Forecast: $125 billion in mobile/online transactions by 2018

Juniper global forecast: $125 billion in mobile/online transactions by 2018

Hampshire, U.K., Aug. 24, 2015 – New data from Juniper Research has revealed that the number of annual purchases made via mobiles, tablets, desktops and other connected devices should reach 125 billion annually by 2018, up by more than 60% on this year’s total.

The research, argued that medium term growth would be driven by a variety of factors including a rise in “commuter commerce” (on-the-go purchases) which would itself be fuelled by greater deployments of Wi-Fi and 4G connectivity on public transport. It also observed that digital transaction volumes would be further bolstered with the continued transition from physical formats (such as DVDs and CD-ROMs) to digital, and the rise in streamed subscription services.

China Overtakes US in eRetail Sales

Meanwhile, the new research — ‘Mobile & Online Purchases: Cards, Carrier Billing & Third Party Payment Platforms 2015-2020’ — highlighted the dramatic surge in Chinese eRetail, with Alibaba attracting more than 330 million buyers during 2014. It observed that with nearly $450 billion in eRetail sales during 2014, China had comfortably surpassed the US ($296 billion) to become the largest single market, with Japan, the UK and France completing the top 5.

Data Breaches Damage Consumer Confidence

However, the research cautioned that several high profile data breaches at retailers had resulted in significant consumer unease. As research author Dr Windsor Holden observed, “At worst, data breaches can lead to significant customer churn, together with possible remuneration requirements. Consumers need to be reassured that their vital information is not being compromised or shared.”

Other findings from the research include:

  • Retailers need to deliver a consistency of message, branding and shopping experience across all channels.
  • Retailers should also ensure that they scale up the resources on offer at peak periods (eg Black Friday or when promotions are being offered), to cope with the likelihood of additional pressures on online customer support.

The whitepaper, ‘Buying Into Online Shopping,’ is available to download from the Juniper website together with further details of the full research and the attendant Interactive Forecast Excel (IFxl).

Juniper Research provides research and analytical services to the global hi-tech communications sector, providing consultancy, analyst reports and industry commentary.

Source: Company press release.


apply merchant account service

What Is Apple Pay?

What Is Apple Pay? –

In the Card-Present environment, Apple Pay uses a NFC transmitter in either the iPhone 6, 6 Plus or Apple Watch to transmit secure transaction data from the user’s iPhone to a compatible contactless receiver in a merchant’s store. No real credit card data is transmitted, only a one-time token that is useless if stolen. The customer simply picks a card, taps the phone next to the terminal, and the transaction is completed.


How Do Merchants Accept Apple Pay? –

Merchants need a NFC receiver that is certified for Apple Pay and will need to be on the MSL First Data platform for now – other platforms will undoubtedly be added. Most of the recently-deployed terminals are already compatible with EMV and contactless payment methods (mostly NFC and Apple Pay), which means they only need a receiver to accept Apple Pay. There are a number of receivers that will be made available soon, and they will allow both new merchants and existing merchants to accept PIN Debit, EMV cards, and NFC/Apple Pay. These devices are intended to be backwards compatible with many existing terminals. Apple Pay is also 100% compatible with the CLOVER station using an upgraded FD-40 PIN Pad (available soon).


When Can Your Merchants Accept Apple Pay? –

Apple is scheduled to release final specs on 18th October, 2014. These specs will then need to be certified on the PIN/EMV/NFC devices and then we can start shipping. No merchants anywhere will be able to accept Apple Pay transactions until at least after 18th October. We are unsure exactly when the rollout will occur, but will keep you posted as news develops.

51 UPS Stores Credit Card Data Hacked

UPS Store hacked, possibly compromising user data

​The shipping store discovered malware in the computer systems of 51 US stores in 24 states. Customer credit and debit card information may have been leaked.

The UPS Store is the latest retail chain to be targeted in a data breach leading to the theft of customers’ credit card information.

The shipping and business services store announced Wednesday that 51 US stores in 24 states had been hacked via a malware intrusion on the store’s computer systems. The breach affected about 1 percent of all UPS Stores.

The company has determined that customers who used a credit or debit card at these stores between January 20, 2014, and August 11, 2014, could have been exposed to the breach. Private customer information that may have been leaked includes names, postal addresses, email addresses, and credit and debit card data.

