SmartPay

Risk management

Risk management Page 2

Contents

Introduction 3 Managing conversion and risk 3

Managing false positives 4

Finding the optimum 4

How it works 5 Hosted payment pages 5

Fraud score action 5

Managing the settings 5

Settings management in more detail 5

Settings levels 5

Advanced features 6 Dynamic 3D secure 6

Devicefingerprinting 6

Oil Splash Search 6

Advanced search 6

Risk API 7

Specificriskchecks 7

Checksspecificforpaymentmethods 7

Country-specificchecks 7

Refusal reason code support 7

Risk reporting and monitoring 8

Risk checks explained 9 Referral checks 9

Card number referral list 10

Shopper IP originates from high-risk country 11

Shopper IP referral list 11

Issuing country referral list 12

Issuer referral list 12

Shopper using anonymous proxy 12

Shopper email referral list 12

Shopper name referral list 13

Consistency checks 13

Shoppercountrydiffersfromissuingcountry 13

The card holder name contains non-alphabetic characters 14

The card holder name is only one word 14

The bank account number contains a numeric sequence 14

Bank account is not likely to be a consumer bank account 14

Bank name doesn’t match bank location ID (blz.) (ELV) 14

Bankaddressdoesn’tmatchanybranchoffices(ELV) 14

Billing address does not match card holder address (AVS) 14

Velocity checks 15

Card chunk usage frequency 15

Card number usage frequency 15

Card holder name usage frequency 16

Shopper email usage frequency 16

Shopper IP usage frequency 16

Cases and examples 17 Examples of suspicious transactions 17

Risk management Page 3

Introduction

The advantages of the Barclaycard SmartPay risk management system are:

– fully hosted and managed risk system

– worksreal-timeonmerchant’spaymenttraffic

– highly customisable by changing risk settings

– caneffectivelyblockfraudwhilelettinggenuine customers pass

– advisory modules for risk settings and yield optimisation

– special reporting and search to give merchants insight into risk performance.

Key features discussed in this whitepaper are the following:

– how conversion optimisation works together with risk management

– how to use the Barclaycard SmartPay risk control system to block fraudulent shoppers

– how to minimise false positives in this process

– what could be the best risk strategy

– howtorealiseaneffectiveyieldoptimisation.

Risk management consists mainly of dealing with transactions that are reversed after the product of service has been delivered. For merchants this means that revenue is lost so it is important to keep control over this process.

This whitepaper describes the innovative way Barclaycard SmartPay deals with fraud and risk management. The most important question to answer is how to minimise fraud costs while maximising revenues.

Managing conversion and riskThe Barclaycard SmartPay payment system is built to optimise conversion for its merchants – the hosted payment pagesofferahighdegreeofcustomisationandhavebeenthoroughly tested to make it as easy as possible to pay.

However, accepting payments also means accepting the risk for transactions that will be reversed later on. These chargebacks can occur for both credit cards and debit payment methods. Possible reasons for chargebacks are:

– fraud, where a credit card or bank account of someone else is used by a fraudster

– insufficientbalanceonabankaccount(especiallywithdirect debits)

– the transaction is not recognised by the card holder who made the payment

– there has been a problem in the delivery or return of the product.

Therefore a risk management system is needed that can detect transactions that are viable to be reversed in a later stage. Although not all chargebacks can be detected beforehand, it is still possible to detect and avert most of the fraudulent transaction attempts.

False Positive

True Positive

This is fraud

The fraud detection system rightly blocks it

This is not fraud, but the fraud detection system

thinks it is fraud

The transaction is blocked while it shouldn’t have

You miss legitimate revenue here

True Negative

False Negative

This is a fraudulent transaction

Fraud system fails to detect it

This is a genuine transaction

You lose money because of

chargebacks

It passes the fraud detection

system

Risk management Page 4

Managing false positivesHowever, for every blocked transaction, there is a chance that it would have been a legitimate transaction. So a fraud protection tool that is setup too tightly will block many genuine transactions, and therefore have a negative impact on revenues.

These transactions are called false positives: transactions that a fraud system triggered as potentially fraudulent (therefore having a ‘positive’ result in the fraud check and subsequently blocked) but which actually would have been normal transactions not resulting in a chargeback.

Of course, it is nearly impossible to know which blocked transactions were genuine and which ones would have resulted in a chargeback.

