I have stumbled upon several sites that sell equipment and supplies designed to steal people’s credit card information. These products are normally small stand-alone portable magnetic card readers that store credit card information. These readers are battery powered, and some can store the information from thousands of credit cards.

A brief overview of skimming:
Credit card skimming is when a person records the information on a credit or debit card without the owner knowing about it with the intention of using that credit card information illegally. Skimming most commonly occurs in restaurants, where the card owner looses contact with the card and a purchase is made. It takes about two seconds to scan a card through a portable reader, and the reader records all of the information on the credit card. Portable card readers are small enough that someone could easily conceal one in the pocket, sleeve, and even in their hand. Occasionally thieves will setup more complex skimming devices at ATM machines, or gas stations, but restaurants are statistically the highest risk for skimming.

What bothers me about these devices in general is that they carry almost no logical, legal purpose, and they are still sold as if they do. There is virtually no practical use for portable card scanners that record the credit card information. Portable magnetic readers like this, depending on how complex, can read not only credit cards, but drivers licenses and any other card that uses a standard magnetic stripe. It is a direct Visa and Mastercard violation (PCI / SDP Regulation) to store any track date, so there is literally no legal use for these devices.

What is on your magnetic stripe:
Magnetic strips on credit cards are actually made up of three strips that contain information. These strips, called tracks, contain all of the information needed for a business to process your credit card through their merchant account. Credit cards normally have information stored on track 1 and 2, and this information contains the card holders name, account number, expiration date, and an encrypted PIN number.

Skimming control:
The government and media have been looking closely at credit card fraud, including the skimming that is done with portable readers like these. But, there hasn’t been any significant laws or legislation placed against actual devices that are created only for the purpose of recording magnetic strips. It is illegal in some states to posses portable card reading devices, but there’s nothing stopping the website’s from selling to people in those states. Website’s that sell these devices enable anyone to order a personal skimming device, without any clarification of their intended use. Portable skimmers can cost as little as a few hundred dollars, and can go up to about a thousand dollars for a high-end reader. There is also a guide located at http://camelspit.org/handyswipe/ that explains how to make low-cost portable card reader.

Once card information has been obtained there are a few options that the thief has. They can attempt to make counterfeit credit cards, sell the credit card numbers, or attempt to make purchases for merchandise online. Often the card numbers are sold to persons with the capabilities to make counterfeit cards. This equipment, which can also be easily purchased, can make a believable replica of a real credit card with the magnetic information from a stolen card can be encoded on it. That card can be used just like a normal credit card. Since only a small percentage of businesses actually check customer Id’s it is very easy for a thief to make purchases with the fake card. Thieves will also commonly try to make online purchases, but the success of this is greatly reduced with the use of Card Verification Codes, since this information is not encoded on the magnetic stripe.

Why should business care about this:
Besides the obvious negatives regarding fraud in general, it is businesses who lose the most from credit card skimming. A card holder has no liability for purchases made fraudulently on their credit card, therefore all liability falls in the hands of the business that accepted that skimmed credit card. A business cannot win a chargeback due to a fraudulent transaction, even if the card was swiped and the receipt was signed. For this reason, businesses need to check the Id of the card holder, and check the signature on the back of the card against the Id. Online businesses need to use card verification, and should always require AVS.

Website’s that sell equipment that could be used to steal credit cards:
http://www.tyner.com/magnetic/compare.htm
http://www.incodenet.com/magnetic/miniport-comparison.htm
http://www.hackershomepage.com/
http://bcdata.com/portablemsr.html
http://www.mag-stripe.com/portable.htm

Conveniently Coincidentally, many of these sites that sell portable card readers, also sell equipment used to make counterfeit credit cards.

Where to report fraud:
If you think that you credit card has been stolen, immediately contact your credit card issuer. They will cancel your current card, send you a new one, and stop any further transactions that may be fraudulent. Also check your credit card and/or bank account statements for signs that of unauthorized use of your account.

If you feel that your identity may have been stolen, contact the three major credit bureaus. Request a fraud alert be placed on your credit file, asking creditors to request your permission by phone before any new accounts are opened.
Equifax – (800) 525 6285 – http://www.equifax.com
Transunion – (800) 680 7289 – http://www.transunion.com
Experian – (888) 397 3742 – http://www.experian.com/

You can also report credit card fraud to the FTC, but it is rare that any formal investigation would take place unless your fraud is part of a larger group of similar frauds.
FTC – (877) 438 4338 – http://www.ftc.gov/

If your credit card, wallet, or purse was stolen, you should file a police report with a local police department as well as cancel your current credit cards.

Additional information related to credit card skimming:
Bankrate – On the dark side of credit card fraud
ICMA – Hypercom Launches Attack on Credit Card Skimming
Microsoft – What to do if you’re a victim of credit card fraud
Transaction World – Credit Card Skimming Growing Trend or Media Hype?

