Stripe VS Square

Stripe VS Square
✓ Products and Services ✓
✓ Compatible Hardware ✓
✓ Fees and Rates ✓
✓ Sales and Advertising Transparency ✓
Customer Service and Technical Support ✓
✓ Negative Reviews and Complaints ✓
✓ Positive Reviews and Testimonials ✓
Tie Final Verdict  Tie
Read Review Read Review
Visit Site Visit Site

Overview

Spend a little bit of time reading up on Stripe (read our review) and Square (read our review) and you’ll start to see the similarities. They’re both giants in the payment industry, media darlings that have transformed the way people pay for things and the way merchants accept payments. They’re both on the leading edge of technology and rely heavily on machine learning to drive their payment processing systems.

Most importantly, both Square and Stripe offer huge assortments of commerce tools that make it easy for merchants to run their businesses. With the various APIs and integrations available, there are almost limitless possibilities for creating a custom system with everything from invoicing to email marketing and more.

But that’s where I stop pointing out the similarities. Once you get past that point, it becomes harder to draw apples-to-apples comparisons because Square’s offerings are much more varied. Square really is an all-in-one processor that can handle in-person and eCommerce payments, as well as inventory management, customer databases, and more. Stripe is more limited to eCommerce, both for websites and for mobile apps, but it has powerful tools for global enterprises, subscription-based businesses, and other online companies.

To keep things fair and within a manageable scope, we’re going to limit the scope of this comparison to each companies’ online and mobile commerce tools. That means, for the most part, we’re not going to look at mPOS apps, POS integrations, appointment booking, or email marketing…except to say if you need them, Square is the better choice.That also means we’ll be ignoring Stripe Atlas, the company’s service for helping international merchants establish themselves in the US.

If you want to sell online and Square and Stripe have made your shortlist, you should start by asking yourself some questions:

  • What features do you absolutely need? Which features aren’t essential, but would be very nice to have?
  • What percentage of your transactions are from outside the US?
  • Do you have a developer or advanced coding knowledge yourself?
  • Do you have limited tech knowledge and need an easy solution?
  • Are you looking for specific integrations?
  • What industry is your business part of?
  • How advanced are your subscription tool needs?

Once you have the answers to these questions, you can sit down and look at each company in more detail. Read on for our comparison of Stripe vs. Square!

Products & Services

Winner: Tie

It’s so important to have a list of must-have features before you set about choosing any sort of payments or eCommerce software because you don’t want to make the decision and then find out that you’re missing a very important function. But it’s also important to think about where you want your business to go and what tools you want to invest in as your business scales up. If you pick the right service, it could mean you never need to switch. But if you don’t think about growth, you may wind up having to make a complicated switchover later in the future once you’ve outgrown a solution.

The good news is that for the most part, Stripe and Square are both very good solutions that scale up as a business grows. It just comes down to in which direction a business wants to grow.

Square Tools and Services for Online Merchants

Square initially stood out among mobile competitors by offering a free webstore to its merchants. Since then, the company has branched out considerably to include eCommerce integrations as well as developer tools. For a more in-depth review of all of Square’s offerings, check out our full review.

  • Online Store: Square’s free online store is very basic. There are only four templates to choose from, and you can only customize portions of the site (such as filling in your business name and address in the footer) in addition to loading your products. This is not a good solution for anyone with a large and diverse inventory, especially if your shipping costs vary significantly or if you’re looking for a particular visual aesthetic.
  • eCommerce Integrations: When you first take a look at Square’s eCommerce offerings, you’ll see that Square very conveniently groups everything by a merchant’s level of technical expertise. I think this is a really helpful approach.

    The easiest integrations are listed on the site and Square lets you know that you can choose from an assortment of templates.

    The intermediate level includes eCommerce integrations that require a bit more work and technical knowledge to get set up.
    Square’s list of integrations includes some of the best shopping cart options, and the list keeps growing. That makes me happy, but if your preferred integration isn’t on the list yet and you do have the technical knowledge (or an eager developer on your payroll), there are more tools at your disposal. You can check out the list of Square integrations in the app marketplace.
  • Developer Tools: Square’s dev tools make it possible for you to create almost any custom integration you could need. For eCommerce, there are two APIs, Checkout and Transactions.  Square Checkout is a premade form that can be dropped into a site with minimal fuss. Using Checkout means merchants are eligible for some perks, like next-day deposits and chargeback protection. The Transaction API, combined with Square’s payment form, is more customizable. Square has other APIs to handle other aspects of commerce, but you’ll find that Square doesn’t readily support in-app payments.
  • Dashboard Reporting: Square’s reporting tools are fairly advanced, especially for a company that started as an mPOS. They’re very popular with merchants who want to know what’s selling and how much they’re processing and need standard business data. The dashboard is actually quite intuitive, as well. However, Square doesn’t allow for a huge amount of customization in reports unless you get into the Reporting API, which allows you to create real-time notifications using webhooks.

Additionally, Square offers the following tools:

  • Advanced Inventory: Square will reconcile online and in-person sales and give you an up-to-date count on your inventory, including low-stock alerts when you hit a specified threshold. Plus, you can bulk upload products and generate SKUs, create variants, and more.
  • Fraud Protection Tools: Square uses machine learning to analyze transactions and identify and flag possible fraudulent transactions.
  • Customer Database: Save customers’ contact information and build a database with records of their purchases so that you can market to them later.
  • Invoicing: Create invoices from within the Square dashboard or from within the mPOS app. Square also allows customers to store their cards to automatically pay invoices (using this Card on File will cost you a bit more). You can also create recurring invoices. However, if you want extensive subscription management tools, you’ll need an integration with a service like Chargify, which will add to your costs.
  • Free Virtual Terminal: If you want to process payments over the phone or you don’t have access to the mPOS, you can use Square’s virtual terminal. Transactions will be processed at the manual entry rate (3.5% + $0.15) rather than the eCommerce rate, but the solution is PCI compliant and is designed for regular use.

All in all, while it’s worth noting that Square really is an omnichannel solution for merchants who want to sell anywhere without needing to build a complicated system of integrations. But it has some shortcomings, especially for digital merchants. Subscription tools are nearly nonexistent, and fraud protection doesn’t compare to the tools Stripe offers. If you want advanced, custom reports, you’ll be better served by Stripe. However, Square’s tools and overall design are incredibly easy to use, especially for business owners who don’t have a lot of technical expertise or a large budget to hire someone. And it has very strong tools for merchants who sell physical products in particular.

Stripe Tools and Services for Online Merchants

Stripe has earned its name as a developer-friendly option, but you can also integrate with a host of third-party apps to accept payments with ease. The company focuses on internet and mobile commerce, but developers have extended Square’s power to include mobile payments and more. Just take note, there’s no free storefront option here. For a more detailed look at different features, check out our complete Stripe review.

  • eCommerce Integrations & Plug-Ins: Stripe outclasses Square in terms of shopping cart integrations by virtue of sheer numbers. In addition to integrations with major eCommerce software providers, developers have created an assortment of plug-ins for businesses operating on WordPress, Magento, and other websites. If you’re not really sure where you start, you might end up doing a lot of research to decide the best course of action, but you can at least take heart in knowing that there’ll be something that will meet your needs. You can check out the full list of eCommerce integrations on Stripe’s “Works With” page.
  • Developer Tools: Stripe is much loved by developers for its flexibility, its extensive documentation and its support for multiple programming languages. Its APIs allow you to create invoices and subscriptions along with many other features.

    Stripe Elements will let you create an entirely custom form with pre-built components; Stripe Checkout generates a pre-built form you can just drop into the site with a few lines of JavaScript. With Stripe, it’s very easy to accept payments on a desktop computer, a mobile site, or within a mobile app. Stripe now even supports 1-touch payments on mobile
  • Stripe Sigma: Stripe offers your standard user dashboard with some general sales reports at no charge. But if your business is heavily data-driven, Sigma’s customizable reporting is the perfect solution for you: you can generate reports based on SQL queries. This is pretty cool, and it’s a great way to make sure that anyone on your team can get the reports they need without creating an information bottleneck. Pricing is based on a sliding scale rather than a set additional monthly see.

Stripe’s additional tools include:

  • Stripe Billing: Stripe’s subscription tools are industry-leading, with the ability to charge clients based on a recurring quantity or metered usage, to set free trial periods, and much more. You can also create invoices or set up recurring billing tools. However, new businesses will pay a small additional charge per transaction to use these tools.
  • Stripe Radar: Stripe makes a big deal of its fraud monitoring tools, bundled under the very-apt name Radar. The system uses machine learning and a host of criteria to analyze every transaction and decide whether it is legitimate or possibly fraudulent. Radar also lets merchants set custom criteria for rejecting transactions and review flagged transactions to decide whether to accept or reject them.
  • Marketplace Tools: Merchants who want to operate a marketplace can use Stripe to build the platform. Stripe’s marketplace tools are grouped under the moniker “Stripe Connect.”
  • Multiple Currency Displays & Dynamic Currency Conversion: These tools are a major reason why Stripe is such a powerful tool for global businesses. Whereas Stripe will automatically convert transactions to USD (usually at the cost of a fee to the cardholder), Stripe will allow you to display prices in local currencies based on where the customer is located. Stripe then automatically converts them for the merchant, charging a small markup over the exchange rate. This makes a business more appealing to international customers.

