Home » For Banks

Category: For Banks

URGENT, You Do NOT Need to Read This!

We Already Have You Covered

You may have heard about a global issue in which Google researchers found unfixable vulnerabilities in commonly used encryption protocols. You may have also heard that, as a result, the PCI Council has delisted the vulnerable encryption protocols from being used for credit card processing. However, you may not understand what this means.

The encryption protocols of SSL and TLS have been in use for a long time. They essentially ‘scramble’ data during communications so that if the data is intercepted by an unauthorized individual, it cannot be read. In this manner, encryption is used for email, credit card data transmissions, ecommerce or any other sensitive data that needs to be protected. Specifically, the vulnerabilities apply to all versions of SSL and early versions of TLS, which is the more updated protocol.

What Do These Vulnerable Encryption Protocols Mean For My Business?

Nothing! Wind River is way ahead of the rest of the industry and so are you*. An article explaining TLS notes that 40% of merchants could be impacted, and when the merchant’s processor “flips the switch,” the merchant wouldn’t be able to process SSL or TLS 1.0. Their credit card processing would stop working for these transactions!

We have worked hard to communicate this critical change to our customers that were impacted well ahead of the looming deadline and taken the action needed to assure them their credit card processing would continue uninterrupted.

No need to send “Thank You” cards or gifts. It’s all in a day’s work here at Wind River and part of the After the Handshake Promise.

*We do have six customers we are still working with to overcome this obstacle. If you are one of these six, (you know who you are!) please read the PCI Council Specifics below and we will continue to work with you.

PCI Council Specifics

The PCI Council says that if you are involved in credit card processing, all entities must be off of all versions of SSL and TLS 1.0 by June 30, 2018 for PCI compliance. After this date, only TLS 1.1 or 1.2 should be used. Note that not all implementations of TLS 1.1 are immune from the vulnerability, so TLS 1.2 should be used if possible.

The PCI Council has provided guidance. Note that the June 30, 2018 deadline from the PCI Council is the end of a two-year extension that they originally provided due to the challenges of this global technology issue.

No Signature Required! What?

Late last year MasterCard, American Express, and Discover Card announced that in April of 2018 they would be eliminating the requirement for merchants to collect signatures for all purchases at the point of sale. They all pointed out that with their secure networks combined with new digital payment methods that include chip, tokenization, biometrics and other fraud capabilities have advanced so that signatures are no longer necessary to fight fraud. Visa followed suit early this year but specified that signatures will no longer be required when a Visa EMV card was being used at the point of sale.

What does that mean for you? MasterCard has pointed out that it expects this will speed up the checkout process and enhance the customer experience. However, it will take some time for the various point of sale systems and software to eliminate the signature line on the receipt. In the meantime, MasterCard has also suggested if a merchant is more comfortable obtaining a signature they still can. A signature will be optional, but starting April 2018 it will no longer be a requirement.

Stay tuned for more details as we are awaiting specific instructions from the card brands that we will share with you.

Holiday Season Reminders: Prevent Fraudulent Transactions and Chargebacks

With the holiday shopping season upon us, it’s a good time to review some good practices in helping prevent your business from incurring losses from fraudulent transactions and chargebacks.

Face-to-Face Transactions
If the card presented for payment is not a chip card, always swipe the card. In the event of a Chargeback, this provides proof the card was present at the time of the transaction.

• If presented with a chip card and you have an EMV terminal, have your customer insert the card into the terminal and leave it there until the transaction is complete.  (If you have not yet upgraded to an EMV Terminal, please contact your Relationship Manager at 800-704-7253.)

• Obtain an authorization number for the full amount of the transaction.

• If an authorization is declined, do not accept it, attempt to split it into smaller amounts, attempt to obtain authorization at a later time, or try to force it through. Any of these attempts may leave your business vulnerable to a chargeback loss. Instead, ask the customer for another payment method.

• Have your refund policy printed on the receipt directly above or below the cardholder signature line in letters ¼” high.

Internet or Phone Transactions (Card Not Present)

• Obtain an authorization number for the full amount of the transaction.

• If an authorization is declined, do not accept it, attempt to split it into smaller amounts, attempt to obtain authorization at a later time, or try to force it through. Any of these attempts may leave your business vulnerable to a chargeback loss. Instead, ask the customer for another payment method.

• Verify the cardholder’s address via Address Verification Service (AVS). The best AVS response is ”Y” for Yes or “Match”. This means the cardholder has given you the same address as the billing address for the card. If you are still uncertain about the transaction (e.g., large transaction, first time customer, splitting sale amount between cards, etc), you can call the issuing bank or the Voice Authorization Center.

