Archive for the ‘Payments 101.201.301’ Category

Launching A Digital Business – Global Expansion

Monday, June 27th, 2011

The Internet knows no borders.  As a result, digital businesses have the opportunity to instantly generate a global customer base.  Successfully managing a global presence, however, involves a number of moving parts, all of which must work together in tandem for the business to truly thrive in international markets.

The fundamental question to ask is “What are the key aspects I should consider before launching a global digital service?”

  • Payment Method Support.  The demographics of your target audience, as well individual country characteristics, determine what payment methods merchants should support.  Online payment methods can include credit cards, debit cards, direct debit, mobile carrier billing, pre-paid cards, bank transfers, electronic check, PayPal, and even regional/country-specific payment methods like Boleto Bancario in Brazil.  Before you expand into a particular region, understand which payment methods are most relevant, so you know how to successfully reach—and bill—your audience.
  • Sales Tax. Different countries tax digital content and services at different rates, and your marketing, finance, and infrastructure teams need to be aware of this critical function.  Managing the requirements of different tax regimes is increasingly a crucial part of any digital business, especially as lawmakers try and understand the ramifications of failing to comply with digital goods taxation requirements.
  • Currency and Language Localization. Pricing in local currencies and communicating with customers in their native language aids in overall customer acquisition and retention.  Though supporting this “localized” presence increases your operating costs, doing so should result in higher returns.
  • Regulations. Each country and/or region has its own set of regulations designed to protect consumers from exposure of their personal and/or financial information.  Whether these regulations are the European Data Privacy laws, PCI, or other requirements, ensure both your infrastructure and your company culture support the requisite privacy and security policies in your target markets.

By addressing the aspects explained in the above list, you are preparing your digital business to expand globally and take the world by storm.

Sanjay SarathyTags: , , , , , , ,
Posted by Sanjay Sarathy in Best Practices, Marketing Fury, Payments 101.201.301 | 1 Comment »

Launching A Digital Business – PCI

Tuesday, June 14th, 2011

Launching a digital business involves many decisions, but one of, if not the most critical decision that merchants must make is the process by which they become compliant with the Payment Card Industry Data Security Standards (PCI DSS), PCI DSS are in place to minimize credit card fraud via exposure.  The PCI standards outline how digital merchants need to protect personal information and secure payment transactions, no matter how small or large the merchant is.  It covers six key areas, with multiple requirements in each area.

The Six Categories of PCI Standards

Build and Maintain a Secure Network 1. Install and maintain a firewall configuration to protect cardholder data
2. Do not use vendor-supplied defaults for system passwords and other security parameters
Protect Cardholder Data 3. Protect stored cardholder data
4. Encrypt transmission of cardholder data across open, public networks
Maintain a Vulnerability Management Program 5. Use and regularly update anti-virus software on all systems commonly affected by malware
6. Develop and maintain secure systems and applications
Implement Strong Access Control Measures 7. Restrict access to cardholder data by business need-to-know
8. Assign a unique ID to each person with computer access
9. Restrict physical access to cardholder data
Regularly Monitor and Test Networks 10. Track and monitor all access to network resources and cardholder data
11. Regularly test security systems and processes
Maintain an Information Security Policy 12. Maintain a policy that addresses information security

Equally important as the actual security policies in place is instilling a corporate culture that augments and supports the PCI DSS standard to minimize incidents like the Sony PlayStation Network security breach.

The Latest PCI Data Security Rules

Despite all the literature, PCI remains an opaque issue, yet fundamental to every company that takes some form of credit and debit card payment for their service.  New guidance and clarifications in PCI compliance – known as PCI DSS 2.0 – is now upon us, and while the changes aren’t huge from the previous version, understanding them and their impact to your online business is critical.

PCI Compliance Enforcement

There are numerous costs – with financial and business implications – associated with non-compliance, ranging from fees from your acquiring bank to the actual liability of putting cardholder data at risk.  There are various levels of PCI DSS compliance and Vindicia, as a Level 1 Service Provider, goes through the highest audit bar every year, as we’ve done for the past six.  Learn more about how PCI compliance is enforced.

