When it comes to banking, there is a lot to understand. Foreign transactions can get crazy. You have to know the KYC process on a lot of transactions, and after the Reauthorization Act of 2005 the AML process became pretty stringent as well.
There are multiple industries that have a pretty in-depth process to ensure that the transaction was legitimate. These industries are called “High Risk”. In the high risk industry, you need to make sure the customer’s age is verified, or the identity is verified. Our background in facial recognition, OCR reading, and ID Verification has made us a pretty solid development team to help payment companies or high risk industries ensure that they are complying with the new bank rules and regulations.
In the CBD industry, you need to make sure they are of 18. In the gun industry, you need to make sure you know the identity of the person. We have been also developing blockchain technology which is great, not just for identity verification, but also for verifying that the information is secured with cryptography and not tamperable.
Now, over the past 3 years, the EMV chip in America has been changing the requirements for payment processing with POS (Point of Sale) systems. EMV stands for Europay, MasterCard, Visa. This became the “global standard” for chip based debit and credit card transactions. Its a joint effort between the largest companies in the card payment space; Europay, MasterCard and Visa. Most EMV readers in America come certified with the bank and by the bank. This means that the encryption of the EMV is handled and processed directly by the bank or the certified ISO.
As of October 2015 if the merchant or acquire has successfully processed a payment, and it was read from the magnetic strip and not the EMV chip, they could be liable for the fraud charge. The first industry we have seen implement EMV chip readers was actually the ATM industry.
When it comes to building out the technology properly, you want to make sure you are encrypting the data, and that you are utilizing the hardware properly. Some of the various hardware companies we have worked with are the following companies:
When it comes to more flexibility and freedom to integrate the various technologies, we have personally found that Magtek is one of the easiest ones to integrate. Their SDK support on the Android software is far better than their support with iOS. There are limitations with each hardware. Its wise to talk to one of our developers and go through these limitations on the various hardware devices before you move into development. Some of these devices look good and have some advance benefits, but when you actually go into the development you will find limitations.
We have build custom applications that read the license data for Age Verification, and we have also created applications on the hardware that takes a picture of the face of the user if facial recognition is required. We have used Magtek’s hardware multiple times to help clients achieve the outcome they are looking for when they need to process the payment but also verify the identity.
Most banks or ISO payment processors will give you the API documentations needed to verify the payment process properly. You will find a lot of banks and ISOs tend to integrate with NMI or with Authorize.net. These integrations are pretty quick and easy to do. One of the developments we worked with for CBD (SeedERP.com) integrated with multiple payment processors. We even made products or sku specific processing as an option. Another option was adding redundancy to the payment process. This means when one payment fails, we enable a second or third payment process in place that ensures the payment goes through.
With the old magnetic readers, it was easy to hold that credit card data, and process it at multiple places. With the EMV readers, you have to require the client to swipe the card multiple times. This encryption data has to be created with each merchant or ISO directly.
Monthly or reoccurring payments still work with EMV, but you its stored in whats is called a nonce or token, with the payment processor. This wallet, or token is then used to run the payment again when needed.