Transcription
Emerging Trends ineCommerceRhonda Kirk, Stephanie Spencer & Alan KellyProduct SolutionsApril 30th 2014 Copyright 2013 First Data Corporation 2013 First Data Corporation. All Rights Reserved.1Agenda Ecommerce Overview Ecommerce Connectivity Options Virtual Terminal Hosted Pages Application Programming Interface (API) Ecommerce Processing Options First Data Global Gateway e4 Hosted Solutions (HRP) Pay Point Ecommerce Security & PCI Scope Reduction 2013 First Data Corporation. All Rights Reserved.21
eCommerce Products Copyright 2013 First Data Corporation 3 4eCommerce Market Drivers24/7Always OpenFraud LiabilityMerchants need reliable, redundantprocessing to ensure that no orderis lost due to outage or errorseCommerce merchants assume100% of fraud liability and requireadvanced fraud management toolsPayment OptionsTransaction SecurityMerchants are expanding the mixto include alternative paymentsMerchants must deliver total securitywhile managing their PCI burdenInternational MarketsMobile CommerceMerchants need support for variouscurrencies and acquiring solutionsMore consumers are using Internetdevices to browse, shop and buy Copyright 2013 First Data Corporation2
eCommerce Landscape & TrendsThe number of web shoppers will continue to grow rapidly1By 2016, it is estimated that Online shoppers in the U.S. will spend 327B 192 million U.S. consumers will shop1“U.S.online1 U.S. consumers will spend an average of 1,738 online1 e-Retail will account for 9% of total retail sales1Online Retail Forecast, 2011 to 2016” by Forrester Research Inc., February 2012 Copyright 2013 First Data Corporation 5 6eCommerce Landscape & Trends (continued)1Globally E-commerce revenue reached 680 billionworldwide in 2011, up 18.9% year-overyear11J.P. European online consumers this year willspend more than 305 billion euros,approximately 396.5 billion, up 20% from254 billion euros ( 330.2 billion) in 20112Morgan: Global e-commerce Revenue to grow by 19% in 2011 to 680B’, TechCrunch Newsroom , 2011Europe2 eCommerce Copyright 2013 First Data Corporation3
Alternative PaymentsOnline retail sales will continue steady growth with alternative paymentsrepresenting a growing percentage of online transactionsPercentage of Online Transaction Volume90% 41088%84%83%83%82%80%81% 374 40081% 33470% 350 29160% 300 237 250 20550% 185 20040% 15030%20% 45012%16%17%17%18%19%19% 100 5010%0%Total U.S. Online Transaction Volume (Billions)U.S. Online Retail Sales Through 2014100%RetailAlternativeExpon. (OnlineRevenue) 02008200920102011201220132014Online Payments Forecast, Javelin Strategy & Research, February 2010 Copyright 2013 First Data Corporation 7 8Alternative PaymentsPopular choice for CNP merchants & shoppers due tosecurity & convenience Enables merchants to conduct business globally No additional card data stored by merchant (PCI) Alternative providers assume or share fraud liability Acculynk’s PaySecure creates a PIN debit transaction issuer takes liability Merchant transaction fees are often simplified orreduced (as opposed to interchange) 110 BillionProjected eCommerce revenue from non-card payments in2016, up from 64 billion in 2012Source: “U.S. Alternative Payments Forecast, 2011 to 2016”, Forrester Research Inc., May 2012 Copyright 2013 First Data Corporation4
eCommerce Solutions OverviewKey Suite FeaturesCustomizable solution delivering fully integrated, seamless functionality across multiple selling channelsthrough a single point of accessKey Suite BenefitsEfficiencyCost-effective bundling with features to optimize payment processes to speedtransactions, cut costs and improve the flow of fundsPayment OptionsComprehensive payment options including all major credit cards, e-checks andalternative payments such as PayPal , Google Wallet , and Bill Me Later —allthrough a single processUnsurpassedReliabilityUnsurpassed system reliability for uninterrupted service, 24/7/365 support andcontinued investment in new eCommerce technologiesStronger SecurityAdvanced security technologies to lower risk, reduce fraud and simplify PaymentCard Industry (PCI) complianceDedicated SupportOnline payment processing operations delivered through a customer-centricapproach to building long-term relationshipsSimplerIntegrationsSimplified merchant integration through a wide variety of direct, gateway, plug-In, andXML/SOAP interface options Copyright 2013 First Data Corporation9First Data eCommerce sFraud ToolsTokenization Copyright 2013 First Data Corporation 105
