My main responsibility as a
Regional Account Manager for IMD is obtain the absolute lowest possible merchant fees for you as a business. Why? The more customers we can save money, the more volume of business we process which allows us to obtain the lowest rates possible as a Tier 1 processor. It is a Win-Win. My second responsibility is to determine how we can get your company EMV/PCI DSS compliant credit card terminals at the most affordable price. Many times the money we save you in your credit card processing fees actually covers the cost of the terminals. Plus we always provide upgrades of your equipment for free.
Because IMD is a Tier 1 processor the middle man is eliminated and thus IMD is able to provide merchant fees at a much lower rate thus increasing the net profit for your business. IMD is so confident that they can provide most businesses merchant fees at a lower price than what they are currently paying, they will pay you $250 if they cannot beat your current rate.
Save Money on Credit Card Processing
So how do you save money on credit card processing? It is a very simple process.
We review your most recent merchant account statement and do a detailed side by side comparison and show exactly how money you are overpaying and how much your annual savings will be with IMD.
We review all of your processing terminals to make sure your terminals are processing cards properly and determine if you need EMV compliant readers. We provide you a detailed printout of all your costs, contract terms, etc so there
are no surprises.
We provide a 48 month rate guarantee. That’ right, lock your rates for 4 years.
Let’s get started right away. Give us a call and we will start the review process.
The following are articles in regards to the new EMV/PCI Compliance regulations that become effective November 1, 2015.
Richard Dover and IMD assume no responsibility for the information shared and have not verified the reliability of the information shared. These articles are provided for informational purposes only.
Published on QSR magazine (http://www.qsrmagazine.com)
Are You Ready for EMV?
New credit card standards will have major effect on industry starting in 2015.
Though 2013 has just begun, restaurant operators should keep at least one eye on 2015, when new credit card standards will begin to reshape how most customers pay for goods and services.
By October 2015, all restaurants and other merchants will be subjected to new Europay, Mastercard, and Visa (EMV) standards, which reflect a shift from magnetic-stripe credit cards to chip-and-pin cards. Considered safer and widely used across Europe and other nations, the chip-based cards require insertion of the card into a terminal throughout the entire transaction.
“That’s going to be a change in behavior that restaurants and retailers are going to have to adapt to, as well as consumers,” says Mike English, executive director of product development for Heartland Payment Systems, which processes about one in seven restaurant industry transactions.
EMV compliance is required for credit card acquirers and processors, though it’s not mandated for merchants and processors. But merchants who don’t meet compliance by October 2015 will assume liability for fraudulent purchases—a shift that is poised to drive many to adopt the new standards and avoid the risk.
“The U.S. is the last bastion of the magnetic stripe. Every other country and every other continent, with the exception of Antarctica, has moved over to EMV.”
English says the change does come with a share of good news for operators. First, the chip-based cards are less susceptible to fraud. U.S. adoption will also allow for increased interoperability between domestic and international markets as things move to a more global credit card standard.
“The U.S. is the last bastion of the [magnetic] stripe,” English says. “Every other country and every other continent, with the exception of Antarctica, has moved over to EMV.”
The shift means restaurants across the country will have to review their point-of-sale systems, including in-store hardware and software. The transition could prove easier for small operations, which may be able to move to EMV by simply adding a new external pin pad. But the larger quick-serve chains will likely have to invest heavily as they look to upgrade thousands of terminals and systems.
And while the change is still a ways off, experts say the move could influence operators’ purchase of POS equipment; some may want to delay purchases planned for the next couple of years, while others will speed up their upgrades to obtain EMV compliance by the 2015 deadline.
For Dallas-based Wingstop, the shift to EMV will likely be handled through installing add-on devices to existing POS terminals, says vice president of technology Jason McEachern. He expects the transition will be easier for Wingstop than some other brands because the 550-unit chain typically has only two or three terminals in each store.
McEachern says operators should be prepared to invest time and energy to meet new standards. “It’s going to be different,” he says. “And there is going to be an expense. Even if you have compliant devices, at some point in the future you’re still going to have some legacy elements you’re going to deal with.”