The company became aware of the breach after the US government notified the chain it had discovered a “broad-based malware intrusion” in its system. The UPS Store hired an IT security firm to investigate further. This firm then located the malware in the 51 stores’ systems.

The hack into The UPS Store comes amid an apparent uptick in security breaches at retail locations. Retail giant Target revealed in December that hackers obtained credit card data for more than 110 million customers who shopped in its stores late last year. And, over the past few months, arts and crafts retail chain Michaels Stores, department store Neiman Marcus, and restaurant chain P.F. Chang’s revealed they were victims of security breaches aimed at stealing customer’s credit card information.

The UPS Store said it eliminated the malware as of August 11 and has notified potentially affected customers of the breach. The company is offering identity protection and credit monitoring services to those customers.

Consumer spending growth hit an 11-month high

Consumer spending growth hit an 11-month high in July as consumers traveled on summer vacations, according to First Data’s SpendTrend, a monthly analysis of the previous month’s consumer spending activity across the payment processing firm’s channels.

The report issued Tuesday compared the period July 1-July 31, 2014, to July 2 –August 2, 2013.

The payments processor reported spending in hotel and travel rose by 7.9% and 4.6%, respectively. In addition, spending grew at food and beverage stores by 5.3%, and food service and drinking places grew by 4.4%, the report said.

First Data also reported overall retail spending growth was at its strongest levels in a year as nearly all retail categories turned in improved numbers. Led by categories such as building material/garden equipment and furniture/home furnishings,  the growth suggests the impact of fewer foreclosures and increased construction. Still, consumers remained hesitant to make big ticket and non-essential purchase, First Data said.

“It is also notable that both credit spending growth, which was 6.2% in July, and credit transaction growth, at 7.5% this month, were up significantly over June growth results,” said Krish Mantripragada, SVP for information and analytics solutions at Atlanta-based First Data.

“That growth was driven by the categories we’ve detailed in this report, where credit is the preferred method of payment. Consumers are once again motivated to travel, while those who opted for ‘staycations’ increased spending in home-related categories. Looking ahead, we anticipate August’s back-to-school sales and state tax-free holidays should spur spending growth in related categories, Mantripragada said in the company’s announcement.

All payment channels except for checks saw growth this past July over the same period in 2013, First Data said. Credit card dollar volume rose 6.2%, signature debit transaction volume rose 0.4%, PIN debit transaction volume rose 3.9%, and prepaid card volume rose by 3.3%.  Check dollar volume dropped by 5.7%.

Chargebacks – Friendly Fraud

Chargebacks are when a credit card processing company takes money back from a merchant to refund a consumer. It’s intended for disputes with a merchant when, for instance, a product never showed up, or arrived damaged, was unsatisfactory, or if the transaction was fraudulent.

Though this was never intended to be a default way for consumers to resolve issues with merchants, 98% of consumers who had filed for chargebacks from January through March this year did so without ever even contacting the merchant first, according to a survey by eConsumer Services, a company that acts as a middleman to help customers and merchants resolve disputes.

The reason is simple: Calling a merchant can be annoying. Between dialing, punching different keypad numbers to get to the appropriate department and waiting on hold, it can feel like forever before one reaches a human who can actually help. But requesting a chargeback is simple — and in some cases can be done with just a few clicks. Still, experts say contacting the merchant is the first step to solving a billing problem, and consumers might benefit in the long run by resolving disputes directly.

Merchants hate chargebacks. They pay $2.79 for each dollar incurred in fraud losses, according to a 2013 LexisNexis report. In many cases, merchants would rather solve a customer’s problem and avoid chargeback-related fees from banks, which could run up to $100. That makes them more likely to yield to customers’ wishes.

And while chargebacks were designed to be a means for consumers to fight back against fraudulent transactions, they also produced another result. “It created a new problem. It presented these banks and consumers with the option to get an alternative refund method,” says Monica Eaton-Cardone, chief operating officer of eConsumer Services.

Friendly fraud — a phrase used to describe cases where consumers report legitimate charges as unauthorized — has accounted for about 20% of merchants’ fraud losses for the last four years, according to the LexisNexis report.

