Skip navigation
All Places > In the News > Blog
1 2 3 Previous Next

In the News

36 posts

As developers know, APIs come in all shapes and sizes.   In this article, I’ll look at how APIs are commonly used in payments and offer a framework for classifying some of Vantiv’s more popular payment APIs.

 

Webopedia defines an API as follows:

 

“An Application Programming Interface (API) is a set of routines, protocols and tools for building software applications.  An API specifies how software components should interact.” 

 

Obviously, this is a broad definition. It covers everything from opening an OS file to accessing hardware features on a graphics card.  In payments, we can frame APIs more narrowly.  Most payment applications are transactional, and involve sending and retrieving messages to and from remote systems across dedicated links or IP networks.  Examples include authorizing a payment, setting up a subscription, or initiating a bank transfer from a mobile app.

 

Because most payment transactions are message-oriented, protocols loom large in payments.  Below is a description of five types of APIs common in payment applications.

 

1. Message formats & protocols

 

The core protocol used in payments is the ISO 8583 standard.  Although it meets the definition of an API, it is better described as a protocol or message format.  ISO 8583 messages may travel from a merchant terminal or ATM, through to a merchant acquirer, through to card networks, and ultimately to card issuing banks.  The standard is quite detailed and coding ISO transactions requires a sophisticated understanding of how payment networks operate.

 

ISO 8583 format message are usually sent over TCP via socket connections, but it can operate over other transports as well including dial-up, direct links or X.25 networks.  Most developers probably won’t code ISO 8583 messages directly unless they are working at a large retailer, bank, payment processor or payment gateway.

 

Vantiv provides Enterprise retailers and high-volume merchants with the ability to code directly to our core payment systems using the ISO 8583 standard.  When ISO messages are sent across the wire they are very dense and look like a stream of characters with many bit-mapped or binary coded fields.  A parsed view of a partial ISO 8583 message is shown below.  These types of message provide developers with complete flexibility and access to all network features, but they are difficult to code to.  To make integrations easier, Vantiv also exposes more consumable APIs, message specs and SDKs to developers (discussed below) where we manage the translation to ISO 8583 behind the scenes.

 

partial ISO message.JPG

 

2. SOAP XML Web Services

 

SOAP refers to the Simple Object Access Protocol.  SOAP is a W3C XML based standard that allows organizations to publish interfaces such that they are discoverable and platform agnostic.  Interfaces are described using WSDL, the web-services description language.  SOAP Web Services are most commonly provided over HTTPS, however SOAP can run over other transports as well.  The protocol provides an envelope, a set of encoding rules for expressing application defined data types, and a convention for representing procedure calls and responses.  SOAP can be a little verbose, because it was designed to have a lot of functionality.  Several Vantiv platforms expose SOAP interfaces including Vantiv’s core platforms, Vantiv’s eCommerce platform, Vantiv’s Express Platform and the MercuryPay platform.

 

A nice property of a SOAP API is that it is self-documenting.  For example, visiting the endpoint of the MercuryPay SOAP API (https://w1.mercurycert.net/ws/ws.asmx) in a browser shows the available SOAP methods and documents how they are called.

 

3. HTTP/S POST APIs

 

While SOAP is widely accepted as an industry standard, for applications that don’t need all the functionality of SOAP, simpler HTTP POST APIs have become popular.  With these types of APIs, developers create their own HTTP requests and send messages directly to a network endpoint.  Although we refer to them as HTTP APIs, it is standard practice to send traffic over an SSL/TLS encrypted HTTPS connection.

 

HTTP POST APIs can take several forms – they can send and receive JSON, XML or simple key-value pairs.  Popular tools for interacting with HTTP endpoints include cURL and Postman.  Authentication can be performed in the HTTP header or credentials can be included in the message payload itself.  While POST APIs can support any type of payload, JSON is often preferred because it is lightweight, flexible, and easily parsed.

 

This is popular style of coding is also supported by multiple Vantiv APIs including Vantiv’s Express API, Vantiv’s eCommerce API, and various management APIs such as the Merchant Management API used by Payment Facilitators.  This style of API is also used by Apple Pay iOS Apps to simplify Apple Pay integrations.

 

A cURL example showing the use of Vantiv’s eProtect HTTPS POST API is shown here.

 

curl -H "Content-Type: application/x-www-form-urlencoded" -d \
"paypageId=a2y4o6m8k0&reportGroup=67890&orderId=cust_order&id=12345&accountNumber=5454545454545454&cvv=111" \
https://request-prelive.np-securepaypage-litle.com/LitlePayPage/paypage

 

The endpoint accepts PCI sensitive data like card credentials or a token and responds with a JSON payload containing a low-value token that can be used in lieu of payment credentials:

 

{
"paypageRegistrationId":"Z01GbG9qcTRKdXA4MXhKbkNoRGZNYkRsK1JKZG5oS3ZPcWJmYkRlbHUxV1VjM1UzdnpLcHY1ZUhDeU1uWm4wZQ\u003d\u003d",
"bin":"545454",
"type":"MC",
"firstSix":"545454",
"lastFour":"5454",
"litleTxnId":"82920346960773572",
"orderId":"cust_order",
"response":"870",
"responseTime":"2017-04-12T12:33:01",
"message":"Success",
"reportGroup":"67890","id":"12345"
}

 

The eProtect service can either be called directly (as above) or for eCommerce applications a JavaScript library loaded into your web-page and optionally served from Vantiv via an iFrame can call the service on your behalf to avoid exposing your application to PCI sensitive data.

 

4. REST APIs

 

REST stands for Representational State Transfer.  It is not an API unto itself, rather it is an architectural style for expressing an HTTP-based API.  APIs that adhere to this coding style are said to be RESTful.  Developers who understand how to code to HTTP POST APIs (above) will automatically understand RESTful APIs because the mechanics of interacting with them are the same.  The main difference is in how the API is organized.  A RESTful API borrows from object-oriented design principles and typically provides multiple URL endpoints that correspond to objects being manipulated.

 

For example, if I have a URL endpoint /Charge representing a charge to a credit or debit card, I might create or update a charge against the endpoint using a POST method or retrieve one or more charges using the GET method.  Manipulating a specific instance of a charge would involve using an end-point like /Charge/<Charge-id> in a well-designed REST API.  I might have other entities such as Customers, Disputes or Tokens that I interact with in the same way using common verbs like create, update, delete and list.

 

Additional JSON or XML can be sent with each HTTP request to provide more instruction to the endpoint at the discretion of the API designer.  There are often “shades of grey” between HTTP POST APIs and REST APIs depending on how fully the API designer has embraced REST design principles.

 

Vantiv exposes multiple RESTful APIs as well to various payment platforms.   Examples are the REST API to MercuryPay, and the triPOS cloud API below, both designed around REST principles.

 

tirpos.png

 

5. SDKs

 

Software Development Kits are client-side libraries that abstract and simplify coding to the above interfaces.   SDK’s are usually programming language aligned.  For example a Microsoft developer building a point of sale application will appreciate a C#/.NET SDK easily consumable with Visual Studio.  eCommerce developers might prefer a PHP or Java SDK that makes it easier to formulate payment transactions from within a web application.  The SDKs are responsible for generating and parsing the various messages formats described above.  It’s important to understand that it is ultimately XML or JSON formatted messages (or in some cases ISO messages) that are sent across the wire regardless of whether a developer codes to an SDK or a protocol specification.

 

SDKs are useful, but they present a double-edged sword. They simplify coding, but also introduce a new source of complexity in the form of a client-side software component that their application depends on.  Also, some SDKs may not expose all the advanced capabilities offered by a payment platform, meaning that for some functions developers will need to code to the message specification.

 

Opinions vary, but some developers will prefer to code directly to a protocol specification (like an XML spec or RESTful API) to take unknowns out of the equation and avoid dependencies that could impact their release cycles.

 

Vantiv offers several SDKs including C#, PHP, JAVA, Ruby and Python SDKs for our eCommerce platform. A sample credit card authorization using Vantiv’s eCommerce Java SDK is shown below

 

import com.litle.sdk.*; 
import com.litle.sdk.generate.*; 

//Authorization 
public class AuthExample { 
   public static void main(String[] args) { 
       Authorization auth = new Authorization(); 
       auth.setOrderId("1"); 
       auth.setAmount(10010L); 
       auth.setOrderSource(OrderSourceType.ECOMMERCE); 
       Contact billToAddress = new Contact(); 
       billToAddress.setName("John Smith"); 
       billToAddress.setAddressLine1("1 Main St."); 
       billToAddress.setCity("Burlington"); 
       billToAddress.setState("MA"); 
       billToAddress.setCountry(CountryTypeEnum.US); 
       billToAddress.setZip("01803-3747"); 
       auth.setBillToAddress(billToAddress); 
       CardType card = new CardType(); 
       card.setNumber("3750*******0003"); 
       card.setExpDate("0119"); 
       card.setCardValidationNum("349"); 
       card.setType(MethodOfPaymentTypeEnum.AX); 
       auth.setCard(card); 

       AuthorizationResponse response = new LitleOnline().authorize(auth); 
       //Display Results 
       System.out.println("Response: " + response.getResponse()); 
       System.out.println("Message: " + response.getMessage()); 
       System.out.println("Litle Transaction ID: " + response.getLitleTxnId()); 
   } 
} 

 

 

The Bottom Line

 

When it comes to payments there are a great many APIs, but most fall into one of the categories described above.  Once you master the mechanics of coding to on API in a category, other APIs in the same family become accessible and easy to use.