But the new EMV standards shouldn’t detract from a restaurant’s commitment to PCI compliance, says Bob Russo, general manager of the PCI Security Standards Council, a nonprofit that establishes standards for all organizations that store, process, or transmit credit card data. In fact, Russo says, EMV and PCI standards are best used together, as merchants do in many European countries that meet both standards. “Even in the very mature [EMV] markets, people are realizing that EMV alone, while a good fraud tool in the face-to-face environment, is not really enough to protect everything,” he says. “We don’t see any downgrading of PCI at all.”
While operators may lament the costs associated with meeting another set of standards, Russo says, the upgrades will save operators heartache and cash in the long run through improved data security.
Russo expects to see larger merchants add EMV terminals this year as credit card companies begin to issue more chip-based cards. Then it will take time—some estimate as many as seven to 10 years—for chip-based cards to become fully integrated into the marketplace.
“You’re probably looking at two to three years before you begin to see it really becoming ubiquitous out there,” Russo says. “It’s a rather slow conversion over to EMV. But it’s definitely coming.”
Source URL: http://www.qsrmagazine.com/exclusives/are-you-ready-emv
Copyright © 2015 Journalistic Inc. All Rights Reserved. QSR is a registered trademark of Journalistic, Inc.
Will EMV Make You PCI Compliant?
ComplianceGuide.orgTim Thomas
Many merchant acquirers, payment processors and Independent Sales Organizations (ISOs) have been reaching out to business owners to alert them of America’s 2015 migration from magstripe (i.e., “swipe”) credit/debit cards to EMV (i.e., “chip”) payment cards.
The new EMV cards will have much-needed, enhanced anti-fraud capabilities at the physical point of sale. So, when your customer presents a card for payment, it will be much easier to tell if that card actually belongs to them.
While EMV represents a significant improvement in the way credit/debit card fraud is detected and prevented, some have confused EMV’s capabilities with the concepts of data security and PCI compliance.
Does EMV override PCI?
The short answer is no, EMV technology does not satisfy any PCI requirements, nor does it reduce PCI scope.
What EMV is:
It is counterfeit card fraud protection – it makes it more difficult for bad guys to make use of stolen card data
What EMV is not:
It is not encryption – EMV does not encrypt the Primary Account Number (PAN) and therefore the card data must still be protected according to PCI guidelines
It is not helpful for ecommerce transactions – EMV only works for card present transactions
So, if your business accepts credit or debit cards in a physical store (or other face-to-face setting), you will need to implement the EMV technology and PCI standards in a layered fashion. For example, as you upgrade your terminals for EMV, consider adding point-to-point encryption (P2PE) capabilities to reduce PCI scope and protect data end to end. In addition, using tokens after authorization can prevent the card data from being used, should it be stolen.
Even if 100% of your payment transactions are ecommerce (i.e. card-not-present), you’ll want to take a closer look at your payment acceptance methods as well as the security of your web applications. That’s because as EMV takes effect, you will see a shift in fraud from card-present transactions to ecommerce. This happened in Europe and it’s expected to happen in the U.S. as well.
Want to learn more about reducing your PCI compliance scope or just need a good place to get started with PCI compliance?
Increasing Security and Reducing Fraud with EMV Chip and PCI Standards
When data is exposed, it puts your customers and your reputation as a business at serious risk. EMV chip technology combined with PCI Security Standards offer a powerful combination for increasing card data security and reducing fraud. Visit www.emvco.com and www.pcisecuritystandards.org to learn more.
What they are – Fraud protection and data security EMV chip:
Technology that uses secret cryptographic keys to help protect against fraud at the point of sale and make payment cards more difficult to counterfeit.
PCI Security Standards:
Security controls for making sure that customer's card data is kept secure throughout the entire transaction process.
How they're different – Authentication technology vs. data security controls EMV chip:
Authentication technology for the point of sale part of the transaction when the physical card is actually present.
When this chip is embedded on a card, it helps ensure the card being used is real and that it belongs to the person using it. It drastically reduces the chances of your business accepting lost, stolen or counterfeit cards.
PCI Security Standards:
Security controls to protect the cardholder's confidential information on payment cards, not just at the moment the card is swiped or dipped, but all the way through the transaction process.
They also apply when payments are made online or via telephone, where the card is not present, to make sure your customers' card data is kept safe.
