Reseller Toolkit  >  Learn  >  Newsletter Archive  >  Reseller Newsletter - September 2005  

Reseller Newsletter - September 2005

As 2005 rolls into its second half, things keep moving along for Authorize.Net and the payments industry in general. We are busy at work on several important project releases to enhance your business and your merchants' businesses including new eCheck.Net buy rate programs, QuickBooks reporting abilities, new Multiple User Logins functionality for the Merchant Interface, and more! As always, our priorities are to continually identify and implement new features and functionality that meet the evolving needs of your merchants, while remaining a leader on industry security and fraud prevention initiatives. Read on to learn more...

eCheck.Net® Enhancements

In mid-September we will be announcing our second release of major enhancements for eCheck.Net in the past year. The key piece of this upcoming release is significant changes to eCheck.Net's pricing model, which means new opportunities for you to increase sales and profits reselling eCheck.Net.

Specific benefits for you include:

  • You may now configure eCheck.Net sell rates for your entire portfolio or by merchant.
  • New, lower buy rates provide you with maximum flexibility to offer special deals.
  • eCheck.Net now supports discounts for high-volume merchants and flat-fee pricing for low-risk merchants in the government, utilities, insurance, and higher-education industries.
  • You can now initiate the eCheck.Net setup process from within the Reseller Interface.

In addition, this new release includes some great merchant benefits:

  • Improved up-front transaction validation returns the status of transactions faster, enabling merchants to ship product sooner.
  • Additional reporting resources available to merchants make reconciliation easier.
  • A new streamlined eCheck.Net application speeds up the approval process.

Look for these eCheck.Net enhancements to arrive soon!

QuickBooks Integration

Authorize.Net is constantly working to meet the growing needs of you and your merchants. Customer requests are a high priority on our product development roadmap and we are always thrilled to be able to announce new releases that are a direct result of reseller and merchant feedback. In that spirit, Authorize.Net will soon be announcing QuickBooks download capabilities in the Merchant Interface.

QuickBooks is Intuit's financial management system for small and medium-sized businesses. With QuickBooks, data such as accounts receivable, accounts payable, customer lists, vendor lists, employee lists, and expense and time tracking can be managed easily and safely.

Additional information on this new feature will be coming later in the year.

Multiple User Logins

Authorize.Net is gearing up to release multiple user logins functionality for the Merchant Interface in early 2006. This highly anticipated feature will allow merchants to streamline their employee and transaction management processes as well as strengthen account access security.

A key feature of this release will be the ability for merchants to create unique account Login IDs. As a result, at the implementation of this feature in early 2006 merchant Login IDs will be removed from the Reseller Interface Add Merchant page and download Reports. If you use the merchant Login ID in your business management software or other systems, this change may have a significant impact. Please evaluate your existing merchant management processes to determine how you should plan and prepare for this change, which will occur shortly after the holidays. The Authorize.Net, or Payment Gateway ID is already included in almost all of the Reseller Interface reports and can be used in place of the Merchant Login ID.

Additional information regarding multiple user logins will be communicated to you and your merchants in the following months. For questions about how this project may impact your merchant management processes, please contact your Authorize.Net account representative or Reseller Support at resellersupport@authorize.net or 888-437-0481.

PCI News

In mid-March, Authorize.Net announced a partnership with AmbironTrustWave to provide Payment Card Industry (PCI) Data Security Standard compliance services, including network scans and assistance with self assessments, to Authorize.Net merchants at a discounted rate. Merchants and resellers interested in learning more about this offer or about PCI compliance in general should visit http://authorizenet.trustkeeper.net. Please note that registration on AmbironTrustWave's Web site is required in order to log in.

Since this offer was announced, numerous Authorize.Net merchants have successfully completed their PCI compliance validation. In a limited number of situations, questions have been raised regarding tools or services supplied by Authorize.Net. We have worked closely with AmbironTrustWave to address those concerns and want to communicate them to you to alleviate any concerns you may hear from your merchants.

  • Issue: Authorize.Net accepts transactions with just a login ID, NO password is required (WebLink)
    Resolution: WebLink is a legacy integration method that may not meet the needs of today's e-commerce merchants. In the past three years we've taken a number of steps to improve the overall security of WebLink, while working to migrate merchants using WebLink to more robust integration methods such as Advanced Integration Method (AIM) and Simple Integration Method (SIM). Additional information on Authorize.Net connection methods can be found here.
  • Issue: There are not separate administrative and regular user Merchant Interface logins
    Resolution: The Multiple User Logins feature described above will fully address this concern.
  • Issue: Weak login IDs and/or passwords are accepted and the password never expires
    Resolution: For the past several months we have been actively contacting merchants with legacy or weak login IDs and forcing them to update their login IDs to stronger values. The Multiple User Logins feature will further enhance our access security by forcing the use of strong passwords that can be reset periodically.