There’s no doubt that Stripe is very powerful. It can handle all sorts of payments, from digital subscriptions to retail goods. It’s one of the best solutions for global businesses with its currency tools. But it does have some limitations. If you plan to sell across multiple channels, there’s no option for in-person payments unless you have an integration like Flint Mobile (read our review), but it’s still more costly than other mPOS options. There’s no virtual terminal, either. While Stripe does allow you to manually enter a transaction if all else fails, it’s a last resort rather than a tool to be used on the regular because of PCI compliance issues.

Stripe’s inventory tools aren’t on the level of Square. They’re powerful, but if you want advanced inventory management, you’ll need to tack on an integration. I also don’t think that Stripe’s inventory tools are even half as intuitive as Square’s. But I think part of that is Stripe’s focus on online payments and tools for digital merchants, compared to Square’s omnichannel approach.

All in all, it’s really hard to say one of these companies is inherently better than the other. Both have a good assortment of integrations for shopping carts and other tools, though Stripe has a greater number of supported integrations. If you want ease of use, especially if you sell physical goods,  Square is the standout option. But if you need flexibility, robust tools, and advanced data, Stripe is the better choice. So it ultimately comes down to your business’ needs.

Fees & Rates

Winner: Tie

I am happy to say that pricing for both Square and Stripe is mostly straightforward:

  • 2.9% + $0.30 per online card transaction

There are no monthly fees, no monthly minimums, no statement fees. That’s very nice to see.

I do want to point out that Square charges different rates for its card-present and keyed transactions (2.7% and 3.5% + $0.15, respectively). However, invoices process at the same rate as eCommerce transactions unless you’re using Card on File, which process at the keyed transaction rate.

Square also has no chargeback fees, which is very unusual. Not only that, but the company has rolled out Chargeback Protection, which will cover the actual chargeback costs on qualifying disputes up to $250 per month. This doesn’t apply to merchants who use the Transactions API, but it is available for those who use Stripe Checkout.

You can get volume discounts if you process above $250k per year AND have an average ticket size exceeding $15. That’s a mark in Square’s favor for large businesses. However, nonprofits don’t get any sort of special discount, which you can often find with other processors.

Stripe’s pricing has become a tiny bit more complicated. In addition to card transactions processed at 2.9% + $0.30, you can also accept ACH transactions for 0.8%, capped at $5 maximum.

The base fee per transaction is simple. And for each chargeback, Stripe will assess a $15 fee, unless the chargeback is decided in your favor. In that case, you’ll pay absolutely nothing.

Stripe’s subscription tools, lumped under the name “Stripe Billing” along with invoicing, will cost you a small percentage fee (between 0.04% and 0.07%) on top of your transaction.

Existing Stripe merchants are grandfathered out of this new pricing. Large businesses will actually pay the higher 0.7% markup, but it seems Stripe has compromised by offering lower transaction fees.

You’ll also pay a monthly fee for access to Stripe Sigma. The cost is a sliding scale based on the number of transactions you process each month, which is a great way for very small businesses to still get crucial data. But for a company that built its reputation on not charging any fees beyond transaction processing, it’s a little bit disappointing to see that model disappearing. You can estimate your cost with Stripe’s tool.

Stripe does offer enterprise pricing for very large businesses, and some nonprofits may be eligible for a special rate. Stripe doesn’t make any promises about nonprofit pricing apart from “let us know and we’ll see what we can do.” So you shouldn’t assume it’s guaranteed.

With Stripe, you may also be able to negotiate for micro-transaction rates. Whereas per-transaction fees like the $0.30 Stripe and Square charge can eat up fees from small transactions (less than $10 in particular), micro-transaction rates typically include a higher percentage and a lower per-transaction fee that can save merchants money. This is ideal for anyone who sells digital goods and other low-cost items.

Because it’s something offered as part of a custom package, Stripe may not offer this deal to everyone. If you’re unable to get a micro-transaction plan from Stripe, it might be worth looking at a third option — PayPal (read our review) — instead. The 5% + $0.05 fee could save you quite a bit of money in the long run.

All in all, Stripe and Square are fairly evenly matched in pricing. Some merchants might enjoy the lack of chargeback fees and included chargeback protection that Square offers. But Stripe might be a bigger draw for other companies, despite the additional charges for using its subscription tools or Sigma reporting.

Contract Length & Cancellation

Winner: Tie 

Both Stripe and Square offer pay-as-you-go processing with no locked-in contracts or early termination fees. It really is that simple. Stripe will even help you transfer your customer data to another processor in a PCI compliant way.

If you’re using any of Square’s monthly services in addition to eCommerce processing, you can get a free 30-day trial, and then if you choose to continue with the service, you can cancel at any time. Square doesn’t bill annually for those services the way many SaaS providers do. (Conversely, you also don’t get any discounts for paying annually, either.)

Sales & Advertising Transparency

Winner: Tie 

One of the reasons I like pay-as-you-go processors is that they are, on the whole, very upfront and transparent. They tend to not have extensive sales teams, and if they do have a sales team, they’re all in-house. They’re very clear about their pricing and terms, and they’re applied fairly to all merchants.

Square and Stripe both fit this pattern to a T. You won’t see reports of misleading sales pitches or rates not as promised here, which is always nice to see. You can find Stripe’s terms of service on the site, both the general user agreement and the Stripe Payments agreement. Like Stripe, Square has separate agreements applying to general use, payments, and other services. I do recommend you be cautious and check that your business doesn’t fall on either list of “prohibited businesses,” because that’s an easy path to account termination.

Overall, I’m really happy with both companies in this category, and you shouldn’t have any worries about whether you’re being told the truth or whether you’ll pay what you were quoted.

Customer Service & Technical Support

Winner: Square

I think it’s fairly clear that Square outshines Stripe in terms of its customer support — both in quality and in the number of channels available.

Square offers merchants phone and email support, as well as an extensive knowledgebase. That’s pretty typical of any processor, but on top of that, Square operates the Seller Community, a community forum about all-things Square.

 

You can get answers from other Square merchants as well as from Square support reps. It’s a pretty powerful tool. But on top of that, Square’s team monitors Stack Overflow for questions about Square products and responds to them.

And that’s not even talking about Square’s dedicated Twitter support handle (@SqSupport), or the developer portal and documentation.

I can’t say that Square customer support is all sunshine and rainbows, because I do see customer complaints about the quality. However, without a doubt the biggest complaint about the quality of customer support comes from merchants whose accounts have been terminated. In that case, Square cuts off access to phone support and will only communicate via email. This is unfortunate and I don’t know if it’s actually a good solution. But I am sure part of the reason to reduce the odds of a customer support rep saying something they shouldn’t, and to prevent support resources from being tied up dealing with complaints from terminated merchants whose accounts won’t be reinstated.

Stripe is more limited in its support options. Its primary support channel is email. However, Stripe also operates an IRC Freenode chat (#Stripe) that developers may find useful. There’s no dedicated social media support with Stripe, but you can follow the general @Stripe twitter feed.

Stripe also maintains a self-service knowledgebase, though I don’t think it’s as extensive or detailed as Square’s. But I will say that Stripe’s documentation is pretty legendary, and so it’s going to be one of the best resources you can get.  You can also find questions about Stripe on Stack Overflow, but I am not able to ascertain whether Stripe’s team is active on the forum at all the way that Square is.

I do see comments from merchants that the support is pretty good. But I also see a lot of complaints from frustrated merchants about the lack of phone support. That complaint has actually become one of the biggest marks against Stripe. I’ve seen one mention that Stripe might be rolling out phone support to “select merchants” (presumably high-value clients). However, take this with a grain of salt. I wasn’t able to verify it through any sort of authoritative source.

Negative Reviews & Complaints

Winner: Tie

As far as complaints go, the single biggest issue for both Square and Stripe is a common one:

  • Account Holds And Terminations: This is unsurprising (understatement of the year, right there) because it’s a common issue with any third-party processor. Because these payment systems are usually open to almost anyone right away and they are all lumped into one large merchant account, there’s a greater risk that some of those accounts will be terminated for risky behavior. There’s very little scrutiny done before a sub-account with one of these processors is approved, which stands in contrast to merchant accounts, where the processing company will do a lot of underwriting and investigation before approving your application. Both Square and Stripe use a lot of machine learning to analyze transactions and flag suspicious behaviors. This potential for account holds or terminations is universal — you will encounter it with any third-party processor. If you want to avoid it, your only alternative is to seek out a traditional merchant account.

The other big complaint that I see with both is also a pretty common one:

  • Poor Customer Support: If I’m honest, reports about the quality of customer service conflict. But because of how common the complaints are, I’m listing it here. With Stripe, the most common issues are the lack of phone support and slow response times for email. With Square, a lot of the complaints about poor customer service come from terminated merchants, but I’ve seen a few complaints about slow or unhelpful email responses.

Additional frequent complaints about Stripe include:

  • Lack Of Fraud Protection: I want to be clear: Stripe does have fraud management tools and a system to help merchants fight chargebacks. But I have seen complaints from merchants who don’t think these are adequate. Chargebacks are not settled by Stripe, so there’s not much the company can do beyond pass the requested documents on. But for fraud prevention, merchants need to make sure they have the appropriate tools enabled.
  • Not User-Friendly: There’s a lot of testimonials from users (especially developers) who really like Stripe and find it simple to set up. There are plenty of others who disagree with that idea. I’m inclined to think most people with a decent technical backing will get along fine with Stripe, but for some people, especially those with less technical knowledge, it’s not going to be a good choice.