 

For a summary of the various APIs and resources available to eCommerce developers, sign-up to Vantiv O.N.E. and visit our eCommerce Guides and Resources area.

 

Developers building In-store, Integrated point-of-sale platforms can visit a similar collection of API documentation in our Point-of-Sale documentation area.

In payments, strategies for identifying customers are often built around channel-specific tools, technologies, and terminology.  For instance, the term "card-on-file" refers to an eCommerce business' storage of its customer's payment card information, to avoid requiring customers to re-key their credentials when placing subsequent orders.

 

In the brave new world of OmniCommerce however, customers often interact with merchants through multiple channels.  A retailer might recognize a repeat customer by their payment card, whereas an eCommerce provider may rely on an e-mail address. A laundromat might use a phone number to bring up a customer's prior orders and starch preferences.  An attribute useful for identification in one channel, may be unavailable in another.  It’s time for a “re-think” of card-on-file and multi-channel payments, and developers have an important role to play.

 

How Did We Get Here?

 

At one time "In-store" was the only channel available. Over time, merchants devised other channels like mail-order, telephone order.  With the advent of the web, some merchants opened an on-line channel to interact with their customers.  With the proliferation of mobile devices now bringing the shopping experience to the wireless “great outdoors”, the variety of interactions between customers and merchants is increasing dramatically. In-app payments, tap-to-pay, mobile-wallets and beacon technologies are all indicators of this rapid pace of change.

 

The progression of payment options has led to often disconnected, parallel ecosystems of technology and middleware that interact with customers in separate, inconsistent ways. We’re fast approaching a point where growing expectations of customers require that the walls between payment ecosystems be broken down. While it is great to be a consumer in this brave new world, building for multi-channel commerce is clearly a challenge.

 

From “Card-on-File” to “Customer-on-File”

 

Ideally, mobile systems, eCommerce systems, and point-of-sale systems should share a common view of the customer.  All three should be able to recognize an existing customer, allow for the creation a new customer, and all should be able to read or write interaction events associated with a central customer record.

 

This all sounds logical, but creating a composite customer identity can be hard to do in practice.

 

  • Customers on mobile devices may not have the patience to key-in a lot of data, and merchants may be reluctant to ask lest they inhibit sales
  • In-store customers may not want to volunteer personal information like e-mail addresses and phone numbers
  • Customers often use throw away yahoo or gmail accounts for on-line interactions to avoid receiving nuisance e-mail on their primary e-mail accounts

 

Data veracity is an ongoing challenge. People move, phone numbers change, cards expire, devices get swapped out, and data entry errors are common.

 

Flexible, Extensible Schemas

 

A customer database that can serve multi-channel commerce needs to tolerate some level of “fuziness”.  It may not be possible to populate all customer attributes with just one or a few transactions.  It may take several interactions before identity can be “federated” and transactions previously viewed as discrete can be recognized as belonging to the same customer.

 

The database schema that underlies this type of “customer-on-file” functionality needs to be flexible and easily extensible.  Merchants will almost certainly have a need to capture and store additional attributes in future including new types of tokens, credentials from new authentication services, or digital signatures from devices not invented yet.

In an age where the cost of storage is plummeting, and the cost of data acquisition (for digital transactions at least) is approaching free, a good practice is to store everything you can just in case you need it in future.  This includes contact info, payment credentials (secured, of course), and customer device info; anything related to a customer that identifies them and how they interact with various touchpoints is of value.

How Customer-on-File Helps the Business

 

Creating a single, cross-channel customer identity provides value at several stages in the merchant – customer relationship.

 

Acquisition phase

 

The acquisition phase is where you need to build your customer database. All payment channels should access a common database to:

 

  1. Identify if a customer is new or existing
  2. Append to a customer's record with as many attributes as possible.

 

If a customer is in a retail shop, they could be incented to sign up for an email list by providing their email address, or providing their phone number and first/last name.  If a customer phones into a customer service center, they could provide their mailing address or phone number. If a customer browses your website, store as much as you can including browser information, the IP addresses, and any unique device ID.  The more information attached to the customer record, the better.

 

Conversion

 

The conversion phase is where a centralized customer view starts to show value. When a customer is ready to buy, the merchant can demonstrate how attentive they’ve been during the acquisition stage.

Buy-online-pick-up-in-store is a powerful tool for retail and food service merchants, but requires online/offline systems to be able to quickly access customer details for efficient identification and fulfillment. Similar scenarios - buy-online-ship-from-store, buy-in-store-ship-from-warehouse, split shipments - all help to ensure successful conversion, but all depend on quick and easy access to a customer-centric system.

 

Developers should think about how to design systems that are flexible enough to “set the table” for the next interaction, but avoid introducing friction into the conversion process.  On the eCommerce channel a fraud service provider like Threatmetrix can pass your web-application additional “telemetry” and device signature information helping you more easily identify a device if it enters your ecosystem in the future.

 

Retention / Up-sell

 

The retention and upsell phase is where a customer-centric data strategy can really pay off for merchants.  Effective identification of an existing customer will increase loyalty and boost the lifetime value of the customer relationship.  Is the customer returning a website purchase to a retail location?  The store should be able to grab the payment credentials from the eCommerce system, process the refund, and e-mail a confirmation.  Is the customer buying a pair of shorts at an outlet store?  Your system should ideally present the customer’s cross-channel buying history, and identify cross-sell / up-sell opportunities.

 

How Do We Get There?

 

For developers, enabling these smart, customer-centric buying experiences starts with a common customer database.  The key is to build deliberately, and assume that there will always be new channels that your customers will use to reach you.  There will be specific idiosyncrasies to adapt to with each new channel, but a customer-on-file database remains central of them all.

 

Building a solution on a technology platform focused on a single channel runs the risk of creating a patchwork of services that will be difficult and costly to maintain and integrate.

 

To help facilitate this “customer-on-file” design principle, selecting payment providers that are channel agnostic will pay dividends in future.  It will make it easier and more cost effective to support new channels and technologies, and it will increase the value of your solution to the merchants you serve.

 

Did you like this post? Click "like" at the top to tell us to make more content like this.

There are 105 books listed on my 2017 edition of Roddy’s Recommended Reading, and one of the most highly regarded – by myself and millions of businesspeople – is The 7 Habits of Highly Effective People by Stephen R. Covey. Since it was first published in 1989, over 25 million copies of Covey’s classic have been sold.

 

Maybe you’re thinking right now, “But I don’t have time to read that book and work on myself and my business strategy. Look at the mountain of stuff that’s on my plate – I’m too busy!” If that sounds familiar, I have good news for you. First, one of Covey’s habits is “Put First Things First,” which means you need to prioritize so you are engaged in the most impactful activities, not just the most pressing.

 

Second, I can save you hours of time by sharing my book notes with you. Following are 35 of the most insightful quotes from The 7 Habits that apply to ISV organizations:

 

Habit 1: Be Proactive

  1. Between stimulus and response, man has the freedom to choose.
  2. Reactive people are often affected by their physical environment. If the weather is good, they feel good. If it isn’t, it affects their attitude and their performance. Proactive people can carry their own weather with them.
  3. Reactive people are driven by feelings, by circumstances, by conditions, by their environment. Proactive people are driven by values – carefully thought about, selected and internalize values.
  4. Any time we think the problem is “out there,” that thought is the problem.
  5. Consequences: “When we pick up one end of the stick, we pick up the other.”
  6. Chasing after the poisonous snake that bites us will only drive the poison through our entire system. It is far better to take measures immediately to get the poison out.

 

Habit 2: Begin with the End in Mind

  1. If the ladder is not leaning against the right wall, every step we take just gets us to the wrong place faster.
  2. All things are created twice. There’s a mental or first creation, and a physical or second creation, to all things.
  3. Management is a bottom line focus: How can I best accomplish certain things? Leadership deals with the top line: What are the things I want to accomplish?
  4. There is a real difference, all the difference in the world, in the effectiveness of a mission statement created by everyone involved in the organization and one written by a few top executives behind a mahogany wall.
  5. No involvement, no commitment.

 

Habit 3: Put First Things First

  1. “Things which matter most must never be at the mercy of things which matter least.” Goethe
  2. “The successful person has the habit of doing the things failures don’t like to do.” – E.M. Gray
  3. The essence of the best thinking in the area of time management can be captured in a single phrase: Organize and execute around priorities.
  4. I’ve tried to give 10 minutes of “quality time” to an employee to solve a problem, only to discover such “efficiency” creates new problems and seldom resolves the deepest concern.
  5. With immature people, you specify fewer desired results and more guidelines, identify more resources, conduct more frequent accountability interviews, and apply more immediate consequences.
  6. You can’t have the fruits without the roots. Self-mastery and self-discipline are the foundation of good relationships with others.

