Entries tagged with “merchant”.


One of the most difficult aspects of owning a small business is finding the best ways to take payments from customers. Here are a few small business financial success tips to help smooth the operation of your business by making your site more payment friendly.

Maximize Payment Options

The truth is that it’s nearly impossible to perfectly predict what payment options your clients are going to feel the most comfortable with using. As a result, the best approach is to add as many ways of receiving payment as you can.

Some customers will feel more comfortable with anonymous methods that make it impossible to trace the buyer. Others would rather pay with credit cards, or with standard electronic payment methods. If you can, you should also make payment processing possible over the phone as well as online.

Some may only feel comfortable giving you cash in person, so that would be a good thing to take into account if it’s an option for you. There’s also always the possibility of using mobile card readers for taking payments from people in person as well.

Integrate Payment and Tracking

You’re going to waste a lot of time if you try to track all of your payments by hand. That’s why it’s a good idea to look for an accounting system that can automatically add in all of the purchases customers make into a record that you can easily search through.

This is important not just because it keeps the finances of your business in order, but also because you can use this information to figure out what’s working for sales and what’s not.

Don’t Forget Mobile

Due to the rising number of people making purchases with their mobile phones, it’s important to make sure that you have at least one or two options that customers can use to easily make purchases through their phones and tablets.

For more information on payment processing for your business, please contact us.

With so many payment processing solutions out in the market today, it can be hard to find the right payment processor that supplies the best service possible for your business. It can be tedious comparing costs and finding the processor that’s right for your type and size of business. Here are some tips for finding the right payment processor for your small business.

Shop around.

You don’t have to sign up for processing from your bank. There are many other options that are far less expensive and provide a better service that is customized to your business’ needs. Today, payment systems have moved from being bank owned to technology providers that can vary in size, depth and trust. Always be aware of hard costs that you really can’t get away from, and be wary of hidden fees, and surcharges that some payment processing companies will tack on. Make the choice to go with a price that will fit your budget and is manageable for you.

Only consider payment processing services from companies that explain their contracts, use plain language, and have no hidden or confusing fees. Small business owners need to be able to understand the terms of a contract, so it is important to find service providers that openly communicate contract terms and obligations. Look up reviews online, check out blogs and even go as far as speaking with a company rep armed with questions.

Look for dedicated support.

Look for a service with a dedicated support team. The payment processor should handle all of your service inquiries regarding problems or issues 24 hours a day. Full service is essential because you never really know when a terminal might suddenly stop working, making you unable to process any transactions. Make sure the company you choose is one that provides real customer support and matches you with a payment service that you can depend on when the worst happens.

Look for security.

The processor you choose should be fully compliant with all industry security standards. Payment Card Industry (or PCI) compliance is a requirement of all businesses that interact with credit or debit cards. PCI compliance ensures that you are up to date on the latest best practices to protect your business and your customers from card payment fraud. A breach of security can result in the loss of existing customers and have an impact on how many new customers choose to do business with your organization. Business owners that take the time to do research will have no difficulty finding a reliable and secure processor that offers a wide variety of payment options and offers secure, dependable service.

Evaluate the impact of growth.

Always take a look at how growth will impact the affordability of any service you’re considering. If growth will make a certain contract relatively less affordable in 2 years than it is now, and changing or getting out of the contract will be costly, then you will want to consider other options. Ideally, payment processing partnerships are long-term relationships, therefore it is critical to find a processor that suits your business’ needs today and has options that will allow for making adjustments as the company and industry change and grow.

Finding a payment processor that meets your specific business needs is vital, so it is a good idea to thoroughly investigate and compare all options and value-added services available. With these tips in mind you will be able to find the right solution for your business, one that will scale and support your business’ growth.

For more information, or if you have any questions or comments, please feel free to contact us.

New Harris Poll released last week led some insights into consumer views on mobile payments.  Among the highlights of the poll is that more than 60% of respondents believe that smartphone payments will eventually replace cash and card payments.  This number is very high when compared with the number of respondents that have actually made (4%), or even witnessed (8%), a smartphone payment.  What’s more, far fewer respondents believe that this transition will occur within the next five years.  Contrast this with the media “Year of Mobile” pronouncements (that have occurred for the last two years, at least) and one would rightly ask where the disconnect is.  Media keeps saying mobile payments are imminent, while consumers seem to be hesitant.