PIN-Based Debit vs. Signature Debit

As members of the payment processing industry, we recognize that there are many types of "plastic cards" out there. The industry is particularly complex when it comes to understanding how signature and PIN-based debit transactions differ. Authorize.Net regularly receives question such as: What is required to process a signature or PIN-based debit transaction? Do Interchange rates differ among signature or PIN-based debit transactions? For this reason, we've outlined some basic definitions and some facts to keep in mind regarding debit transactions.

  • Debit cards are bank cards that carry a Visa or MasterCard logo and deduct funds automatically from the cardholder's bank account when a purchase is made.
  • There are two types of debit transactions: Signature Debit (also referred to as "Offline Debit") and PIN-Based Debit (also referred to as "Online Debit").
    • Signature Debit transactions occur when debit cards are processed—similar to traditional credit card processing. Signature Debits require the cardholder's signature for authorization and can occur online, by mail or telephone order, or at the point of purchase.
    • PIN-Based Debit transactions are authorized by the customer keying in a Personal Identification Number (PIN) into a point-of sale (POS) terminal equipped with a scure PIN pad.

Key Points:

  • In addition to credit cards, Authorize.Net currently processes Signature Debit transactions for both Card Present (CP) and Card Not Present (CNP) transactions. Because Interchange fees are lower for Signature Debit transactions than for regular credit card transactions, resellers can realize higher margins when their merchants process Signature Debit transactions through the Authorize.Net Payment Gateway.
  • PIN-Based Debit transactions carry even lower Interchange rates than Credit Card and Signature Debit transactions. Because they are less expensive for merchants to process, PIN-Based Debit transactions have grown in popularity: according to the Nilson Report, PIN Debit transactions now account for 37% of U.S. debit purchase volume (The Nilson Report, May 2005). Authorize.Net is responding to this demand and exploring opportunities to expand its CP services to include PIN-Based Debit transactions at POS. This initiative will allow CP merchants to process transactions through the Authorize.Net Payment Gateway at the lowest possible Interchange rates. Look for more information on PIN-based transactions in early 2006.

Summary Table:

TRANSACTION TYPE METHOD OF AUTHORIZATION FUNDS DRAWN FROM POSSIBLE SETTINGS
Credit Card Signature Line of credit E-commerce, MOTO or POS
Signature Debit Signature Bank account E-commerce, MOTO or POS
PIN-Based Debit PIN Bank account POS

Card Present Update

The list of third party solution providers that have integrated their products to the Authorize.Net Payment Gateway continues to grow at an impressive rate. In most cases, this means new sales opportunities for you, our valued resellers—both with the new merchants you sign up, as well as with the products and services you sell.

As a reminder, in order to resell Card Present (CP) solutions on Authorize.Net you must be enabled for CP setups in the Reseller Interface. If you would like to be set up for CP capabilities, please e-mail bizdev@authorize.net. Similarly, merchants that you sign up with CP services must have a CP payment gateway account as well as a CP merchant account.

There are many CP solutions already integrated to the Authorize.Net Payment Gateway. Two such solutions we would like to spotlight are:

  • ZyXEL G-4100 Router (http://us.zyxel.com) – an 802.11g wireless "hot-spot" router with printer and embedded credit card billing module for deployment of Internet access and e-mail services in coffee shops, restaurants, and hotels. The ZyXEL is a great solution for service providers looking to provide quick and simple deployment of Internet access while creating new revenue streams. Customers are charged a fee to connect to the wireless network by the minute, hour, or for an unlimited amount of time. Credit card payments are enabled through Authorize.Net.

    The ZyXEL G-4100 is a great product to add to your portfolio of solutions. It provides a new and compelling value to merchants, and a new application for Authorize.Net and e-commerce credit card accounts. For more information, please contact Linus Huynh at 714-632-0882 ext. 273 or at linus@zyxel.com.
  • (http://www.cybernetww.com) – an all-in-one payment and thermal printing terminal featuring a 32-bit processor that supports Ethernet communications with Secure Sockets Layer (SSL) encryption. The JadeAdvantage IP POS Terminal provides Authorize.Net resellers with the opportunity to offer a highly functional and competitively priced IP terminal to merchants that want to take advantage of broadband service within their retail locations.