For Square, there is one other common complaint:

  • Lack of advanced features: It’s not that Square doesn’t have enough features, or that it’s missing anything important. The complaints about Square often focus on the lack of very particular advanced features that you typically find in full-scale POS systems. In this case, I think Square’s lack of extensive subscription tools would fit the bill. Some merchants have been upset for quite a while over the lack of Cost of Goods Sold (COGS) reporting. Square added this feature with its Square for Retail app, but not for online sales or its free POS. Square has some very powerful reporting tools, but in the end, they won’t hold a candle to Stripe’s Sigma offering.

I think, yet again, that the two companies are pretty evenly matched in this category. The largest complaints are identical, and that’s because they’re the same complaints we see with third-party processors. To be entirely honest, poor customer service is a common complaint across the entire payments industry. It’s frustrating, for sure. But you can take steps to better inform yourself — read our article on how to prevent holds, freezes, and account terminations. And please take reports of poor customer service with a grain of salt, because I see conflicting accounts there.

Positive Reviews & Testimonials

Winner: Tie

As media darlings, both Stripe and Square have gotten lots of press. They’re both lauded for the way they’ve transformed payments.

I usually feel a little bit silly comparing two businesses in this category because it almost feels like a bit of a popularity contest. But in this case, we’re dealing with two companies who have both gotten a LOT of positive press over the years, not to mention high-profile clients. And the bits of each service that merchants love most are pretty similar, too.

Square merchants love how easy the service is to use. And I tend to agree — Square is one of the most intuitive options out there as far as payments and using the dashboard. Merchants also really like the predictable pricing and lack of fees. Other than that, the integrated invoicing feature and the seamless omnichannel commerce experience are big draws.

Stripe also wins merchants over with its pricing, and its tools are very much loved by developers. While if you don’t have a lot of technical knowledge, Stripe may feel foreign to you, developers say it’s incredibly easy to use. Also on the dev side of things, it seems like the quality of customer service is great, even if business owners don’t always like the lack of phone support. And unsurprisingly, merchants really seem to love Stripe’s robust subscription tools. The predictable pricing and lack of monthly fees are also appealing.

Final Verdict

Winner: Tie

Stripe and Square have some very important core similarities: they’re both third-party processors with an assortment of tools that allow merchants to sell online. Neither one is suited to high-risk industries, and there’s a lengthy list of businesses neither company can work with. But despite that, both Stripe and Square offer tools that cater to a huge assortment of industries. They’ll both grow with your business, making it easy to scale up.

But despite their similarities in terms of business model, it’s also pretty clear that what each company does best is completely different.

Square is a spectacular all-in-one processor. You can sell in a store, on the go, and online and get all of your information and payments and orders collected in one simply, intuitive dashboard. There’s a huge array of add-on products that allow you consolidate a host of business functions under one name, and they’re guaranteed to work together perfect. eCommerce support is really the newest branch of Square’s offerings, and it’s a work in progress as the company establishes more partnerships and integrations with other major players.

If you have limited technical knowledge, Square is going to be much easier to get started with and to navigate through the different features. It’s free advanced inventory tools are also very well suited to retailers and other businesses that sell primarily physical goods.

Stripe focuses only on Internet payments (both on the web and in-app), but its tools make it possible for businesses to cater to customers all over the globe. The international appeal — from the local currency displays to the sheer breadth of payment methods accepted — make it clear that Stripe is already a global player.Not only that, but with Stripe’s APIs and documentation, a savvy developer could create all kinds of payments platforms for a business. Business owners who don’t have a developer on staff, and who don’t have a lot of technical knowledge themselves, might struggle with understanding how to use Stripe, especially if you want to do anything more than integrate it with some sort of shopping cart software.

You also get a far more limited scope of features. There’s no native support for omnichannel commerce. No mPOS app, no POS integration to support card-present pricing, no invoicing. If you need more than online payments on a regular basis, Stripe isn’t a suitable choice. But if that’s all you need, Stripe isn’t just a good option — it’s one of the best out there, period. If your business has a global reach, again you’ll find that Stripe once again tops the lists of best solutions.

I’m not comfortable saying that one of these solutions is better than the other because it really comes down to what your priorities are. Do you need something easy to use? Do you want to embrace multiple sales channels? Or are you limited to online sales and want best-in-class tools to reach a global audience, manage subscriptions, and even drive mobile commerce? Square can get the job done, and it’ll be the easier solution, but Stripe offers far more tools.

Sit down, think about what features are absolutely mandatory for you to have — and then look at which ones you’d like to have, but aren’t necessarily required. From there, it should be fairly clear which solution is right for you! Don’t forget to check out our complete reviews of Stripe and Square for more insights into how they function.

Have questions? Leave us a comment and we’ll help! Have experience using either of these tools? We’d love to hear from you.

As always, thanks for reading!

The post Stripe VS Square appeared first on Merchant Maverick.

“”

Payment Processing Companies And Services For Small Businesses

Payment Processing Services And Companies For Small Businesses

Navigating the world of payment processing services can be confusing for a small business owner, and it’s easy to make a mistake that can have a negative impact on your bottom line. With fast-talking sales agents lurking around every corner, waiting to sign you up for a lengthy, expensive contract, you need a good understanding of the basics of processing services, as well as specific things to watch out for.

While most merchant services providers offer a full range of products and services for every business, most of them are geared toward the needs of larger, established companies rather than small businesses and startups. Which services you need to run your business will depend primarily on the where and how you sell your products. For example, retailers and eCommerce businesses have very different requirements, although there are also some services (such as basic credit card processing) that are universally required.

In this article, we’ll provide you with a quick overview of the primary merchant services that you’ll need to accept credit card, debit card, and electronic check payments. We’ll also briefly review several of the best all-around merchant services providers for small businesses. All of them offer easy-to-use solutions at a fairly low cost compared to what the major credit card processors usually charge.

Payment Processing Services

It’s important to give your customers as many possible ways of paying for their purchases as you can, as this naturally leads to increased sales. At the same time, you don’t want to invest extra money into supporting payment methods that few, if any, of your customers actually use. Here’s a brief overview of the primary payment methods available and the services you’ll need to support them:

Credit Card Payment Processing

Providing credit card processing services is one of the most basic merchant services, and all providers will offer this feature. To accept credit cards, you’ll need either a full-service merchant account or an account with a payment service provider (PSP) such as Square (see our review). While every provider will allow you to accept major credit cards such as Visa and MasterCard, you’ll want to check carefully if you need support for less popular cards such as Discover, JCB, or Diner’s Club. American Express is also treated differently, as they function as both the issuing bank and the credit card association. Fortunately, Amex offers their OptBlue program, which simplifies the process of accepting their cards.

Debit Card Payment Processing

Virtually all merchant services providers support debit card transactions. In setting up your account, however, be aware that the interchange rates for debit transactions are usually much lower than it typically is for credit card transactions. The reason for this is simple: banks don’t have to issue a credit when the card is used like they do with credit cards. If the customer has sufficient funds in their bank account to cover the cost of the purchase, the transaction is usually approved, and funds are withdrawn immediately. Unfortunately, some merchant services providers set their processing rates without taking this distinction into account, which means you’ll end up paying much more for debit card transactions than you should. Tiered pricing plans and flat-rate plans are the usual culprits here, so look carefully at your proposed rate quote before signing up. You won’t have this problem with interchange-plus pricing, as the actual interchange rate is passed on to you, and the processor’s markup is the same for every transaction.

ACH Payment Processing

eCheck (ACH) payment processing operates on a different network from those used to process credit and debit cards. For this reason, most providers will require you to sign up for a separate ACH processing service as an optional feature when setting up your account. Adding eCheck processing to your account will allow you to accept bank transfers (i.e., eChecks) and paper checks with optional check scanning hardware. Processing rates for eChecks are very low because the money is coming directly out of the customer’s bank account. However, most providers will charge you a separate fee (usually around $20.00 – $30.00 per month) to add an eCheck processing service to your account. For small businesses, this might not be economical unless you have a significant number of customers who prefer to pay by check.

NFC Mobile Wallet Payment Acceptance

NFC-based payment methods such as Apple Pay and Google Pay have only been on the market for several years, and consumers have been slow to adopt them. However, they are becoming more popular over time, and it’s a good idea to offer them to your customers if you can. Most, but not all, modern credit card terminals and point-of-sale (POS) systems can accept these payment methods, but you’ll want to check the specific requirements for each particular NFC-based method you want to be able to accept. While NFC-based payment methods are ultimately tied to the user’s credit or debit card, they offer superior security and protection from fraud over traditional magstripe and even EMV card reading methods.

Mobile Payment Processing

Traditionally, mobile payment acceptance required a bulky wireless terminal. Not only were the terminals expensive by themselves, but they also needed a separate data plan (usually around $20.00 per month) to transmit the payment processing data. Then smartphones came along, and it wasn’t long before companies figured out that you could create an app that would effectively turn your phone into a credit card terminal. Coupled with an inexpensive card reader that plugged into the phone’s headphone jack, you had a simple mobile payment system that was far lighter and less expensive than the old wireless terminals.

While Square was the first company to pioneer this system, almost all other processors have followed suit, and today it’s hard to find a provider that doesn’t offer a similar mobile processing solution. Unfortunately, most of those competing systems fall far short of what Square has to offer. The apps themselves are very basic, and we’ve seen plenty of complaints about poor reliability, poor handling of tips, and a general lack of features. Magstripe-only card readers, while still offered for free or very low cost, are essentially obsolete liability traps with the switch to EMV-based chip cards. The gradual disappearance of the headphone jack from late-model smartphones further complicates matters. While this situation is bound to improve, today only Square and a small number of other merchant services providers offer both a fully-featured app and an EMV-compliant, Bluetooth-connected card reader.

eCommerce Payment Processing

To accept payments over the internet, you’ll need a software service called a payment gateway. Gateways can send transaction data to your provider for processing, and they also offer a number of other features you’ll need to run an online business. While features vary from one provider to another, most gateways offer support for recurring billing, online invoicing, and a secure customer information database to store your customer’s payment method data. Security features are also very important, with most providers offering some form of encryption or tokenization of data to keep it from falling into the wrong hands. Most merchant services providers offer either their own proprietary gateway or a third-party product such as Authorize.Net (see our review).