Strict settings

Optimum somewhere

Less strict settingsless fraud but many

false positivesmore fraud but also

more revenue

Finding the optimumForatightlyconfiguredfrauddetectionsystemthatblocksmost of the fraudulent transactions, many false positives may occur as ‘collateral damage’, seriously impending the business.

Thedefinitionof‘acceptable’variesfrommerchanttomerchant. For selling online access to games, higher fraud rates will be acceptable than for selling high-value tangibles such as consumer electronics.

How to minimise false positives...

... while at the same time keeping fraud at

an acceptable level

Risk management Page 5

How it works

Hosted payment pages

A payment page is presented where the payment options and payment details can be entered,1 after which the fraud score is calculated.

– The original request should contain as many details about the customer as known to the merchant already, if available.

– Along with these details, we also obtain crucial data such as IP address, browser settings etc. from the consumer.

All these data together are fed to the Barclaycard SmartPay Risk Control System, where many checks are performed on thedata,resultinginafinalfraudscore.

Fraud score action– If the fraud score is 100 or higher, the transaction is

refused by Barclaycard SmartPay automatically.

– If the fraud score is less than 100, the transaction is sent for authorisation to the credit card networks (usually from acquirer via central scheme to the issuer).2

– Howtheriskcontrolsystemcalculatesitsfinalscore,largely depends on the settings which we will discuss now.

Threshold. All transactions with a fraud score >+ 10 are blocked by Barclaycard SmartPay

Transactions with a fraud score 0-99 carry a varying degree of suspected fraud

A negative value means that the transaction is considered relatively safe

> 100

Negative score

100

0

Managing the settingsTheriskcontrolsystemcalculatesthefinalscorebasedon many checks that are performed on a transaction. We will discuss some of the individual checks further on in this whitepaper. Every check can, if triggered, add a score to the total fraud score.3

This means that merchants can experiment with the settings tofindtheoptimumbetweenblockingtoomanytransactionsand letting too many transactions pass through. During setup of the merchant account with Barclaycard SmartPay, the account manager at Barclaycard SmartPay will assist and advise on a good starting point. But it is also part of our standard operations to keep monitoring performance of individual and global risk control settings within Barclaycard SmartPay.

Settings management in more detailThere are several classes of real-time checks Barclaycard SmartPay performs on each transaction:

– referral list checking of card numbers, email addresses, ip addresses - the comparison of data points against a variety of databases

– consistency checks like comparing countries of the card issuer, card holder and merchant - the comparison of data points against each other

– frequency/velocity checks (e.g. how often did the shopper make a payment attempt in the last hour).

These are discussed in more detail further in this whitepaper.

Settings levelsRiskcontrolsettingscanbeusedfromdifferentlevels:

1 The Barclaycard SmartPay risk control system also works with API-based payments. In all cases, merchants should send Barclaycard SmartPay as many data points as possible on the transaction.

2Thetransactioncanthenstillberefusedbycardschemeorissuer,becauseoffraudulentuse,insufficientfundsorotherreasons.3 There are also some checks with a negative score, notably whitelists that can be managed.

Global Barclaycard SmartPay settings

Company-specificsettings

Merchant-specificsettings

Settings that are applied to all merchants. Example: cards reported stolen.

Settings that are shared among two or more merchant accounts under the same company account.

Settingsthatarespecifictoonemerchantaccount only.

Risk management Page 6

The Barclaycard SmartPay risk management system contains a large number of checks, as well as some advanced features, of which the most appealing ones are as follows.

Device fingerprintingThe Barclaycard SmartPay Device Fingerprinter unobtrusively gathers a lot of information from the shopper’s device and uses the combined value to identify the device of the shopper.

This allows the Barclaycard SmartPay system to discover suspiciousbehaviourliketheenteringoftendifferentcardnumbers from the same device within thirty minutes – even whendifferentIPaddressesareusedorbrowserorproxysettings are changed.

Each of these data elements are not discriminative enough to uniquely identify a device among all devices in the world. However, studies show that a combination of all these data elements in many cases is unique. To illustrate this principle, considerthefollowingexample:wearetryingtofindTom,living in Shoreditch in London. None of the three data elements Tom, Shoreditch and London are in themselves uniqueenoughtofindthisperson.Acombinationofthethreeelements,however,willprobablybeenoughtofindhim.

TheBarclaycardSmartPaydevicefingerprintisveryeffectivein stopping fraudulent transactions. What Barclaycard SmartPay has seen is that fraudsters change their payment details (email, IP addresses, name, card numbers) which means that the fraudsters do not get stopped by only the regularvelocitysettings.Withthedevicefingerprint,mostofthese attempts can be stopped.