• Ask the customer for the CVV/CVC Code on the back of their card (front for Amex). This is a 3 or 4-digit number that is now commonly used to help verify that the customer possesses the physical card. Most terminals prompt you for this information and will return a negative response if the number provided is not correct.

• Ship the merchandise to the AVS address and obtain signed proof of delivery or other method available from your shipper.

• Charge the cardholder’s account at the time the merchandise is shipped.

• Have your checkout page designed such that a customer must acknowledge your cancellation or refund policy. Be able to produce the acknowledgement in the event of a chargeback resulting from a refund dispute. Have a clear and concise refund policy.

NOTE: If a card is not present at the time of sale, a merchant cannot verify that the legitimate cardholder authorized the sale. The steps noted above may help minimize disputes and fraud, but they cannot guarantee avoidance of chargebacks. Card not present transactions are inherently more risky than those in which the card is present.

I hope this is a good reminder and something you might wish to review with your staff.  If we can help or you have a concern you can always call Client Care at 800-704-7253 or email us at info@WindRiverFinancial.com.  Here is my contact information as well.

Wishing you a very Happy Holiday season.



Trick or Treat?

Children are anxiously awaiting the chance to celebrate Halloween by knocking on doors and exclaiming, “Trick or Treat!” For these children, it’s all treats. Unfortunately for far too many businesses, many customers of ours, there is a real game of “Trick or Treat” going on, and it is all tricks.

We have heard from several customers over that last couple weeks, that have told us they received a phone call from imposters representing that they are from their current merchant services provider or an “Industry Watchdog.” These dogs are saying they have noticed something wrong with their merchant services account and to simply fill out some paperwork to correct the problem, usually focusing on correcting a problem that will lower their rates. In the multiple cases that our customers have brought to us, this paperwork is actually an application, to not only switch their account over to them, but to lock them in to a long-term contract. Even worse, last week one of the “reps” on the phone tried to attempt to reprogram their terminal over the phone, over to that new processor!

There are no industry watchdogs in the merchant services industry. Although with these tricky tactics, there definitely should be!

Please enjoy this Halloween season. Treats for all the kids dressed as ghosts, goblins, heck, even the scary killer clowns, but please don’t fall for the tricks of the adults dressed up as industry watchdogs! Contact us if you receive one of these tricky phone calls or if you have any questions at all. We are here to help, who knows, maybe if you excitedly exclaim “Trick or Treat” we will send you out some candy treats!

Happy Halloween!

Is it really ……. just that easy?

#WRFProudPartner winner!

Our Proud Partner program was just rolled out new this summer, but Lynn Aspinwall of Sonic Foundry isn’t new to Wind River. Her experience and trust in Wind River made it an easy connection when she became the Exalted Ruler for the Madison Elks Lodge #410. Lynn, thank you for sharing your “Happy Moment” story and taking the initiative of passing along our story to other Elks Clubs around the state.

Did you know the Madison Elks Lodge #410 is located on the beautiful shores of Lake Monona, within walking distance of the Capitol Square, Monona Terrace, several hotels and also includes a private pier for boats. The Lodge features a full service bar, restaurant, and banquet facilities for up to 250 people. And by the way, for your own personal “happy moment” I hear they have one of the best Old Fashioned’s in town that pairs very nicely with the Fish Fry that can rival any supper club! However, you must be a member of the Elks, a guest of an Elk or sponsored by a member to share in the fun. Learn more about joining this private club that has been in Madison since 1898.

We want to thank those who participated in sharing their great stories, “happy moments”, compliments and referrals since the introduction of our #WRFProudPartner program. As the winner for this quarter, Lynn will be selecting something from our choice of great thank you prizes (see below).

We appreciate and look forward to hearing and sharing more #WRFProudPartner “happy moments”, compliments, stories and/or referrals from you. Just pass them along to any staff member at Wind River or to Matt Tomlinson our “Director of Happy Moments” mtomlinson@WindRiverFinancial.com or call him 608-441-7362.

You will automatically be entered in our next quarterly drawing and could win your choice of:
1. Badger tickets
2. Packer Tickets
3. Kalahari 1 night stay + additional gift card
4. Wollersheim Winery special event + gift card
5. Vortex optics
6. Electronics (Apple watch/iPad/GoPro)
7. Kessler’s, AC Zuckerman or Goodman’s Bling

Yes, and it really is…. just that easy!


Do You Know Who’s On the Other End of That Line?

A certain type of scam has resurfaced recently – one that has been around for a long time in different iterations. We’ve blogged about this before, but perhaps it’s time for a reminder. What I refer to is a “fake authorization scam” and it works like this.

The fraud suspect is attempting to purchase a big ticket item or conduct a credit card cash advance in a financial institution. The card is declined and they have an excuse such as “it must be a transaction amount limit” or “a daily limit.”  They pretend to call the number on the back of their credit card or they have you call it. However, unbeknownst to you, the phone number has been changed on the back of this counterfeit card, and it rings to the cell phone of an accomplice of theirs.

