Archive for December, 2008
| |
|
|
Posted ( db) in General on December-29-2008 |
|
|
I was reading Wendy’s Annoying Gift Card Policy Keeps ‘Em Coming Back on consumerist.com this morning, It is a short article, but here is the gist of it:
If I buy food totaling 20.84 from Wendy’s and pay with two fifteen dollar gift cards, how many gift cards should I have left?
…
If you work at Wendy’s, the confusing answer is ‘2′.
…
I ordered my food, handed the employee two gift cards, and a full five minutes of her fiddling with the credit-scanner, got my food. When I received my gift cards back, I received two, one with about three dollars and another with roughly seven, not the one with approximately ten. Curious, I asked why. Gleefully, the the Employee responded with "It’s policy to divide them up evenly between all the gift cards. That way, it’s more likely that you’ll come back!"
Some comments came to my mind :
- This may or may not of been Wendy’s/Arby’s official policy – what a store employee and/or its manager says, or owner/operator/franchisee says I’d take as a grain salt unless it is consistent across stores and employees.
- I have had similar experiences that have frustrated me as a consumer at the Point-of-Sale that either come down to poor systems design/integration or poor training of staff – Ever see glazed eyes when you present a gift card ?
- Training Issues – I recently ordered some food at a similar quick service restaurant and the person didn’t know how to run a credit card, he swiped the card, but didn’t enter an amount, and I paid for another person’s meal, who paid for another and so on. (This was with a shared stand alone terminal – I think it was actually a Hypercom T7p) It’s pretty funny when you payment card receipt doesn’t match the register receipt.
- Poorly designed system or integration with cash register’s and or payment terminals. This can depend on if the gift card issuer supports partial authorization, has the ability to return a balance, and if the POS equipment can handle this or not.
- Lastly: If you are a merchant, the customer doesn’t care about "how the system or computer works", or excuses, they want to engage in effective commerce, and move on. Frustrations at the sale or return process encourage your customer to go somewhere else. There is one electronics retailer that I will not return to because they made me wait for them to do an "inventory count" of a product before I could do a return. Don’t let technology not enable you, and don’t let it disable you, have processes to handle exceptions in an off-line mode, to keep the lines moving
|
|
|
|
| |
|
|
Posted ( db) in General on December-24-2008 |
|
|
Merry Christmas and Happy Holidays from Payment Systems Blog !
Photo by Andrew*
|
|
|
|
| |
|
|
|
|
|
|
I was having a discussion recently about payment processing in e-commerce environments, specifically Batch versus Real-Time Authorizations. Batch processing has a one-a-day connotation, or that it is simply file based. Why would you not want to send transactions real-time was the question to me?
My Answer: Any time you are not face to face with a customer or if there is a delay before the customer receives the product or service, you should do Near-Time authorizations with the intent of not allowing the mechanics of the authorization impact the customer.
Let me explain:
It comes down to the customer checkout experience as well as to help prevent shopping cart abandonment the payment process should not be an impediment to the customer ordering an item. Especially if there is a glitch, communication issue, or any other outage in the authorization process including late or slow replies. You don’t want your customer to get frustrated during the order process, because they will go some where else to shop.
What is an alterative approach ?
Take the order, log it in a Database with a status of "Payment Pending" or "Authorization Pending" Have a batch process or scheduled task or cron job that runs on a periodic basis to loop through the list of Orders with Pending Payment Statuses, Securely acquire the required authorization data elements required for the authorization request (Considerations need to be made regarding the retention of CVV2 subsequent to the authorization request, and how the authorization data is managed between the order and authorization request ) and perform Near-Time Authorizations for these orders. Approval responses update the Order Records in the Database, and "errors" and are placed to try again at the next run (Consider Reversals and Duplicate Transaction Checking here on error responses to protect your customers open-to-buy) Declines are noted as Payment Failed, and you send a payment email allowing your customer be notified that the authorization failed, and prompt them to update their payment information on a Secure Account Web Page or call you to provide it over the phone. (Note this method wont work if you are doing any 3D-Secure – Verified by Visa, MC Secure Code , stuff — Which I’ve used I think 2 times in the last 5 years.)
Our you could do it real time and put a message on your cart to your customer, "Please Try Again Later" when an issue occurs with your payment gateway or processor — They will Try Again Later, somewhere else.
In retail environments (or in e-commerce environments with large volume) where real-time is required, you need a redundant payment switch that can handle multiple outbound connections to your processors primary and secondary authorization centers (geographical diversity in their data centers) that run on separate connections (routers, outbound copper, and different telcos) but also read this here, Andy talks about this in a little more detail, and talks about geographical diversity that runs though a common CO in an issue that a client had with an authorization provider.
|
|
|
|
| |
|
|
|
|
|
|
Years ago I assisted a company that developed magstripe readers that would operate in vending machines, copiers, laundry machines for a project related to college campus cards. My part was to assist them with both the message formats, connection methods, as well as selecting transaction types and device captures modes (Host Based Capture works the best in this model, BTW) for integration to a payment switch and authorization host and ultimately certifying the different devices.
