1 / 20

Topography of a Payment Transaction

Improve your knowledge of payment processing terms, concepts, and alternate payment types. Learn about the end-to-end payment transaction lifecycle and key differences in processing methods.

jbernal
Download Presentation

Topography of a Payment Transaction

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Topography of a Payment Transaction Your source for payments education Nick Fredrick, CTO, Rebar Technology (a W. Capra Company) …

  2. Key Takeaways • Better understand common terms and concepts used in transaction processing • Conceptual view of how transactions are passed among ecosystem partners • Learn some of the key differences in processing alternate payment types

  3. Poll • How many years payment experience? • Which area of the business? • Involved in technical architectures? • Experience with APIs or online payment pages?

  4. The End-to-End Payment Transaction This presentation will take a merchant focused view of the payment transaction lifecycle. Payment Capture Merchant CRM Acquirer Card Scheme Network Brick & Mortar Billing Platform Tokenization Service Web Storefront Gateway Issuer Mobile App Fraud Solution Provider A single integration point (vendor) may provide multiple services

  5. Terminology

  6. Merchant/Customer Environment

  7. Secure Checkout Redirect – Pay Page Merchant website sends a redirect command to the customer’s browser. The customer’s browser then requests a payment form from the PSP. The PSP creates the payment form and sends to the customer’s browser. The customer’s browser displays the PSP’s payment form. The customer enters account data and sends to the PSP. The PSP receives the account data and sends it to the payment system for authorization. Source: PCI Best Practices for Securing E-commerce Apr 2017

  8. Secure Checkout Redirect – iFrames The merchant website creates an iFrame within the current webpage. The customer’s browser requests the payment form from the PSP. The PSP creates a payment form and sends to the customer’s browser within the iFrame The customer’s browser displays the payment form within the iFrame located on the merchant page The customer enters their payment details into the iFrame containing the PSP’s payment form. The PSP receives the account data and sends it to the payment system for authorization. Source: PCI Best Practices for Securing E-commerce Apr 2017

  9. Secure Checkout – Comparison Hosted Payment Pages Simplest to implement Less styling control Integrated Frames/Forms Integration complexity Greater UX control

  10. Transaction Handoff • Handoffs can occur between merchant and: • Acquirer • Gateway • Tokenization Service • Network (Amex) • Any entity • Issuer direct happens, but is far less common

  11. Transaction Data / Metadata { • Typically includes key data elements such as: • Sale or Refund Amount: ‘795’ - $7.95 • Merchant Order ID/Number: 98167502834 • Primary Account Number (PAN): 475682xxxxxxxxx4321 • Expiration Date: ‘0622’ – June 2022 • Security Code: 123 • Billing Address: 123 Holly Street Chicago, IL 60601 • POS Entry Mode (web, phone, terminal (swipe, keyed, EMV): ’09’ – e-commerce • POS Entry Environment: ‘R’ - Recurring • Dates (order date, transaction date, effective date): 2019-08-15 • Soft Bill Descriptors (max 25 char): ABC*website.com8005551212 • L2 & L3 data (for B2B): PO #, Tax Amount, Destination Address, Item SKU, etc. Always consult the vendor’s integration guide for requirements and data formats

  12. Response Data / Metadata { • Responses typically include data elements such as: • Vendor Transaction ID: ‘9278402i937ju19090s’ • Response Code: ‘000’ • Response Message: ‘Approved’ • Authorization Code: ‘84652’ • PAN is typically not returned, token value is if enabled • CVV is never returned (and merchants must not store) • Response codes for other checks • Fraud • AVS • CVV

  13. Stored Credential Framework Rules • Summary: • New rules/guidance on storing payment credentials for future use • Introduced in 2017 and compliance monitoring officially began Oct 2018 • Benefits for merchants and consumers • Lower fees, reduced chargebacks, more transparency for consumers • Non-compliance assessments are TBD • Key Impacts to Merchants: • Merchant disclosure and consumer consent to storage • Perform $0 verification if no immediate charge. Do not store card declined by issuer. • Indicators in transaction submissions which identify CIT (Customer Initiated Transactions) and MIT (Merchant Initiated Transactions) Visa Stored Credential Framework: https://usa.visa.com/dam/VCOM/global/support-legal/documents/stored-credential-transaction-framework-vbs-10-may-17.pdf

  14. External Transaction Environment • Routing • Credit/Sig Debit/Branded Prepaid: Visa, MC, Discover, Amex • PIN and Pinless Debit – NYCE, Star, Pulse • ACH – Operator • In-house (Acquirer = Issuer) • Gift card and proprietary cards • Acquirer optional value-add services • Fraud Screen • Tokenization Vault • Velocity Checks • Duplicate Checks • Bill Descriptors • Account updater services

  15. Clearing and Settlement • Credit card authorizations must be “settled” • Most commonly host-capture in CNP • If merchant-capture: Batch Files • Fixed format file • FTP

  16. Transmission Types

  17. Why Transactions Fail Do Not Honor – Check out session on ‘”Decoding the response code”

  18. Other Payment Types – Key Differences

  19. Summary • Merchant payment ecosystems can vary significantly • Rules and Regs have a major impact on how transactions are processed • Products and offers will dictate different processing rules • Its an API world • Talk to peers and vendors to understand capabilities and fit for your business

  20. Thank you • Don’t forget to submit your session evaluation! • Nick Fredrick, CTO • nfredrick@rebartechnology.com

More Related