Sanjay SarathyTags: , , ,
Posted by Sanjay Sarathy in Best Practices, Marketing Fury, Payments 101.201.301 | 1 Comment »

Whose Fraud is That Anyway?

Wednesday, June 8th, 2011

Visa has issued new operating regulations regarding fraud chargebacks that took effect April 16, 2011.  The online regulations were just recently updated. Visa has their take on the changes to the chargeback process available.

In a nutshell, Visa has changed the rules to allow issuing banks to issue so-called “Fraudulent Transactions” chargebacks of reason code 83 without any requirement for documentation to be made available to merchants. Before these changes, issuing an 83 chargeback required the end-user to physically or e-sign a statement that there was fraud on their card, and provide a basic reason about why the charge was fraudulent.  In addition an issuing bank had to provide the cardholder’s name and details on other fraudulent charges that occurred in the same general time frame.  Now issuing banks can present type 83 chargebacks without even disclosing the cardholder name, much less the rest of the information that traditionally had been provided.

One might think, “these are just fraudulent charges so isn’t this more efficient?”  Historically, 60% of the chargebacks that digital services companies receive are in reason code 83. Over the two years prior to April 2011, we’ve generally found the need to dispute between 28% and 33% of reason code 83 chargebacks and we’ve won between 60% and 63% of the ones we fought depending on vertical. What that means is that “friendly fraud” in chargebacks marked with reason code 83 make up at least 11% of the volume of all chargebacks received by digital companies.  Since the average chargeback value is typically twice the average ticket of a digital merchant, we’re talking about issuing banks taking 0.2% of all digital services revenue and pocketing it by allowing their cardholders to get away with theft.

Of course those statistics were in a soon to be bygone era where merchants and Vindicia could hold issuers accountable. When the business imperative for the issuing bank is to retain the cardholder while they are talking with them on the phone, it should surprise no one that issuers will route many more chargebacks into reason code 83. With no accountability, they’ll be able to make their cardholder happy by allowing them to steal a digital service while extracting the cash from the merchant’s pocket and adding the additional insult of a chargeback fee!  Everyone but the digital leader wins.

We’re frankly not happy about this turn of events and think that it violates some fundamental rules of law. Stay tuned as we hope to be able to create some more fairness and accountability on behalf of our digital merchants.

Gene HoffmanTags: , ,
Posted by Gene Hoffman in CEO Blog, Industry News, Payments 101.201.301 | No Comments »

Payment Ecosystem Myths – Part 3

Wednesday, January 5th, 2011

Happy New Year!  Last month we posted Parts 1 and 2 of the Payment Ecosystem Myths series in which we highlighted topics ranging from being the “Merchant of Record” to the customer buying experience.  We have a few more myths to slay in this latest installment…

“There is no way to keep my chargeback rate below the 1% limit imposed by Visa” – This is a myth from companies that have a naturally high chargeback rate, such as gaming and dating, and that haven’t been able to control their chargeback rates in the past. This is simply not true and is a symptom that the company has limited resources and an incomplete knowledge of the possibilities afforded today by technology. As a reference point, we consistently help our clients stay under 1%.

“I don’t have a chargeback problem, our rate is at 0.2%” – On the flip side, many merchants have taken the opposite approach and dedicated resources to eliminating chargebacks altogether. This approach is also flawed for digital goods merchants. For a company with a cost of goods sold that is nearly zero, it makes no sense to turn potentially good customers away — the “false positive” problem of unwittingly turning away customers who could generate significant long-term value.  The cost of turning a good customer away — their lifetime value — often far outweighs the cost of a chargeback.

“Customers don’t like  _____________ (virtual goods, virtual currency, automatically recurring subscriptions).” – Companies regularly make decisions about their business models and customer experience based on incomplete knowledge or stories gleaned from bad past experiences. As many have advocated, testing is the best way to find what really works for your community.  The examples given in the title are encountered often and deserve special mention.

