Is it better to lease or to purchase credit card processing equipment? The answer is not that different from the choice when buying a car. If you lease you are paying more but the amount of money you pay is less and at you will be always paying something to the company. If you buy you pay upfront but can hold the asset for a long time. Credit Card systems can last a long time and while innovations occur they do not depreciate nearly as fast as a car for example. Long story short if your business has the cash buy the system but if the cash flow if tight perhaps the better decision is a lease.
Oct
9
2010
9
2010
Sep
20
2010
20
2010
Verified By Visa & Secured By Mastercard
Verified By Visa & Secured By Mastercard are systems that offer an addition layer of authentication through use of a password. Card Holders can optionally choose to enable this extra layer or protection on their cards by choosing a password and an e-commerce site can choose to ask for a password for cards that have this extra layer of protection enables. The huge advantage of this feature is that if you enable this feature on your e-commerce store in almost all cases chargebacks are covered by the credit cards companies themselves even if a cardholder wasn’t enrolled in this program.
Sep
19
2010
19
2010
Tip for choosing a bank for merchant services
A best practice in choosing a bank for merchant services is to choose a bank that is different then the bank you keep your companies regular accounts. The reason for this if something (like fraud) happens with regards to your merchant account then the bank can choose to not only freeze your merchant account but also your normal operating account while things get sorted out.
Sep
17
2010
17
2010
How to add a credit card logo to my site
Adding a credit card logo help customers quickly and clearly what forms of payment you accept much like the stickers that storefronts put in their window. Here is one resource to get the perfect HTML and images for credit card logos.
Sep
15
2010
15
2010
What is a good rate for e-commerce credit card processing?
What is a good rate for credit card processing for an e-commerce site. The challenging thing in getting an answer on this is so many companies make pricing difficult to understand with things like tiered pricing, random fees, and difficult to follow pricing structures. One approach I recommend is finding a credit card company that is has a flat rate for e-commerce transactions (also called card not present). The best published flat rate I have scene for card not present or online purchase flat rates is from National Discount Merchant Services can be scene at this link. At the current time that rate is 1.99%.
Feb
10
2010
10
2010
A rundown on PCI compliance
One of the ways the credit card networks have tried to crack down on credit card fraud is by requiring merchants to comply with a set of rules called the Payment Card Industry Data Security Standard (PCI DSS). The PCI Security Standards Council (PCI SSC) was formed in December, 2004, to combine the security programs of all the major credit card networks (American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa, Inc) into one global standard. Thus, the PCI DSS was born with the aim to “help facilitate the broad adoption of consistent data security measures on a global basis” and “help organizations proactively protect customer account data.”
What does this mean for you?
If you accept credit or debit cards from any of these networks, you are required to comply with the PCI DSS. Complicated? In theory, not really. The PCI SSC breaks the requirements for processing, storing or transmitting payment cardholder data down into 12 requirements which are handily explained in their PCI SSC Quick Guide.
|
Goals |
PCI DSS Requirements |
| Build and Maintain a Secure Network | 1. Install and maintain a firewall configuration to protect cardholder data
2. Do not use vendor-supplied defaults for system passwords and other security parameters |
| Protect Cardholder Data | 3. Protect stored cardholder data
4. Encrypt transmission of cardholder data across open, public networks. |
| Maintain a Vulnerability Management Program | 5. Use and regularly update anti-virus software or programs
6. Develop and maintain secure systems and applications |
| Implement Strong Access Control Measures | 7. Restrict access to cardholder data by business need-to-know
8. Assign a unique ID to each person with computer access 9. Restrict physical access to cardholder data |
| Regularly Monitor and Test | 10. Track and monitor all access to network resources and cardholder data
11. Regularly test security systems and processes |
| Maintain an Information Security Policy | 12. Maintain a policy that addresses information security for employees and contractors |
In fact, you can get a lot of good information from the PCI SSC official site.
MasterCard has also put together a series of free webinars that help explain PCI compliance.
In order to be compliant, your equipment and payment applications also need to be approved by PCI DSS standards. This includes pin pad equipment, which has its own set of rules (the PTS). The PCI SCC site maintains a list of approved equipment and software/payment applications, which is updated regularly as new equipment and software is developed.