    For a limited time, CyberNet is offering Authorize.Net resellers special pricing of $330.00 for evaluation and pilot projects. This offer includes:
    • JadeAdvantage IP POS Terminal
    • Authorize.Net application software
    • Free delivery
    • Toll free terminal support for merchants and resellers

    For more information, please contact CyberNet at 408-432-5075

General Protection From Fraud

Payments fraud continues to be innovative and evolutionary, which is why the Authorize.Net Fraud Management Team is dedicated to identifying and eradicating fraud in all its forms. Though merchants often become victimized, they aren't the only targets. Scams that target resellers and other members of the payments industry are surfacing as well, which serves as an eye-opening reminder that we all need to be vigilant when it comes to watching for and fighting fraud. Here are some cautionary guidelines that can help you and your merchants avoid fraud:

  • Be cautious when researching or following up on business development or sales leads from unfamiliar foreign entities. These types of organizations are prone to scams.
  • Be cautious when receiving payment gateway service applications from U.S. citizens working with or on behalf of unfamiliar foreign entities. To avoid business risks, scrutinize payment gateway service applications that are out of the ordinary.
  • Be cautious when providing accounts for U.S. citizens that are planning to manage an Authorize.Net or other payment gateway account as part of a condition for a business arrangement, partnership or employment.
  • Always keep an eye out for anything that might potentially be identity theft. Many fraudulent organizations use stolen identities in an attempt to legitimize their business.
  • Always create complex account passwords and login IDs and implement practices to safeguard the locations where that information is stored on your computer system or network. Account passwords and login IDs should not be easily guessable and should never include a consistent pattern such as a prefix. Also, be sure to educate your merchants about creating and properly storing complex account passwords and login IDs.
  • Change complex account passwords regularly, at least every 3-6 months. This is crucial to maintaining a strong foundational protection from fraud. If you don't have one already, formalize a password change policy and work with your computer systems or network manager to implement the appropriate controls. Encourage your merchants to do so as well. Even the smallest merchant with one computer can and should implement a password creation and change policy. For more information on strong passwords, please review the Authorize.Net Password Policy White Paper at http://www.authorize.net/files/PasswordPolicy.pdf.
  • Merchants that combat fraud proactively benefit from the strongest protection. Encourage your merchants to get educated and be proactive about protecting themselves from fraud. Advanced fraud fighting tools, such as the Fraud Detection Suite (FDS), are designed to help merchants combat specific types of fraud based on common indicators. When setup, configured, and used strategically, advanced tools can provide optimal fraud prevention. For more information on FDS, visit: http://www.authorize.net/fds.

Introducing Neil Buckley

Authorize.Net is pleased to announce the addition of Neil Buckley to our team as Vice President of Development Engineering. With more than 15 years experience in software engineering, Neil brings with him a proven track record for developing successful products and delivering high quality, innovative solutions. Prior to joining Authorize.Net, Neil was VP of Development for Vallent Corporation (formerly WatchMark), a company that allows service providers to effectively monitor the performance of the network, the service quality of customer deliverables, and the management of Service Level Agreements (SLAs). At Vallent, Neil was the leader of global development and had responsibility for software development, quality assurance (QA), architecture, tier three support, engineering, project management, and technical publications. He managed the growth of the development team from a handful of people into a global organization with 130+ development staff developing multiple product lines. Previous to Vallent, Neil worked in engineering roles of increasing responsibility in London, Tokyo, and France.

Neil's overall responsibilities at Authorize.Net include long-range direction and delivery of all product development initiatives, as well as applications, network systems, database management and system security; and assuring that they adhere to Authorize.Net's quality and security standards.

Neil has a Bachelor's degree in Physics from the Imperial College, Royal College of Science, London University; and a Master's degree in Computer Science from Manchester University.

Upcoming Shows

Look for Authorize.Net's booth at these upcoming shows. We look forward to seeing you there!

2005 ETA Strategic Leadership and Networking Forum – September 27-29
Charleston Place, Charleston, South Carolina
(http://www.electran.org/)

POSTPONED: Southeast Acquirers' Association (SEAA) Annual Conference – October 24-26
Wyndham New Orleans at Canal Place, New Orleans, Louisiana
(http://www.southeastacquirers.com/)

Western States Acquirers' Association Annual Conference – November 2-3
Marriott La Jolla Hotel, San Diego, California
(http://www.westernstatesacquirers.com/)

 
Contact Information