With customers migrating to a more digital marketplace, merchants are faced with balancing customer experience whilst ensuring they comply with industry standard and protect both parties of the transaction. Shane Fitzpatrick, president and managing director of Chase Paymentech Europe, sets out guidelines to help ensure your payment process is secure from online fraudsters.
Research from the British Retail Consortium, ‘Cost of Payment Collection’, found that the use of alternative payment methods, such as manufacturers’ money-off coupons and PayPal, has more than doubled on the previous year and now accounts for five per cent of all transactions (Source: British Retail Consortium). With this growing trend and an ever-increasing number of transactions being conducted online, it has become vital for online retailers to have secure payment processing platforms. Taking payment systems beyond industry compliance rules from the Payment Card Industry Data Security Standard (PCI DSS) by implementing additional security measures has now become necessary in order to help protect future online business growth.
Fraud impacts nearly eight in every ten international online retailers (Dynamic Markets: Putting Customers First, March 2013). In May 2013, the Federal Reserve indicted eight men for netting $45 million by hacking credit card processors in the U.S. and India. Fraudsters know no boundaries and the threat faced by online retailers in the U.S. and India is the same threat facing online retailers in Russia, Brazil, China, Ireland or the U.K. Fraud hampers prospects for growth, restricts profitability and increases overhead costs. But with the right tools, intelligence and strategy, retailers can effectively detect and manage fraud. Effective fraud management can enhance efficiency and productivity and can allow online retailers to focus on expanding their businesses into new countries and markets.
As we continue to migrate to a more digital marketplace, Chase Paymentech has found that merchants are facing a new challenge – mobile commerce and social media. Online retailers are now required to balance customer convenience with the need for data security compliance within their organisation.
Our experience has demonstrated that when it comes to maintaining data security in merchants’ environments, there is no one-size-fits-all approach for adhering to the industry’s global standard PCI DSS. Chase Paymentech has therefore provided guidance to help European online merchants upgrade security and reduce compliance costs while protecting customers’ payment information.
Our guidelines are designed to enhance the security of payment transactions for both retailers and their customers. A comprehensive security strategy is paramount when it comes to ensuring the success of a business. That strategy will vary depending on the size, type and processing capabilities of the business. Additionally, as the sales channels and environment shift rapidly, strategies will need to accommodate this shift and evolve accordingly.
Meeting compliance requirements in the card-not-present environment can be difficult for many organisations. Many solutions available in the market serve only to satisfy the need for PCI DSS compliance and do not take into account the overall consumer experience.
According to a recent survey conducted by Cisco, educating employees on the proper handling of cardholder data is the main cause for concern when it comes to maintaining and achieving PCI compliance (see chart below), and therefore should be given the most attention when it comes to successfully executing a strategy (Source: Cisco, Organizations See PCI as a Benefit, not a Burden 2011*).
(Chart source: Cisco, Organizations See PCI as a Benefit, not a Burden 2011)
However, when looking at PCI from a more comprehensive perspective, the majority of IT decision makers surveyed did not feel that the PCI requirements are in any way unreasonable. In fact, 70 per cent of participants surveyed feel their organisation is more secure than it would be if PCI were not required, with the vast majority (87%) going so far as to say that PCI compliance is necessary for optimal performance and data security (Source: Cisco, Organizations See PCI as a Benefit, not a Burden 2011.
Ultimately, the PCI standards are designed to protect not only cardholder data, but also the bottom line. Compliance with these standards applies to all systems, staff and processes involved in the handling, transmitting and storing of payment data. Businesses that accept credit card payments can choose to manage that process themselves, a costly and resource-intensive path, or seek to shift that responsibility to a trusted industry expert. But regardless of the avenue with which they chose to pursue data security, the end result justifies the means.
Three steps to secure payments:
- Educate the workforce – ensure clear policies are in place regarding the handling of cardholder data and technology usage in order to maintain secure data. Employees must be aware of the proper usage of technologies by employees, vendors, and anyone else who uses the network.
- Robust system – Creating a secure, seamless and compliant payment experience can be a complex, expensive and recurring task. The system must make it easy to capture sales, protect customers’ payment account data and provide a payment experience that inspires confidence – all while helping to meet PCI compliance standards.