Online Reporting

Online dashboards are very popular these days, and almost all merchant services providers offer them. With these web-based dashboards, you can monitor the state of your business and track your transactions in real-time. They’re particularly valuable for eCommerce businesses and retailers who have more than one location.

Canadian Payment Processing

Unfortunately, most US-based providers do not offer accounts to businesses located in Canada. However, there are a few choices available north of the border that provide excellent service and fair prices. Helcim (see our review), one of our favorite providers, is based in Calgary and operates throughout both Canada and the United States.

Nonprofit Payment Processing

If you’re in the nonprofit sector, you’ll want to reduce your costs wherever possible. While you can sign up with any merchant services provider, it’s usually a better idea to go with one that offers reduced processing rates for nonprofits. Dharma Merchant Services (see our review), one of our highest-rated providers, specializes in helping nonprofits get set up with merchant services.

High-Risk Payment Processing

If your business falls into the high-risk category, your options for finding a provider will be more limited than they are for other merchants. The majority of merchant services providers, including most of those profiled below, do not accept high-risk merchants and will terminate your account if they later determine that you’re in the high-risk category. While there are many providers on the market that specialize in serving high-risk merchants, beware that many of them will charge you very inflated processing rates and account fees while providing poor customer service. For a look at the more reputable high-risk providers, check out our guide to the best high-risk merchant account providers.

Low-Volume Payment Processing

If your business only processes a few thousand dollars per month in credit/debit card transactions, or you’ve just launched, you’ll want to find a low-cost provider that won’t eat up your profits through high processing rates and hidden fees. Businesses at this end of the spectrum often don’t need a full-service merchant account and are better off going with a payment services provider (PSP). While you’ll pay somewhat higher processing rates, you’ll save money overall because most of these providers don’t charge any monthly fees. They also don’t require long-term contracts or charge early termination fees (ETFs), so you’ll be free to switch to a full-service merchant account with a different provider when your business is large enough to need one. For low-volume retailers, Square (see our review) is an excellent choice. The quickest and easiest option for eCommerce merchants is PayPal (see our review).

Payment Processing Companies

Below are short overviews of some of the best merchant services providers we’ve found for small businesses. Be sure to check out our full reviews for companies that you think might be a good fit for your business.

Square

Square Logo

Possibly the most popular provider for small businesses, Square offers simple flat-rate processing with month-to-month billing and no early termination fee. With Square, you can accept all major credit and debit cards. However, their processing rates don’t offer any discounts for debit card processing. Rates are fixed at 2.75% for swiped (or dipped) transactions, 2.9% + $0.30 per transaction for online payments, and 3.5% + $0.15 per transaction for keyed-in transactions.

Square offers a mobile-only processing solution with their Square Reader, which is now available in an EMV-compliant, Bluetooth-enabled product. While it’s not free like the old magstripe-only reader, it’s a great investment and much less expensive than competing products from other providers. The new reader also accepts NFC-based payment methods, future-proofing your system (at least for the time being).

Square also offers eCommerce payment processing, as well as a host of other features for both retail and eCommerce merchants. While it’s also available in Canada, high-risk merchants are not supported. There’s also no discount for nonprofit businesses. Square specializes in meeting the needs of low-volume merchants, and we recommend them for businesses processing less than $5,000 per month. For more details, see our complete review.

CDGcommerce

Another excellent choice for low-volume businesses, CDGcommerce offers a full-service merchant account for a low monthly fee of just $10.00 per month. That’s about as low as it gets for an actual merchant account, although you’ll want to seriously consider adding the optional cdg360 security package for an additional $15.00 per month. The company also offers true month-to-month billing with no early termination fee, which is a great feature for small businesses that don’t want to get trapped in a long-term contract.

In addition to basic credit/debit card processing, eCheck (ACH) processing is available for an additional fee. For eCommerce merchants, CDGcommerce offers a choice between their proprietary Quantum gateway and Authorize.Net (see our review). Either option is completely free, with no monthly gateway fees or additional per-transaction charges. For retailers, your account includes a “free” Verifone Vx520 EMV-compliant terminal. While there’s no charge for the terminal, you’ll have to pay a $79 per year maintenance fee, which is fully disclosed. You can also include a free mobile card reader with your account, but it’s magstripe-only at this time.

For businesses processing less than $10,000 per month, the company offers a simplified interchange-plus pricing plan. Rates are interchange + 0.25% + $0.10 per transaction for card-present transactions and interchange + 0.30% + $0.15 per transaction for online transactions. Discounted rates are also available for qualified nonprofit businesses.

CDGcommerce is not available in Canada and does not support high-risk merchants. For all others, it’s a great choice for a small business that wants a true merchant account with a minimum of expense or commitment. If the company sounds like a good fit for your business, check out our complete review.

Helcim

Helcim logo

With offices in both Canada and the United States, Helcim is another excellent provider that’s geared toward the needs of small business owners. Their Retail pricing plan costs only $15.00 per month and features interchange-plus rates starting at interchange + 0.25% + $0.08 per transaction. You’ll have to supply your own terminal, but the company offers them for sale at very competitive prices and doesn’t use overpriced terminal leases.

For eCommerce merchants, Helcim’s eCommerce pricing plan costs $35.00 per month and comes with the fully-featured Helcim Payment Gateway. Processing rates are all interchange-plus, and start at interchange + 0.45% + $0.25 per transaction. As with the Retail Plan, these are the highest rates available, with lower rates available if you meet their monthly processing volume requirements. Merchants who sell both online and from a storefront can get a combined Retail + eCommerce plan for $50.00 per month. Discounted rates are available for nonprofit businesses.

Helcim offers eCheck (ACH) processing as an optional add-on for $25.00 per month and $0.25 per check. Their mobile processing solution is free and included with all retail accounts. However, they currently only offer a magstripe-only card reader. To keep costs low, the company does not accept high-risk merchants. One caveat: Helcim freely discloses that their pricing structure will not be cost-effective for low-volume businesses processing less than $1500 per month. Read our full review for more details.

Dharma Merchant Services

Dharma Merchant Services review

You’d be hard-pressed to find a merchant services provider that’s more ethical and transparent than Dharma Merchant Services. They offer true month-to-month billing with no early termination fees, interchange-plus pricing, and low account fees – all of which are fully disclosed on their website. Account fees are only $10.00 per month for basic credit and debit card processing. eCheck (ACH) processing is available through one of several optional programs.

Dharma has special pricing plans for storefront, restaurant, and virtual (eCommerce) businesses. Processing rates range from interchange + 0.20% + $0.07 per transaction to interchange + 0.35% + $0.10 per transaction depending on your business type. Recurring and incidental fees are all disclosed on their website, including a $7.95 per month PCI compliance fee. The company also offers special discounted rates for nonprofits.

Mobile processing is supported through First Data’s Clover Go card reader and app. This service costs an additional $10.00 per month, plus $99 for the Clover Go Basic Reader (or $139 for the Clover Go Contactless reader). Dharma is only available to US-based merchants and can only support certain limited categories of high-risk businesses. The company’s fee structure is only suitable for businesses processing at least $10,000 per month, something which they also fully disclose on their website. For a more in-depth look at Dharma Merchant Services, please see our complete review.

Payline Data

Payline Data high risk merchant accounts

Another great option for small or new businesses is Payline Data. They offer a number of simplified pricing plans, all featuring interchange-plus pricing. Their Payline Start plan, designed specifically for new businesses, has no monthly fee and features a single processing rate of interchange + 0.50% + $0.10 per transaction. There’s also a $99.00 per year PCI compliance fee and a $25.00 monthly minimum, but that’s about it for recurring fees. Lower rates are available under the Payline Shop plan, which costs $9.95 per month. For eCommerce merchants, Payline Connect charges somewhat higher rates, but includes a payment gateway and virtual terminal for $10.00 per month.

While all accounts include basic credit/debit card processing, eCheck (ACH) processing is a separate service. Payline doesn’t disclose the cost of this option. They also offer Payline Mobile, their proprietary mobile processing solution. It costs $7.50 per month for merchants on the Payline Start plan, and features the Ingenico RP457c card reader, which can accept magstripe, EMV, and NFC-based payment methods and connects to your smartphone (or tablet) via either the headphone jack or Bluetooth.

Payline Data offers discounted rates to nonprofit businesses and can also support some high-risk merchants. It doesn’t advertise this capability, however, so you’ll have to ask your sales representative about it. The company’s services are only available to businesses in the United States. For a more detailed look at Payline Data, check out our complete review.

Fattmerchant

For a unique take on merchant account pricing, take a look at Fattmerchant and their subscription-based pricing. Their standard account pricing plan for both retail and eCommerce merchants includes a $99.00 per month subscription fee, but offers processing rates of interchange + $0.08 per transaction (for retail sales) or interchange + $0.15 per transaction (for online sales). These low rates eliminate the standard percentage markup that most other providers charge, as those charges are included as part of your monthly subscription fee. Almost all other account fees are also included in your subscription price, although you’ll have to pay an extra $7.95 per month if you need a payment gateway.

