CFXWorks

IBM Power Payment Card Solution Requirements

 

Do IBM POWER users require a payment solution that supports Tokenization and EMV?

 

The following Payment Card Processing flowchart depicts many of the fundamental concerns and requirements for Merchants wanting to avoid the shift in liability (from the processor to the Merchant) related to credit card processing.

One of the critical concepts we are attempting to point out is that Merchants continuing to process payment transaction via an In-Scope solution (Non-EVM and Non-Tokenization) are operating in a high-risk environment. As a result, their incidence of potential fraud, identity theft, fee increases, fines from an acquirer, a shift in liability and legal action are all real looming threats.

Also, for card present transactions, if you are not capturing the card data using EMV enabled payment terminals, you are exposing yourself to being held liable for any fraud resulting from that transaction. To put it another way, if you process a charge for $2,500 which is proven to be fraud, the $2,500 comes out of your pocket in addition to any fines or fees.
By moving to an EMV solution, you are shifting the burden of liability away from the Merchant to the Processor.

Unlike magnetic stripe cards, EMV chip cards send data that changes with each transaction. EMV chip cards transmit a variable algorithm with each transaction, making the data more secure than the static data found on magnetic stripe cards, thus reducing the potential for fraud.

If your organization is still on the fence or moving at a snail’s pace adopting an Out-Of-Scope EMV solution, one other key factor to consider is your brand reputation! If your company gets hacked and a data breach occurs the resulting loss of your brand and reputation could be a potential ongoing nightmare. The extent of how long it might take your business to recover is almost impossible to predict or gauge!

If your organization is considering implementing an Out-of-Scope EMV payment solution we would appreciate the opportunity to learn more about your company and the goals you are trying to achieve.

The following flow chart summarizes key issues that need to be considered:

(1) PCI-DSS Scope: 
Do you need an Out-Of-Scope or In-Scope payment solution? Please see out blog entry “Questions you need to ask your management team before purchasing a new, or upgrading an existing, payment card solution for your IBM POWER processor? Coming soon …

(2) Customer Present:
If the customer is present, card data can be captured by inserting an EMV enabled card, swiping the card to read the data recorded on the magnetic strip, or tapping an NFC / contactless digital wallet with a stored card, like a smartphone with Apple Pay enabled. All other payment methods are considered “card-not-present” even if the card is physically with the customer at the time of the transaction.

(3) Shift In Liability Impact:
Must your payment solution provide you with a way to avoid exposure to the Shift-In-Liability issue? Please see out blog entry “Questions you need to ask your management team before purchasing a new, or upgrading an existing, payment card solution for your IBM POWER processor”. Coming soon …

(4) Market Segment:
What payment industry market segments do you require support for. Please see out blog entry “Questions you need to ask your management team before purchasing a new, or upgrading an existing, payment card solution for your IBM POWER processor”. Coming soon …

(5) Card Data Capture: 
How do you plan to capture card data? What payment industry market segments do you require support for. Please see out blog entry “Questions you need to ask your management team before purchasing a new, or upgrading an existing, payment card solution for your IBM POWER processor”. Coming soon …

(6) Do You Need:
The answer to “Do You Need?”.

(7) Investment Dollars Required:
How much will you have to invest to upgrade or install a new payment solution?

Payment Card Observations

 

 

Exit mobile version