How they work together – A layered approach for securing multi-channel transactions
EMV chip provides an additional level of authentication at the point of sale that increases the security of a payment transaction and reduces chances of fraud.
Once the card is entered into the merchant's system, the cardholder's confidential information is transmitted and stored on their network in a clear, easily accessible form, meaning it's vulnerable for attack and use for fraud by criminals in online and other channels.
Which is where PCI Standards come in. On top of EMV chip at the POS, they offer protections for the POS device* itself and provide layers of additional security controls** for businesses to use throughout the transaction process and across payment channels to keep card data safe - such as patching systems, monitoring for intrusions, using firewalls, managing access, developing secure software, educating employees, and having clear processes for the handling of sensitive payment card data.
When used together, EMV chip and PCI Standards are a powerful combination to increase security and reduce fraud. Protect your customers' data and your business today.
EMV KEY DATES CHART-CARD NETWORKS
Visa MasterCard American Express Discover
October 2012
Visa will extend the Technology Innovation Program (TIP) to merchants in the U.S., potentially allowing them to skip the annual PCI DSS validation for any year in which at least 75% of merchant Visa transactions originate from dual-interface EMV chip enabled devices—plus other qualification criteria such as being PCI DSS compliant.
October 2012
PCI assessment relief takes effect.
December 31, 2012
Discover will institute Fraud Liability Shift for Diners Club International.
April 2013
Acquirers/processors will be required to support merchant acceptance of EMV chip transactions.
April 2013
Acquirers and sub-processor mandate to fully process EMV transactions. Cross border Maestro ATM liability shift to non-EMV ATMs.
April 2013
Processors must be able to support American Express EMV chip-based contact, contactless and mobile transactions.
April 2013
Discover merchant acquirers, acquiring processors, and merchants with direct connections into its network must be certified as able to support the network data needed in contact and contactless EMV chip card transactions. The mandate applies not only in the U.S., but also in Canada and Mexico.
October 2013
MasterCard Account Data Compromise (ADC) relief takes effect (50%). On this date, if at least 75% of MasterCard transactions originate from EMV-compliant contact and contactless POS terminals, the merchant is relieved of 50% of account data compromise penalties.
October 2013
Merchants will be eligible to receive relief from PCI Data Security Standard (DSS) reporting requirements if the merchants' point-of-sale (POS) acceptance locations, where 75% of their transactions occur, are enabled to process American Express EMV chip-based contact and contactless transactions.
October 2013
Discover will grant annual PCI audit waivers for merchants that process 75% of Discover Network transactions via terminals supporting both contact and contactless payments.
October 2015
The party that is the cause of a contact chip transaction not occurring will be financially liable for any resulting card present counterfeit fraud losses. Does not include automated fuel dispensers (AFD).
October 2015
MasterCard ADC relief takes effect (100%). On this date, if at least 95% of MasterCard transactions originate from EMV-compliant POS terminals, the merchant is relieved of 100% of account data compromise penalties.
MasterCard liability hierarchy takes effect (excluding fuel).
October 2015
American Express will institute a Fraud Liability Shift (FLS) policy that will transfer liability for certain types of fraudulent transactions away from the party that has the most secure form of EMV technology.
October 1, 2015
Discover will institute a Fraud Liability Shift (in U.S., Canada and Mexico). This Fraud Liability Shift policy will be a risk-based payments hierarchy that benefits the entity that leverages the highest level of available payments security.
EMV KEY DATES CHART-DEBIT NETWORKS
PULSE Maestro/MasterCard
April 1, 2013
U.S. liability shift deadline for both acquirers and deployers for transactions using Maestro (the company’s European debit card brand).
October 16, 2013
U.S. Point of sale acquirer processors and direct-connect merchants are required to support EMV data. This is expected to feature broad support for online PIN-authenticated transactions.
EMV KEY DATES CHART-ATM
Visa MasterCard
April 2013
EMV-compliance deadline for all U.S. ATMs.
April 1, 2015
U.S. third-party ATM acquirer processors and sub-processors must be able to support EMV chip data.
October 1, 2016
Liability will shift in the U.S. for ATMs.
October 1, 2017
Liability will shift in the U.S. for ATMs.