Oil Splash SearchBarclaycardSmartPayalsooffersOilSplashSearch,allowingmerchants to link payments together that belong to the same shopper. Many fraudsters will try to avoid detection by regularly changing identifying data like IP addresses and email addresses. Most of the time fraudsters do not change every detail at once, allowing Barclaycard SmartPay to still track fraudsters and identify all their payments. This reducestimeandeffortforfraudanalystsandensuresthatall fraudulent transactions from the same fraudster can be located and acted upon.

Advanced searchThe Barclaycard SmartPay search functions are extended with special fraud-investigation options. If one fraudulent payment is located, then with the click of a button merchants can search for payments from the same IP Address, shopper name, card number and the merchant reference for that shopper.

Dynamic 3D Secure

Country-specific checks

Risk Reporting and Chargeback Level Monitoring

Device finger-printing

Apply 3D Secure selectively for high-risk transactions.

Riskchecksthatarespecifictoonecountry

Specificreal-timereportingonriskmanagementperformance. Automated monitoring of chargeback levels.

A better technique to repeatedly get the right identificationofthedevicethattheshopperisusing.

Dynamic 3D Secure approach (example)

>= 100

70-99

0-69

Force 3D Secure

Block (deny)

Pass (authorise) without 3D Secure

Dynamic 3D secureBarclaycard SmartPay always recommends the use of 3D secure authentication. 3D secure means that shoppers have tofillinauniquepassword(inadditiontotheCVCcode),depending on the issuer. This further reduces the chance that a fraudulent transaction can occur.

There is an automatic liability shift to the issuing banks for personal cards once 3D Secure has been initiated by a merchant.

The disadvantage of 3D Secure can be a lower conversion rate because people might have forgotten their credentials orhaveotherdifficultiesusing3DSecure,orissuingbanksystems might have problems.

Therefore, Barclaycard SmartPay developed support for Dynamic 3D Secure where only risk transactions are sent through to 3D Secure authentication.

– Use 3D Secure only for transactions that are deemed risky, for instance if the fraud score is more than 7.

– It is also possible to select 3D Secure automatically for transactions higher than a certain amount, for instance for all orders exceeding USD 250. Read our separate Dynamic 3D-Secure whitepaper for more information.

Advanced features

Risk management Page 7

Risk APIA special Risk API is available to do risk only calls without processing payments. This will help merchants looking only for a risk management solution. Consider for example the possibility of blocking unwanted shoppers already during registration on a website.

Specific risk checksChecks specific for payment methods

Severalchecksarespecificforpaymentmethods(suchasELV) or groups of payments methods (such as direct debits). This allows merchants to further tailor risk settings based on experienced fraud with certain payment methods.

Country-specific checks

FordifferentcountriesBarclaycardSmartPayprovidescountryspecificchecks.ForexampleintheUSAandUKBarclaycardSmartPayoffersanaddressverificationservice. Also in other countries, for example Germany, the Netherlands and Brazil, Barclaycard SmartPay provides specificmarketrelatedchecks.

Refusal reason code supportBarclaycard SmartPay attempts to be as complete as possible in sending transaction and risk feedback to the merchant. Whenever available from the issuer, Barclaycard SmartPay will try to include the refusal reason in transaction responses.

Arefusalwithareasonof‘insufficientfunds’or‘overlimit’reachedisnofraudandshouldbetreateddifferentlythanaCVV2 failure or a lost/stolen refusal response code.

Risk management Page 8

BarclaycardSmartPayoffersseveralreportsontheperformance of the risk system that gives merchants feedback. Statistical information is gathered over the transactions processed over the various sales channels of one merchant.

With this analysis the risk system can be adjusted by the merchant. Not only can the weight of a score can be varied, checks can also be deactivated and activated by merchants. With the reports providing progressive insight, checks need to be periodically adjusted to the best values. The nature of fraud also has proven to change over time, requiring further adjustments. When a coordinated fraud attack occurs, often the refusal rate of a merchant drastically increases and people can be alerted immediately to take proper action.

Risk reporting and monitoring

IS

IE

UKNL

BE

PT ES

FR

AD

DE

CH

DK

PL

NO

SEFI

RU

EE

LV

LT

BY

UA

MD

RO

BG

GRTK

CY

CZSK

HU

SL HY

AL

MO

MK

AT

MT

SMVA

MC

LU

LI

8.69% chargeback ratio in Italy

Risk management Page 9

Risk checks explained

Fraud control settings are only available at the merchant level in the account hierarchy. If you select this setting at company levelyouwillfirstbepromptedtoselectamerchant.Oncethisisdoneyouwillbepresentedwiththefraudscoringscreen.