Fattmerchant can also process eCheck (ACH) payments, although they don’t disclose pricing for this option. Mobile processing is supported via the Fattmerchant Payments Mobile app, which is currently only available for iOS. The Fattmerchant Mobile Card Reader can accept either magstripe or EMV transactions and is included with your account.

Fattmerchant doesn’t advertise any discounted rates for nonprofits, and they don’t accept high-risk businesses. They’re also only available to US-based merchants. While their subscription-based pricing can result in significant savings for businesses with a sufficiently high processing volume, they’re not ideal for very low-volume merchants or businesses that are just starting out. If you’re regularly processing over several thousand dollars per month, however, we encourage you to compare their pricing with what you’re currently paying. You might be able to save a lot of money overall despite the relatively high subscription fee. For a more in-depth look at Fattmerchant, please see our complete review.

Final Thoughts

Selecting a merchant services provider should be approached with great caution. You need to really do your homework in evaluating the numerous plans and options each provider has to offer, as well as coming up with the most accurate estimate of total costs that you can. While a basic account for credit or debit card processing can be had for relatively little money, additional services will add to your costs quickly. Credit card terminals, a payment gateway, or an eCheck processing service will usually cost you more, although they will obviously be worth the price if your business needs them.

The six merchant services providers we’ve profiled here represent the best choices for a small business or one that’s just starting out. If you’re just opening your business and don’t have an established processing history or any idea of how much your processing volume will be, Square is probably your best bet. The up-front cost to start processing is exceptionally low, and the pay-as-you-go nature of their service will help you avoid monthly fees if you don’t need to process transactions every month.

When your business is large enough that you need the stability and additional features of a true merchant account, CDGcommerce, Helcim, and Payline Data are great choices. You’ll get a full-service merchant account for a very low price and will have the flexibility to switch providers without incurring a penalty. Once your business gets a little larger and more stable, Dharma Merchant Services and Fattmerchant can really save you money on your overall processing costs. To compare our top-rated providers side-by-side, check out our Merchant Account Comparison Chart.

The post Payment Processing Companies And Services For Small Businesses appeared first on Merchant Maverick.

“”

The Best First Data Credit Card Processing Alternatives

First Data logo on the websiteIf you’re a business owner searching for a merchant account provider, you’re going to hear about First Data sooner or later. They’re rather hard to ignore, as they’re the largest provider in the United States. The company currently processes 45% of all credit and debit card transactions in the US, either directly or through a network of sub-ISOs and third-party partners. There are several really large providers in the processing industry, but First Data is simply huge.

The company dominates the processing industry in the same way that Amazon and Walmart dominate the retail sector. Unfortunately, First Data’s outsized chunk of the market share is the only thing they have in common with these two retail giants. While Amazon and Walmart have succeeded by offering lower prices than their competitors, First Data is more like the Apple of the processing industry. They provide a high-quality product, but you’ll pay top dollar for it, and they make no effort to lower their prices to accommodate customers of more modest means.

We’ve reviewed First Data and found that their products and services are generally quite good. However, their prices and contract terms are geared toward the top end of the market. If you’re a large business processing over $100,000 per month, they can offer you very competitive rates. They’ll also charge you high account fees, but you’ll still save money overall. Small businesses, on the other hand, will be far more impacted by the higher fees, and won’t qualify for the lowest possible rates. First Data also continues to push outrageously expensive terminal leases through their subsidiary, First Data Global Leasing.

If you’re a small business owner, you’ll want to consider several alternatives to signing up with First Data. Below, we’ve presented four alternative processors that work better for smaller businesses. One (Dharma Merchant Services) is a merchant account provider that uses First Data as their backend processor. This relationship gives you access to many of First Data’s powerful features, but at a much lower cost and with far more personal customer support. The others (Helcim, Fattmerchant, and Chase Merchant Services) offer services similar to First Data but are much more affordable for small businesses. Of these four alternatives, only Chase Merchant Services is a direct processor, able to manage your merchant account and process your transactions.

Overview of First Data

If you’re still thinking about signing up with First Data, you’ll want to read our in-depth review of the company before making a decision. While we’ve given them a decent score overall, the fact remains that their services are geared (and priced) more toward big businesses. They’re not a good deal for smaller companies, and merchants who only occasionally need to process credit or debit card transactions should steer clear altogether due to their high account fees.

First Data’s standard contract imposes a four-year term, with an automatic renewal clause that extends the contract for one-year periods after that. The contract is enforced through an early termination fee (ETF). Rather than charge a fixed amount for breaking your contract, First Data adds your monthly minimum, monthly customer service fee, and monthly account fee together, then multiplies this amount by the number of months remaining in your contract to calculate your ETF. This amount can easily exceed $1000 in the first year or two of your contract – far more than most providers charge for an early termination fee. While the company is sometimes willing to waive this fee altogether, you might prefer to avoid liability for this fee entirely by choosing one of our alternative providers, none of whom charge early termination fees at all.

First Data doesn’t disclose any information about processing rates on their website, but they offer a combination of both tiered and interchange-plus pricing plans. Of these two, tiered pricing is almost always more expensive. Because it brings in more revenue for First Data, you’re likely to be offered this type of pricing if you don’t ask for interchange-plus. Sales representatives have some leeway to negotiate the kind of pricing plan you’ll receive and the rates you’ll pay, but very small businesses or those without an established processing history might have no choice but to accept a tiered plan. You can avoid the uncertainty and the possibility of overpaying for processing by looking into one of our alternative providers. Dharma and Helcim offer fully-disclosed interchange-plus rates exclusively, while Fattmerchant uses a unique subscription-based pricing system that offers very low interchange-plus rates in exchange for a higher monthly account fee. Chase Merchant Services offers a combination of both tiered and interchange-plus rates, but seems more amenable to offering interchange-plus rates to smaller businesses than First Data.

First Data also charges a number of monthly, annual, and incidental account fees to maintain your merchant account. While none of these fees are directly disclosed on their website, you can find information about most of them in the sample contract. While some of these fees may be waived or reduced through negotiation, they’re generally higher than industry averages. If you don’t want to pay extra just to maintain your merchant account, you’ll be happy to know that our preferred alternatives charge lower fees than the industry average. Better yet, Dharma, Helcim, and Fattmerchant fully disclose their fee schedule right on their website. You won’t have to talk to a sales representative or sift through pages of fine print to figure out what your fees will be for your merchant account. Chase doesn’t disclose their fees in such a transparent manner, but merchant feedback indicates that they’re reasonable and in line with industry averages.

While pricing is understandably the most important concern for most merchants when choosing a provider, customer support and service after the sale should also be an important consideration. All our suggested alternative providers offer excellent customer support. First Data has a surprisingly good reputation in this area despite their huge size, but we’ve found that smaller providers generally offer better, more personalized service than the larger companies. With these considerations in mind, let’s take a closer look at our recommended alternatives to First Data:

Dharma Merchant Services

Dharma Merchant Services review

If you want to harness the power of First Data’s specialized services and products, but at a lower cost, take a look at Dharma Merchant Services (see our review). While the company uses First Data as one of its backend processors, they have a completely different pricing structure and a unique corporate philosophy. Dharma Merchant Services takes its name from the term dharma, which is found in several Eastern religions and roughly translates to a “right way of living.” The folks at Dharma take this concept seriously, offering a full spectrum of credit card processing services for a fair and reasonable price. Their fee structure is completely transparent, with all fees and charges disclosed on their website. All merchants receive interchange-plus pricing, and there are no annual fees. They also don’t charge account setup fees, early termination fees, or have a monthly minimum. Fees that they do charge (including PCI compliance fees) are fully disclosed. Dharma is unique in the world of credit card processing companies in that they donate a significant percentage of their profits to charity, living up to their motto “Commerce with Compassion.”

In addition to merchant accounts, Dharma offers a variety of wired and wireless countertop terminals for in-store use, including the First Data FD130. Their terminals are EMV-compliant and support Apple Pay. If you need a full-featured POS system, they offer the popular Clover Mini. Dharma also offers their proprietary MX Merchant system, which integrates a payment gateway, virtual terminal, and mobile processing solution into a single product.

Dharma easily offers the fairest and most transparent fee structure in the industry. In addition to a flat $10.00 per month fee for storefront and eCommerce accounts, transactions are billed according to an interchange-plus pricing model. In-person transactions are charged interchange + 0.25% + $0.10 per transaction, while eCommerce transactions are charged interchange + 0.35% + $0.15 per transaction. For restaurants, Dharma offers a special discounted rate of interchange + 0.20% + $0.07 per transaction. Other additional fees (such as PCI compliance fees) are clearly spelled out on Dharma’s website.

While there is no minimum monthly volume requirement, Dharma openly acknowledges that their full-service merchant accounts don’t make financial sense for low-volume businesses processing less than several thousand dollars per month in transactions. If your business falls into that category, they recommend either PayPal or Square.

Helcim

Helcim logo

“Trust, transparency, and fair pricing” is Helcim’s motto, and they live up to it by providing the most up-front, clearly-explained pricing structure of any of the credit card processing companies we’ve reviewed. A Canadian company, they also have an office in Seattle and provide full support to US-based merchants.

Helcim (see our review) offers a full gamut of services and equipment for both storefront and online businesses. Their website features a variety of EMV-compliant and NFC-capable credit card terminals, starting at $199. Unlike many of their competitors, they encourage US customers to buy their terminals outright, rather than renting or leasing. Helcim will reprogram your current equipment for free if it’s up-to-date. If your current terminal isn’t compatible, they’ll exchange it for a refurbished model for $75.00. Unfortunately, Canadian EMV-compliant terminals are not designed to be transferred or resold, so Canadian customers will have to use the rental option or buy a new machine. Renting on a month-to-month basis (which is not the same as leasing) is usually the best option for Canadian merchants.