**Disclaimer, there is no implication to any website listed as to whether they do sell equipment to thieves, only that the equipment that they sell could potentially be used for credit card skimming.**

Other blog posts related to skimming:
Fraud Alert: Credit card skimming

When I hear the word ebook, I normally cringe with the thought of thousands of worthless, poorly written, scams that don’t deserve the bandwidth that it takes to download them. I was asked to review an e-publication created by a company called MindValley. The publication called “40 Ecommerce Tactics” is essentially a guide to successfully operating, and marketing a website. MindValley authors are made up of professionals with different ecommerce related backgrounds, and include an Ebay senior executive, Microsoft web developer, and numerous other web professionals. 40 Ecommerce Tactics is written by professionals that have been directly involved in every aspect of running an online business. That direct involvement is apparent in each writer’s knowledge and expertise throughout the guide.

40 Ecommerce Tactics is a very thorough guide to operating and marketing an ecommerce website. The guide is organized in a way that the reader can skip to whichever chapter they are interested in, if they don’t want to read the entire guide start to finish. The guide itself is over three hundred pages long, but these three hundred pages are completely void of filler content. The guide is clearly written and edited, and the only thing that stopped me from reading it all the way through was my own lack of time.

Topics Covered:

• Product creation
• Setting up a website
• Email marketing
• Pay per click (PPC) advertising
• Increasing customer conversion
• Closing a sale on a website
• Untapped marketing channels
• and the Overall growing of a business

Each topic contains a series of sub-chapters which cover the detailed areas within each topic. Everything from usability, search engine optimization, alternative marketing strategies, writing copy that sells, web analytics programs and anything else that is necessary for a website to be successful is covered in detail in the guide. Specific examples and recommendations are also linked throughout the guide, which can help to give real uses of the ideas covered in the guide. The guide is complete enough, that I would be comfortable saying that it is the only resource someone would need to jump, successfully, into ecommerce.

Unlike many other guides out there, 40 Ecommerce Tactics actually guides the reader. One thing that I really like about it is that it tells the reader exactly what works, what doesn’t, what to do, and how to do it. This is especially important as many less-savvy website owners struggle with actually figuring out how to implement much of the advice that is out there.

This guide is very successful in its purpose of providing the reader with the foundations for a successful ecommerce website. In this age, just about any information needed can be found on the internet. What the guide does that sets it apart from any other resource like it, is that is puts everything needed together in a easy to read, and very accurate guide. The guide completely avoids filler content, and although long, doesn’t contain any unnecessary information. The reason that the guide is long, is that it is thorough, and there is simply that much important information. The only improvement that I can think of, would be the ability to download the entire guide as a single file. The information in this guide would take the average website owner years to find on their own.

The Most Benefit:
I highly recommend this guide to website owners and entrepreneurs that are just getting into ecommerce. This guide although not free, will easily save you the money it costs, in time you would otherwise spend over the years figuring all of this out on your own. It will unquestionably give a new website a huge jump-start.

What you get when you purchase the guide:

• 40 Ecommerce Tactics Guide
• Lifetime access to the guide, including future updates
• 90 Day risk free, money back guarantee
• A best ecommerce guide book, money back guarantee
• A 1 hour consulting for your website with a MindValley professional

Conclusion:
This is a great guide for anyone in the ecommerce field. I’m not being paid to write this. I have no affiliation with Mind Valley in any way. I highly recommend this guide as a jump-start to making a well planned, successful website. In truth, this guide probably could have saved me a solid year of research time, if I had it when I entered into ecommerce.

Download the 7 free tactics and see for yourself.

Selling merchant accounts can be a very profitable venture. Selling merchant accounts is not an easy task by any means. It takes hours of work, a strong knowledge of the payment processing industry, dedication, and the ability to be told ‘NO’ many times and still keeping at it.

Selling merchant accounts is often first done successfully as a part time job, because it takes a long time to build up a residual stream large enough to live off of. In truth, more that 50% of all people that start out to sell merchant accounts, never make it, and maybe 10% are profitable enough to stick with it. Once a person has found the ability to sell merchant accounts, they can make a very good living from it.

How much can be made:
Statistically, an average merchant account will give a sales agent about $30 per month in residual income. If that sales agent can sign 10 accounts per month, they will be making $3600 per month at the end of the first year, or $36,000 per year. At the end of the second year, $72,000 per year, and at the end of the third year, $108,000 per year.

$108,000 per year is a very decent salary. As long as the agent keeps signing accounts, their income will keep growing. But, 10 accounts per month is not an easy task especially for someone new to the merchant services industry. Also, over time attrition shows up and the average number of accounts a person can setup goes down.