 

Habit 4: Think Win/Win

  1. Win/Win is a frame of mind and heart that constantly seeks mutual benefit in all human interactions. Win/Win means that agreements or solutions are mutually beneficial, mutually satisfying. All parties feel good about the decision and feel committed to the action plan.
  2. Win/Win is a belief in the Third Alternative. It’s not your way or my way; it’s a better way, a higher way.
  3. Partnership agreements shift the paradigm of productive interaction from hovering supervision to self-supervision.
  4. I am always amazed at the results that happen, both to individuals and to organizations, when responsible, proactive, self-directing individuals are turned loose on a task.
  5. Consequences become the natural or logical result of performance rather than a reward or punishment arbitrarily handed out by the person in charge.
  6. If you put good people in bad systems, you get bad results. You have to water the flowers you want to grow.

 

Habit 5: Seek First to Understand, Then to Be Understood

  1. We have such a tendency to rush in, to fix things up with good advice. But we often fail to take the time to diagnose, to really, deeply understand the problem first.
  2. Very few of us ever practice empathetic listening: listening with intent to understand. Empathetic listening gets inside another person’s frame of reference.
  3. Next to physical survival, the greatest need of a human being is psychological survival – to be understood, to be affirmed, to be validated, to be appreciated.
  4. The professional has to have the integrity to say, “My product or service will not meet that need” if it will not.
  5. When you can present your own ideas in the context of a deep understanding of other people’s paradigms and concerns, you significantly increase the credibility of your ideas.

 

Habit 6: Synergize

  1. Synergy is almost as if a group collectively agrees to subordinate old scripts and to write a new one.
  2. I felt that experiencing synergy was more powerful than talking about it, that producing something new was more meaningful than simply reading something old.
  3. Valuing the differences is the essence of synergy – the mental, the emotional, the psychological differences between people.
  4. The person who is truly effective has the humility and reverence to recognize his own perceptual limitations and to appreciate the rich resources available through interaction with other human beings.
  5. When we’re left or own experiences, we constantly suffer from a shortage of data.
  6. As a result, new goals, shared goals, are created, and the whole enterprise moves upward, often in ways that no one could have anticipated. The excitement contained within that movement creates a new culture.

 

Habit 7: Sharpen the Saw – Principles of Balanced Self-Renewal

  1. Habit 7 is taking time to sharpen the saw. It surrounds the other habits on the Seven Habits paradigm because it is the habit that makes all the others possible. Renew the four dimensions of your nature – physical, spiritual, mental, and social/emotional.

 

 

If you’d like to talk more about The 7 Habits or how to improve your ISV business, please reach out to me. My job as a Reseller & ISV Business Advisor for Vantiv’s PaymentsEdge Advisory Services is to work with Vantiv partners to help them with hiring right, developing staff professional development programs, improving customer service, and more. Just drop me a line at Jim.Roddy@vantiv.com and we can set up a time to talk.

 

 

For more On the Edge content, please visit the Vantiv Partner Advantage website.

 

Jim Roddy is a Reseller & ISV Business Advisor for Vantiv’s PaymentsEdge Advisory Services. He has been active in the POS channel since 1998, including 11 years as the President of Business Solutions Magazine, six years as a Retail Solutions Providers Association (RSPA) board member, and one term as RSPA Chairman of the Board. Jim is regularly requested to speak at industry conferences and he is author of the book Hire Like You Just Beat Cancer.

Change isn’t always easy, and upgrading or investing in a new point-of-sale (POS) system is a big endeavor for most merchants. But doing so can open up doors to increased business as well as offer critical payment security features.

When a point-of-sale solution is paired with value added services such as integrated pay processing, it enhances a merchant’s ability to streamline daily operations. Payment integrations tend to be the most complex and time consuming piece of the process, but they don’t have to create strain on your business.

 

For any new integrated payments partnership, choosing the right processing company to meet your needs begins with asking potential partners a few simple questions: Can they work with your business model today? Do they support your platform, existing technology, etc.? Can they support the growth of your business?

 

Taking the time to research, compare and evaluate payment processing partners can make all the difference in the long run. Look for an integrated payment processing partner that offers powerful, secure solutions that are simple to integrate and backed by customer service built around integrated payments.

 

What to look for in a payment partner

The right payment partner possesses a balanced mix of passion, talent and technology to help you win. You can’t expect your credit card processor to know the intricacies of running your business, but you can expect them to know what types of payment solutions are best for your business. Some processors are large enough to have expertise in many different areas, from servicing large retail shops to healthcare providers, service industries, eCommerce merchants and more. Look for a partner that pioneered the channel focused approach to integrated payments because your best interests should be top of mind and their solutions should be tailored to your specific business type.

 

Are they a match for your technology?

Merchants increasingly do not see their business as composed of separate online and in-store channels, but rather as a continuous consumer experience bridging the web, mobile devices, and brick-and-mortar location. Many processors offer semi-integrated solutions to simplify one of your payment needs but do not offer in-store, online or offsite payments in a single integrated platform.

 

One of the most important things to keep in mind is that the “easiest” integrated payment processing companies often are “no frills.” This can be good in some instances, but in the world of payments today, it’s safe to say that frills can be very important. For example, if you are seeking an omni-commerce platform, consider whether it includes security solutions such as PCI validated point-to-point encryption.  Find out if the chip-enabled PIN pad options support multiple interfaces such as WiFi, Bluetooth or Ethernet. Does the integrated solution offering support many form factors including distributed code, mobile apps or in the cloud? If you are considering recurring payment services, find out if this is an option.

 

In many instances, these semi-integrated features are not managed by the payment solution but through separate integrations or third party service providers that require individual integration work for each. A robust technology workbench is a major consideration for any integrated payments partnership to work, and you should know if these services are available to you and at what cost.

 

What does the future hold?

Additionally, it’s important to find out if your potential payment partner offers the solutions your business needs today as well as those you will need in the future. There are many integrated payments options available, and different solutions solve for different needs. Look for a credit card processing company in which integrated payments are innate to their business model.

 

Also, the partnership shouldn’t stop at the integration. On-demand resources should be available to you throughout the partnership, such as a dedicated integration consultant with technical payments expertise, a business developer to get you started with a solid business strategy, and a relationship manager for continued market growth.

 

Customer service may be the last thing on your mind when choosing to integrate payments to your business application, but it’s important to find a reputable company with an experienced, knowledgeable and accessible support team for you and your merchants.

 

Vantiv Integrated Payments offers its own processing platform that delivers unmatched, market-ready, semi-integrated solutions in the cloud, on a PC, or via a mobile device with features such as P2P encryption, account updater, tokenization, gift processing, and a true gateway for merchant processor of choice.

Every month, Vantiv and PYMNTS.com team up to deliver the latest news in developer spaces. Here’s the overview of the Developer Tracker published in March 2017.

 

Mobile technology has impacted how people travel in just about every way. From real-time airfare comparisons to mobile boarding passes, and cross-border mobile payments to instant language translation, there’s virtually no part of the travel experience that’s been left untouched. As technological advancements continue making travel more convenient for consumers, software developers are looking for new ways to make traveling as convenient, efficient and secure as possible.

 

March’s Developer Tracker features an interview with Celia Pereiro, the head of payments for travel software solution provider Amadeus. In February 2016, Amadeus launched a B2B wallet that processes digital payments faster between different travel companies, or entities such as an airline and a travel agent or a booking service. The wallet was developed as part of a collaboration between Amadeus, MasterCard, and Ixaris. In addition to the wallet, Amadeus is preparing to debut a new payments service that would make paying for incidental airport services, such as baggage fees and skycap services, easier and more efficient.

 

The growing acceptance of mobile payments in travel industry has, in a way, steered it away from cash. That’s because mobile wallets support a wide range of digital payment options, letting travelers save much-needed physical currency for when they’re on the ground at their destinations. Pereiro sees the shift toward mobile payments to continue gaining momentum and with that, a continual decline in cash usage. “We are working with airlines on on-board payment systems,” she says. “Mobile payments are a big part of that business model.”

 

On the other hand, giving consumers too many payment options can cause confusion and friction. As a result, Periero says, the Amadeus team is working to personalize payment apps for individual travelers. This can empower them to quickly find their preferred digital payment option depending on the type of purchase.

 

Personalization has become increasingly important to Amadeus and other development companies in a wide range of industries, as consumers expect solutions to be catered to their needs and circumstances. “Personalization in payments is becoming a hot topic in travel as more and more people book on mobile devices,” Periero explains. “With that smaller screen-size it is not feasible to offer a long list of possible payment options – people just want to see the best payment option for them for that given payment. And their preferred payment option will change depending on whether they are booking a business trip, [thousands] for their honeymoon or spending $20 on extra baggage at the airport.”

 

While security is a concern to consumers when making any purchase, they are especially concerned about it when traveling, Periero notes. Due to physical security concerns, customers must disclose sensitive personal information when making airline and other travel reservations. While these measures may help keep bad actors from boarding planes, they can also potentially expose customer data to hackers and other cybercriminals.