Compass OverviewCard-Not-Present processing platform that meets the diverseneeds of merchants’ customers and delivers advanced capabilitiesto expand business globally, protect against fraud, lower cost, andsimplify management and reportingKey FeaturesCompass delivers Card-not-Present front-end authorization services with First Data’sback-end processing capabilitiesKey BenefitsFunctionalityKey functionality built into the transaction flow to simplify process and maximizecapabilityReliabilityTransaction confidence established through highly redundant, reliable systemsSecurityState-of-the art security and fraud-prevention features fully compliant with the latestPCI-DSSEnhancedReportingAdvanced online reporting featuring dashboard reporting and drill-down capabilityScalabilityScalable solution that grows as your business grows providing access to a broadrange of payment typesIntegrationOptionsBroad set of interface and connectivity options to simplify and minimize merchantintegration cost and effort Copyright 2013 First Data Corporation 11Compass Interface OptionsMerchants have three options for interfacing with the Compass platform1 Direct Connect (Code to Spec) Online Specification – Single inbound merchant specification for real-time authorizations Batch Specification – Single inbound merchant file specification for batch settlement (andauthorization) Detailed, explicit file specifications reduce the time and effort required to configuremerchant systems2 Gateways3 Software Development Kits CyberSource and Palm Coast Data are certified to the Compass platform for both online and batchprocessing* Auric Systems – Using simple web posts and delimited text files, Auric SDK can accelerateintegration of any eCommerce application IBM WebSphere Commerce (v6 & v7) – Software plug-in that translates IBM WebSphere paymenttransactions to Compass specifications eCometry plug-in –Integrated Compass payment plug-in ships with eCometry software Ready to use software application which simplifies integration from a merchant’s host system toCompass* For a full list of certified Third Party service providers, refer to www.firstdata.com/en tners.html Copyright 2013 First Data Corporation 126
SMGlobal Gateway e4OverviewEnables merchants of all sizes to securely and reliably accept andprocess internet payments through a cost-effective and easy-toimplement solutionKey FeaturesMerchants can configure the Global Gateway e4 solution to accommodate and enhance their businessneeds with three interface options: Web Service API, Hosted Checkout and Real-time Payment ManagerKey BenefitsFunctionalityReduce transaction and overhead cost through consolidated set of comprehensivefeaturesEasily IntegratedTechnologySimple integration through customized connectivity optionsAdvancedReportingDynamic reporting capabilities to create and manipulate transaction reports to betteranalyze and understand payment activitySecurityPCI/DDS compliant hosted connectivity to eliminate sensitive data storageScalability &ReliabilityScalable solution that grows as your business grows providing access to a broadrange of payment typesDedicated SupportSophisticated technology and dedicated support from an industry leader 13 Copyright 2013 First Data CorporationSMGlobal Gateway e4FeaturesBenefit and Capability EnhancementsFunctionality TransArmor TokenizationMobile OptimizationDynamic Soft Descriptor SupportAVS/CVV SupportMulti-merchant Administration/ReportingMulti-language SupportPayPal IntegrationPayer Authentication (3-D Secure)Fraud & Velocity ControlsRetail SupportAdvanced Reporting CapabilitiesRecurring BillingLevel III Processing (HCO & WS-API)Merchant Benefits Single source for gateway and processing(no third parties)Simplified integration with dedicatedsupport and self-serve test environmentFlexible integration points meet thedemands of any businessIntuitive user-interface simplifies business& payments managementExtensive, real-time reporting capabilitiesRetail swipe capabilities for multi- channelmerchantsOffers payment acceptance consolidationthrough a single solutions Copyright 2013 First Data Corporation 147
Scalable Interface OptionsThree Distinct InterfacesReal-time Payment ManagerHosted CheckoutWeb Service APIProcess transactions onlineProcess transactions on yourwebsiteProcess transactions on yourweb site using SSL encryption Individual or batchtransactions Hosted, customizable checkoutpages Connect direct to web apps Dashboard, virtual terminal Integrate with shopping cartsand transaction history search and ecommerce platforms Platform independent Moto, Retail card swipe &receipt printing Build HMAC with transactionkeys Optimized for mobile checkoutSupporting your business as it grows 2013 First Data Corporation. All Rights Reserved.15Advanced Security Tools Set and customize risk settings, so youcontrol your own transaction thresholdsand the time dedicated to managing risk Determine which transactions areautomatically approved or denied withPositive & Negative lists Remove card data from yourenvironment and reduce your PCIscope with TransArmor tokenization Promote consumer confidence with buyerauthentication tools like 3DSecure 2013 First Data Corporation. All Rights Reserved.168