A simple overview of how a merchant account sales agent works:
A sales agent signs a contract with an ISO (Independent Service Operator) who is registered with Visa and MasterCard. The agent signs up businesses for merchant accounts, and the ISO provides the business with the merchant account, technical support, and some customer support depending on what the agent is capable of themselves. The ISO splits any processing fees with the sales agent above their cost. The more a business processes credit cards, the more the ISO and agent make.

Common pitfalls of selling merchant accounts:

1. High Pressure Sales: While the merchant services industry has cleaned up a lot in the past five years, there are still many ISO’s that use high pressure sales, and other ‘gray area’ tactics to gain more business. These ISO’s are becoming extinct and simply are not doing good business. Watch the movie ‘boiler room’. If the ISO acts similar to the company in that movie, stay away. Find an ISO with a good reputation that is willing to work to meet your needs.
2. Not signing a contract: If a sales agent doesn’t sign a legal contract with the ISO, they are at the risk of getting their income cut off with no recourse. Always make sure to sign and agree on a contract with an ISO before sending them a single account.
3. Free Terminals: Free terminal programs often sound like the instant fix to selling merchant accounts, but they aren’t. Free terminal programs are OK for signing existing businesses, but they often come with many strings, and can cost an agent a lot of money if things don’t go as planned.
4. Upfront Cash Programs: Upfront cash programs can be a great way to get some instant return on a merchant account. But, like free terminal programs, make sure you understand the conditions of getting the upfront cash. Normally you are exchanging upfront money for future residuals.
5. Price Wars: One of the biggest mistakes an agent or ISO can make is getting into price wars with other companies. The problem is that by getting into a bidding war the service quality is devalued. Agents should set a competitive price, and should hold steady at that price. While it may be necessary to lower the price for an occasional larger business, constantly getting into the lowest price game gets nothing but customers that will leave as soon as another lower price comes along. Agents should provide personal service to their customers making a value that far exceeds any price.
6. Going after the big fish: Naturally, most new sales agents think that the bigger the business, the more that can be made from them. While the idea is on track, the execution never plays out like that. In truth, the larger the business, the lower the margin above cost, making it much more difficult to make any profit. Large businesses shop fiercely, and most often have the lowest margins to make any profit from. While a businesses that processes $20,000 per month, may make an agent $30 per month, a business that processes $5,000,000 per month may only make the agent $2 – $3 per month. This combined with the huge amount of work and trust needed to sign a large company makes it un-profitable and generally a waste of time for most independent agents.

If you’re interested in learning more about becoming an independent sales agent, we invite you to take a look at our merchant account sales program. We offer a program with a variety or upfront and residual options, as well as wholesale pricing on equipment and ancillary services.

The July 1st deadline for credit card truncation has come. Now, any businesses that isn’t properly truncating their credit card receipts is standing to lose a lot of money, and can have their merchant account shut down.

A word to business owners:
Now, it is my belief that most businesses that aren’t truncating right now, are probably not going to find this website. But, one of the most often questions that I am asked, is how to report a business that is not truncating.

If you don’t think that your customers notice or care that you are not truncating, you are dead wrong.

Again, the penalties:
1st Violation – $5,000
2nd Violation – $10,000
3rd Violation – $25,000
4th Violation – $50,000
Willful or Egregious Violation – $500,000/month

Everyone has had a long time to get the problem fixed, and truncating receipts has been an active topic in the news for the past two years. Get it fixed, if you aren’t doing it. Its just not worth the money or the potential loss.

Google Checkout is finally released.

You can sign-up at: https://checkout.google.com/

As expected, it is only for US businesses right now. I would expect that some other select countries will be joining the list shortly.

Google payments is the talk of ecommerce and yesterday google let out a little about their pricing.

It looks like google is going to be charging a fee of 2.2% and a transaction fee of $.30 per transaction. This is more expensive than paypal for higher volume businesses, but is about the same as paypal for smaller businesses. Additionally google has stated that they may be discounting customers that participate in their adwords program.

What google is going to be lacking is the single thing that has made paypal so popular, Ebay. While google is the only company that I think would have a chance going against paypal with a new service, they don’t have the current 100 million current customers that paypal has. They also don’t have Ebay, and google base which is their ebay competitor isn’t going anywhere very quickly. It is going to take a long time to lure even a fraction of Paypal’s user base despite paypal’s very poor customer service history. I think google is going o have to find a new use to get a running start against paypal.

Maybe they can buy craigslist…

Seth Godin posted a great blog today referring to how something that appears to be free isn’t always without strings.

This reminded me of the free credit card terminal programs that are going on now. These programs have been catching the attention of businesses and reselling agents across the country for a little over a year now. Now, like the situation in Seth’s blog, these programs always come with strings, for both the business that receive the terminal, and for the agent that the business signs with.