About half of chargebacks go unfought by merchants, according to a 2013 report by the anti-fraud payment technology company SecureBuy. “It’s gotten so bad that some merchants simply refund the customer without challenge, in order to avoid, at any cost, excessive chargebacks that could put their ability to process at risk,” the report says.

Financial institutions have 10 business days to complete an investigation, under the federal Electronic Fund Transfer Act. For consumers who are considering filing a chargeback, experts say there are some guidelines to bear in mind.

Contact the merchant first

Merchants feel the sting each time customers ask for chargebacks, so they’re likely to work with customers who communicate directly. A Wells Fargo spokeswoman said it could take up to two billing cycles to investigate a claim and the bank sometimes asks for relevant paperwork, like proof of an attempt to resolve the issue with the merchant.

Keep a paper trail

Save receipts, letters or emails to the merchant, recordings of phone calls to customer service and any other related documentation. Get proof of returns. Paperwork also means you don’t have to worry about forgetting dates. (Also see: What consumers can learn from Donald Sterling’s ex)

Get a second opinion

Some financial institutions, like Wells Fargo, recommend consumers get a third party expert’s opinion if a dispute revolves around the quality of an item or service. That will bolster your claim that the merchant didn’t meet expectations.

Don’t lie

The chargeback was designed as a protection for consumers in the event of fraud. Beyond the potential moral implications of lying for a refund, experts say crying wolf can make companies leery of your claims, making it tougher to get your money back when you eventually face a real problem. Or worse, a card issuer could close your account if they catch you making false claims for chargebacks, says Greg McBride, a senior financial analyst for “It does raise a red flag that not too many people have that bad of luck.”

Get a Free Quote For

Credit Card Processing:

Despite Fraud, Credit Card Use NOT Slowing Down

Greenbacks may have been around for hundreds of years in this country but it’s plastic currency that handles most purchases these days.

More than a billion credit cards are reportedly now in circulation in the United States. Credit card offers arrive in the mail on a daily basis for many Americans.

Sixty-seven percent of all clothing sales, 64 percent of gas transactions and 62 percent of travel expenses are put on a credit card these days, according to

There are a lot of significant dates to review in the evolution of the U.S. credit card such as 1946, when Brooklyn banker John Biggins introduced the “Charg-It” bank card, or 1950, when Diners Club got started. There was also 1958 when the Bank of America sent out the first mass mailing (in Fresno, Calif.) of a credit card called BankAmericard.

But 1959 might have been the most important year of all. That’s when MasterCard introduced the idea of a revolving balance, allowing customers to hold off paying their bills — and accumulate finance charges.

Today, credit card companies make up an industry all of their own. The names are well-known: American Express, Capital One, Discover, MasterCard and Visa.

Also well-known are the problems associated with credit card usage — and not just about making payments on time.

Recent massive data breaches at stores like Target and Neiman Marcus have made headlines, possibly compromising millions of debit and credit cards.

But Americans remain attached to their plastic. Visa, the world’s largest processor of debit and credit card payments, announced that first-quarter earnings were up 9 percent in January.

That’s despite a lackluster holiday shopping season with U.S. retail sales rising only 0.2 percent in December, according to the Commerce Department.

Visa reported processing 16 billion transactions during the last three months of 2013, up 13 percent from a year earlier.

Consumers need to do some research on the different types of credit cards available, said Mary Conrady, vice president of consumer lending at the CEFCU credit union.

“You need to see what you can afford. Credit cards are a nice tool for short-term purchases but not to live on,” she said.

Be aware that even zero-interest credit cards come with a condition, said Conrady. “If the customer doesn’t pay their bill in time, the credit card company can add all that interest,” she said.

It’s wise to check the credit card statement every month — and not just for a big charge that might jump out at you, added Conrady. If you see a $9.84 charge on your credit card statement, for example, give it a hard look, she said.

Get a Free Quote For

Credit Card Processing:

Best Internet Credit Card Processing Companies

Electronic Transfer, Inc. named Best Internet Credit Card Processing Company

Ten Best Internet Credit Card Processing Companies Named by for June 2013
The independent authority on credit card processing,, has announced the ten best online merchant services for June 2013.

