an added layer of security. However, there are several other layers of fraud protection and security guidelines in place to protect both the card user as well as the merchant. The reason POS signatures were ultimately eliminated is because transactions will become more efficient and provide a uniform payment experience.

Even though signatures are fading away, other industry standards in the area of security are being enforced more strictly. Payment Card Industry Data Security Standards (PCI DSS) is a mandated policy for merchants who accept credit/debit cards as a payment option. PCI DSS is a set guideline to help protect consumer data, as it is the responsibility of the merchant to keep their confidential information safe. Those who do not comply with PCI requirements will face steep fines and penalties. With the loss of the signature and strict policies like PCI DSS in place, it may be time to consider an upgrade in security software. Solupay’s ControlScan’s PCI 1-2-3 compliance solution provides merchants with the tools and support necessary to analyze, remedy, and validate PCI compliance.

To stay up to date on the latest trends in payment solutions, subscribe to our blog.