Helcim has recently introduced their Helcim Commerce system, a web-based solution that processes both online and manual payments on your computer or with a traditional terminal, generating receipts that can be emailed or printed. This system includes a virtual terminal, payment gateway with API, support for recurring billing, billing information vault storage, e-invoicing, shopping cart integration, and hosted payment pages. Best of all, you get all these features for a flat $15.00 per month for retail users or $35.00 per month for eCommerce merchants.

Mobile payments are supported through the free Helcim Commerce Mobile app for iOS and Android. To use the app, you’ll need the Helcim Mobile Reader, which supports magstripe swiping and plugs into your smartphone’s audio jack. Readers cost $30 each.

Helcim uses an interchange-plus pricing model for all merchants. Rates for retail merchants range from as high as interchange + 0.25% + $0.08 per transaction to as low as interchange + 0.10% + $0.05 per transaction, depending on your monthly processing volume. Online rates range from as high as interchange + 0.45% + $0.25 per transaction to as low as interchange + 0.10% + $0.10 per transaction, again depending on monthly processing volume. Helcim doesn’t charge fees for account setup or termination, and PCI compliance is included in the monthly subscription fee. All contracts are month-to-month, with no early termination fees. For small businesses processing at least $1500 per month, Helcim will save you a significant amount of money over First Data through lower interchange-plus rates and lower account fees.

Fattmerchant

Fattmerchant (see our review) is a newcomer to the merchant account industry, starting up in 2014. Focusing on transparency and lower costs for merchants, the company offers several subscription-based pricing plans. Under these plans, you’ll pay a higher monthly fee, but you won’t pay any markup percentage on your processing costs. With a high enough processing volume, this can lead to significant savings in overall costs over traditional interchange-plus pricing plans. Your monthly subscription fee also covers things like PCI compliance, eliminating most of the additional fees that traditional processors like to add to your bill.

With Fattmerchant, you’re encouraged to buy your own terminals, and they’ll re-program them to work with their services for free. They also offer EMV-compliant terminals and POS systems with some of their pricing plans. For mobile payments, the company offers their free Fattmerchant Payments Mobile app, which is currently available for iOS only. An Android version is under development.

Fattmerchant offers a choice between two subscription-based pricing plans. The $99 per month plan is available for businesses that process up to $1 million annually. Larger businesses processing over that amount pay $199 per month for their subscription. With the $99 per month plan, retail merchants pay interchange + 0% + $0.08 per transaction. Enterprise users on the $199 per month plan pay interchange + 0% + $0.06 per transaction. Online and mobile transactions cost interchange + 0% + $0.15 per transaction under the $99 per month plan, and interchange + 0% + $0.12 per transaction under the $199 per month plan. As you might have guessed, the bulk of your monthly subscription fee goes to covering the markup that traditional interchange-plus pricing plans charge. If your processing volume is high enough, you could save quite a bit in processing charges with one of these plans. On the other hand, it’s probably not cost-effective for low volume or seasonal businesses. Fattmerchant doesn’t charge PCI compliance fees, batch fees, or statement fees, as these are all covered by your monthly subscription fee.

While Fattmerchant claims that there are no contracts, what they really mean is that there are no long-term contracts. Their merchant accounts are billed month-to-month, and there is no early termination fee if you close your account.

Fattmerchant offers an intriguing alternative to traditional merchant accounts. Their processing rates are extremely low, although this is offset by the high monthly subscription costs. You’ll want to run the numbers carefully and compare your current processing costs to what you’d pay with them to see if their plans make sense for your business. While mid-sized companies could save as much as 40% over the cost of a First Data merchant account, smaller businesses might find the subscription cost to be too high to save money overall on processing costs.

Chase Merchant Services

Chase merchant services review logo

While all the alternatives to First Data we’ve discussed so far have been smaller providers, Chase Merchant Services (see our review) is one of the larger merchant services providers in the industry. They’re large enough to be a direct processor, much like First Data itself. As such, they can offer you many of the same powerful features that First Data can. However, their pricing and terms are more competitive, and they have a much better reputation for customer service.

Like First Data, Chase doesn’t disclose any pricing information on their website. However, they offer a similar combination of both tiered and interchange-plus pricing rates. Merchant feedback suggests that they’re more likely to provide you with interchange-plus pricing, and that their account fees are reasonable. They also sell their equipment rather than leasing terminals, which is a big plus.

While the company doesn’t appear to offer true month-to-month billing, they no longer include an early termination fee in their contracts. So, while you might still be bound by a three-year contract with an automatic renewal clause, it will be much easier to close your account early, and you won’t be charged a penalty for doing so. As always, we strongly advise you to read your entire contract thoroughly before signing up, and don’t rely on any verbal assurances from sales representatives.

Chase Merchant Services is a good choice for both retail and eCommerce merchants. They offer several EMV-compliant credit card terminals, which you can purchase outright rather than leasing. Their Orbital Payment Gateway is one of the best in the industry. They also have a solid mobile payments system, which uses their Chase Mobile Checkout app (available for both iOS and Android) and an EMV-compliant mobile card reader. Note that, as of this writing, they’re one of the few providers in the industry to offer an EMV-capable mobile card reader.

Chase Merchant Services is also a good choice for companies that do business overseas or process a lot of B2B transactions, offering payments in over 120 currencies and providing the ability to process Level II and Level III card data.

While you won’t find the same high level of transparency that our other alternative providers offer, Chase Merchant Services is a good choice for mid-sized and larger businesses looking for a provider that can match First Data’s services, but at a more competitive price. The company also has a remarkably low complaint volume relative to its size. As a point of comparison, Chase Merchant Services has 37 complaints within the last three years, while First Data has over 1000.

Final Thoughts

With nearly half the market share in the United States, it’s impossible to ignore First Data in your search for an ideal merchant services provider. However, bigger isn’t always better, and First Data is really only a good choice if you’re already very successful in your business and experienced in negotiating with providers. Smaller businesses and merchants who are just starting out should steer clear of First Data and consider one of our preferred alternatives instead.

One of the significant advantages offered by Dharma, Helcim, and Fattmerchant is that they fully disclose their pricing upfront. Not only does this eliminate the need to negotiate with a sales representative, but it also allows you to make a far more accurate estimate of your anticipated processing costs before you ever contact their sales department. While you won’t be able to do this with Chase Merchant Services, a price quote from them will allow you to make an accurate estimate of how their costs stack up against our other, more transparent, providers.

In selecting between these four alternatives, Dharma and Helcim are best for nonprofit businesses, as they offer discounted pricing for qualified nonprofits. Dharma is also an excellent choice for restaurants, being one of the few providers in the industry to provide lower pricing just for restaurant owners. Helcim is a great all-around choice for small or newly-established businesses. Fattmerchant can offer the most significant savings over more traditional providers to businesses that are large enough to afford their subscription rates. Finally, if your business needs the power of a direct processor and you can negotiate a good deal, Chase Merchant Services is a great alternative to First Data. If your business is too small to afford any of these alternatives, we recommend that you look into a payment service provider (PSP), such as Square or PayPal.

The post The Best First Data Credit Card Processing Alternatives appeared first on Merchant Maverick.

“”

Reason for Purchase Security Safeguards Watch Owner Must Take

Our impartial reviews and content are supported partly by affiliate partnerships. Find out more.

Maybe you have stopped to question how individuals who came before us imagined the long run world? While it’s fun to see creative predictions in the past (I’m speaking for you, To the long run II), it truly is amazing to understand precisely how advanced age technology we reside in is. A number of these modern luxuries have improved our way of life and led to the growth of mankind. The invention of computers, the internet, tablets, and smartphones (to mention only a couple of) helped transform the corporate world, and much more particularly, the purpose of Purchase (POS) world. That stated, every rose has its own thorn. This is also true with regards to we’ve got the technology advancements which have benefited the POS world within the last twenty years approximately. While cutting-edge software systems and devices have given extreme convenience, a lot of business proprietors appear to forget these advancements have a cost.

Allow me to ask everyone retailers available an issue: Presuming you presently use a POS system, just when was the final time you ran any kind of security checkup or update? If you were checking up on this news recently (take it easy, this isn’t going to get political), you already know that the purpose of Purchase (POS) industry has had a number of big blows in the online hackers and cyber attackers around the globe. Cybersecurity ought to be the main thing on watch owner’s mind when thinking about their future or current POS system.

Whenever you partner your company having a third-party POS system, you’re exposing the information of the company, by extension the information of the customers, to a person else’s security standards. Before you decide to work with another company, you’ll know their security protocols to be able to factor them to your own safeguards. (Yes, additionally towards the protection provided by your POS vendor, it’s vital that you should have your personal security plan in position. Nobody has your own interest in mind greater than you need to do.)

Table of Contents

Why Must I Worry About My POS System’s Security?

When I hope I’ve just made abundantly obvious, probably the most important options that come with your POS product is its security. Actually, Verizon released an information breach investigations report in 2014 stating: “75 percent of information security occurrences within the food services industry happen at the purpose of Purchase [system].” Yikes! The retail side of the profession isn’t faring much better. A current data security report from Thales revealed: “More than 80% of shops consider themselves susceptible to data threats, and 37% stated they’re ‘very’ or ‘extremely’ vulnerable.”

How reassuring.

