Monday, April 14, 2014
This is the first year Coalfire Systems Inc. exhibited at the ETA's premier event. Matt Getzelman, PCI Practice Director at Coalfire, said he and his colleagues have attended in prior years and made so many good connections they opted for a booth this time around to provide a dedicated place to meet with current and prospective partners and clients. And at the Coalfire booth, the buzz phrase was "defense in depth."
What Getzelman means by defense in depth is for businesses to have multiple layers of security, and to think of it as a holistic process, not as just something to check off and forget about. He said the recent large data breaches serve as reminders that it's time for organizations to reevaluate their security and compliance, especially merchants and processors.
"There's an explosion of malware and easy-to-use tools on the black market, so it's easier than ever, even if you're not a traditional hacker, to get card data," Getzelman said. "Criminal syndicates are going after easy targets, and people need to ask, 'Are we the low-hanging fruit?'"
Getzelman identified three areas in which we, as an industry, failed to stop hackers in recent high-profile breaches. "First, attackers had to get malware... We had a chance to prevent these programs from getting into retail environments, and we failed," he said. "Second, we were unable to prevent propagation across the organization instead of restricting it to one location.
"And finally, they had to be able to access the cardholder data and route it out of the environment. So we had three opportunities to stop and mitigate the attacks, and we blew it." Ultimately, security solutions have to be a combination of everything applicable, he added.
"One exciting thing is the emerging payment technologies we're seeing offer additional options for merchants to protect data at the source. Point-to-point encryption, EMV chip and PIN in the United States are going to be tools that protect sensitive data at the point of interaction, so I would implore organizations to explore and research these technologies now."
BlueSnap Inc. Chief Executive Officer Ralph Dangelmaier and his colleague Kelly Seelig, the company's Vice President, Marketing, want to bring the world to U.S. ISOs and merchants, so at Transact 14 they were wining, dining, networking and helping to inform their industry peers. To that end, Dangelmaier ran an educational session at the conference on doing business in the BRIC (Brazil, Russia, India and China) region; Seelig was the moderator for a session on marketing.
Dangelmaier said interest in the BRIC session was strong. "We had someone from Russia, from Brazil, from India, and someone representing China Union Pay who is American, but knows China very well," he said. "We explained how the local people in those countries want to buy goods online using local currencies, local languages, and local payment types – and the need to educate ISOs and merchants on that."
Seelig's marketing session covered the basics. "We talked about how to build a plan, how to think about marketing strategically, how to integrate PR, social media and advertising – and how that all works together for e-commerce and storefront businesses," she said.
Dangelmaier has found that few U.S. merchants understand how to sell outside of the United States. "There was a recent article that said only 27 percent have the ability to do it, which means 73 percent don't," he said, adding that "guys like Stripe and Braintree get significant press coverage about sexy APIs that let merchants build their own checkout pages, but they don't enable them to optimize globally."
BlueSnap saw a need it could fill and rolled out its global gateway about a year ago. The company markets prebuilt checkout pages that "encompass most currencies and most languages in 80 countries, and 110 of the most prevalent payment types in those countries," Dangelmaier said, adding that he is in talks with "a few large ISOs right now who are really strong domestically but want their domestic folks to sell overseas."
Dangelmaier said physical stores are seeing between 5 and 15 percent of sales going online, and those are interactions that are no longer going through the POS. He feels that most ISOs are "swipe guys" and, by not helping merchants also move into international e-commerce, "they are missing out on a big revenue opportunity." It was Dangelmaier and Seelig's mission at Transact 14 to let exhibitors and attendees know just how easy it is to work with BlueSnap to bring an international commerce value-add to their merchants.
Thinking about the current state of the industry, Dangelmaier said, "I've been doing this for 25 years and never seen anything like this. There are 250 different payment types, and most people think of five; you have all these people who don't have bank accounts trying to buy stuff; you have 17-year-old kids in Brazil saying they can compete with companies like First Data.
"All this stuff is happening at once. Before it was like, wow, there's an ATM; we spent 10 years going, wow, there's an ATM. Then it was, oh, there's an Internet – 10 years of that. And now this is like all these new things hitting you – the convergence, the disruption, the risk and the opportunity – all at once. It's the Big Bang of payments."
From a comfy corner of Vantiv's busy booth at Transact 14, Jonathan Ellman, Vantiv's Senior Vice President, Regulatory Compliance and Government Affairs, sat down with The Green Sheet to share insights about recent developments in the regulatory sphere and how they are affecting the payments landscape.
Ellman said that regulation has risen dramatically on the industry since the financial crisis that gripped the country with the collapse of Lehman Brothers in late 2008. "Merchants who are providing goods and services to consumers are being asked to provide those services and goods in a manner consistent with consumer advocates in the government," he said.
Ellman noted that, by executive order, the government launched an interdepartmental initiative called Operation Choke Point, which is specifically focused on our industry as "the best vehicle they could see to make sure that bad-acting merchants are cleansed from the ecosystem."
In response, the industry is establishing more of a robust, comprehensive and dynamic culture of compliance within organizations. "This means every department is impacted in one way shape or another, and it's really important that we do that both for our own protection, and also for our clients and their consumers," Ellman said.