One of the major variables for most consumers in using smartphone payments is the question of security.  According to the Harris Poll, “Among those who indicate being either not very or not at all interested in being able to make smartphone payments, security is a clear, if predictable, factor: half (51%) say they don’t want to store sensitive information on their phone, and four in ten (40%) don’t want to transmit sensitive information to a merchant’s device.” (Here is should be noted that there are mobile payment products that allow payments to be made without (1) storing payment data on the consumers phone or (2) transmitting sensitive data to the merchant’s device.)  Another significant portion weren’t interested in making smartphone payments simply because they did not own a smartphone.

So I put it to you, reader.  What do you think about smartphone payments?  Have you made one? Would you make one?  What factors or criteria are necessary for you to adopt this new technology?  Or are you just waiting for it to reach critical mass  so that it’s available in places that you frequent?

Recent reports indicate that small businesses tend to overlook the threat of a data security breach.  Controlscan, a company that specializes in assisting small and medium sized businesses with PCI compliance issues, recently completed a study in cooperation with Merchant Warehouse.  The findings indicate that close to 80% of the surveyed merchants felt that they had little to no risk of a breach.  What’s more, according to ControlScan’s CEO Joan Herbig, close to half of the merchants surveyed hadn’t even heard of the PCI DSS.  These findings indicate a serious lack of communication between ISOs and Acquirers and their small merchants.

Since 2006, all organizations that store, process, or transmit cardholder data have been required to comply with the data security requirements contained within the Payment Card Industry Data Security Standard.  In fact, the Payment Card Industry Security Standards Council has even created a microsite dedicated to educating small merchants on the PCI DSS and their obligations under that standard.  The ramifications of non-compliance are many and can be overwhelming even for large merchants.  Should a breach occur, the fines, fees, and penalties can quickly add up and in many cases have put companies out of business.

This post could easily take on an alarmist tone.  Some might say that it already has.  Regardless, though, small merchants must comply with the same set of standards to which large companies are beholden.  How can one do that with comparatively limited resources?  By trying to limit the places in the merchant system that store, process, and transmit cardholder data.  Using a solution that processes payment card transactions using point to point encryption (P2PE) and tokenization can serve two objectives – making the data more secure, and reducing the burden of complying with the PCI DSS.

If you are a small merchant and you haven’t heard about PCI DSS or aren’t sure what you should do, reach out to your ISO or Acquirer.  They can explain what the standard requires and how you can achieve compliance.

I saw a blog post yesterday that reminded me of complexity and confusion surrounding the relationship between PCI DSS compliance and fraud prevention.  The details of the story are less important than the central idea that the author was communicating –  the notion that merchants should rely on PCI DSS compliance for the prevention of fraud.  The idea behind PCI DSS is of course to reduce the amount of fraud by helping to protect payment data from unauthorized disclosure and use, but it should be noted that the standard is not a fraud prevention program.  It is a data security compliance program.  Understanding the difference between fraud prevention and data security will help to clarify the relationship between the PCI DSS and fraud.

Fraud is the intentional deception for personal gain.  This is a broad definition that includes social engineering as well as the misuse of financial data.  Fraud prevention, then, must be a very broad set of practices and procedures that are put in place to prohibit people from being able to misuse (in this case) payment card data.   All of the major card brands have suggestions and best practices for preventing fraud at the merchant level.  MasterCard Worldwide provides a quick reference guide to help merchants educate their staff on fraud prevention techniques.  Among the suggestions is the notion that staff should be familiar with what a card is supposed to look like.  Valid cards have a number of fraud prevention mechanisms, including embossed numbers and holograms.    (Each of the card brands can also provide a sort of “anatomy of a card” that will keep merchants and their employees current with new card designs and security mechanisms.

Data security is a subset of fraud prevention tools.  Ensuring that the data is adequately protected from unauthorized disclosure (data compromise) helps mitigate the risk of fraudulent transactions.  All of the major card brands require compliance with the PCI DSS with any entity that stores, processes, or transmits cardholder data.  This helps to prevent data thieves from perpetrating fraudulent transactions on a large scale.  Merchants should not rely on the PCI DSS to protect them from fraud schemes.  PCI DSS is designed to help companies protect payment data from thieves, not to protect merchants from fraud schemes.

Dr. Heather Mark, PhD. ; SVP, Market Strategy