4Market Trends What is Changing? Convergence of online & offline commerceIncreased security threatsIncreased levels of regulatory changeChanging technologiesConsumer expectations are risingNew emerging shopping behaviors
5Market TrendsToday’s card processing environment is much more sophisticated and complex than just swiping a card at the point of sale.Consumers are increasingly expecting an integrated buying experience that is personalized, secure, and smart.Today’s customer wants to pay whenever and wherever they want and expect to be able to do so.Merchants need to be ready to provide the payment types and payment channels their customers want to use while meeting compliance regulations and protecting against fraud.The lines between in‐store commerce, ecommerce, and mobile commerce are blurring. We call this evolution Universal Commerce.
7Getting started with Universal Commerce Broaden payment options and build an integrated customer experienceeCommerceMobile PaymentsEMVIntegrated Customer Experience
8Redefining the POSAccepting, enabling, and settling any transaction, any service, any technologyAny Payment, Any TechnologyCounter Terminal DevicePOS SoftwareMobile PaymentsEMV / ContactlessOnline/CNP PaymentsWireless DeviceMobile Acceptance DevicesCREDITDEBITPREPAIDElectronic Check TerminalPIN Pad + Contactless + Two-way + NFC + EMVWhat’s your plan to upgrade and take advantage of the Universal Commerce environment at the POS?
10eCommerceeCommerce and Direct Marketing (Mail Order/Telephone Order) merchants have a unique set of payment processing needs and challengesAlways open for businesseCommerce is a 24 x 7 business. Merchants need the most reliable, highly redundant payment processing partner in order to ensure that no order is ever lost due to system outage or error.Broader range of payment types online vs. POSTo maximize their market, merchants are expanding the payment mix to Alternative payments including eCheck, PayPal™ and Google Checkout™.Expansion to International marketsMerchants are expanding into European, Asian and Latin American markets. Need support for various currencies, various alternative payments while minimizing processing relationships.Merchants own the fraud liabilityeCommerce merchants assume 100% of the liability for fraudulent transactions.Delivering fraud management tools including Card Verification Service (CVV/CID), Address Verification Service (AVS) and 3D Secure Services (Verified by Visa, MasterCard SecureCode) enables merchants to manage interchange rates and liability associated with chargebacks.Flexibility to process in online or batch environmentDepending on the merchant’s business model, batch or online authorization may offer the best solution at the lowest cost.
11eCommerceE-government initiatives have moved beyond providing passive, informational web sites to developing the capability to support a variety of interactive, onlinetransactionsSimple interactions between citizens or businesses and governmentCheck the status of paid or unpaid parking violations by vehicle registration numberComplete application to secure a building permitResearch higher education course offerings onlineMore complex interactions including making a payment online- Pay unpaid parking violation or fine online- Pay building permit fee online- Pay course registration fees onlineInterface with third party vendorsSystem interfaces with parking meter hardware and software vendorsIssue and print the building permit online.Interface with third party tuition software vendor for tuition payments
12eCommerce Growth forecast of U.S. Consumers Online Activity Sources: eMarketer ; PhoCusWright, ; Glenbrook analysis; FDC analysis
14The Mobile Commerce Revolution… The next disruption in paymentsPayments 2.0eCommerce90’s to ‘00sMagnetic Stripe Card and POSPayments 3.01981 / 1995Payments 1.0CardsNew ways to payNew ways to be paidWays to do more than pay60’s / early 80’sPay at the PumpChip & PIN,Cards at QSRContactless EMV90’s‘00s‘00sPre Plastic
15Mobile CommerceHow will your customers access the internet?