  • Virtual Goods / Virtual CurrencyVirtual goods are a proven method to engage and monetize communities and the market is estimated to be worth several billion dollars, and virtual currency is the best method to date of enabling virtual goods purchases. Virtual currencies are ideal for many digital businesses and should be considered as an option for online monetization.
  • Automatically Recurring Subscriptions – In the same vein, many companies are afraid to offer subscriptions. Subscriptions come with their own set of complications (managing them requires additional thought and solutions), but they are the best method for monetizing digital goods and content that is available. Subscriptions work very well standalone, or in conjunction with a virtual goods business and create a fantastic and predictable revenue stream. Some companies are timid about making their subscriptions renew automatically, but the most common feedback from customers is that they are thankful to not bear the burden of managing their payment.

This list, spread over three posts, spreads some of the knowledge we’ve learned while helping digital goods merchants become successful. We’re always happy to chat with you further about these or other issues — just let us know if you have something else that you’ve always wondered about digital goods or payments.

Sanjay SarathyTags: , , , ,
Posted by Sanjay Sarathy in Best Practices, Marketing Fury, Payments 101.201.301 | No Comments »

Payment Ecosystem Myths – Part 1

Monday, November 29th, 2010

Running a digital business is incredibly complicated. In addition to figuring out how to get people to pay for your product, you have to deal with the complexity of accepting their payments.

When a company starts out and is testing its market viability, it doesn’t make sense to build unnecessary infrastructure. Many companies choose the easiest solution to get started, such as PayPal or Authorize.net, and worry about scale issues once they encounter them.

The downside of this approach is that companies are in the unfortunate situation of having to learn the ins-and-outs of the online payments ecosystem while experiencing the pain associated with scale issues. The wrong payments choices can put a company in jeopardy once it starts to gain traction.  We regularly encounter companies at just this point. While we’re happy to help, our goal is to get as much information around best practices to the online community as possible.

To that end, we hear several common misconceptions around accepting payments online and thought we could devote 2-3 blog posts to this issue.

“It’s too difficult to be the Merchant of Record” Being the merchant of record is more difficult than passing that responsibility on to another party. However, companies also give up many of the levers that will drive their future success, such as:

  • Customer Data – it is much harder to know who is actually purchasing your product, making it more difficult to understand what your customers want in the product or service offering. Also, depending on the agreement, companies may not be able to take their customer data with them when changing payment providers.
  • Metrics – without key data about purchases and billing, it is hard to determine when the customer purchasing experience is not working as smoothly as it could.
  • Billing Descriptor – this allows your customers to see your company and product on their credit card statement, limiting chargebacks and keeping your brand in front of good customers.
  • Marketing – companies may be limited in their ability to reach out to their good customers, both for promotions and for billing events.
  • Recourse – companies that are not merchant of record can be shut down at any time and for any reason by their payment provider. This is a dangerous way to run a business.

So what does it take to be merchant of record? Not as much as companies think… The biggest differences are the relationship with a payment processor and managing chargebacks to keep below the 1% (of transactions) limit imposed by the card networks.

“You can’t fight chargebacks on digital goods” This myth has persisted for quite a while, despite the best attempts to eradicate it.  This used to be the case, but many companies and groups (besides Vindicia), have fought this misconception with the card networks, payment processors and issuing banks. The truth of the matter is that chargebacks for digital goods face the same regulations as those on tangible goods. The biggest reason for this myth is showing proof of delivery. For digital goods merchants this takes the form of showing logins, engagement with the product, and purchase history – all are easily captured during the course of business and can be used as proof.

The exception to this rule is chargebacks on PayPal transactions. They are making progress and we are all working towards this goal, but they still don’t allow merchants to challenge chargebacks for digital goods.

Read about more payment myths in part 2 of this series.

Sanjay SarathyTags: , , ,
Posted by Sanjay Sarathy in Best Practices, Marketing Fury, Payments 101.201.301 | 2 Comments »
  1. Pages:
  2. 1
  3. 2
  4. 3
  5. 4
  6. 5