The independent authority on credit card processing,, has released their list of the ten best online credit card processors in the payment processing industry for the month of June 2013. Each month evaluates and ranks the best merchant services offering an online credit card processing service which aims to allow businesses to accept credit card and debit card payments over the Internet. While thousands of merchant services are evaluated each month only the ten best providing an online merchant service are included in the rankings.

The Ten Best Internet Credit Card Processing Companies for June 2013 are:

1) National Bankcard

2) Advanced Merchant Group

3) Electronic Transfer

4) Leap Payments

5) Merchant Warehouse


7) Credit Card Processing Specialists


9) Merchants Bancard, Inc. (MBN)

10) PayPal

The process for evaluating online payment processors involves the use of a set of evaluation criteria to benchmark and compare processors, connecting with client references to validate claims made by the agencies, and performing industry and market analysis in order to identify the latest trends and developments within the payment processing industry. The results of the meticulous evaluation process are used in order to generate the rankings at the start of each month which highlights the ten best services for processing payments online.


The independent authority on Internet credit card processing,, is a research firm dedicating to identifying and ranking the best online credit card processors in the United States. These merchant services are able to provide national services with flexible payment terms and service offerings for businesses of all shapes and sizes.

Get a Free Quote For

Credit Card Processing:

Credit Card Processing Bankcard 101


The earliest form of the bankcard was “Charg-It”, a system of credit developed by John Biggins in 1946 which allowed customers to charge their local retail purchases.  The merchant then deposited the charges at Biggins’ bank, and the bank reimbursed the Bankcard 101merchant for the sale and collected payment from the customer.   This system helped introduce the first bank credit card, which was circulated by Franklin National Bank in Long Island, New York in 1951.   Once an application was submitted for credit worthiness a card was  issued. Merchants copied information from the card onto a sales slip and called for an approval for each transaction over a specified limit. The bank would then credit the merchants account for the sale minus a discount to cover the cost for providing the loan.

By 1959, many financial institutions had begun credit programs. Simultaneously card issuers were offering the added services of revolving credit. This gave the cardholder the choice to either pay off their balance or maintain a balance and pay a finance charge.

In 1960, Bank of America, introduced its own bankcard, called BankAmericard, and began licensing regional financial institutions to act as the BankAmericard bank for their region. BankAmericard is now what we know currently as Visa.

Other banks began looking for other ways to compete, in 1966, 14 banks formed Interbank, a new association with the ability to exchange information on credit card transactions.

The following year, four California banks opened its memberships to other financial institutions in the Western U.S. (Western States Bankcard Association). The product was known as MasterCharge. They have purchased the right to use this name from First National Bank of Louisville (currently known as National City Bank of Kentucky).

The WSBA licensed Interbank to use the MasterCharge name and Logo. In the late 1960’s, numerous financial institutions became MasterCharge members to compete with BankAmericard.

The Players

MasterCard and Visa are worldwide payment service organizations composed of Member institutions.

They do not:

  • Issue credit cards
  • Create policies for solicitation of new cardholders or merchants
  • Establish criteria for evaluating applicants
  • Set credit limits offered to cardholders
  • Determine procedures for billing customers

MasterCard and Visa are managers of their respective brand. As such, they:

  • Create advertising and promotion programs to support their brand
  • Develop new products
  • Conduct clearing and settlement processing of transactions(Interchange)
  • Set and enforce rules and regulations governing their bankcards, such as operational procedures, interchange procedures, and graphic design approval of their cards.

Upon becoming a member of MC/Visa, a bank is licensed to issue cards to its members. These banks are also required to provide cash advances on MC/Visa cards at their teller windows. As a Member, banks are issued a Bank Identification Number(BIN) and pay membership dues and assessments to fund Card Associations.

The Acquirer

The acquirer is a member of MasterCard and Visa, and is contracted with merchants to accept merchant sales drafts, provide authorization terminals, instructions, and support, and handle the processing of credit card transactions. The key responsibilities of the acquirer are:

  • Sales
  • Investigation Procedures
  • Pricing
  • Merchant Acceptance
  • Support Services
  • Risk Management

The acquirer usually charges a fee or “discount rate” for handling the transactions. The acquirer is licensed by MC/Visa and agrees to follow the association rules and regulations.