Hosted Recurring Payments Service OverviewMerchants are able to manage recurring transactions reliably andeffectively through a comprehensive solution that integratesseamlessly with the merchant’s existing processes and operationsKey FeaturesHosted consumer profile management solution with the option to pay for scheduled and unscheduledtransactions with multiple methods of paymentsKey BenefitsReduced SecurityRiskMerchants no longer have to store a consumer’s sensitive payment information,which reduces security breech concerns and PCI compliance requirementConsumer ProfileManagementConsumer Profile Management eliminates the need for merchants to transmitsensitive payment data with every transaction; instead, the merchant pass a uniquecustomer identifier (token)Payment WalletMerchants have the flexibility to let consumers maintain several payment methodswith the payment wallet. Merchants set the parameters consumers can use to selectpayment method(s) and payment order priority.Simple IntegrationAllow single integration of PINless debit, multi-currency and alternative paymentsFlexible PaymentSchedulesProcess recurring and one-time payments using the consumer’s profile Copyright 2013 First Data Corporation 17OverviewHosted consumer profile management solution with the option to pay forscheduled and unscheduled transactions with multiple methods of paymentsPayment Schedules Scheduled Payments:Key Capabilities Real Time Authorizations Fixed Amount Recurring Email and/or print a transaction receipt Variable AmountRecurring Consumer profile management Installments Three Levels of Convenience Fees: Unscheduled Payments: Custom One-time Payment One-time DeferredPayment Integrated Account Updater - Visa, MasterCard, Discover (2013) Special Convenience (Miscellaneous) Payment Split payments and split convenience fee with 3rd parties Electronic Payment Wallet Advanced and Partial payments Soft Decline/Forced Deposit (by authorization code) Credit/Debit card retry logic (by authorization code) Notifications file (card expiring, transaction confirmation, etc.) Online reporting Copyright 2013 First Data Corporation 189
Consumer Profile ManagementAllows merchants to securely store,retrieve, edit, and use consumer profilefor scheduled and unscheduled paymentsBenefits of ConsumerProfile Manager11.Reduces scope of PCI compliance2.Uses a unique identifier to representconsumer data for future transactions3.Stores payment credentials eliminatingneed to enter or pass sensitive datawith each transaction4.Eliminates need for merchant tophysically store sensitive consumerpayment data5.Provides ability to have severalpayment schedules in each consumerprofile with dedicated payment methods23per schedule 19 Copyright 2013 First Data CorporationPayPoint Payment Gateway CapabilitiesMultiple PaymentMediumsMultiple PaymentChannelsWeb, IVR, Recurring, Kiosk,POS, Face-to-FaceAdvanced DuplicatePayment DetectionEnrollment &Recurring PaymentManagementStored Account Data &Flexible Recurrence PatternsFull ACH ServiceReturns, Refunds, eCheckWarranty, NOCConvenience FeeManagementFraud and IdentityVerification ServicesAVS, CVV2, TeleCheck ProcessingFlexible CrossReference to BillerTransaction Copyright 2013 First Data Corporation 2010
Common Biller Challenges“Managing multipleprocesses for online, IVR,CSR, and walk in paymentsis time-consuming. ““It’s hard to keep up withNACHA and PCIcompliance rules."I don’t want to store anysensitive accountinformation on mysystems.”“Managing multiple billingsolutions for differentpayment types isoverwhelming.”“I don’t have thedevelopment resourcesto create a bill paymentsweb-site and IVR."“I want to limit paymentand reporting functionalityto specific users.”“I have development resources butwant to integrate through oneprocess for eCheck, Credit Card,PIN-based, Signature Debit, andPINless Debit Card payments.”“Researching bill payments andproviding access for customerservice is complicated. 21 Copyright 2013 First Data CorporationPayPoint Payment Gateway Enterprise ApproachSiteState or CityAgencyTreasuryApplicationProperty ationPaymentsWater BillPaymentsThree Hierarchical Levels Site – Primary entity (i.e. business, government, biller, etc.) Agency – Sub-organization of the Site (i.e., department, division, etc.) Application - Specific payment application. (i.e. Electric Bill via Web, IVR or Kiosk with multiplepayment channels)Unlimited Agency & Applications, Data aggregated at any level, Support for multi-level payment management Copyright 2013 First Data Corporation 2211
Tokenization & Encryption Copyright 2013 First Data Corporation 23Data Breaches are on the Rise In 2012, payment cardinformation was again involvedin more (61%) breaches thanany other data type1 This represents an increase of13% from 2011, whenpayment card datarepresented 48% of the datacompromised during a breach11Verizon, 2013 Data BREACH Investigations Report, April 2013 Copyright 2013 First Data Corporation 2412