 

Therefore, Periero says, it’s important that Amadeus and other travel solutions keep sensitive customer information safe. “Data security is one of our highest priorities and drives communications management at every level,” she says. “We work with travel companies to help them extract the sensitive credit card data from their systems and convert it into tokens so that they do not need to hold vulnerable data in their systems.”

 

Data and cybersecurity are also a concern when it comes to a company’s bottom line, Periero notes. By reducing the risk of cyberattacks, companies can inspire consumer confidence. Doing so can be good for customer satisfaction while also helping companies avoid lost revenue due to security breaches, fraud, chargebacks or fines for not complying with security standards. Security concerns will only become more prevalent as consumers increasingly turn to modern electronic payment methods, Periero points out. As consumers travel into a brave new personalized future, the pressure is on software developers to keep pace, offering the personalization and security that modern, digital payments – and their consumers – demand.

 

Read the full interview in March’s edition of PYMNTS.com’s Developer TrackerTM, powered by Vantiv. It also covers other developer-focused news and updates including:

 

  • Urban Airship debuts single-tap loyalty rewards

Urban Airship, the mobile engagement provider, recently unveiled a service that allows loyalty cards to be updated through a single tap with Apple Pay. The company describes the solution as the first of its kind for mobile wallets, which replaces the old method of using loyalty and rewards programs on smartphones. Users can now use Urban Airship to pay and earn loyalty and rewards points all via one app. The company will also be supporting other value-added services through Apple Pay.

  • Warehouse Mobile Solutions unveils inventory management app

Need to keep track of warehouse inventory? There’s an app for that. Warehouse Mobile Solutions recently released WarehouseOS, a new mobile solution for tracking and monitoring inventory. The app is designed to help make fulfillment and delivery as seamless as possible. It offers a simple interface that allows users to quickly view, track and report inventory data. It also claims to have cut the time required to fulfill orders in half. The app is aimed at helping businesses transition to delivering products directly to consumers via online orders.

 

Download the report.

If you can master the communication technique Set Them Up For Future Reference — I convert it to the fun acronym STUFFR — you will be sure to meet and exceed your customers’ and co-workers’ expectations. STUFFR consists of identifying and understanding a potential problem and discussing it with the person in advance. You also need to note their (and your own) exact words and commitment to not failing.

 

The number one benefit of Set Them Up For Future Reference is accountability. Most people want to make their word good after they make a commitment to do so. People feel obligated to live up to their word. If a customer or co-worker doesn’t live up to their word, you can play back the words they committed to during your prior conversation. Arguing with your own words is tough to do. People usually acknowledge, apologize, and then adapt their behavior.

 

Here’s the four-step process for STUFFR:

  1. Obviate. This means to anticipate and prevent. A simple form of obviating is looking out your window, noting the gray skies, and grabbing an umbrella in case of rain. You don’t have to see raindrops to anticipate that you might get drenched later. Obviating requires skepticism. You need to look at your company’s situation, your situation, and the customer’s situation, then discuss what could go wrong and what the two of you can do to prevent it.
  2. Set clear expectations. Don’t just say to a customer, “We need your request ASAP — we get jammed up around the holidays.” Say more specifically, “If you want your new system installed by the end of this year, I would need to place your order for hardware and all the peripherals by December 9th. That way, even if there’s a one- or two-day delay in shipping, we will still have time for configuring our software and the system before our installers take their end-of-year vacations December 23rd through January 1st.”
  3. Recap the conversation to ensure that you both agree. You could recap the previous conversation by saying, “So you’re OK making a decision by December 9th or waiting until after the New Year to have your new system installed? If we don’t place the hardware order before the 9th, I can’t guarantee installation that month.”
  4. Write it down! Don’t rely on your memory to capture details of your discussion. Make notes during the conversation (and enter them into your CRM system when appropriate). Again using the previous example, the customer could email you their order on December 20th and expect an installation date of December 30th. When you call them back, the customer could say, “But for new systems at our other locations you’ve always been able to install them in 10 days or less.” If you don’t have clear notes, you could start doubting yourself: “I swear we had that conversation three weeks ago – did I forget to tell them about the installers taking time off for the holidays?” If you properly STUFFR and made good notes, all you need to do is open up your CRM and share with the customer details of that conversation. Memory jogged and management crisis averted.

 

STUFFR is a two-way street. The customer or co-worker knows what steps they need to take to get the outcome they desire, and you have committed to them the actions you are going to take as well. Using the above example, you have promised if the customer places their order on December 8th, their new system is guaranteed to be up-and-running by the end of the year. Just like you can play back someone else’s words … they can play back yours.

 

Avoid the word “try” when setting someone (or yourself) up for future reference. It’s unclear and it also softens any commitment. “I will try to email that link to you today” is far different from “I will email that link to you by the end of business today.” In the words of Yoda from Star Wars: “Do or do not. There is no try.”

 

So now that I’ve convinced you to like a new business acronym, let me try to warm you up to an often despised task: homework.

 

This is an exercise I use during my professional development sessions with Vantiv partners through our PaymentsEdge Advisory Services division. I ask reseller or developer staff members to map out an upcoming customer or co-worker interaction using the four-step Set Them Up For Future Reference framework.

 

  1. Obviate: What could go wrong and how you can prevent it.
  2. Set clear expectations (remember to be clear and specific).
  3. Recap the conversation: What will you say to them to conclude the conversation?
  4. Write it down: What specific notes will you keep on file?

 

This homework assignment has several upsides: it’s due whenever you like, it won’t be graded and, best of all, it will positively impact your business.

 

 

For more On the Edge content, please visit the Vantiv Partner Advantage website.

 

Jim Roddy is a Reseller & ISV Business Advisor for Vantiv’s PaymentsEdge Advisory Services. He has been active in the POS channel since 1998, including 11 years as the President of Business Solutions Magazine, six years as a Retail Solutions Providers Association (RSPA) board member, and one term as RSPA Chairman of the Board. Jim is regularly requested to speak at industry conferences and he is author of the book Hire Like You Just Beat Cancer.

On a never-ending endeavor to be your preferred payments partner, Vantiv reached two milestones in March—our 5th year as a public company and becoming the leading merchant acquirer in the U.S., processing more payment transactions than anyone. Whether for you, with you or through you, it’s a journey of everyday spend that we’re on with you, every day. 

 

See milestones

Every month, Vantiv and PYMNTS.com team up to deliver the latest news in developer spaces. Here’s the overview of the Developer Tracker published in February 2017.

 

According to an estimate from the Food and Drug Administration (FDA), more than 500 million smartphone users are actively using a health care–related application. The FDA also projects that more than 1.5 billion smartphone users will have downloaded a mobile health app by 2018.

 

While these apps may allow users to take better care of their personal health, they often lack the personalization that health care typically requires.

 

Gilad Meiri, founder and CEO of Neura, and his team are working to change that. This month, the company debuted a new software-as-a-service development kit that’s designed to help medical and health care app builders make their software more personalized. February’s Developer Tracker features an interview with Meiri in which he discusses personalization in health care software and how it can help improve outcomes for patients and providers alike.

 

While there is a wide range of apps that claim to help patients track their treatment and prescription plans, a study in the Journal of Medical Internet Research found that most apps do not do enough to affect a patient’s behavior and would benefit from a more personalized approach. As a result, the study concludes these apps do not have a true impact on adherence to medical plans.

 

Meiri says that Neura’s new software development kit is designed to combat this exact problem. The software adapts to user needs, he explains, monitoring their behavior and using it to help patients build better, healthier habits.

 

He notes that the software allows app builders to use this behavioral data to send alerts to users when they are most likely to act on the notification and, as a result, increase adherence to treatment plans and improve health outcomes.

 

“This is an impactful place for us to be. People who aren’t able to follow their doctor’s prescription plan can significantly compromise their health or preventative care treatment,” Meiri says. “Medication management apps and medical devices enabled by Neura adapt to the user’s day and help the user do what they need to do, right when they need to do it.”

Neura learns when to remind users to take prescriptions or engage in treatment by finding out more about a patient’s behavior and patterns, Meiri says.

 

The service uses artificial intelligence and machine learning to discover what a user does in the real world, by tracking movements along with biometric indicators, similar to devices like fitness trackers. However, Meiri says that he and his team have improved on popular wearable devices that measure whether a user is taking part in a healthy activity — like working out — based on data from technological devices. This includes information from devices like accelerometers, which measures how fast a person is moving and can determine if they are going for a jog or bike ride, or a heart rate monitor, which can tell if a user’s heart is working harder than normal.

 

But these indicators have a major flaw, Meiri says.

 

“Right now, most apps and devices can tell you if you are doing something but not why you are doing it,” he explains. “They cannot determine if you’re moving faster and your heart rate is increasing because you’re going for a jog and working out or if it’s because you’re running to catch the train or catch the bus. So they don’t know if you’re really engaging in a healthy activity or just doing something as a result of circumstance.”