Some financial institutions are both issuers and acquirers. MC/Visa both require that the merchant be financially responsible and of good repute. The merchant has a written agreement with the acquirer to accept the bankcards as payment and to abide by the terms of the agreement.

The Issuer

The issuer is responsible for the cardholder account program which encompasses nearly all aspects of cardholder account activities ranging from acquiring new customers to billing current ones. The Issuer’s responsibilities include:

  • Acquisition and marketing of new accounts
  • Processing application; establishing credit credit limits and policies
  • Overseeing design, manufacturing, and embossing of inventory cards
  • Handling of issuing and reissuing of cards
  • Overseeing PIN Numbers
  • Maintaining authorization file
  • Providing customer service
  • Processing payments and handling settlement and income Interchange
  • Establishing collections operations.

Managing a credit card program is expensive. Smaller banks can issue cards without becoming an issuing member by being an agent. The issuer usually keeps most of the income from the cardholder account: the agent receives a small compensation for providing the application. This allows small banks to retain customers who want a credit card program.

Components of Bankcard Fees

  • Interchange
  • Assessments
  • Authorization Fees
  • Processing Fees
  • Processor Optional Fees
  • Chargeback and Retrieval Fees
  • T & E Authorization and Processing Fees
  • Ancillary Communication and Network Fees
  • Hardware and Software Fees


MC/Visa are at the center of the transaction process, maintaining the flow of funds between issuers and acquirers. Clearing refers to the exchange of financial information. Settlement refers to the exchange of the actual funds for the transaction and the associated fees.

Clearing and Settlement Occur Simultaneously.

  • The acquirer credits the merchant’s deposit account for the dollar amount of the sale (less the merchant discount).
  • The acquirer sends the transaction, through a data transport network, to INET (for MasterCard transactions) or Base II (for Visa transactions). A financial institution can be both an issuer and an acquirer.

MasterCard and Visa send the transaction to the issuer overnight, credits the acquirer and debits the issuer for the transaction. In essence, the issuer pays the acquirer for the transaction, via the Mastercard or Visa interchange system.

Interchange makes it possible for the issuing banks and acquiring banks to exchange information, transactions and money on a standardized basis. During Interchange, fees are deducted by the issuer from the transaction amount and the net amount is paid by the issuer to the acquirer. These are called interchange fees.

MasterCard and Visa each own and operate their own international processing system. These systems connect thousands of banks around the world. Member Institutions use these networks to transmit information about bankcard transactions.

Transaction Process Overview

  • The cardholder purchases goods or services from the merchant.
  • The merchant transmits the transaction to the acquirer.
  • The acquirer then submits the ticket to the issuer for payment, via the MasterCard or Visa clearing and settlement systems.
  • The acquirer credits the merchant for deposits (net of chargebacks, returns, and agreed to fees — the merchant discount).
  • The issuer funds its cardholders’ purchases (net of chargebacks, returns, and agreed to fees).
  • The issuer bills the cardholder.
  • Finally, the cardholder repays the issuer for the goods or services originally purchased from the merchant. The issuer, via the MasterCard or Visa clearing and settlement system, has already paid the acquirer transaction amount, less the interchange fee.

From the cardholder’s point of view, it seems as if he or she is paying the issuer for the goods or services originally purchased from the merchant. In fact, the cardholder is actually repaying a loan from the issuer.

  • MasterCard’s data processing network is called Banknet.
  • Banknet handles MasterCard’s Authorization System.
  • The Banknet settlement system is INET.
  • Visa’s data transport network is called VisaNet.
  • The VisaNet authorization system is BASE I.
  • The VisaNet settlement system is BASE II.

Transaction Flow for Merchant




  • Storage of paper(hardcopy) sales drafts and film cartridges
  • Retrieval of items in the hardcopy retrieval and chargeback process
  • Request Fulfillment

Sales Draft Storage

Both merchants and acquirer store hardcopy sales drafts or POS tape. Acquirers and merchants typically hold drafts on-site for 3 years, and hold them off-site for 7 years.

Sales Draft Retrieval

Retrieval areas receive requests from issuing banks. MC/Visa regulations stipulate that a request must be fulfilled within 30 days from the date of receipt. Any request not fulfilled within that time frame can be charged back to the merchant.