- Tokenisation – This helps to minimise the burden on IT resources while providing the ultimate flexibility to brand and design the customer payment experience. Tokenisation addresses cardholder data at rest (in storage) by replacing the primary account number (PAN) with alternative identifiers (or tokens). The processor generates a token that replaces the card number and returns it to the merchant for use in a more secure manner helping to reduce exposure and helping ensure PCI compliance.
How to integrate and accommodate these technologies will depend on the business, culture and revenue models. Regardless of the type of business, PCI compliance should always be viewed as a business requirement and best-practice, not a one-time, stand-alone IT issue.
Ultimately, there is no quick-fix approach to both achieving and maintaining compliance. It is an on-going process that begins at the strategic level. As such, it is important that merchants address both the business side (e.g., process and payment flow) and the appropriate technological counterpart to ensure the security of payment data. The combination of tokenisation and a dynamic payments page provides the greatest likelihood of significant, long-term data security and PCI scope reduction.
Shane Fitzpatrick is the President and Managing Director of Chase Paymentech Europe Limited
Chase Paymentech Europe Limited, trading as Chase Paymentech, is regulated by the Central Bank of Ireland.
The information herein does not take into account individual client circumstances, objectives or needs and is not intended as a recommendation of a particular product or strategy to particular clients and any recipient of this document shall make its own independent decision.
© 2013, Chase Paymentech Europe Limited. All rights reserved.
*Research data used with the permission of http://thenetwork.cisco.com/
Siemens Healthineers gains EU nod for $16.4 billion Varian buy
BRUSSELS (Reuters) – EU antitrust regulators on Friday cleared with conditions Siemens Healthineers’ $16.4 billion acquisition of U.S. peer Varian, paving the way for the German health group to become a world leader in cancer care therapy.
The European Commission said Siemens Healthineers pledged to ensure that its medical imaging and radiotherapy equipment will work with rivals in return for its approval, confirming a Reuters story. The pledge is valid for 10 years.
“High quality medical imaging and radiotherapy solutions are crucial to diagnose and treat cancer. The efficiency and safety of treatment relies on the ability of these products to work together,” European Competition Commissioner Margrethe Vestager said in a statement.
Varian is the leader in radiation therapy with a market share of more than 50%. The deal received the U.S. antitrust green light in October last year.
(Reporting by Foo Yun Chee)
Battling Covid collateral damage, Renault says 2021 will be volatile
By Gilles Guillaume
PARIS (Reuters) – Renault said on Friday it is still fighting the lingering effects of the COVID-19 pandemic, including a shortage of semiconductor chips, that could make for another rough year for the French carmaker.
Renault reported an 8 billion euro ($9.7 billion) loss for 2020 which, combined with gloomy take on the market, sent its shares down more than 5% in late morning trading.
“We are in the midst of a battle to try to manage a difficult year in terms of supply chains, of components,” Chief Executive Luca de Meo told reporters. “This is all the collateral damage of the Covid pandemic… we will have a fairly volatile year.”
De Meo, who took over last July, is looking at ways to boost profitability and sales at Renault while pushing ahead with cost cuts. There were early signs of improving momentum as margins inched up in the second half of 2020.
The group gave no financial guidance for this year, although it said it might reach a target of achieving 2 billion euros in costs cuts by 2023 ahead of time, possibly by December.
Executives said they were confident the carmaker could be profitable in the second half of 2021, but that they lacked sufficient market visibility to provide a forecast.
Renault struck a cautious note, saying it was focused on its recovery but warned orders had faltered in early 2021 as pandemic restrictions continued in some countries.
The group is facing new challenges as the European Union tightens emissions regulations and after rivals PSA and Fiat Chrysler joined forces to create Stellantis, the world’s fourth-biggest automaker.
The auto industry endured a tough 2020 but a swift rebound in premium car sales in China helped companies such as Volkswagen and Daimler to weather the storm.
Auto companies globally have since been hit by a shortage of semiconductors that has forced production cuts worldwide.
“The beginning of the year has shown some signs of weakness,” De Meo told analysts, but added the chip shortage should be resolved by the second half of 2021. “We have taken the necessary measures to anticipate and overcome challenges.”
Renault estimated the chip shortage could reduce its production by about 100,000 vehicles this year.