Once again, it is important to understand that a transaction will be refused when the score reaches 100.

To only change the score associated with one or more risk checks, or to only activate/deactive one or more risk checks, change the scores accordingly and check/uncheck the checkboxes, then click the Save Merchant Checks button.

Ifyouwishtofurtherconfigureriskchecks,firstperformtheabove,thenclicktheConfigure link next to the risk check you wish to view or change (these are described in more detail below).

Referral checksReferral checks work on transaction information at one end and existing databases at the other. The referral checks are shown in the screen below.

Risk management Page 10

Card number referral listThe Blocked/Trusted Payment Details screen allows you to review and specify the credit cards, ELV accounts, and Dutch directdebitaccountsthatyoutrustorwishtoblock.Thisisa‘firewallforcardsandaccounts’.Merchantsshouldalwaysplacea reason in the block for audit trail purposes.

Four actions are possible:

1. block by entering the credit card or ELV or dutch direct-debit details, ensuring the Block radio button is selected, typing in a reason, and clicking the Apply button in the applicable section

2. unblock/trust by entering the credit card or ELV or dutch direct-debit details, ensuring the Trust radio button is selected, typing in a reason, and clicking the Apply button in the applicable section

3. view the current credit card block/trust list by clicking the Current Card Block/Trust List (or equivalent) link

4. remove details from the existing list by entering the credit card or ELV or dutch direct-debit details, ensuring the Remove from List radio button is selected, typing in a reason, and clicking the Apply button in the applicable section.

Another way to put a credit card or bank account number on the referral list is by using the ‘Fraud Control’ box in the payment details screen. You can reach this page by going to the payment list, selecting the transaction that belongs to the fraudster and clicking on Fraud Control.

Risk management Page 11

Shopper IP originates from high-risk countryThe Blocked/Trusted IP Countries screen allows you to specify the countries where shoppers can not purchase from based on their IP at time of purchase.

It is important for fraud purposes that merchants send Barclaycard SmartPay the shopper IP address with each transaction, it is a key tool in stopping fraudulent transactions.

Thisblockwouldbeutilisedifamerchantidentifiesanumberof fraudulent transactions or chargebacks caused by fraud originatinginaspecificshoppercountry.Merchantsdo,however, need to ensure that they do not have ‘genuine’ shoppers who also originate in those countries as they would be blocked as well.

Two actions are possible:

1. block by selecting a country from the drop-down list, typing in a reason, and clicking the Block button

2. unblock by clicking the Remove button in the necessary row.Countrieswithanactionoffixedcanonlyberemovedby contacting Barclaycard SmartPay Support.

Shopper IP referral listThe Blocked/Trusted Shopper IP Addresses screen allows you to specify the IP addresses and ranges from where shoppers can not purchase from.

Two actions are possible:

1. block by entering the IP address, indicating whether it is for one IP address only or a range via the drop-down list, typing in a reason, and clicking the Block button

2. unblock by clicking the Remove button in the necessary row.

Risk management Page 12

Issuing country referral listThe Blocked/Trusted Issuing Countries screen allows you to specify the countries where shoppers can not purchase from based on their card or bank account country of issue.

Merchants should utilise this check if they see fraudulent transactions or chargebacks arising as a result of fraud from cards issued in certain countries. These cards should only be blocked if merchants do not have ‘genuine’ shoppers who hold cards issued in the same countries. A good example is USA-issued cards. Many merchants in Europe do not have shoppers who use USA-issued cards. However, they do have a lot of fraud with USA issued cards, therefore they block cards issued from the USA.

Issuer referral listThis list contains issuing (Shopper) banks which have a high percentage of fraudulent transactions and is controlled at the Barclaycard SmartPay end. It is only used in very rare circumstances and it is usually associated with banks found in exotic countries.

Shopper using anonymous proxyFraudsters often try to use anonymous proxys to try and hide their IP address. A shopper using an anonymous proxy will be a fraudster, therefore transactions such as these are blocked.

Shopper email referral listThe Blocked/Trusted Shopper Email Addresses screen allows you to specify the shopper email addresses that you trust or wish to block.