 

The software combines multiple data streams that can be collected by a smartphone app or a wearable medical device to learn about a user’s daily activity, such as when they typically wake up or go to sleep, leave for work and return home, where and what they eat, and when they typically work out.

 

Meiri explains that, over time, devices and apps that use Neura’s software can determine, for example, when a patient arrives at the gym or another location where they typically work out or exercise. The software can then be used for reminders like prompting a diabetic to check his or her glucose levels before working out, increasing the odds that a user will follow through with treatment. With benefits for consumers, providers and developers, keep an eye on increased personalization coming to health care apps, now and in the near future.

 

Read the full interview in February’s edition of PYMNTS.com’s Developer TrackerTM, powered by Vantiv. It also covers other developer-focused news and updates including:

 

  • castAR taps Broadleaf Commerce for developer marketplace

castAR seems to be turning over a new leaf. The company recently selected Broadleaf Commerce to help build a new marketplace for developers. The marketplace will allow developers to upload and develop projects from any location. According to a release, castAR turned to Broadleaf Commerce due to its framework, which the company plans to leverage for this new marketplace. “Augmented reality will fundamentally change how people play and work together, and we’re excited to be working to bring this technology to consumers in 2017. We looked at several customizable Java frameworks and found that Broadleaf was best-suited.”

 

  • Vantiv, CardFlight collaborate on EMV mobility

Have EMV reader, will travel. Payment processing service and technology solution provider Vantiv recently announced the debut of a mobile EMV POS solution, based on a partnership with mPOS provider CardFlight. Under terms of a new agreement between the two companies, Vantiv will offer CardFlight’s SwipeSimple mPOS solution, which includes an EMV-enabled mobile chip card reader and a mobile app for iOS and Android devices to its merchants. The solution offers additional features, including back-office reporting portals and other business tools. "EMV and mobile are two of the important trends for financial institution customers, who offer payments solutions for their business customers," Kelly Beatty, SVP and general manager of merchant solutions for financial institutions at Vantiv, said in a press release. "CardFlight's mobile POS solution is a natural fit, and their ability to co-brand the solution for our customers is a key differentiator."

 

Download the report.

What can a cutting-edge software development company like yours learn from a book written back in 1992 by the head of transportation equipment refurbisher Springfield ReManufacturing?

 

A ton.

 

I know that seems counterintuitive, but Jack Stack’s The Great Game of Business can spark sustainable growth, increase productivity, and reduce employee turnover at your company.

 

The book is about “promoting clear, effective, and open communication in a company,” Stack writes. “We try to take ignorance out of the workplace and force people to get involved, not with threats or intimidation but with education. The problem is that most companies never train people to look beyond their computers.”

 

I learned this lesson the hard way early in my 11-year tenure as president of an SMB company involved in the IT channel. Sure, we celebrated successes as a team, but we didn’t dive into the details of our financial situation. When the Great Recession of 2008-09 bludgeoned the IT industry, my company wasn’t immune. Sales and profits evaporated, and we were forced to conduct three rounds of layoffs in ‘09.

 

The first announcement was the worst because few outside of our management team saw it coming. Because we hadn’t taught our team the fundamentals of our business and talked only about sales wins and not profits, employees were blindsided when I stood in front of them to announce that several of their teammates (and friends) had been furloughed. I knew I couldn’t promise that our economic situation would improve immediately, but what I could control was the information we provided to them.

 

So I sat down with any employee who was interested – veterans and new hires, sales and operations – to walk through our financial statements. This wasn’t a one-time event; this was every month after financials were tabulated. These reviews became shorter as the employees expanded their understanding of our business.

 

With this new perspective, our employees didn’t complain, and they didn’t just hold down the fort. They innovated and positioned each of our products to take advantage of growing sectors. In 2010, we grew our sales 20%, and we began hiring again because we had more customers to take care of. It was a monumental accomplishment in a tumultuous time, but it wouldn’t have happened without that clear, effective, and open communication.

 

So you can see why I’m a big fan of The Great Game of Business and the concepts it promotes. Following are 32 tremendous quotes from the book that I think apply to ISV organizations:

 

  1. The best, most efficient, most profitable way to operate a business is to give everybody in the company a voice in saying how the company is run and a stake in the financial outcome, good or bad.
  2. It’s easy to stop one guy, but it’s pretty hard to stop 100.
  3. Our real business is education. We teach people about business.
  4. No one ever shows employees how they fit into a bigger picture and what impact they all have on the company as a whole.
  5. When people come to work at our company, we tell them that 70% of the job is whatever job title they have, and 30% of the job is learning.
  6. There is no security in ignorance. The only way to know if your job is safe is by looking at the financial statements.
  7. I don’t want people just to do a job. I want them to have a purpose in what they heck they’re doing. I want them to be going somewhere.
  8. You have to get people to dream. You have to show them that there really are pots at the end of the rainbow, and you can get your pot if you want it and are willing to work for it. Business is a tool for achieving your highest dreams.
  9. Owners, real owners, don’t have to be told what to do – they can figure it out for themselves. Ownership is not a set of legal rights. It’s a state of mind.
  10. Create an environment in which people are learning all the time.
  11. You’re much better off sharing problems, using the people you work with to come up with solutions.
  12. When you have the responsibility to take care of other people, you do whatever it takes to get the job done.
  13. One of a manager’s main responsibilities is to build confidence in an organization. To do that, you have to accentuate the positive. If you accentuate the negative, it eats away at the organization. It becomes a demotivator, and management is all about getting people motivated.
  14. We start teaching people the game as soon as they come to work at our company. We plunge right into the financial statements.
  15. Key point: The big picture is all about motivation. It’s giving people the reason for doing the job, the purpose of working. If you’re going to play a game, you have to understand what it means to win. When you show people the big picture, you define winning.
  16. Don’t just tell people about the big picture; show it to them. Put it in the form of charts and graphs.
  17. The big picture made us more flexible as a company. I want our players to be more versatile.
  18. A business should be run like an aquarium, where everybody can see what’s going on.
  19. No company serves its people well by elevating emotions over numbers.
  20. I’m all in favor of pom-poms and celebrations and inspirational messages. I just don’t think they should replace solid information about the condition of the company. People should understand why those pom-poms are there.
  21. Sometimes I think what I’m really doing is conducting an orchestra. My job is to keep the rhythm going.
  22. You have to learn how to recognize what the numbers really represent, what sort of behavior produces the numbers, what people can do differently to change the numbers.
  23. If you can get people beyond the day-to-day issues, if you can appeal to something they really want to do, they’ll blow by every obstacle.
  24. Don’t accept any number until you understand where it came from and you know it’s real.
  25. Every year, we figure out what is the greatest threat the company faces, and we get the entire workforce to go after it in the bonus program. We put an annual bounty on fixing our weaknesses. We almost always base one of our annual goals on pretax profit margins.
  26. I am a strong believer in operating a company, any company, as if its future were always on the line, as if something could happen at any moment to threaten its survival.
  27. I personally meet with all 650 employees at least once in the course of each year. In late spring, I hold a series of meetings around the company, in which I talk with people in groups of 20 or 30 and try to get a sense of what’s on their minds. Sometimes I’ll ask them to give me lists of suggestions for improving the company.
  28. Communicating is one of the most difficult challenges in any business, because people hear what they want to hear. If they don’t hear anything, they speculate.
  29. Be a leader, not a boss. If you are running a meeting, be careful to avoid the trap of being the person with all the answers. This doesn’t mean you should be passive. On the contrary, you should lead and you should teach. Look for opportunities to plant seeds in people’s minds.
  30. Know when to push, when to hug, when to cheer, when to boo, and when to kick people in the butt.
  31. It doesn’t bother me to see that we have problems. The important thing is whether or not people are working towards solutions.
  32. By getting people to think at the highest level, you make it possible for them to perform up to the peak of their abilities, and performance is the only control any of us really have.

 

I know that’s a ton of information and many of these principles may seem difficult to execute, especially with all the other immediate challenges on your plate. But you don’t need to go about this quest alone. My job as a Reseller & ISV Business Advisor for Vantiv’s PaymentsEdge Advisory Services is to work with Vantiv partners to help them with hiring right, developing staff professional development programs, and more. Contact me at Jim.Roddy@vantiv.com if you’d like to talk on the phone and determine a go-forward plan to turn your business into one that plays – and wins – The Great Game of Business.

 

 

For more On the Edge content, please visit the Vantiv Partner Advantage website.

 

Jim Roddy is a Reseller & ISV Business Advisor for Vantiv’s PaymentsEdge Advisory Services. He has been active in the POS channel since 1998, including 11 years as the President of Business Solutions Magazine, six years as a Retail Solutions Providers Association (RSPA) board member, and one term as RSPA Chairman of the Board. Jim is regularly requested to speak at industry conferences and he is author of the book Hire Like You Just Beat Cancer.