The group was already loss-making in 2019, but took a sharp hit in 2020 during lockdowns to fight the pandemic, which also hurt its Japanese partner Nissan.
Analysts polled by Refinitiv had expected a 7.4 billion euro loss for 2020. The group posted negative free cash flow for 2020.
The 2018 arrest of Carlos Ghosn, who formerly lead the alliance between Renault and Nissan, plunged the automakers into turmoil.
In a further sign that the companies have been working to repair the alliance, De Meo told journalists that Renault and Nissan will announce new joint products together in the coming weeks or months.
Renault has begun to raise prices on some car models, and group operating profit, which was negative for 2020 as a whole, improved in the last six months of the year, reaching 866 million euros or 3.5% of revenue.
Analysts at Jefferies said the operating performance was better than expected. Sales were still falling in the second half, but less sharply.
Renault is slashing jobs and trimming its range of cars, allowing it to slice spending in areas like research and development as it focuses on redressing its finances. It is also pivoting more towards electric cars as part of its revamp.
It was already struggling more than some rivals with sliding sales before the pandemic, after years of a vast expansion drive it is now trying to rein in, focusing on profitable markets.
De Meo told journalists on Friday that the French carmaker will make three new higher-margin models at its Palencia plant in Spain, where manufacturing costs are lower, between 2022 and 2024.
($1 = 0.8269 euros)
(Reporting by Gilles Guillaume and Sarah White in Paris, Nick Carey in London; Editing by Christopher Cushing, David Evans and Jan Harvey)
UK delays review of business rates tax until autumn
LONDON (Reuters) – Britain’s finance ministry said it would delay publication of its review of business rates – a tax paid by companies based on the value of the property they occupy – until the autumn when the economic outlook should be clearer.
Many companies are demanding reductions in their business rates to help them compete with online retailers.
“Due to the ongoing and wide-ranging impacts of the pandemic and economic uncertainty, the government said the review’s final report would be released later in the year when there is more clarity on the long-term state of the economy and the public finances,” the ministry said.
Finance minister Rishi Sunak has granted a temporary business rates exemption to companies in the retail, hospitality, and leisure sectors, costing over 10 billion pounds ($14 billion). Sunak is due to announce his next round of support measures for the economy on March 3.
($1 = 0.7152 pounds)
(Writing by William Schomberg, editing by David Milliken)
FTSE 100 ends higher on improving economic activity; gains for the third week
By Shivani Kumaresan, Amal S and Shashank Nayar (Reuters) – London’s FTSE 100 ended higher on Friday after the economy...
European shares end higher on strong earnings, positive data
By Sagarika Jaisinghani and Ambar Warrick (Reuters) – Euro zone shares rose on Friday, marking a third week of gains,...
UK bond yields head for biggest weekly rise since June
LONDON (Reuters) – British government bond prices fell again on Friday as a global debt sell-off continued on expectations of...
Siemens Healthineers gains EU nod for $16.4 billion Varian buy
BRUSSELS (Reuters) – EU antitrust regulators on Friday cleared with conditions Siemens Healthineers’ $16.4 billion acquisition of U.S. peer Varian,...
Teed off: As COVID fuels S. Africa’s housing crisis, golf courses feel the heat
By Kim Harrisberg JOHANNESBURG (Thomson Reuters Foundation) – It sounds like a developer’s dream: A greenfield site in the heart...
UK might need negative rates if recovery disappoints – BoE’s Vlieghe
By David Milliken and William Schomberg LONDON (Reuters) – The Bank of England might need to cut interest rates below...
UK economy shows signs of stabilisation after new lockdown hit
By William Schomberg and David Milliken LONDON (Reuters) – Britain’s economy has stabilised after a new COVID-19 lockdown last month...
Dollar extends decline as risk appetite favors equities
By Stephen Culp NEW YORK (Reuters) – The dollar lost ground on Friday, extending Thursday’s decline as improved risk appetite...
Bitcoin hits $1 trillion market cap, soars to another record high
By Gertrude Chavez-Dreyfuss and Tom Wilson NEW YORK/LONDON (Reuters) – Bitcoin touched a market capitalization of $1 trillion as it...
Shares rise as cyclical stocks provide support; yields climb
By Saqib Iqbal Ahmed NEW YORK (Reuters) – A gauge of global equity markets snapped a 3-day losing streak to...