Four actions are possible:

1. block by entering the shopper email address, ensuring the Block radio button is selected, typing in a reason, and clicking the Apply button

2. unblock/trust by entering the shopper email address, ensuring the Trust radio button is selected, typing in a reason, and clicking the Apply button

3. search whether a shopper email address is in the current list by entering it and clicking the Check button

4. remove details from the existing list by clicking the Delete button next to the applicable row, or by entering the shopper email address, ensuring the Remove from List radio button is selected, typing in a reason, and clicking Apply.

Risk management Page 13

Shopper name referral listThe Blocked/Trusted Shopper Email Addresses screen allows you to specify the shopper names that you trust or wish to block.Merchantsneedtobecarefulwhenblockingregularnames,suchasJohnSmithintheUK.

Consistency checksConsistency checks compare two or more transaction data points with each other. The consistency checks are shown in the screen below.

Shopper country differs from issuing countryBydefaultanydifferencebetweenshoppercountryandissuing country will trigger this fraud risk check.

Thischeckisoneofthemosteffectivechecksinstoppingfraudulent transactions from occurring. In our experience, the majority of fraudulent transactions occur when the shopper countrydiffersfromtheissuingcountry.Somemerchantsdo not have regular transactions where the card issuing CountryandshopperCountryaredifferent.Therefore,forthose merchants it is worthwhile setting the score to 100 for thatcheck.Forothermerchants,itiseffectivetosetthescoreto 90 and then manually review the transactions where the check is triggered.

Theshoppercountrydiffersfromissuingcountryscreenallows you to trust or block combinations of countries. This is best utilised when IP addresses may cross countries such as Belgium/France, Netherlands/Belgium etc.

Risk management Page 14

Bank address doesn’t match any branch offices (ELV)ThischeckverifiesspecificallyforELViftheenteredbankaddressmatchesthebankbranchoffices.Ifitdoesnotthenthe fraud check will trigger.

Billing address does not match card holder address (AVS)The settings for AVS check screen allows you to set the minimum level of matching required for AVS checks, and whetheranunknownresponseisOK(example9).

ThischeckisonlyavailableintheUKandtheUSA.

Two decisions are made:

1. for the postal / zip Code, decide whether it must match (Needs to Match), doesn’t need to match (Doesn’t Match),orisOKifthecheckcannotbeperformed(Unable to Perform Check). Also decide whether an unknown responseisOK(Unknown Response OK?)

2. for the address, decide whether it must match (Needs to Match), doesn’t need to match (Doesn’t Match), or is OKifthecheckcannotbeperformed(Unable to Perform Check).AlsodecidewhetheranunknownresponseisOK(Unknown Response OK?).

Three actions are possible:

1. block by entering the shopper country in the left drop-down list, issuing country in the right drop-down list, ensuring the Block radio button is selected, typing in a reason, and clicking the Submit button. The shopper and issuing countries should be the same

2. allow by entering the shopper country in the left drop-down list, issuing country in the right drop-down list, ensuring the Allow radio button is selected, typing in a reason, and clicking the Submit button. The shopper and issuingcountriesshouldbedifferent

3. remove details from the existing list by clicking the Remove button next to the applicable row.

The card holder name contains non-alphabetic charactersFraudsters often try to hide their identity and will therefore insertrandomcharactersinthecardholdernamefield.Thefraud tool will therefore attribute a score to transactions where this occurs.

Merchants in countries such as Israel where names are more likely to contain non alphabetic characters need to be careful when setting this check.

The card holder name is only one word

Fraudstersoftenonlyfillinonewordinthecardholdernamefield,forexample‘JohnorBob’.Thefraudscorewilltriggerifthis happens and will attribute a score accordingly.

The bank account number contains a numeric sequenceThischeckverifiesthebankaccountusedfordirectdebitpayments to see if there are numeric sequences. An example of a sequence is a bank account number like “1234567890”. Fraudsterswilloftentrydifferentsequencesuntiltheygetamatch.

Bank account is not likely to be a consumer bank accountThe account is not likely to be a consumer account. For ELV we check if the account has no check digit, for Dutch direct debit if the account has the correct number of digits.

Bank name doesn’t match bank location ID (blz.) (ELV)When an ELV transaction is carried out the bank’s name must befilledin.WereceiveregularupdateddetailsfromELVaboutthe bank name and store these in our system. If the bank name does not match then the check will trigger accordingly.

Risk management Page 15

Velocity checksVelocitychecksarethemosteffectivewayformerchantstostopfraudulenttransactionsfromoccurring.Velocitychecksallowmerchantstocontrolhowoftenshopperscanmakeapurchaseinaspecifiedtimeframe.Iffraudstersdiscovertheycanpurchase something once then they are likely to continue purchasing items in a small space of time.