Value added services offer retailers a platform to help drive repeat business, enhance customer stickiness, and more importantly, understand their customers’ buying behaviors and patterns. Loyalty and marketing programs and data analytics give retailers valuable insights into their customers’ buying preferences and provide the information needed to create effective marketing programs.  An Accenture survey recently reported that 54 percent of shoppers said they are open to sharing personal information and shopping preferences with retailers in order to receive personalized offers, compared to 51 percent last year, and 33 percent in 2014.[1]

 

The ability to track purchases online, on a mobile device, and in-store gives consumers the flexibility to buy across channels and return products in different channels. These and other features help enhance the customer experience, and are helping drive consumers to adopt mobile payments.

 

According to CrowdTap, once in-store, more than 80 percent of consumers use their mobile phones to compare prices on other retail sites and social networks, and see if stores have online coupons or loyalty programs.[2]

 

At Vantiv, we understand that every point of sale business is unique and serves a specific set of customers. Our value added solutions are designed specifically to help your business succeed, no matter what your system, form factors, or target market needs.

 

A recent survey from Boston Retail Partners revealed that 69 percent of retailers see opportunities to utilize social media to enhance the customer experience.[3] Developers have the option to integrate to a vast array of value added services designed specifically to help their customers leverage social media to generate more revenue, strengthen their brand and improve the consumer experience. Our TechLift and TechTools are designed in a manner to help you enhance your merchant and consumer experience and drive more repeat business.

 

Below are a few of our value added services that you can take advantage of when integrating payments to your point of sale system. Our team of dedicated TechLift experts can help you get started.

 

StoreCard

StoreCard is Vantiv Integrated Payments’ suite of stored value solutions designed to create an exceptional merchant and consumer experience. These solutions make it easy for developers to offer customers a feature-packed gift program. Integrating to StoreCard automatically gives your merchants access to customer rewards, mobile gift cards, and more. Additionally, StoreCare features promotional capabilities including social media promotions, digital initiated promotion cards, and more.

 

StoreCard enables next generation gift features like mobile gift payments, mobile gift card account management, rewards, and social promotion. eGifting capabilities are integrated into StoreCard providing a single integration for POS developers to enable seamless processing with both plastic cards and eGift cards

 

Account Updater

Account Updater is available for businesses with recurring and card on file billing needs. Integrated with Visa and MasterCard’s account update services, Account Updater makes card management automatic and easy when updating stored token (PASS) records. The solution eliminates the need for merchants to track down customers to update their payment information for recurring billing services. Coupled with our Transform Tokenization technology, Account Updater offers a valuable service that your merchants – and their customers – will appreciate.

 

Hosted Payments

BI Intelligence, Business Insider's premium research service, estimates the number of online shoppers has grown by nearly 20 million from 2015 to 2016. And these 224 million shoppers are spending more, as the total amount spent online grew from $61 billion in the first quarter of 2015 to $68 billion in Q1 2016. Finally, these customers are transacting more frequently, as the number of online transactions has risen by 115 million from 2015 to 2016.[4] Make sure to take your business from in-store to online by enabling our hosted payments option. With a simple API call, your hosted payments page can be displayed in a number of ways, including a full page redirect, an iFrame, a popup etc. and can be displayed in an embedded or non–embedded format.

 

CardSense

Our Express platform provides EnhancedBINQuery to determine if a card falls into a specific BIN range.  CardSense is used to determine if a Visa or MasterCard card falls into a specific BIN range and returns a variable number of fields, each representing a single BIN attribute, such as PrepaidCard, DebitCard, and DurbinBINRegulation.

 

Data and Analytics

Retailers and ISVs have access to an array of metrics on their payment transactions to help better understand shopping patterns and purchasing behavior.  We also provide access to in-depth programmatic reporting on our Express platform. Analytics such as these are also helpful in experimenting with new customer outreach programs.

 

 

Security Features:

Unlock a bundle of security features with our security solutions which include:

 

Tokenization

Reduce the financial risk associated with storing sensitive cardholder data by eliminating the need for merchants to store the data at all.  Payment applications can create payment records on our servers by initially providing the cardholder account number, expiration date, and other card information.  A unique identifier is then generated and provided to the business application. That identifier acts as a pointer for all subsequent transactions and can be stored.

 

Recurring Transactions

A unique type of transaction where consumers authorize merchants or solution providers to bill a specific card on a regular basis (e.g. monthly membership fees).  Once merchants have scheduled a payment within their recurring billing system, the system submits the transaction details and a flag indicating that it is a recurring transaction, along with the previously-acquired pointer, to our processing platform.

 

Point-to-point (P2P) encryption

Get more secure payment processing with P2P encryption provided through devices from industry leading hardware manufacturers. Maximize card data protection and transaction security from the point of swipe all the way to authorization. All of our EMV capable devices support P2P encryption as well.

 

PCI validated point-to-point encryption (P2PE)

Vantiv Integrated Payments offers the only validated P2PE solution, the strongest protection per PCI SSC for a merchant’s business, that supports Verifone. By leveraging Vantiv’s PCI-validated P2PE solution and our PCI PTS SRED certified hardware, payment applications are removed from PA-DSS compliance and merchants can qualify for reduced PCI-DSS scope. Other encryption products are available, but only Vantiv offers VeriFone PCI PTS certified hardware. Our P2PE certified devices are more secure because the solution is designed to deter tampering from ordering to processing. If malicious activity is detected, the device is disabled, preventing a breach at the point of entry.

 

 

 


[1] https://www.accenture.com/us-en/insight-retail-holiday-shopping-survey

[2] http://corp.crowdtap.com/retail2016

[3] https://bostonretailpartners.com/2016-brp-special-report-social-media/

[4] http://www.businessinsider.com/ecommerce-payment-technologies-overview-trends-2016-10?IR=T

Security and risk professionals are continuously hit with the tsunami of new vulnerabilities, and there aren’t any signs of breach activity slowing down. According to the Verizon 2015 Data Breach Investigations Report, nearly 43 million security incidents occurred in 2014.[1] And it’s no surprise that the vast majority of these breaches occurred against small to mid-sized companies.

 

A variety of tools are available to boost your point of sale credit card security. Consider the following steps:

  • Upgrade credit card POS swipers to accept EMV chip cards.
  • Upgrade all point of entry hardware to use point-to-point (P2P) encryption.
  • Consider tokenization technology to encrypt credit card information.
  • Consider partnering with a processer that offers bundled PCI compliance assistance programs, such as Vantiv's OmniShield Assure, to safely accept payments and dramatically reduce your fraud liability.

 

A smart card is a smart choice

The dramatic increase in counterfeit card fraud was what originally motivated the global payments industry to move to chip technology (smart cards). Contrary to magnetic stripe cards, EMV chip cards are designed to store sensitive data (such as PINs or keys) securely, and have the ability to manage risk and perform cryptographic computations dynamically. One of the key elements of EMV is the ability to authenticate a card to be sure that it is not a clone or counterfeit of the original card. As a result, any data that is stolen is significantly devalued and cannot be used to create counterfeit magnetic stripe cards.

 

Vantiv offers a set of integration methods and services that help developers extend their payment application to support EMV chip card acceptance. Developers can choose the integration approach that best fits their requirements based on the type of business, target markets, security requirements, and preferred form factor (Cloud, PC or mobile).

 

Stop theft at the door

In a P2P encryption solution, the cardholder data is encrypted at the point of entry and decrypted only at the intended recipient end. Vantiv’s P2P encryption solution helps protect data in transit by encrypting and transmitting cardholder data securely over any network. By leveraging Vantiv’s PCI-validated P2PE solution and our PCI PTS SRED certified hardware, payment applications are removed from PA-DSS compliance and merchants can qualify for reduced PCI-DSS scope

 

Although P2PE isn't the only tool that helps protect sensitive payment data from theft, many experts rank it highly. When polled about security strategies, financial executives believe P2PE will have the highest impact on data security and reducing fraud.

 

Rest easy knowing card data is safe

The use of tokenization in payments is to remove account data from the merchant’s card data environment and replace it with something that is useless outside of the environment in which the token was created. Tokenization can reduce the scope of your systems that fall under PCI DSS compliance requirements, thereby reducing the costs and man hours associated with the validation process. With Vantiv’s tokenization solution, customers can confidently focus on growing their business, while knowing that sensitive cardholder data is protected.

 

Shield your merchants from the elements

When developers bundle their POS application with Vantiv’s EMV acceptance, P2P encryption and tokenization solutions, merchants also gain access to PCI Assist and Breach Assist to help protect against the constant vulnerability threats data breaches present. OmniShield Assure delivers the tools merchants need to comply with new card network regulations, as well as protection from the four major threat factors facing their business: card data security; fraud protection; PCI compliance; and risk, including data breaches.

 

Major breaches do happen and have been costly for several organizations. Merchants are responsible for their own security in the PCI DSS ecosystem. It can be complex, and many merchants do not fully understand the inner workings of the standard, how it applies to them, and how to ensure their technology partners are properly securing their data.

 

As a POS developer for applications that accept payment cards, you must be prepared for a breach to occur and partnering with Vantiv can help reduce the responsibility for handling card data securely. There is no silver bullet to stopping data breaches, but by taking a comprehensive approach to credit card security you can significantly reduce your and your merchants’ vulnerability to internal and external threats.

