05

February

Self-Assessment Questionnaire (SAQ)

A document used as a validation tool by merchants and service providers to demonstrate compliance with the PCI DSS.

Updated in 2008, it is designed to simplify and streamline the assessment process and aid small and mid-sized merchants who are not required to have on-site PCI compliance assessments. The new SAQ comes in four versions with questions tailored specifically for different categories of card acceptors.

Read more

28

January

NRF show celebrates innovation, spots trends

An estimated 33,000 attendees convened at New York’s Jacob Javitz Center for The National Retail Federation’s 104th Annual Convention and Expo, held Jan. 11 through 14, 2015. In his opening comments, NRF President and Chief Executive Officer Matthew Shay said, “We believe this is the greatest industry in the world, and we’re proud to help you tell that story.”

Payment professionals contributed to the story by demonstrating their products and services and networking in the exhibit hall, evidencing that, while retailers may complain vociferously about the high cost of interchange,

Read more

21

January

Qualified Security Assessor (QSA)

An auditor, certified by the PCI SSC, who assesses the PCI compliance of payment systems to ensure they are properly protecting card data. The PCI DSS requires that all Level 1 merchants (those that process over 6 million card transactions a year) be evaluated annually by a QSA.

Read more

14

January

EMVCo to improve standard for e- and m-commerce

EMVCo LLC revealed plans on Jan. 8, 2015, to leverage 3D Secure (3DS) to help stem a rising tide of e-commerce fraud while enhancing global interoperability and security. 3DS, a technology developed by Visa Inc. and subsequently licensed by MasterCard Worldwide, is designed to protect card-not-present (CNP) transactions by incorporating an additional layer of security into the online checkout process.

Six major card brand members comprise EMVCo: American Express Co., Discover Financial Services, JCB International Credit Card Co. Ltd., MasterCard, China UnionPay and Visa. The global technical body has broad

Read more

06

January

Processor

A processor is any entity that is physically processing a credit card transaction from swipe to settlement. It is a front-end network that enables a dial terminal, POS or gateway to connect to the Visa and MasterCard systems for authorization from an issuing bank. Any back-end or settlement network that is receiving those authorizations and settling them to a sponsor bank is also a processor. This network would have either a front-end or back-end, or both, that is involved in the physical authorization or settlement of a transaction.

Read more

31

December

Staples urges diligence post breach, stakeholders point fingers

A data security breach involving Staples Inc., initially reported in October 2014, has been confirmed by the Framingham, Mass-based retail office supply chain. The far-reaching event impacted 119 of the 1,500 Staples locations in 35 states. Malicious software discovered inside cash registers was intercepting credit card transactions and transmitting cardholder data to a criminal host network. The company believes that up to 1.16 million credit cards may have been affected by the breach.

A company press release issued on Dec. 19 stated that “malware may have allowed access to some transaction

Read more

23

December

Payment Card Industry (PCI) Data Security Standard (DSS)

Established by the major payment brands, including American Express Co., Discover Financial Services, JCB International Co. Ltd., MasterCard Worldwide and Visa Inc., the PCI DSS is now managed by the PCI Security Standards Council.

The PCI DSS is designed to enhance payment account data security worldwide and consists of 12 requirements governing security management, policies, procedures, network architecture, software design and other areas critical to the protection of cardholder data.

Failure to adhere to the standard (by any party that handles card information, including merchants and ISOs) can result in hefty fines.

Read more

17

December

Holiday shopping gets ‘pay-by-pay’ analysis

Midway through the holiday shopping season, analysts are crunching the numbers, providing a “pay-by-pay” analysis of consumer spending patterns. The reports give some merchants and payment professionals reason to celebrate while others may be motivated to revisit their promotional strategies.

Year-over-year growth in consumer spending grew a modest 5.3 percent compared with a 7.4 percent increase in 2013, according to First Data’s 2014 SpendTrend Holiday Shopping analysis, a comprehensive report issued December 8, 2014. The study measured in-store transaction data and consumer spending at over 1 million merchant locations.

Consumer

Read more

10

December

Magnetic Ink Character Reader (MICR)

A countertop device used to scan and recover information contained in magnetic ink characters printed on checks and documents. The magnetic ink character recognition (MICR) line, usually printed at the bottom of a check, is a sequence of digits that provides details about the bank and account on which the check is drawn. The MICR line supports authorization and clearing routines.

Read more

03

December

Discover’s Pulse network sues Visa over debit card policies

To a long list of companies crying foul over Visa Inc.’s pricing models, add Discover Financial Services. Discover’s debit unit, Pulse Network LLC, recently filed a lawsuit against Visa in a federal court in Texas alleging Visa undermines competition in the debit network world. The network is asking the court to “enjoin Visa’s ongoing violations of antitrust laws” and award Pulse compensation for revenues lost due to the challenged policies.

This isn’t the first time Discover has taken Visa to court. In 2008, Discover ended up with out-of-court settlements with both

Read more