While I was in Dallas last week I took a snap shot of a vending machine that had a similar device:
These are not new, but I don’t visit Vending Machines like I used to and don’t see that many Vending Machines that accept payment cards. This appears to be a model from USA Tech called the ePort. I got a water and coke for a total of $3.00, btw
|
|
|
|
| |
|
|
|
|
|
|
I was looking at a few old pictures of my old office at a small Third Party Processor (TPP) where I was Director of Development and Technology and that I lived in for ~8 years, that had a small test lab in my office. These are probably circa 2000-2002 or so, and it required to have physical machine to run different test systems back then. All were white boxes that I put together from parts, let me take a stab at what they did from memory:
|
|
|
Above:
|
 |
|
Above:
|
Now I have an shuttle PC with 8 gigs of RAM and VMWare ESXi as a test server, and a Vista x64 workstation with 8gb of ram and VMWare Workstation for dev and a Black MacBook for travel with 4gb and VMWare Fusion. I’ve consolidated a bit Oh, I also have a XEN instance of Windows 2003 on another Linux box BTW, I was an early user of VMware version 3.0 and used it to run Linux guests on my laptops, but that was when RAM was not so cheap, and these boxes had memory limits.
Virtualization rocks for development and testing.
|
|
|
|
| |
|
|
Posted ( db) in OLS on December-16-2008 |
|
|
After getting my mail today from a frozen shut mail box, nothing that a little of this couldn’t handle, I got to see (OLS – Company Profile in The Green Sheet) in its print edition first hand. It should also be noted that this is the The Green Sheet I’m referring to, not this one Which I did a double take seeing when I was spending the day in Downtown Dallas last Friday. If you don’t get The Green Sheet and are in the Payments Business – especially the ISO/MSP side – you are missing out – I’ve been a reader since 1999 or 2000 I believe, if not earlier. Subscribe here.
|
|
|
|
| |
|
|
|
|
|
|
 Everyone should be familiar with Twitter, Blogs, Facebook & Linked-in, to name a few of the social networking tool sets, This post is mostly for Twitter but applies to others. I was doing some reading and ran across this blog post "Why I Use Twitter: -or- Social Media in the Payments Industry" I don’t even need to write an answer about this: I can provide an example of my colleagues experience: Why I use Twitter (How Randy San Nicolas attend a Social Networking Session at the BAI Confenece and met on Twitter with John Ryan, another attendee.).
I have had similar experiences, posting that I subscribed to MAKE Magazine and Picked up an Arduino Duemilanove got me a direct reply, A few blog posts about MagTek’s Magne-Safe Reader, got me a email from a MagTek Engineer – he was likely using Google Alerts My post on LastPass.com got a timely reply from LastPass.com — they were using Google Blog Search. I ran into an old friend I haven’t seen in 10 years or so, she asked me if I was on Facebook and that we could catch up using that. Simple. Companies can monitor the blog-o-sphere and social networks and adapt directly to customers, while users can network and expand their knowledge and contacts.
I’ve been using Twitter for over a year now, mostly as a way to keep track of colleagues and co-workers schedules and tasks, as well to update "What I’m doing" as well, and have received some interesting replies and met some new contacts and friends.
Any one have any other experiences to share ? You might learn a little from me, and I’ll learn a lot from you.
|
|
|
|
| |
|
|
|
|
|
|
 In Issue 081201 of The Green Sheet There is a Company Profile of OLS (On-Line Strategies, Inc)
Hugh Bursi, Director of Marketing of OLS worked with the Green Sheet to put this company profile together. Although the article doesn’t reference me or my 12 years of Payment Experience (Which is small compared to Hugh and Andy’s ) at a Third Party Processor as Director of Technology and Development where I worked with both Insuring and Acquiring Bank’s and ISO’s, it is a great article and great to be in The Green Sheet!
|
|
|
|
| |
|
|
|
|
|
|
 On my jPOS page I added a link to a screencast that I did that shows the basic configuration and usage of the jPOS SysLogListener.
If you are not familiar with syslog, it is the logging daemon for Unix and Linux. There are implementation’s for MS Windows as well, such as Kiwi Syslogd. (and some that peel entries from the Windows/NT Event Log and forwards then to a centralized syslog server) Many alerting systems are based off of syslog events where you can define an action to call an external program/script, send an email/page/SMS notification. Or you can even use splunk as a syslog daemon and "google" your logs.
Enjoy the screencast.
|
|
|
|
| |
|
|
|
|
|
|
I read that the PA-DSS Validated Application List has been published by the PCI Council. This is expected as PABP is now know as PA-DSS and the PCI Council is taking ownership of the program.The PA-DSS List of Validated Applications is viewable here:
We are Visa PABP compliant, ( see the VISA PABP List and screen capture below ) but I am a little disappointed in the PCI Council, because we are not listed on that list… looks like it is time to make a few phone calls to see why and rectify the issue. I know the the PCI Council now grants us the opportunity to pay $1250 a year to be listed, but we have not received any communication or such invoice from the PCI Council.
I’ve also asked our auditor and received this reply:
"You are not the only one to be affected by this. When I looked at the list, there were only 85 applications listed out of the many hundreds that were listed on the Visa PABP site. So it appears to me that the PCI SSC has not completed their migration"
|
|
|
|
|
|