To best utilise these checks merchants need to understand the behaviour of their shoppers. Merchants need to know how often a regular shopper would purchase something on their website (e.g once a day, twice a day etc).

Thebehaviourofeachmerchant’sshoppersisdifferent,thereforetherecannotbeonegenericsettingforeverymerchant. The available velocity checks are shown in the below screen.

Card chunk usage frequencyThe Settings for Card Chunk Usage screen allows you to specify the number of times six digits of a credit card can be used over a number of hours.

The default is six times over six hours. Change the values as required and click the Save button.

Card number usage frequencyThe Settings for Payment Detail Usage screen allows you to specify the number of times the same credit card or bank account details can be used over a number of hours.

The default is six times over six hours. Change the values as required and click the Save button.

Risk management Page 16

Card holder name usage frequencyThe Settings for Account/Card Holder Name Usage screen allows you to specify the number of times the same shopper or card or account holder name can be used over a number of hours.

Shopper IP usage frequencyThe Settings for Shopper IP Address Usage screen allows you to specify the number of times the same shopper IP can be used over a number of minutes.

Merchants need to be careful when using this check as often differentshopperscanbeusingthesameIPaddress,forexampleinthecaseofanofficebuildingoraninternetcafe.

Shopper email usage frequencyThe Settings for Shopper Email Address Usage screen allows you to specify the number of times the same shopper email can be used over a number of minutes.

Risk management Page 17

Solution: put Russia on the High-Risk Country Referral List

Solution: raise the velocity checks to 100, with max 4 transactions a day (to avoid stopping legitimate shoppers, do not put it at max 2 a day)

Solution: raise the ‘shopper country differsfromissuercountry’.

You may decide to put it at 100, if you are experiencing a lot of fraud. If that will block too much legitimate shoppers, put it at 70 and set the velocity checks at least at 30, so a combined score with one of the velocity checks will block the fraudster.

You experience a lot of fraud from Russian shoppers. Russia is not a country where you normally get orders from.

A fraudster has placed 20 orders in a couple of hours.

Legitimate shoppers on your web shop however are never ordering more than 2 products a day.

You experience a lot of fraud from cards issued in countries other than those that the shoppers come from.

Cases and resolutions

Cases and examples

Examples of suspicious transactions– Theshoppercountry(IPaddress)differsfromtheissuing

card country (e.g French IP address with a USA issued card). This is especially apparent if a USA , Canadian or Australian or New Zealand issued card is seen on a European merchant.

– TheshopperIPaddressdiffersfromtheIssuingcardcountry and the merchant location (e.g French IP address with a USA issued card used on a Spanish website)

– The shopper name contains irregular characters.

– The transaction value is higher than your average transaction value and one of the above combinations is in place.

– You see a number of transactions in a short period of time from the same credit card, email address or shopper name.

– You see transactions from the same email address or shoppernamewithseveraldifferentcreditcardsbeingused.

To conclude this whitepaper, we give some examples of fraud cases and their resolutions by adjusting the risk settings.

Fraudsterskeepfindingnewwaystotrickriskmanagementdetectionsystems–ouraccountmanagersandfraudpreventionspecialists will be happy to discuss what’s best in your situation.

Risk management Page 18

This information is available in large print, Braille or audio format by calling 0844 811 6666**

*Calls may be monitored or recorded to maintain high levels of security and quality of service.

**For BT business customers, calls to 0844 811 numbers will cost no more than 5.5p per minute, min call charge 6p (current at January 2014). The price on non-BT phone lines maybedifferent.Callsmaybemonitoredand/orrecorded.Barclaycard is a trading name of Barclays Bank PLC Barclays Bank PLC is authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority (Financial Services Register Number: 122702) and subscribes to the Lending Code which is monitored and enforced by the Lending Standards Board. Registered in England No: 1026167. RegisteredOffice:1ChurchillPlace,LondonE145HP

BCD100962SP05. Created 01/14. 34366BD v1.0

Find out moreTo see the latest versions of our Barclaycard SmartPay support manuals, please refer to our resource centre website: barclaycard.com/smartpay/documentationTo contact our support team email: Support.SmartPay@barclaycard.co.uk call 01604 269518* or from abroad +441604 269518.*

Support hours are Monday – Friday 09:00 to 18:00 GMT.