Request Fulfillment

Request for all hardcopy sales drafts are fulfilled as quickly as possible for disbursement to the issuing bank. MC requires all retrieval requests be fulfilled electronically through the MasterCom electronic image process system, while Visa will allow requests to be fulfilled through the mail along with Visa’s Copy Request Manager System.

Chargebacks and Collections

When an issuer disputes a transactions (either at the request of the cardholder or for reasons of its own), the matter is handled through a chargeback or compliance case.

In a chargeback, the issuer returns a transaction to the acquirer, and the acquirer returns the payment previously made in interchange. Chargebacks result either from cardholder disputes or from rules violations by the merchant or acquirer; they help enforce operating rules and correct transaction errors.

The initial, or first, chargeback is always initiated by the issuer. It can result from the issuer finding an error in the transaction, or it may result from a cardholder complaint.

MasterCard and Visa have developed standard procedures and time frames for submitting and processing chargebacks.

The Chargeback Process

The chargeback process begins when an issuer, on its own behalf or in defense of a cardholder, returns a presentment from the acquirer.

Presentment is the stage of interchange when the acquirer, via the MasterCard/Visa system, presents the issuer with the transaction information. The issuer is automatically charged for the transaction during settlement, which takes place at the same time as clearing.

In other words, the issuer receives information about a transaction, for which it has already paid, and realizes that the transaction may be invalid. At this point, the issuer wishes to charge the transaction back to the acquirer.

Functions of the Acquirers

  • Determine legitimacy of Chargebacks presented by issuers
  • Represent all “representable” items on behalf of our merchants
  • Handle Arbitration Chargebacks if the representment is disputed by the Issuer
  • Forward paperwork to the appropriate area for crediting/debiting of accounts

Collection Functions

  • Acceptance of incoming collections cases from Issuers
  • Acceptance of outgoing collection cases from merchants
  • Submit Arbitration/Compliance issues to Card Associations
  • Reversal of inaccurate merchant transactions





Get a Quick Quote:

Credit Card Processing for Non-Profit Companies

There is increasing demand for a lot of people to have money on the go, and enable them to purchase anything that they like at anytime. Therefore even non-profit corps need to accept credit cards.

Unlike other companies non-profit companies are not after making surplus profits.  But more so to offer some form of good will by either returning all their proceeds into the business or using them for charity work. Nowadays most of the non-profit companies are

Card Processing for Non-Profit Companies

moving online to meet the daily millions of internet users. Most of the people are relying on the internet for cost effective and time saving solutions. Currently a lot of people are occupied with their daily activities. They have to save time in way like shopping and carrying out payments online from home. Online stores and companies enable them to save time as they are fast and pocket friendly.

How does online credit card processing work? Below are some of the important procedures of how online credit card processing works for non-profit companies thinking of utilizing them.

  1. Two bank accounts. As a non-profit company you should open two accounts; a merchant and checking account. The merchant account will be for your company where money from the customers is deposited after successfully making purchases and transactions. On the other hand the checking account will be for connecting your company to your bank account. The checking account is also the account where funds from the client’s bank accounts are deposited by the financial institutions that offered their credit cards.
  2. Payment gateway. After a customer has successfully completed a purchase, this is an order that is normally sent to the payment gateway where it will be processed. Here is where the information from the customers’ credit cards is sent to the banks that issued the cards for processing.
  3. Payments verification. The banks that issued the credit cards need to validate the credit card information and verify the transfer of funds from the customer’s bank account to your company’s checking account. Some banks will send tracking or order numbers, so as to enable your non-profit company to receive funds more easily.

Enable nonprofit specific features and donation buttons in minutes.

  1. Credit card processing fees. Different banks that issue the credit cards charge different credit card processing fees. You need to know these fees so as you can make the necessary arrangements or adjust your prices.

Tips and Warnings

  • The two accounts are necessary so as to enable you to manage and track all your funds easily.
  • The payment gateway and payments verification will validate whether the customer has supplied correct information, and check whether the client has any or enough funds to purchase your products. This means that you should not automatically send the client product claim details. You should verify first, then send the client an email notification only after you have established the details submitted are correct, and the account balance is enough to pay for the purchased products.
  • Adjust your prices depending on the credit cards processing fee so as not to forego this cost as a company. In other words it should be included in the products price.