When I pointed out earlier, you’ve seen prominent companies in news reports during the last many years for major hacks. For individuals and also require missed these headlines, let’s have a quick stroll lower memory lane, we could? 2003 brought one from the worst POS data breaches the earth has seen when retail chain T.J. MAXX unsuccessful to update their data file encryption system. Online hackers utilized their POS systems and stole the debit and credit card information with a minimum of 45.seven million people. You read properly. That’s at least 45.7 million people. And who could forget 2013, the entire year Target’s POS system was infiltrated by hackers because someone overlooked the truth that the HVAC system was on the network with use of internal servers. That mistake affected 41 million customers. This May, Target decided to pay $18.5 million dollars to stay claims produced by 47 states and also the District of Columbia. Maybe crafts and arts store Micheals’ 2014 POS data breach rings a bell? Ah, recollections!

It may be simple to think these hacks only affect large, soulless corporations, but that’s a significant misconception. It’s believed that roughly 43 percent of cyber attacks are fond of small companies. Much more alarming? Within six several weeks of the data breach, 60 % of those same small companies close shop. Individuals figures aren’t departing me with any warm fuzzy feelings.

As possible clearly see, even simple mistakes can have huge effects. The backlash from all of these attacks is quick and may have major lasting effects. Take a look at a couple of types of whatever you decide and face after the body is breached:

  • The status of the business requires a hard hit.
  • Consumer confidence/trust is impacted and for that reason, your revenue is affected.
  • You remain liable whether or not the breach came via a third-party POS system.
  • If online hackers can access proprietary information it will set you back competitive ability.
  • You can face government fines for those who have unsuccessful to conform with any industry-specific security standards.
  • Additionally, you will face lots of unpredicted expenses (legal charges, software updates, customer reimbursement, and damage control, for instance).

As numerous experts in the market say, the entire costs and effects these major data breaches dress in companies is difficult to evaluate, however the damage is lasting.

Security Measures To Consider Inside A POS System

Choosing the best POS system to suit the requirements of your unique operation is definitely an overwhelming task. This is when searching to find the best home security system can really assist you to narrow lower your alternatives. You have to get rid of undesirable options beginning with evaluating who provides the very indepth safety measures. When I pointed out before, if you select to pair yourself having a third-party vendor, you allow another company’s security protocols to affect your company. The Ponemon Institute has discovered that “65% of firms that reported discussing customer data having a partner also reported a subsequent breach using that partner.” I am not a gambler, however i don’t like individuals odds. It doesn’t mean that each third-party vendor is likely to be your demise. However, it’s to your advantage to do your homework prior to signing any dotted lines.

Mark Guagenti, as security expert from Tidal Commerce, states there’s a couple of questions watch owner should ask before investing in a POS system:

  • Can there be an update cycle?
  • Will the POS vendor concentrate on PCI compliance?
  • Will the POS vendor respond rapidly to security threats and patch them? Will it appear they have they done this previously?
  • Will the vendor supply or could they be compatible “semi-integrated” terminals?
  • Will they [the POS company] employ standard file encryption? Is the website encrypted with HTTPS (That’s often a good first-step when looking for)?
  • If your in your area installed system, may be the software installed and maintained by professionals?

Simply because your third-party POS system has an alarm system doesn’t mean you aren’t accountable for the security of the consumer data. According to Your Liability in 3rd Party Data Breaches:

While such 3rd party information systems providers come with an obligation to maintain your data safe, this doesn’t relieve your firm of the data security responsibilities. You need to make certain your computer data is stored, processed and transmitted safely, even if at the disposal of others.

Produce A Security Routine And Stay With It

POS systems would be the lifeblood from the retail and foodservice industry, and that i don’t observe that altering anytime within the near or distant future. Once you know these integral bits of technology are highly lucrative targets for online hackers (who appear to see security updates as challenges), you’ll understand that cybersecurity is really a constantly altering issue. It’ll be there forever. Establishing your home security system, crossing your fingers, and leaving simply isn’t likely to work.

You have to start considering your home security system being an organic object that should be tended to regularly. Take it easy, its not necessary to become a neurotic helicopter parent, but you should generate a consistent routine to make sure that your home security system is current and eager to have an attack whatsoever occasions.

Chuck Rubin, the main executive of Micheals crafts and arts stores, puts it quite nicely:

Within an era where very sophisticated and determined crooks have proven able to effectively attacking an array of computer systems, we have to all increase our degree of vigilance.

Exactly what do you need to do? Begin by sitting lower and establishing a security plan. Once more, Guagenti has some good advice:

  • Check and run PCI scans quarterly. Some vendors offer internal scan tools that you could also run.
  • Have your IT personnel look at your router and firewalls configuration quarterly.
  • Verify that the products are updated, and switch on auto-update whenever possible. Should you must switch off auto-update, make sure you look for updates by hand monthly, or when news of security patches surface. Have your IT personnel justify why auto-updates are switched if they ought to be disabled.
  • In case your in your area-installed system has an administration interface, don’t open it up to the outdoors world. Period. Only open ports which are needed for the system to function, and hang up IP limitations. If you need to access your in your area-installed system remotely, focus on establishing a secure Virtual private network. Also, observe that a Virtual private network must only operate inside a network that doesn’t handle charge card data.
  • Possess a process. Whilst not all business proprietors need to have a process as thorough as say, a repayment processor, getting an itemized lower process for security makes certain that someone or someone will always be given the job of security.

Some things of my very own to include:

  • Become your own advocate! Don’t blindly trust that the third-party provider has the back. You would not just hop right into a vehicle using the first stranger who offered you something shiny. Even our moms trained us much better than that!
  • Know who’s your data. Understand the 3rd-parties involved with your business information and look at their security standards.
  • Make certain you realize the rules and laws and regulations inside your country regarding what you’re responsible for in case of a panic attack.
  • Employ a security company to do audits on third-party vendors.
  • Think twice about taking out Cyber Insurance. Although this won’t safeguard you against every facet of a breach, you will not remain dry and high by yourself in case of a panic attack.

Final Ideas

It’s pretty typical within our culture for all of us hitting the “Remind Me Later” button when updates appear on the devices. While procrastinating on these updates within our personal lives might not create a catastrophic data breach, doing this in the industry world is wholly irresponsible. Verizon’s 2017 Data Breach Investigations Report opens with this particular statement: “If you haven’t endured an information breach you’ve either been incredibly ready, or very, very lucky.”

Nobody is in charge of whether their clients are selected to have an attack. It’s, however, in everyone’s welfare to create themselves an unhealthy target by getting a powerful immune system and preparing themselves for that worst. I sincerely hope this information has provided grounds to re-evaluate your present POS security methods and also to think about: Precisely how “incredibly well prepared” shall we be held?

Elizabeth Cranston

Elizabeth Cranston is really a author and native Oregonian who resides in the gorgeous Off-shore Northwest. She enjoys researching and becoming to the foot of questions relating to begin Purchase industry.If not covering and researching Reason for Purchase software, she will usually be located overindulging in Nederlander Bro’s coffee, making others laugh, or hearing music.

Elizabeth Cranston

Elizabeth Cranston

Elizabeth Cranston

“”

Is The POS System Protected From The KRACK Attack?

Our impartial reviews and content are supported partly by affiliate partnerships. Find out more.

KRACK attack

As you become older, what you fear so much start to change. If you need to file your personal taxes and hang your own physician appointments, all of a sudden the boogie man doesn’t appear so frightening. However, there’s a brand new ‘scare’ every adult should know, and I am not talking about the clown in the approaching revival from it. Actually, the “KRACK-en” continues to be unleashed upon the tech world. (Insert afraid screams here!)

Maybe you’ve heard about Key Reinstallation Attacks (more generally known as KRACK attacks) and perhaps you haven’t. In either case, this threat effects you, your great-granny in Zoysia, as well as your favorite cafe lower the road. In addition to this, it may affect your company too! Sorry to rain in your parade, but no one’s Wi-Fi enabled products are protected from that one. Seriously, this list of devices susceptible to some variant of the attack is lengthy. (Take a look at some prominent names that leaped out at me: Apple, Android, Linux, Dell, Google, H . P . Enterprise, Apple, Microsoft, The new sony, Oracle, McAfee, LG, IBM, Amazon . com, and Blackberry.) Like I stated, nobody is immune here. 

Table of Contents

Exactly What Is A KRACK attack?

Significantly improved I’ve alarmed you about who this threat effects, let’s discuss just what a KRACK attack is. On October 16, 2017, Mathy Vanhoef, a investigator in a Belgian college, released a study titled Key Reinstallation Attacks Breaking WPA2 by forcing nonce reuse. If you are at all like me (and not the greatest tech nerd available), studying this title might have broke up with you scratching your mind. But after hanging out researching and talking with some experts about this attack, Vanhoef’s report gets to be more unnerving in my experience on the personal (and business) level. I’ll explain why.

The best results of this sort of attack continue to be within the speculation phase. However, it’s obvious that, when transported on full of level, KRACK attacks could devastating to anybody who hasn’t taken the necessary security measures to safeguard themselves, their online information.

Vanhoef’s report opens with this particular less-than-encouraging paragraph explaining his findings:

We discovered serious weaknesses in WPA2, a protocol that safeguards all modern protected Wi-Fi systems. An assailant within selection of a target can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers may use this novel attack method to read information which was formerly assumed to become securely encrypted. This is often mistreated to steal sensitive information for example charge card figures, passwords, chat messages, emails, photos, and so forth. The attack works against all modern protected Wi-Fi systems. With respect to the network configuration, it’s also easy to inject and manipulate data. For instance, an assailant could possibly inject ransomware or any other adware and spyware into websites.