 

 

 

 


[1] Verizon 2014 PCI Compliance Report,” Verizon, http://www.verizonenterprise.com/resources/reports/rp_pci-report-2014-executive-summary_en_xg.pdf

Payments security is a common topic in the news these days.  From the migration to EMV chip card technology to reports of high profile data breaches, security concerns dominate much of the conversation about payments. What is most concerning is the misinformation that can confuse and overwhelm small business owners.  I want to take the opportunity to clarify some of the terms so payments solution developers can evaluate their options and take action.  Let’s start by reviewing the following:

 

  • EMV chip card – The first important thing to understand is that EMV does not protect businesses from data compromises.  Instead, chip cards are designed to help stop card-present-counterfeit  fraud.  When a merchant adopts EMV technology, they are helping to protect their business against the potential fraud liability of accepting a counterfeit card to complete a transaction– not preventing card data from being compromised.

 

  • Network security –  To prevent a breach that compromises sensitive card data, merchants and solution providers need to enable strong network security.  This includes firewalls as well as segmenting communication networks that transmit sensitive information that hackers want to access. It is also critical to run continuous scans of these networks to detect and patch vulnerabilities.

 

  • Data security – Unfortunately, even the best network security measures may still get hacked. If it can happen to the U.S. government, it could happen to anyone.  Implementing data security will help make the data stolen worthless.  We typically address this issue with two technologies: encryption to help protect data in flight, and tokenization to help protect data at rest. We have seen more and more POS solutions coming to market that enable EMV with encryption and tokenization. This is a great strategy for a small merchant looking to invest in a POS technology upgrade.

 

  • Physical security – This item often goes overlooked, but it is a critical component. Businesses need to make sure that physical access to the POS is limited and secure.  Merchants can do simple things to help improve their physical store security, like not writing down card numbers and other customer information.

 

If any of this seems very complex, it’s because it can be.  It is very important that merchants make the decision to either create an internal discipline around security, or find a trusted technology partner to handle security on their behalf.  This is the first step in protecting their business from the financial and reputational damage that security vulnerabilities can cause.

 

As a solution provider that enables payments it is paramount to offer some type of security solution to your customers.  Security can be positioned as a differentiator for your business by how easy the solutions can be implemented and used, and by making sure that the solution does not impact other critical business functions like reporting, reconciliation, and analytics.

 

To learn about the payment security solutions Vantiv offers that you can leverage for your solution, contact us.

Every month, Vantiv and PYMNTS.com team up to deliver the latest news in the developer space. Here's an overview of the Developer TrackerTM published in December 2016.

 

Paying rent with personal checks made sense not too long ago, before new payment methods started to change consumer expectations. But these days many renters, especially younger ones typically in the market for apartment rentals, want and expect more options.

 

A survey from the Federal Reserve reported that the number of checks in circulation declined by more than 50 percent from 2000 to 2012 as card payments and new payment methods more than tripled. Despite that, according to the same research from the Fed, checks still reign supreme when it comes to paying rent. But new players, like mobile rent-paying app YapStone, want to change the playing field.

 

The company is looking to answer renters’ requests for another way to pay by offering the most ubiquitous solution possible — one that accepts a wide range of payment types, according to Bruce Dragt, YapStone’s senior vice president of product. December’s Developer Tracker features an interview with Dragt discussing the payment platform and what he sees as a rent revolution.

 

Checks have been around for a long time, but they can be expensive and time-consuming for property management companies to process. Dragt explains that YapStone is looking to replace checks with more modern forms of payments such as credit/debit cards and mobile wallets. The company’s solution accepts not just modern methods like card and mobile payments, but also ACH Payment processing, international payments and other acceptance methods. Renters with roommates can also share or split payments across multiple accounts.

 

“We provide as many mechanisms as possible for renters to pay their rent so that it can be as simple and easy as possible for everyone to use the solution to make a payment,” Dragt says. “We also provide integration, backing and tools for the property management companies, so they can update their records and keep track of who has and has not paid.”

 

But the solution is not just designed for making payments on a full-time home. YapStone can be used to facilitate short-term rentals, such as a week at a beach house or a cottage on the slopes. The company has even powered payment processing for HomeAway, a popular vacation rental app and website, for over 10 years.

 

Most recently, the company announced a new integration and collaboration with Vantiv that will allow YapStone to offer single-touch payment acceptance for Apple Pay, Apple’s mobile wallet. Dragt said that the partnership was part of the company’s effort to add integrations for new payment methods as they become more widely used.

 

“The ability to add new payment methods to our platform is really important,” Dragt explains. “The operating model that we use to support all these different payment ecosystems and to add new payment types is to make it very simple and seamless for our end client. So we want to make it available to the consumer as quickly as possible without disrupting the core operating environment for property managers.”

 

Given the changing state of rental payments, perhaps it won’t be too long before checks are given a permanent eviction notice.

 

Here’s a snapshot of other notable developer-focused news items:

  • According to a report from Pew Charitable Trusts, mobile payments awareness reached all-time highs in the US. More than 40 percent of respondents said they were familiar with four different mobile payment capabilities. Despite this awareness, no more than 32 percent of consumers had performed any mobile payments action.
  • Apple recently announced it will partner with the Blackhawk Network to integrate gift and loyalty cards into its mobile payment system. Blackhawk will allow Apple Pay users to make payments using prepaid gift cards and to earn and use rewards/loyalty points from participating merchants.
  • Google recently launched its Android Pay mobile wallet in Ireland. The nation has been a fairly early adopter of mobile payments, with half of consumers using contactless payments, including 1.9 million customers a week.
  • Amazon unveiled its new grocery store design, Amazon Go. The store allows customers to enter the store using a paired smartphone app, pick up their items and exit the store without waiting in line or visiting a cashier. The app works with a variety of sensors to detect what shoppers have selected and charges their Amazon accounts for the items they take home.

Download the report

It seems that every time we turn around, there is more news about digital wallets and their potential impact on payments. Whether you’re a merchant or an application developer, with so many players, and new developments coming at a furious pace, the digital wallet landscape is become confusing indeed. If your organization is like most, you have limited resources, so choosing the right wallet strategy is important. For most, the technology promises to improve customer convenience, conversions, loyalty, revenue and profitability. For readers unfamiliar with digital wallets, hopefully this short article will serve as a helpful primer.

 

GettyImages-473330616.jpgDefining the term digital wallet seems like a good place to start. Definitions vary, but digital wallets are usually viewed as a way of storing or referencing payment credentials on an electronic device, such that the device can be used to make a payment.  Most wallets allow you to place credit cards, debit cards or other payment sources into a virtual wallet, and use that wallet to make purchases on-line, in mobile applications (in-app), or in the store depending on the wallet and how and whether merchants support it.

 

Beyond these basic capabilities, wallet features can vary widely:

 

  • Types of payments supported: in-store, in-app, mobile web, traditional eCommerce
  • Technologies used: NFC (tap), MST, QR codes, barcodes
  • Payment methods allowed: debit, credit, alternative payment types
  • Specialty cards: pre-paid, gift cards, loyalty cards
  • Device compatibility: phone, tablet, OS, web browser, other devices
  • Vendor or wallet specific value-added features: e-coupons, shopping lists, pay ahead

 

With so many potential points of comparison, and hundreds of wallets on the market, it can be difficult to compare wallets directly. It's possible to group wallets into some broad categories however, and one way of doing this is to look at the types of organizations providing the wallets and their business motivations.  While there are exceptions to any rule, most wallets fall into one of these categories:

 