Their accomplice is skilled at sounding like they work for the credit card issuer. They use common terms and professional sounding language. They indicate a reason that the transaction was declined, but that funds are available and they will walk you through a manual authorization.

They have you press certain keys on your credit card terminal and, unbeknownst to you once again, they have taken your terminal offline or into training mode. In this mode, any number entered as an approval code will appear as an approval even though the terminal is not communicating with the card issuer to obtain authorization.

The happy “customer” then goes on their way never to be heard from again. Then you receive a chargeback from the credit card issuer for “no valid authorization.” You call your credit card processor and insist that you spoke with the card issuer and they gave you an authorization code that approved on your terminal. Your credit card processor can only see that the card issuer has reported that the authorization code was not valid. Unless a valid code is provided, you’re going to lose the chargeback as the real cardholder wants their money back from this fraudulent transaction on their account.

You thought you were going to have a big sale and instead you’re sitting with a loss. The chargeback process does not seem fair. You did your best to “do it right” and you still got scammed. There are many frustrating things about this type of scam.

There are a few things you can do to help protect your business from this. First, never (and I mean NEVER), accept a customer’s cell phone if they say they’ve contacted their card issuer. Joint with this, do not call the number on the back of their card since it may have been modified. The phone number on the back of a card is for the cardholder only.

In the very rare event that a cardholder needs to contact their card issuer to get special permission to run a larger transaction, they can do so on their own while you, as the merchant, run the transaction the way it was intended. That is to insert (if it’s a chip card) or swipe the magnetic strip and get an approval.

If the card declines, it’s a sign that something is wrong. Are there other signs present that this customer may not be who they pertain to be? Was the sale too easy? Are they “buying” rather than “shopping?” Is the merchandise something they can easily resell on ebay?

We recommend asking for another form of payment at this point. If, at your discretion, you choose to attempt to run the card again, you’re increasing the chances of not getting paid for the transaction. We do not want this to happen which is why we recommend stopping at a first decline and asking for that second form of payment.

Better safe than sorry…

A Guy Walks Into a Bar…

I know, it sounds like a setup to a classic joke, or a hit single from country artist Tyler Farr but it really is how my story begins.

I walked into a bar last week with Bill, a longtime customer of Wind River Financial. Beautiful night, so we opted to belly up to the outdoor bar. He ordered a beer and me my standard, a vodka diet 7 (unfortunately I am allergic to beer!) We started talking about kids, sports, life, all the important stuff and then progressed into business. I was curious to hear how Bill’s industry was changing and what new challenges he and his team were facing.

Great conversation, but then Bill turned it back on me. “How is your business going? What are you toughest challenges?” he asked. I paused, pondered, took a drink of my 2nd (or maybe 3rd) vodka diet 7, and replied, “Things are really great. Our retention rate is 94% and the industry average is between 60-70%. So the customers we do have, really appreciate our great service and proactive approach.” He nodded, took a drink (now a Brandy Old Fashioned) and said, “I agree, that makes sense to me. Amy and her team are great and that is why we have been with you so long”.

I continued, “But our toughest challenge is starting conversations with potential new customers. Our industry has bombarded businesses with annoying telemarketers who try to commoditize our services by promising the lowest rates, and then lock ‘em in to multiyear contracts and creep up their rates over time. Many businesses tell me that they receive 5-10 of these phone calls a week.”

As I reach for the chicken nachos that were just delivered, Bill asks, “So what are you doing about it?” I began explaining our new WRF Customer Referral Program, and talked about how we want customers like our best customers and the best way we believe to do that is to get a warm introduction from a trusted source.

He agreed and as we quickly devoured the nachos, he thought long and hard about businesses referrals. He thought about his vendors, his customers and other business acquaintances. As I hastily grabbed the last jalapeno off the platter, he said to me, “You know Mike, most of my referrals would be personal referrals not business referrals.”

A guy walked into a bar hoping to find out more about a customer’s business and came out with 11 referrals, 1 business and 10 personal acquaintances. Maybe even more importantly, a guy realized that our referral program shouldn’t be solely focused on business contacts, but personal contacts as well.

Thanks Bill for being our customer and thank you for the referrals. We know that you are only going to refer an individual or business to someone that you trust. Thanks for trusting Wind River Financial!

If you have a business or personal referral that you think would appreciate the Wind River Service Promise, please let us know. Or if you want to meet a guy for an Old Fashioned, we are up for that too, but hurry the outdoor bars will be closed for the season soon.

