By Victoria Strayer, Sr. Director, Enterprise Business Compliance, TSYS
Retailers have made it clear that payment risk mitigation is one of their major concerns. They expect it to be of equal concern to you.
With transition to EMV (Europay/MasterCard/Visa) on the horizon, PCI (Payment Card Industry) and regulatory compliance initiatives ongoing, and a blossoming landscape of alternative payment channels before us, the U.S. retail payments landscape is in the throes of major evolution. Some change (i.e. EMV) is designed to mitigate merchant and consumer risk, albeit with added expense and complexity. Some (e.g. mobile payment technologies) intend to create faster, easier and more convenient payments for consumers and merchants.
In this intricate environment with an expanding cast, a VAR might question its role as guardian. At times, some VARs will take a back seat on changes happening in the payments arena, unless it drives short-term reward and revenue. Too many still assume that security and compliance are the sole responsibility of their vendor and payment network partners. Some rush to integrate the latest technology buzz with little forethought or consultation regarding payment risk. These are serious omissions because:
The Dynamics Of Risk: A VAR’s Challenge
For the VAR, the constantly changing payments landscape creates a dichotomy of sorts. On one hand, merchants expect their VARs and integration partners to lend creative solutions to their POS and retail systems environments. On the other, they expect that security and compliance features are “baked in” at no additional cost.
Understanding the security and compliance issues in an everchanging and multi-level regulatory environment doesn’t create a groundswell of profit opportunity. However, it is the cost of doing business and of keeping that business.
Still, the VAR’s role in the mitigation of merchant risk — and the shaping of tomorrow’s retail payments infrastructure — can’t be overstated. Demonstration of that role goes a long way toward gaining and maintaining the trust of retail customers and the market at large.
Front-Line Support: The Processor’s Responsibility
Creating a safe and reliable payment experience for merchants and consumers requires payment networks, acquirers and processors to recognize their role in setting up the VAR community for success. This includes establishing an engagement model that flows timely information to VARs and supports their effort to provide creative and profitable, yet riskaverse solutions. As a result of recent payment data breaches, some payment networks have vastly improved their outreach to VARs and integrators, giving them increased exposure to compliance mandates and a venue to express their concerns and integration challenges.
Equally important is the broader payment community’s acknowledgment that for most VARs, payment security doesn’t “butter the bread.” While demonstrating compliance savvy is fundamental for many of us, VARs don’t get paid to study regulatory compliance. Many are creatively shaping the future of commerce and need knowledgeable partners vigilantly guiding them through the risks to the rewards. This reality underscores the importance of strong partnerships, relevant information sharing and engaged collaboration among stakeholders — from the payment networks, the processors and through to the entire integration community.