Skip to main content
  • 4 Game Changers for Electronic Payments to Track Now

4 Game Changers for Electronic Payments to Track Now

March 11, 2022


Business disruptions caused by the Covid-19 pandemic accelerated payment innovation. They forced merchants to stay ahead of the curve by understanding new customer behaviors and launching advanced technology solutions to meet those needs—all while maintaining compliance.

Staying on top of this fast-changing payment landscape can feel like a full-time job, which is why it’s crucial to have a partner that can remove the burden. So, we pulled together four important advisories that can help essential businesses understand what is coming and how to stay ahead.

Eight-Digit Credit Card BINs Arrive in April 2022. Is Your Business Ready?

The payments ecosystem is growing at a breakneck pace and, as a result, is running out of available Bank Identification Numbers (BINs). BINs typically are the first six digits of every payment card number, which identify the issuing payment brand and financial institution. To address the shortage, the International Organization for Standardization (ISO) is expanding the length of BINs from six digits to eight, potentially resulting in widespread operational and technology impacts.

The new rules—first announced in 2015—become effective in April 2022. At that time, all merchants must be able to support both six- and eight-digit BINS. Failure to meet that deadline could result in:

  • API failures
  • Misrouted payment transactions
  • Inaccurate data queries
  • Incorrect input validation logic
  • Non-compliance with data security and privacy standards

Epicor is evaluating how this change impacts our systems and will continue to make necessary changes. In the meantime, this ISO article on 8-digit BIN changes can help you gain a deeper understanding of the new standards and their implications for your business.

How to Avoid the Pitfalls of “Card-Not-Present” Transactions

As the name suggests, a card-not-present (CNP) transaction is any instance in which a merchant never actually sees or handles the physical payment card, such as phone or mail-in orders. But the vast majority of CNP transactions are online purchases. As of 2020, eCommerce represented nearly 20 percent of retail purchases. Unfortunately, the growth in eCommerce is accompanied by a rise in CNP chargebacks, costing some merchants significant revenue in the process.

The chargeback process allows for cardholders to recover funds in the event of fraud or abuse. But when a cardholder files a card-not-present chargeback against a company, not only do the funds from the transaction get automatically pulled from the merchant’s bank account, but the business also loses the sales revenue plus any merchandise shipped and the cost of overhead expenses.  The business also gets hit with a chargeback fee assessed by the bank. 

At Epicor, we help you prevent CNP chargebacks by taking steps to lower the risk of accepting payments that trigger them by:

  • Make billing descriptors obvious: If customers can’t recognize the merchant name on their billing statement, they may file chargebacks. Ensure descriptors are clear at first glance.
  • Implement alerts: Chargeback alerts notify vendors of an intended chargeback, giving the merchant the chance to issue refunds that stop the customer dispute before a chargeback is filed.
  • Ask for card security codes (CVVs): CVV codes are printed on the card and cannot be stored elsewhere. If the buyer doesn’t have the code, they likely aren’t the authorized cardholder.
  • Use an address verification service (AVS): AVS is an automated tool that compares the billing address given at checkout against the address on file with the bank. A disparity could indicate fraud.
  • Confirm when you’re unsure: When in doubt, contact the customer and validate the information you have been provided.

If You Accept Credit Cards, You Accept Responsibility for Data Privacy

Breaches against major retailers have put payment card industry (PCI) regulations in the spotlight for all businesses, regardless of size. Collectively known as the Payment Card Industry Data Security Standard (PCI DSS), these regulations apply to every business that relies on credit and debit cards for transactions.

The moment a customer shares a credit or debit card number, the business becomes responsible for keeping the data associated with that card secure. If a merchant is noncompliant, they could face penalties up to $100,000 per month or be stripped of payment processing services altogether.

If you accept credit card payments over the phone, follow a set of protocols as follows:

  • Make sure you use a secure network to accept Primary Account Numbers PANs and other sensitive information.
  • Separate the servers used to enter credit card information from other parts of your network. This provides further protection as the card information is entered.
  • If your business records phone calls, ensure that credit card information is redacted in the recording.
  • Never write down card information relayed over the phone.
  • Never have staff members email customer credit card information to the back office.
  • Ensure all employees are trained on PCI compliance procedures

Into the Future: Goodbye Magnetic Stripe!

After decades of swiping magnetic stripes for credit card transactions, merchants and consumers finally have adjusted to inserting chip-enabled credit cards. While most credit cards still contain magnetic stripes, they serve as a backup method. The magnetic stripe is officially reaching its expiration date and will start to disappear in regions. It will be retired in 2024 in Europe, and in 2027 in the United States.

This is good news for merchants, as chips are safer. For each transaction, the embedded chip creates a unique transaction code that is validated by the issuing bank to ensure the card is genuine. The lag in merchants replacing older magnetic stripe terminals with EMV-compliant card terminals will become a problem in the future, so now is the time to ensure a full move to EMV-compliant chip reading terminals.

Customer habits and expectations that emerged over the last two years are here to stay. Merchants must now adopt an omnichannel commerce strategy to ensure they can reach customers anytime, anywhere. As a result, businesses large and small must invest in digital experiences to remain competitive and compliant into the future. Epicor continues to keep our customers, and their customers, efficient and secure with every business transaction.