16Javelin Research 2009-forward Smartphone Adoption Curve Mobile CommerceIt’s been a question of when, not if…until now…Javelin Research 2009-forwardSmartphone Adoption CurveShare by Major Player
17Mobile Commerce - Smart Devices Devices enabled with the latest integrated, cloud-based applications and the most advanced security capabilitiesMobile DevicesAccept credit and debit payments using your smart phone or tabletSmart DevicesContactless TerminalsAllow your customers to check out with a single tap of a mobile phone, card or fobMulti-function PeripheralsTake the PIN pad beyond debit acceptance to enable current and future technologies like contactless, offers and mobile paymentsMobile Payment ApplicationsMobile WalletsEMVGlobal TerminalsAccept virtually any type of payment, plus gift and loyalty cards securely with EMV and TransArmor® solutions
18Mobile Commerce Introducing Google Wallet Make your phone your wallet
19A Revolutionary Partnership Google, First Data, Citi, and MasterCard collaborated to bring the latest innovation in commerce to life…together, we’re launching Google Wallet to millions of tech savvy consumers and merchantsOpen Mobile wallet and offers platformNFC Android Handset(s)Google Terminal SpecificationMarketing FundingNFC Android Handset DistributionConsumer Marketing FundingLead Merchant AcquirerTSM/OTA Services (Citi & Google)Merchants/Contactless ReadersPrepaid “Card” (by Money Network)Merchant Marketing FundingWelcome Kit FulfillmentInitial Consumer Credit AccountsNew Accounts/Apply NowConsumer Marketing FundingInitial Network BrandTerminal & Merchant Funding SupportValue Added Services
21New Payment OptionsEcommerce and Mobile commerce require a comprehensive suite of paymentcapabilities including alternative payment types and advanced services designedspecifically for ecommerce merchants to help grow their business while providingthe payment options today’s customers expect and demand. These paymenttypes and advanced services may include:PayPalTMMulticurrency processingBill Me Later®Dynamic Currency ConversionGoogle CheckoutTMFraud Protection ToolsAcculynk PaySecureHosted Recurring PaymentseCheck/ACHRobust Electronic Reporting ToolsGift or Loyalty CardsLevel III processingRetail/Card Present processingEncryption and Tokenization Solutions
23What Is EMV?Global interoperable standard for chip-based payment cards created byEuropay, MasterCard and Visa- Now maintained by EMVCo, LLCEMV payment cards improve security over magnetic stripe technologythrough an embedded computer chip.- Interacts with EMV-enabled POS terminal- Validates the card is legitimate, protecting against counterfeit cards- Cardholder verification authenticates the cardholder, reducing fraudulenttransactions resulting from lost or stolen cards- EMV standards support either contact (insert) or contactless (tap)- Authentication can be either “chip & PIN” or “chip & signature”- Supports issuer options to allow offline authorization with PIN validationEMV is the technical interoperability standard that ensures chip-based payment cards and terminals are compatible around the world. The term refers to Europay, MasterCard and Visa, the three companies that originally developed the specifications in Today the EMV standard is managed by EMVCo LLC, which is equally owned by American Express, JCB, MasterCard and Visa.For merchants, the use of chip-enabled cards means greater security and more streamlined processing, especially when chip is combined with PIN authentication, which can reduce fraud. Merchants are likely to experience other benefits as well, including fewer chargebacks, increased opportunity for self-service and portable POS stations, marketing opportunities tied to mobile payments, more streamlined check-out with contactless “tap and go” payments, and loyalty program applications integrated onto the smart chips of merchant-specific payment devices. Merchants should explore all the potential opportunities that smart cards enable beyond security at the POS.