Why should nonprofits accept credit cards?

  • Encourages donors to give more
  • Accept more with a credit or debit card than other forms of payment.
  • Guaranteed and automatic recurring weekly, monthly and annual pledges.
  • Receive money more quickly – funds are deposited usually within 48 hours.
  • Save time and money – no paper checks to process.
  • Donors can receive benefits by giving (award points, frequent flyer miles, etc.)

Non-profit organizations can streamline the donation process with our free donation Web forms, making it easy to contribute to your good cause.



Visa, MasterCard Investigate Credit Card Breach

By Jessica Silver-Greenberg and Nelson D. Schwartz / New York Times News Service

Published: March 31. 2012 4:00AM PST

Visa and MasterCard are investigating whether a data security breach at one of the main   Visa, MasterCard Investigate Credit Card Breachcompanies that processes transactions improperly exposed private customer information, bank officials said Friday. The event highlighted a crucial vulnerability that could affect millions of cardholders.

The breach occurred at Global Payments, an Atlanta company that helps Visa and MasterCard process transactions for merchants. One bank executive estimated that about 1 million to 3 million accounts could be affected. That does not mean all those cards were used fraudulently, but that credit card information on the cardholders was exposed.

The bank official, who insisted on anonymity because the inquiry is at an early stage, said that Visa and MasterCard notified his company Thursday, but that banks had been frustrated with the pace of disclosure by Global Payments. He said that Global Payments, which is one of the biggest transactions processors, had provided little information on where the breaches took place, how accounts were hacked and other details that could indicate which customers might be vulnerable.

Banks said that when they could identify victims, they would notify them and replace credit cards, if necessary.

Bank officials said they were told by Visa and MasterCard that the breach occurred sometime from late January to late February, and included what is known as Track 1 and Track 2 data. That includes details like names, card numbers, validation codes and in some cases, customer addresses.

“Thieves are after high concentrations of credit card numbers, which makes payment processors the perfect target,” said Tim Matthews, a director at Symantec, a security firm.

The processors, including Global Payments, act as the plumbing from merchants to banks, authorizing millions of transactions each day.

With each swipe of a credit card, the card number and other important financial information travels from the merchant to the third-party processors and then to Visa or MasterCard. The data is then forwarded to the bank that issued the card.

The holy grail for hackers is the account information. The goal is to break the data’s encryption as it travels through the payment processor system, said Avivah Litan, a vice president and analyst with Gartner Research, a security firm.

This is the second breach at Global Payments in the past 12 months, according to two individuals briefed on the investigations who spoke on the condition of anonymity because they were not authorized to speak publicly. Another similar attack was disclosed by Heartland Payment Systems in 2009, a breach that began in 2007 and resulted in the exposure of data on 130 million credit cards. Heartland estimated that breach cost it $140 million in fines, settlements and legal fees.

The new possible breach was reported Friday morning by a blog called Krebs on Security. Trading in Global Payments shares was halted around noon but the share price had already dropped 9.1 percent to $47.50.

A spokeswoman for Global Payments declined to comment on whether hackers had struck before. In a statement Friday afternoon, the company said it had identified “unauthorized access into a portion of its processing system,” and had asked for help from external experts in computer security and also contacted federal law enforcement. The Secret Service, which investigates credit card fraud, confirmed that it was looking into the breach.

“It is reassuring that our security processes detected an intrusion,” said Paul Garcia, the chief executive of Global Payments. “It is crucial to understand that this incident does not involve our merchants or their relationships with their customers.”

Electronic payment industry officials also said the latest data thefts were not evidence of a larger problem. “These folks work night and day to secure their systems, but they are connected to millions of merchants around the country and nothing is absolutely foolproof,” said Thomas Goldsmith, a spokesman for the Electronic Transactions Association, a trade group.

MasterCard would not say how many cardholders might have been affected by the attack. The card companies also said they had alerted banks and law enforcement officials to the breach, and emphasized that their own systems had not been compromised.

“We have alerted payment card issuers regarding certain MasterCard accounts that are potentially at risk,” MasterCard said in a statement. A Visa representative said that “there has been no breach of Visa systems.”