Large Merchants are Prime Targets Most breaches to large organizationstake place in minutes, and in just fewhours, 69% of large merchants havedata extracted from their environment.1 73% of attacks on large merchantsaren’t targeted. The business simplyexhibited a weakness that theattacker(s) knew how to exploit.1PCI Compliance requires significant – and on-going – effort andis no guarantee of security against a breach1Verizon, 2013 Data BREACH Investigations Report, April 2013 Copyright 2013 First Data Corporation 25Storing Card Data is Valuable Many merchants use – or would like to use - transaction data to: Run business processes such as recurring payments, returns orvoids Understand consumer buying behavior for valuable marketing andloyalty programsBut risky!Loss of data due to a breach can have profound affect on a merchant business3 Brand damage and loss of customer trust and loyalty Ongoing compliance effort and costs to maintain systems, resources, etc. Fines from regulatory entities Legal costs Financial institution costs Business disruption and inability to deliver products and services3 The True Cost of Compliance, A Benchmark Study of Multinational Organizations, Research Report, Independently Conductedby the Ponemon Institute LLC, January 2011 Copyright 2013 First Data Corporation 2613
The Costs of a Data Breach are Staggering Total average cost per breach: Average number of breached records: 5.5M28,349 Average cost per breached record – overall: 194 Average annual additional customerchurn - or loss due to a data breach was 3.2%, or an additional 3.0M* 78% of consumers said they would stopshopping at a store if they believed thestore had experienced a card data compromise.78% of companies surveyed had already experienced a breach in prior years* 2011 Cost of a Data Breach Study: United States” published March 2012 Copyright 2013 First Data Corporation 27Reduce the Risk of Payment Card Data Breach Support a multi-layered approach to payment cardprotection Reduce the number of places where card data exists Point-of Sale systems CRM systems MIS databases / reports Transfer burden of storing payment card data frommerchant to processor Reduce the Card Data Environment (CDE) and thereforePCI compliance effortsThe First Data TransArmor Solution Copyright 2013 First Data Corporation 2814
What is the TransArmor Solution? A combination of encryption and tokenization technologies Encryption protects data on the front end Tokenization removes card data from the merchant environment postauthorizationCard PresentCard NotPresent Hardware or software-based encryptionsecures the transactionTransArmor Tokens remove card data fromthe merchant environmentMulti-Pay Tokens support recurringpayments or reporting that drives businessdecisions and loyalty programs 29 Copyright 2011 First Data CorporationHow does it work for Card Present?1. Consumer presents card tomerchant2. Card Data is encrypted andtransmitted to First Datafront-end3. First Data front-end decryptsthe data payload4. Card data is sent to issuingbank for authorization and, inparallel, tokenized5. Token is paired withauthorization response andsent back to the merchant6. Merchant stores tokeninstead of card data in theirenvironment and uses tokenfor all subsequent businessprocesses Copyright 2013 First Data Corporation 3015
How does it work for Card Not Present?1. Card data is keyed into payment page/IVR.If e-Wallet technology is used, a consumertoken can be used to initiate a newtransaction2. PAN is encrypted using session encryptionand sent to First Data3. Encrypted session is received at First Datadatacenter4. Card number is passed to bank forauthorization and SafeProxy server fortokenization5. Authorization and Multi-Pay Token arereturned to the merchant6. Multi-Pay Token is stored in place of thecard number in all places7. New financial transactions including sales,adjustments, refunds and settlement usethe Multi-Pay Token instead of the PAN Copyright 2013 First Data Corporation 31Reducing PCI Scope Copyright 2013 First Data Corporation 3216
How TransArmor Reduces ScopeTransArmor lowers the costs and minimizes efforts associated withPCI compliance in several ways Shrinks the card-data environment (CDE) by removingboth store systems and corporate systems Simplifies which questionnaire you must answer andcompletely removes some requirements from scope Changes the answers of some questions to N/A 33 Copyright 2013 First Data CorporationBefore:Card Received, Used & Stored In the ClearPoint of captureCard dataCORPORATE HEADQUARTERSLOSS STORE CONTROLLERDATA CENTER Copyright 2013 First Data Corporation 3417
After:Tokenized Data Protects Entire CDEPoint of captureTTokenized dataEncrypte
8 2013 First Data Corporation. All Rights Reserved. 15 Scalable Interface Options Three Distinct Interfaces