24EMV$8.6 billion – Estimated total cost of fraud per year in the United States (0.4% of the $2.1 trillion card payment industry)32% - Lost/Stolen, Counterfeit & Non-receipt fraud account for 32% of 2008 US fraud losses, representing approximately $2.9 billion95% - EMV deployment in the US is estimated to eliminate 95% of lost/stolen fraud90% - An estimated 90% of counterfeit card fraud could be eliminated with EMV deployment in the USSource: Aite Group, “Card Fraud in the United States” – The Case for Encryption, January 13, 2010
25EMV Important dates to remember: October 1, Visa will expand its Technology Innovation Program (TIP) to the U.S. TIP will eliminate the requirement for eligible merchants to annually validate their compliance with the PCI Data Security Standard for any year in which at least 75 % of the merchant’s Visa transactions originate from chip- enabled terminals. To qualify, terminals must be enabled to support both contact and contactless chip acceptance, including mobile contactless payments based on NFC technology. Contact chip-only or contactless-only terminals will not qualify for the U.S. program.April 1, Visa will require U.S. acquirer processors and sub-processor service providers to be able to support merchant acceptance of chip transactions no later than April 1, 2013October 1, 2015 – Visa intends to institute a U.S. liability shift for domestic and cross-border counterfeit card-present point-of-sale (POS) transactions. Currently, POS counterfeit fraud is largely absorbed by card issuers. With the liability shift, if a contact chip card is presented to a merchant that has not adopted, at minimum, contact chip terminals, liability for counterfeit fraud may shift to the merchant.
27Fraud Protection $139 Billion lost to Fraud in 20091 For every $100 in fraudulent transactions, retailers incurred $310 in total losses1While EMV is a global standard that is proven to reduce card fraud, it isn’t the all-encompassing security remedy that the payments industry would like to haveAdditional layered safeguards are still needed—in particular for data security beyond the POS, and also for eCommerce and other card-not-present (CNP) situationsMerchants are looking for solutions to lower their PCI compliance costs and responsibilitiesEMV does not encrypt the primary account number (PAN); EMV authenticates that the chip (card) is valid, and the Pin validates the right cardholder (owner of the card) is present. EMV does not protect the card data in use, in motion, or at rest. End-to-End encryption and tokenization solutions like the First Data TransArmor solution work with EMV as part of a multi-layered security program. TransArmor encrypts the payment card data from the moment of capture until it reaches the processor for decryption and then returns a random-number token post-authorization so that the PAN never enters the merchant’s card data environment (CDE).1LexisNexis, 2nd Annual True Cost of Fraud Study
28Fraud Protection Industry Trends 78% of breaches focused on stealing payment card data in 20101900+ breaches occurred between 2004 and with another happening in 2010 aloneIn 2010, the average cost of coping with a data breach rose to $214 per compromised record2Merchants have spent more than $1B on PCI-DSS compliance3The value of credit card numbers make them the most targeted information for theftMerchants can face fees of $5,000 - $100,000 per month for violating PCI compliance requirements - PCI Compliance GuideYes PCI compliance is no guarantee against a breachPCI Compliance requires significant – and on-going – effort andis no guarantee of security against a breach1 Verizon, 2011 Data Breach Investigations Report, Verizon Business RISK Team in cooperation with the U.S. Secret Service, 20102 Ponemon Institute, LLC, 2010 Annual Study: U.S. Cost of a Data Breach, March 20115 Letter to Bob Russo of the PCI Security Standards Council from the National Retail Federation, et. al., June 9, 2009.
29Fraud Protection -TransArmor Move burden of protecting payment card data to First Data using a multi-level defenseThe OpportunityReduce number of places where card data existsPoint-of Sale systemsCRM systemsMIS databases / reportsRemove burden of protecting payment card data from merchantReduce Card Data Environment and PCI compliance effortsThe SolutionCombines encryption and tokenization to protect data at every processing stageComplimentary to Card Authentication technologiesRemoves payment card information from merchant by replacing Permanent Account Number (PAN) with a ‘Token’Maintains all the merchant’s business benefits of storing the payment card data without the associated riskWarrants Token against compromise and fraudulent use
30What is the TransArmor Solution? TransArmor is a combination of encryption and tokenization technologiesSecures the transaction with encryptionRemoves card data from the merchant environment with tokenizationWorks as a part of the payment transactionIn most cases, does not require merchant to buy new systems
32Join the Universal Commerce Revolution Please stop by the First Data table to receive more information on solutions to meet all of your Universal Commerce needsAll trademarks, service marks and trade names used in this material are the property of their respective owner.