The Wild West of Service

It was back in 1956 that Dr. R.O. Ebert started the horse-drawn wagon tours through Lost Canyon, the longest and deepest land canyon in Wisconsin. In 1967, the Kissack families took over the business to continue to give their customers’ a unique experience through their national treasure.

Lost Canyon Tours & Gifts has been a satisfied Wind River client since partnering with Wind River in 2001. Based on that experience, owner Avonelle “Avie” Kissack had no problem referring Wind River to her son David, owner of Canyon Creek Stables in 2015. Canyon Creek started working with Wind River that same year.

Do the names Dirty Dan and Black Bart ring a bell? They would if you’ve made the venture to Canyon Creek Riding Stable where the 3rd generation Kissack (Avie’s grandson) is now active with the business. Canyon Creek Stables takes their customers back in time to enjoy the old west on horseback with an exciting one hour guided tour.

Stacy Brown, who works for both businesses, couldn’t be more pleased with her experience working with Wind River.

“We’re in a customer service industry so we try to go above and beyond for our own customers each day, and we get that same treatment from Wind River,” said Brown. “We had a painful service experience before we switched to Wind River, which included long wait times on the phone and constant back and forth. Credit card processing used to be a huge hassle for us, but that’s in the past. I’ve come to really appreciate the way Wind River does business as they take a customer-first approach, just like us.”

“We learned a lot through the original sales process and years later, Wind River has stood behind the promises they made. It turns out that we saved more than $3,000 last year alone compared to the fees we were previously paying their competitor – that’s a 25% savings which is huge for us!”


Paying It Forward!

There is a video that went viral on Facebook and YouTube. The theme was Paying it Forward. I want to share a story from one of our customers, Sonic Foundry as our interactions with them reminded me of the video and the graces of “Paying it Forward”.

Sonic Foundry was originally introduced to Wind River by TermSync, an Accounts Receivable automation solution founded by Mark Wilson, who once worked for Sonic Foundry.  By the way, the mission at Sonic Foundry is to amplify the world’s knowledge by empowering organizations to place video at the heart of every class, training, communication and event.

I recently connected with Lynn Aspinwall who was starting her 17th year as the Accounting Manager for Sonic Foundry who reflected on their decision to partner with Wind River. “We’ve never intended, or claimed to be a payment processing expert,” said Ms. Aspinwall. When it comes to credit card processing, we’ve found it to be confusing and frustrating. There is a lot of jargon, and hundreds of rates. That’s all gone away since we partnered with Wind River in 2014.”

Fast forward three years since that decision to today, when Ms. Aspinwall has found herself preparing to follow in her grandfather, father and uncle’s footsteps by becoming Exalted Ruler of the Madison Elks Lodge #410.  The Elks Lodge has been a part of her family for 3 generations, and in the Madison community since 1898. Its active membership is involved with numerous philanthropies for the benefit of children and veterans by giving back to our community.

Ms. Aspinwall was thinking about how to bring new value to Madison Elks in her new leadership role, and she thought it made sense to call her contact at Wind River.

“We were never really able to fully understand the different fee structures we were seeing in our credit card program at the Madison Elks. When reviewing our current provider, Wind River pointed out that our bundled pricing led to an annual over payment of more than $3,000 –that’s real money to us.”

Without even knowing it, Sonic Foundry received additional benefits. By recommending the Madison Elks Lodge to Wind River, Sonic Foundry became an active part of the Wind River customer referral program.

“When Wind River called to congratulate us on the reward of a $200 statement credit from the referral program, I was pleasantly shocked! To us, it is about working with people you trust, and partners that have proven themselves over time. That’s why we work with Wind River.”

It turns out that Paying it Forward does have its rewards.

Great Feedback – Keep it Simple

In one of our recent posts we shared a couple of business statistics that we have been pondering. In that, we also asked for your feedback about a program we had created to say “Thank You”.

When you ask, you receive! Two things happened recently that brought us back to the principle and reminder to keep it simple. The first came from a conversation with one of our customers that had taken the time to read about the program.

“When I tell my story to someone, I want to make it easy for them to take action if they want to. How about if when they contact Wind River, they simply tell you “so and so” said I should call you.” No form, keep it simple!

Interestingly, that very thing recently happened. Actually, we have a great story we are hoping to share with you very soon. Without giving away all the details, we had a customer tell their Wind River story to another business owner. That business contacted us and recently joined the Wind River Family as well!

One of the exciting parts was what we had the opportunity to do next. The new customer has a higher credit card volume than the customer that sent them. Our “Thank You” back to the story teller was enough to cover all their credit card costs for 3 months! Those are fun calls to make!

Even better, the customer that told the story was not expecting anything. They were not aware of the new program, and simply did it because of their experience with us. That made it even more fun!

Thanks again for those that have provided feedback. Keep it coming!