  • Mobile wallets (from mobile device manufacturers) - Wallets provided by device manufacturers are meant to provide convenience, and bias a consumer to a manufacturer’s phone, tablet or other device as well as the software, service and partner ecosystems that surround them. These types of wallets are generally agnostic as to the underlying method of payment. Examples are Apple Pay, Android Pay and Samsung Pay. Most support in-store payments (using NFC or QR codes) as well as in-app payments. Mobile wallet providers are busily adding support for one-touch payments for participating eCommerce merchants, to simplify the payment process on mobile websites and compete with other wallet providers like PayPal and Amazon Pay traditionally focused in this area. There is some blurring of the lines between the terms mobile wallet and digital wallet, but mobile wallets are usually understood to be wallets provided by a mobile device provider.
  • Issuing banks – While most banks will support one or more of the mobile wallets described above, some banks also provide their own wallets for the convenience of their banking customers. These wallets typically provide capabilities that bias users in some fashion toward payment methods and services friendly to the bank – either by restricting the payment cards supported, by providing incentives to use bank-issued credit or debit cards, or by providing access to additional bank services in a convenient, consolidated app. Examples of wallets in this category are Chase Pay and CapitalOne. These wallets can generally be used at selected retail locations, and some (like Chase Pay) provide support for on-line purchases as well.
  • Credit card companies – The card brands play a key enabling role for other wallets, but they also offer their own wallets. Not surprisingly, card brands want to make it easier for consumers and merchants to use their payment cards regardless of the issuing bank, so wallets provided by these organizations reflect a bias to their own payment cards while being device, bank, payment processor and retailer agnostic. Examples of wallets in this category are Masterpass, Visa Checkout and AMEX Express Checkout. Credit card companies are working to make it easier for retailers to integrate eCommerce web stores and mobile apps with their respective wallets to help them capture a larger share of commerce. While most of the action is around on-line purchases today, the card brands clearly have their eyes on wallet-enabled in-store payments as well.
  • Merchant provided wallets – Large merchants sometimes provide their own wallets. Merchants want to promote loyalty to their own-brand, cross-sell and up-sell products and services, and avoid intermediaries in the payment processing chain that might erode revenue and margin. Wallets provided by merchants are typically agnostic of the device used for payment and are intended to bias consumers toward doing more business with that specific merchant by providing a variety of convenience features and incentives. Examples are wallets like Walmart Pay and the Starbucks app. Another large retailer, Amazon.COM with their Amazon Pay wallet has gone a slightly different direction allowing their wallet technology developed for their own on-line store to be used by other merchants as well, essentially competing with not only other retailers, but with other payment providers also. Other retailers not offering their own wallets are leveraging third party mobile wallets and incorporating these into their own apps and mobile websites.
  • Alternative Payment Providers – Some payment providers also provide their own wallets. Providers like PayPal and AliPay are well established in eCommerce payments, and store payment credentials for millions of users. Not surprisingly, they’re aiming to leverage their large base of existing users to gain further market share in mobile web and in-app transactions, and are providing features that compete with banks like peer to peer payments. Some of these providers are seeking to gain a foothold in in-store / card present payments as well. Other alternative payment players like Coinbase provide wallets focused on storing and facilitating payments using digital currencies like bitcoin and ethereum enabling both consumers and merchants and facilitating both consumer to business and peer to peer transfers. Social platform providers (like China's WeChat) are squarely in the game, augmenting their capabilities with wallets for peer-to-peer, on-line and in-store payments, helping solidify their position as a hub for on-line activity.
  • Specialty / Independent Providers – In addition to the wallet categories above, there are additional digital wallets types more focused or specialized capabilities. For our purposes we’ve lumped a few different types of wallets together in the interests of brevity. Some wallet providers focus specifically on the challenge of collecting, storing and managing the redemption of gift cards, loyalty cards and coupons. Managing these cards and ensuring that balances are fully spent is a challenge understood by all of us who have received gift cards or other program incentives. Examples are providers like Gyft (acquired by First Data), CardStar and Keyring. Other providers like eWallet take a different approach, focusing less on the challenge of payments, and more on the challenge of organizing credentials of all types (payment cards, web-site / social-media logins, insurance cards, passports) into a secure cloud-based service accessible from multiple devices. Providers in this category address another twenty-first century challenge, familiar to all of us with multiple cards and dozens or even hundreds of login accounts for various websites and on-line services. Other providers like LevelUp focus in important niche areas like quick-serve restaurants allowing consumers to order ahead and skip the line by paying on their phone. The Chinese market is likely the model where the use of digital wallets is widespread. According to Inside Retail Asia, 76.1% of respondents to a survey of smartphone users in China indicate that they have made a purchase from their smartphone.

 

For years, pundits have been claiming that “this will be the year of the digital wallet”.  Despite a fragmented market, and relatively slow market adoption (at least in North America) the growth trajectory appears clear. Major technology providers and retailers now have well-articulated strategies, and are moving quickly to roll out the technology and promote it. While McKinsey estimates put mobile payments at less than two percent of consumer spending in the US in 2015, their analysis suggests that this will grow to 9% by 2020 (a 350% increase) with the majority of these payments involving stored credentials. Importantly, some industries will see much higher penetration for mobile payments and wallets.

 

As competition heats up, and consumers demand convenient payment options, especially from mobile devices, the use of digital wallets is expected to grow dramatically. If you’re not already thinking about how to serve your customer with more convenient payment options, chances are good that your competitor is.

 

For Vantiv customers and partners interested in embracing digital wallets as part of their payment acceptance strategy, 2017 is shaping up to be an exciting year. Vantiv is busily rolling out additional technical resources for developers of wallet-enabled payment applications across Vantiv’s payment platforms. Join the Vantiv O.N.E. community, and follow our Mobile & Digital Wallets sub-community to stay abreast of new developments.

 

Do you have thoughts on mobile wallets? I’d welcome your thoughts and perspectives!

 

The table below provides a brief summary and comparison of some of the mobile and digital wallets mentioned in this article as well as links to more on-line resources.

 

WalletTypeIn-storeeComm / In-appCredit / DebitLoyalty / GiftPeer-to-peerDevices
Apple PayMobile walletYes (NFC)YesBothYesNoApple
Android PayMobile walletYes (NFC)Yes - In-app, mobile web announcedBothYesGoogle walletAndroid
Samsung PayMobile walletYes (NFC,MST)Yes - In-app, mobile web announcedBothYesNoGalaxy, Gear S3
PayPalPayment providerselect POS solutionsYesBothYesYesApple, Android, Web
MasterPassCredit cardannounced (HCE)YesBothYesMastercard SendApple, Android, Web
Visa CheckoutCredit cardNoYesBothNoVisa directApple, Android, Web
Walmart PayMerchantYes (QR code)NoBothWalmart onlyNoApple, Android
Amazon PayMerchant / Payment ProviderNoYesBothat Amazon store onlyNoWeb only
LevelUpSpecialtyYes (QR code)Yes (in-app)BothMerchant branded, whitelabelNoApple, Android
GyftSpecialtyYes (barcode)Gift cards onlyGift card purchases onlyYesNoApple, Android
KeyringSpecialtyYes (barcode, ecoupons)Coupons + loyalty onlyNoYesNoApple, Android
AlipayPayment ProviderYes (QR code, barcode)YesBothBothYesApple, Android, Web
WeChat walletPayment Provider / Social Platformes (QR code, barcode)YesBothBothYesApple, Android, Web
Capital OneBankYesNoCapital One onlyNoYesApple, Android
Chase PayBankYes (QR code)YesChase onlyChase offersYesApple, Android
CoinbaseSpecialityNoYesBitcoin onlyNoYesApple, Android, Web
eWalletSpecialityNoNoStorage onlyStorage onlyNoApple, Android, Web, Windows, Mac OS X
Amex Express CheckoutCredit cardLimitedYesAmex onlyNoNoApple, Android, Web

Every month, Vantiv and PYMNTS.com team up to deliver the latest news in developer spaces. Here’s the overview of the Developer Tracker published in November 2016.

 

Small business accelerators are becoming crucial drivers of the US economy. Estimates suggest that 700 accelerators are now operating across the country and the need for accelerators continues to grow. Why are they becoming so popular? Because startups often need the resources – such as capital, equipment, and expertise – that these organization provide to stay afloat in a competitive marketplace. November’s Developer Tracker features an interview with Joe Munk, program manager at the Portland State University Startup Accelerator in Oregon to discuss accelerators, the benefits they offer, and his predictions for the future.

 

“We only have one lab, so there are always at least four or five companies working down there, kind of overlapping,” Munk says. “In fact, I think that the real benefit of being part of an accelerator is just the fact that you can bounce ideas off your neighbors or successful companies we work with in the space.” He says that the opportunities for collaboration and learning that accelerators offer are among their key benefits.

 

At Portland State’s accelerator, and at many similar organizations around the country, firms have access to a host of resources they might not otherwise. Munk explains that he and his team provide companies with rapid prototyping facilities that include high-priced technology like 3D printers and laser cutters. This allows startups to use state-of-the-art technology without huge expenditures and keep pace with larger, better funded competitors.

 

Startups in the accelerator can also meet with CEOs and investment firms to learn what made them successful, ask for advice, and possibly secure investments. “Accelerators provide a lot of mentoring,” Munk says. “We bring in experts on various topics and do office hours, where they can sit in an office with our companies and answer their questions. We also give them access to capital by facilitating connections to venture capital funds and local angel investors.”

 

While Munk emphasizes the practical knowledge that can be gained from meeting with investors and successful companies, he notes that the biggest resource that the 30-plus businesses and 200 employees have at the accelerator is access to one another. He predicts that the influence of accelerators will continue to grow as software and other technology become even more important parts of the economy. “It’s starting to come to the forefront,” he says. “I’m excited to see where it goes.”

 

Here’s a snapshot of other notable developer-focused news items:

 

  • Mobile payments are a “daily activity” for many Chinese consumers, according to new research from Strategy Analytics. Seventy-five percent of mobile payment users report that they spend via a mobile wallet every day.
  • Meterfeeder recently debuted a new app that allows drivers to pay parking meters via their smartphones. The app can also be paired with other components, including a ticket printer, to allow parking officers to enforce limits and fines.
  • Electronics manufacturer LG and Paymentwall recently partnered to bring payments to the company’s line of smart TV apps. The move, which will allow smart TV app developers to accept payments directly from the television, is designed to help developers monetize their products and sell to a wider audience.
  • Online lending startup Affirm recently raised $100 million in debt from financial services provider Morgan Stanley. The startup, founded by PayPal cofounder Max Levchin, recently tripled the number of loans it issued in the past year and now holds hundreds of millions of dollars’ worth of loans.

 

Download the report