Vantiv has endeavored to help educate regulatory agencies on how the industry works. Ellman said that in an attempt to cleanse the system, the government can overreach, which can increase costs and negatively affect consumers, as well as stifle innovation. "I don't necessarily agree the level of pressure is appropriate to the problem," he said. "So we are working very hard to work cooperatively ... but also to articulate our position."
Ellman lauded the ETA's efforts in this arena, stating that the association has done a fabulous job and has been a strong voice for the industry in working through regulatory issues. "Today, at this conference, they released a comprehensive set of guidelines for ISOs and processors on how they should underwrite, monitor and otherwise manage their relationships with their customers," Ellman said.
In the midst of ensuring that myriad activities deliver the desired punch for Transact 14 attendees, Electronic Transactions Association Chief Executive Officer Jason Oxman stopped in at the media room to share his enthusiasm for the ETA's "rebranded and reenergized" premier event.
"We've expanded the schedule so we're three full days now including high-level keynotes, 77 conference sessions and an exhibit hall that is larger than at any show in our history," Oxman said. "It's really become a truly global hub of activity in the payments industry."
Oxman believes the show's rebranding captures the expansion of the industry to include global technology companies entering the payments business. "Our show floor includes the world's leading payments and technology companies that are offering innovative new products and services for merchants," he said.
In addition, he stated, "More payments industry business gets done during the Transact show than at any other place on earth. You see all the meetings taking place, all the discussions on the show floor. There's an incredible amount of business getting done. It's really efficient for attendees because all their current and prospective customers are here. If I do 20 meetings while at Transact for three days, that's 20 separate trips to see customers that I don't have to do."
At the conference, the ETA was also spreading the word about its advocacy and educational activities. "ETA has been very active as an advocate for the payments industry in Washington, on Capitol Hill and with federal regulatory agencies," Oxman said. "We've also expanded our educational initiatives, including our ETA CPP [Certified Payments Professional] program. Nearly 1,000 industry executives have participated in the certification program. We're proud of the professional education we're providing; it's a unique member benefit and is helping our industry grow."
The ETA's Transaction Trends magazine also sponsored the media room, which was graciously hosted by members of the London-based SkyParlour public relations team. It was a much appreciated haven for media representatives.
While Jeff Fortney, Vice President, ISO Channel Management at Clearent LLC, was manning his company's booth at Transact 14 on Wednesday afternoon, he divulged a secret. "When I come to a show, I concentrate on two objectives only," he said. "If I meet them, the event is a success; if not, I'm not OK."
His first objective this year was to find a partner to provide a good solution for medical offices. "One of my ISOs said he needs a medical solution that'll work alongside HIPAA [Health Insurance Portability and Accountability Act] requirements, so I'll spend my time when I'm not stuck at the booth looking for that," he said.
The second objective was to get the word out on the Clearent Payments Platform, the processor's recently rolled-out open application programming interface (API) that integrates with e-commerce websites, mobile apps and back office systems. "You have a POS system, and it either works directly with the processor like a terminal or it works with a third-party like a gateway," Fortney said. His message for ISOs: "Now that we have our API, you can map to our API and take the third party out. This can save money for you and your merchants."
By Thursday afternoon, the last day of the show, Fortney had a smile on his face and a lilt in his voice as he said he'd met his two objectives and was satisfied.
The buzz at Apriva's booth on Transact 14's exhibit hall floor was all about Apriva Pay Plus 3.0 and its web companion merchant portal 1.0 that is set for release on April 28. A private conference room within Apriva's ample booth was where Benjamin Hurley, the company's Director, Mobile Product Management, and Stacey Finley Tappin, Senior Vice President, North American Sales & Marketing Communications, discussed the key features of their new offerings.
Here are some of the points they made about Apriva Pay Plus 3.0:
Hurley and Tappin also emphasized that AprivaPay Plus 3.0 does far more than process payments. "Merchants receive push notifications on transactional activity," Hurley said. "We don't want end users to just use it to process payments. We want to create a dependency. ... We notify them daily of the amount cleared that day and will let them know when transactions are taking place in real time."
Tappin added that the product's interactivity "keeps [merchants] engaged in the product, and it becomes a business tool they use on a daily basis."
AprivaPay Plus 3.0 also offers detailed analytics on activity within the mobile application. Hurley said the solution "provides data on where customers are activating geographically, by state and city ... demographic data, anonymized on gender, age, etc., to create end-user profiles; top devices used; which features are used, and which ones nobody uses." All this data is then provided merchants in monthly reports, and the data can be exported to accounting applications, Hurley added.
Hurley noted that the merchant portal's web companion is also white-labeled and hosted on the customer's URL in Apriva's data centers. It is built on responsible design technology, which allows the portal to adapt as needed for any screen interface.
In addition, Tappin said that the web companion is integrated with customer care via a ticketing system, and its inventory capability can create items, prices and descriptions that representatives in the field can automatically sync up with, so no manual entry of updated product prices and features needs to be done.
The third portion of interviews done at Transact 14 will be posted soon.
Editor's Note:
The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.