Free terminal programs are not for ownership of the terminal, they are more of a free rental. The business that gets the terminal, does not own it.

Business Owners:
Business owners can expect a hefty early termination fee, and are required to return the terminal in perfect condition if they ever close their account. If the terminal is not returned or is returned damaged, the provider automatically takes the money out of their bank account. The programs almost always come with yearly fees, that are unnecessary almost everywhere else. Also, the merchant account fees that the business pays are always higher than what the business could get in order to cover the cost of the terminal.

Reselling Agents:
Reselling agents stand to lose the most with free terminal programs. At first the idea of giving a free credit card terminal to every customer, sounds great. But, in the even that the business doesn’t return the terminal when they close their account, the cost of that terminal can fall back on the agent. I recently surveyed about 50 reselling agents, and not one of them said that they would be willing to take on the risk of having to pay for an un-returned credit card terminal. How many agents would like a nice $400 deduction from their monthly residuals, because one of their accounts closed and didn’t return their terminal?

The point is that it is rare to find something truly free, and Credit card terminals are far from being an exception.

Just a quick post. I don’t think I’ve mentioned it before.

If you want to check by zip code whether an area has GPRS coverage for wireless processing, go to: http://www.apriva.com/cingularcoveragequery.cfm

You can view an extremely detailed map of the US which outlines wireless coverage in the US, and you can search for coverage by zip code.

When it comes to the back end of credit card processing, most people have no idea that there is a complex and complicated system creating the infrastructure for the entire credit card processing industry. Processing platforms are the back-end networks that merchant’s credit card terminals and software connect to. These networks enable businesses to process credit cards.

This diagram is a very basic (and incomplete) model of the back-end of credit card processing. The main processing platforms that businesses in the US deal with are listed. Green denotes the most commonly used platforms, and sub-platforms, and the Orange denotes some of the larger ISO’s and providers.

Credit Card Factoring is a type of business fraud that I commonly refer to in the blog.

What is factoring:

Credit card factoring is essentially processing transactions through a merchant account for a business or entity other than the specific business that was screened for the merchant account. Credit card factoring, also known as credit card laundering, or even money laundering, can exist in many forms. The most basic form of factoring would be a business processing transactions for another business. Another common case of factoring is when a business opens a branch, DBA, or sub-business and attempts to process through the central company’s merchant account. This case is often seen when a business starts a website, and tries to process credit card transactions without opening a separate merchant account for their website.

Telemarketing and call centers used solicit factoring often, but their business practices have come under close scrutiny in the recent years due to massive fraud and losses by major financial institutions.

Why exactly is factoring bad?

First, factoring is used as a method to launder money via credit cards. A business would theoretically process payments for illegal products or services and end up with a clean deposit in their bank account a few days later. It is rumored that a huge amount of terrorist activity is funded illegally with credit cards.

A slightly less severe result of factoring, is the loss of accountability for credit card transactions when a business processes for someone else. In the event of fraud or chargebacks, the processing banks have a hard time figuring out who is responsible for the credit transactions, because they could have been run by multiple businesses. In the end, the customer gets their money back, and the processing bank is left to recoup from the business.

Telemarketing companies have been notorious for employing individuals to open merchant accounts and process transactions for them in exchange for a quick buck. The telemarketing company would keep the bank account empty, and when the chargebacks started rolling in, the processing bank was stuck with the bill. Millions of dollars have been lost to this type of fraud, which has also helped telemarketing companies to be labeled as high risk businesses, whether legitimate or not.

What is considered factoring?

• Processing a transaction for another business or person
• Processing a payment for an illegal or restricted product or service
• Processing the merchant account owner’s credit card
• Processing transactions in a method not allowed by the merchant account type (Ex: ecommerce transactions through a retail merchant account)
• Processing transactions for a separate division / branch / DBA of a company not approved on the merchant account
• Unauthorized scanning / reading / decoding of the information on a credit card with or without the intent to process the card
• Attempt to employ, or solicit another company or person to process a transaction through their merchant account
• Unauthorized re-charging of a credit card (often seen if a business looses a chargeback)

Repercussions for being caught factoring:

Simply put, Visa and MasterCard will have your merchant account shut down, and you can be substantially fined, and placed on the TMF (Terminated Merchant File). Depending on the severity and intent of the factoring, there may be legal repercussions as well. Since deliberate factoring often qualifies as money laundering, there are a variety of laws that are also being broken when a business is guilty of factoring. Also, depending on whether the factoring took place across different states there are federal and state penalties, for factoring. In many states factoring and money laundering are felonies.

Why am I writing about this?

Factoring is something that many businesses do and may not even know its wrong. Factoring is a crime, and is easily avoidable, but is most often done through ignorance or due to the disregard of established fraud prevention measures.