How is the PCI DSS enforced?
The PCI DSS is enforced by the card associations, not by the PCI SSC. The level of compliance varies by your annual number of credit/debit card transactions as defined by each of the card associations. If you fail to comply with PCI DSS, you may be subject to fines, fees or assessments and/or termination of processing service.
While the PCI DSS is a common standard, each payment brand has its own compliance program and each have their own criteria for compliance:
Jan
7
2010
7
2010
Turn your phone into a credit card machine?
There is now a device you can plug into your phone to turn your phone into a credit card machine. What? Right!
Chris O’Connell, professional photographer, explains it best with his video
There are many ways to use your cell phone as a credit card machine. Square works for iPhone and iPad. Paypal offers an app that allows you to “bump” phones together to make an instant wireless transfer. Intuit’s GoPayment allows you to capture card information on a variety of cell phones by hand or via a bluetooth card swiper.
Practically speaking, there are a lot of ways this could be awesome, as outlined in this New York Times article. For example, accepting payment for Craigslist sales, obtaining money on the spot from your cashless friend/colleague when you’re splitting the tab at a restaurant, busking, panhandling, or small business transactions.
Of course you have to pay to use them. Using Square costs 15 cents plus 2.75 percent to 3.5 percent of each transaction. For small transactions, no big deal. It would be better than sending someone to find the nearest ATM, missing the chance for a sale, or never seeing that cash that your friend owes you. For large transactions, this might be like paying the high of an account with a credit card processor. GoPayment is more expensive, charging a monthly fee of $12.95 a month, plus a per-transaction fee of 30 cents plus 1.7 percent to 3.7 percent of the payment, depending on the credit card companies’ rates. It would be interesting to find out how they calculate what percentage you are charged.
The New York Times article paints this as a huge step for money to become entirely paperless. My gut reaction for going paperless is a big nooooooo!!!! Let us keep our anonymity and avoid being lab rats for corporations’ marketing interests. Since every credit/debit transaction costs the seller, albeit whatever small percent, it is still a portion of an individual’s money that is pocketed by the credit card industry and I say boo to that. Running cards is a convenience that should be enjoyed by those who choose it, but should not be forced upon all.
Dec
10
2009
10
2009
How do credit card processors know how I captured my customer’s card info?
The mysteries of POS capture unraveled here…
There is a code out there for every capture method. When you send data for a transaction, this code (the POS Entry Mode) is automatically sent with it. Wouldcha like to know these codes? Here they are:
- 01 – Manually keyed (this will pertain to Visa internet transactions as well)
- 02 – Magnetic stripe read (general or track 2)
- 05 and 95 – Contactless chip card
- 06 – Magnetic stripe read (Track 1)
- 07 – Contactless chip card using Visa Smart Debit / Credit chip data rules
- 81 – Manually keyed e-commerce (Mastercard only)
- 90 – Entire magnetic stripe read and transmitted
- 91 – Contactless chip transaction originated using magnetic stripe data rules (visa only)
What do”track 1″ and “track 2 mean?” There are two (unusually 3) tracks on a magnetic stripe. Only track 1 carries the cardholder’s name, but both contain the minimum information needed to complete a transaction. Why is this important? If you know the answer, let me know. I am dying to know.
Dec
6
2009
6
2009
Do I have to buy new equipment if I switch to a new processor?
Usually, no. Don’t let this one getcha. Most POS equipment is compatible with multiple processors and can be reprogrammed when you switch processors. Some processors will charge you a fee to do this, some might do it for free. If you are buying equipment for the first time, make sure to buy equipment and software compatible with many providers so that you won’t have to buy new hardware if you decide to switch. The four major manufacturers of POS equipment, Hypercom, Verifone, and Lipman Nurit make equipment compatible with most processors.
Dec
5
2009
5
2009
What is the difference between daily and monthly discounting?
Daily Discounting: The discount you have accumulated on card transactions for the day is deducted from your merchant’s settlement account daily.
Monthly Discounting: With monthly discounting, this happens only once a month.
It is pretty much this simple, and many processors offer both.