Yikes! Or like a kid who needs to get creative using their cussing might say: “Oh KRACK!”

What’s much more alarming is always that WPA2 systems abound. Since 2004, they’ve traditionally been considered probably the most secure option, but because evidenced within the paragraph above, that merely isn’t true any longer. Pleasure.

How’s A KRACK Attack Transported Out?

[embedded content]

Above is really a video (produced by Vanhoef) that shows just how a KRACK attack utilizes weaknesses within the WPA2 protocol. But I’ll do my favorite to describe precisely what happens throughout a KRACK attack.

Once your wireless device connects to Wi-Fi, it participates with what is known as a four-way handshake. This “handshake” verifies a user’s password and establishes an encrypted link between the router and also the device. Attackers who’re near by (within around 100 foot) may use key reinstallation attacks to bypass WPA2 network security they’re then capable of seeing information which is not encrypted and might be able to steal sensitive data because it goes through the network. Based on your network configuration, attackers might even have the ability to add ransomware or adware and spyware to websites.

When I pointed out, attackers should be in close range towards the Wi-Fi system they are attempting to access. This will make it impossible for attacks to become transported from miles away. And even though it is feasible for attackers to merely sit inside a parking area before an outlet and connect high-powered wireless antennas, I’ve have been told by a few experts it isn’t prone to happen.

If you are looking at more in-depth information about how exactly KRACK attacks work, check out Vanhoef’s report. I found The KRACK Wi-Fi vulnerability, described like you’re five to be really useful too.

Exactly What Does This Suggest In My POS System?

Several things might have to go without having to say, but with regards to the safety of the POS system, you shouldn’t assume anything. In case your POS product is operating via Wi-Fi and it is delivering/transmitting unencrypted data, it’s no longer safe, even when your network is password protected. (You most likely should not be delivering unencrypted data over your Wi-Fi network anyway, but that’s just my two cents.)

If you work with a in your area-installed POS system, you have to pay especially close focus on this type of attack. It may seem that, since most legacy systems rely on wired systems, the body is protected. This type of misconception that may be potentially catastrophic. Children Mark Guagenti, a specialist from Tidal Commerce:

“Security for [POS] systems has improved since 2004 [when WPA2 was introduced], however, that door has become open again. It just takes one device or misconfigured network to spread out in the whole system.”

In 2013, when Target’s data breach affected 41 million customers, online hackers acquired access via the Heating and cooling system (that was on the network which had accessibility internal systems)! As well as in 2007, attackers could steal the data of 45.seven million debit and credit cards from the major store simply because T.J. Maxx didn’t update their data file encryption system. Whoops.

Hopefully, we won’t use whatever huge, KRACK-based POS data breaches soon, especially since there’s a simple fix. But retailers must take this threat seriously. Double and triple look at your systems for the utmost safety. As Guagenti warns:

“An attacker [could wreak real damage to a register, particularly if the software programs are outdated. They might poke and prod in the registers API, possibly run fraudulent transactions, open/close the money drawer, etc. They might also possibly enter into others such as the back-office computer.”

Most newer iPad/Android-based cloud-based systems may be impacted by the attack. Fortunately, the harm ought to be minimal transactions are often fully encrypted finish-to-finish. As lengthy as the POS vendor is employing SSL/TLS (also referred to as HTTPS) file encryption and also you make use of the necessary updates and patches, your POS system ought to be safe!

Can One Safeguard My POS System In The KRACK Attack?

I understand I’ve colored a fairly harsh picture. Before you throw all of your Wi-Fi routers onto a bonfire, grab your pitchforks, and dirt off your pillaging attire, you need to know that—despite whatever you decide and read in certain articles—this WPA2 vulnerability doesn’t signify the finish around the globe. 

WPA2 continues to be a safe and secure protocol. You are able to safeguard yourself in the KRACK attack by patching your devices using the security update for that KRACK exploit. As lengthy as you apply the patch, the body won’t be susceptible to this attack. This vulnerability can’t be fixed by altering your Wi-Fi password. You must make use of the security update patch first. Then you are able to (and really should) improve your Wi-Fi password.

Take if from Guagenti:

“Patch! Patch! Patch! Achieve to your POS vendor and request an update around the status of recent patches for that KRACK exploit. This is a period to inside it to make certain that your hardware, like iPads, wireless terminals, and wireless access points possess the latest firmware available. Associated with pension transfer security news, now’s [also] time to check on and make certain that the systems are encrypted with strong file encryption, possess the latest software, make use of the guidelines, and therefore are segmented to PCI standards so cardholder data exposure is minimal if any…[B]usiness proprietors [should] proceed to wired connections if at all possible, disable wireless access points, and wireless clients to avoid attacks.”

Check out the vibrant side. Somewhat, this vulnerability could be a good factor! It possesses a opportunity for everybody to complete some pre-holiday security maintenance and tuning up. (Besides, when has strengthening your POS system security have you been an awful idea?)

POS Security Safeguards Listing

  • Achieve to your POS vendor about patches for that KRACK attack. (Here’s every patch for that WPA2 exploit presently available.)
  • Patch all Wi-Fi devices/routers for that new KRACK exploit. (This is actually the listing of Wi-Fi routers which have patched the WPA2 flaw to date.)
  • Change to a wired web connection (if at all possible) until all patches are set up and security safeguards happen to be taken.
  • If you work with a hybrid-POS system, change to offline mode before the patch is created.
  • Refer To It As and make certain all wireless hardware and wireless access points possess the most current firmware.
  • Conduct an intensive audit of the entire network atmosphere.
  • Verify that software and firmware is current.
  • Make sure all communication and security settings.
  • Update all wireless devices employed for business (smartphones, iPads, tablets, laptops, etc.).
  • Verify that the POS provider is following PCI compliance standards.
  • Make certain all of your transaction information is transmitted over SSL/TLS file encryption.
  • Make sure that your POS vendor employs HTTPS.
  • Alert your employees to look for purchasers with laptops or smartphones who stand near to POS systems for suspiciously lengthy amounts of time.

Final Ideas

With regards to security as well as your POS system, you actually can’t be too careful. Unlike the cracks we prevented walking on within the third grade (for anxiety about causing serious back trouble for our moms), not implementing this KRACK attack seriously might have real effects.

I recommend using the security steps provided in the following paragraphs as quickly as possible. Don’t finish up as being a victim on the small-scale. More to the point, don’t risk a significant data breach since you didn’t make use of a simple patch or undergo a regular security check-up. Determine what things you can do to maintain your personal devices protected from these attacks too. Better safe than sorry!  

Elizabeth Cranston

Elizabeth Cranston is really a author and native Oregonian who resides in the gorgeous Off-shore Northwest. She enjoys researching and becoming to the foot of questions relating to begin Purchase industry.If not covering and researching Reason for Purchase software, she will usually be located overindulging in Nederlander Bro’s coffee, making others laugh, or hearing music.

Elizabeth Cranston

Elizabeth Cranston

Elizabeth Cranston

“”

Merchant’s Help guide to Stopping Card-Present Fraud

Charge card fraud, for most of us, invokes 1 of 2 scenarios. First, you will find data breaches à la Target or Lowe’s, where thieves connect to the system and steal charge card figures, names, along with other data. Beyond that, you may consider online card fraud, where shady people use stolen card figures (sometimes acquired in data breaches such as the formerly pointed out ones) to purchase a lot of stuff online. Even though you start digging into ways retailers can safeguard against card fraud, the overwhelming quantity of sources are directed at eCommerce an internet-based transactions, and the ways to prevent fraud there. There isn’t many details whatsoever about card-present fraud — that’s, transactions which are still not legitimate but occur inside a store, in which the card is swiped or dipped.

Overall, card-present charge card fraud is really a smaller sized bit of the cake than online fraud, that is likely why there is a disproportionate quantity of sources regarding internet-based cons. But it’s still necessary that retailers take each step they are able to to safeguard themselves. Which includes being aware of what risks you face within the brick-and-mortar atmosphere.

Table of Contents

Understanding the kinds of Charge Card Fraud

I’m penning this mostly to describe how to prevent fraud. I shouldn’t enter into all the various scams and methods that fraudsters use because you can write a little ebook about them. But generally, all charge card fraud (or bank card fraud) falls into 1 of 3 groups:

  • Cloned/Counterfeit Card Fraud: This is a kind of card-present fraud in which the fraudster forges a card with another person’s username and passwords and uses it inside a brick-and-mortar storefront.
  • Lost/Stolen Card Fraud: This kind of fraud is most familiar to consumers, and sure concern for a lot of retailers: a fraudster using another person’s card to create a transaction (frequently a really large one). This could happen online or perhaps in a store.
  • Card-Not-Present Fraud: Any kind of fraudulent online transaction falls into this category, simply due to the credit card not swiped or dipped. While there are several tools retailers may use to mitigate this risk, generally, it’s the easiest kind of fraud to commit. CNP fraud comprises nearly all card fraud, especially as EMV makes it harder to clone or counterfeit cards.

It is also important to note there’s a couple other kinds of fraud retailers have to be cautious about:

  • ATM Fraud: Scammers uses a couple of different tactics to obtain either money or card data from ATMs, including installing card skimmers (we’ll discuss individuals inside a bit) or deliberately blocking the money distribution mechanism. For those who have an ATM on-site at the business, be familiar with it as being a possible target.
  • Check Fraud: Checks are certainly decreasing. Actually, based on the Fed, the entire quantity of check payments produced in the U.S. fell typically 6.2 percent each year from 2000 to 2012, and from 2012 to 2015, fell by typically 4.4 % yearly. In 2015, consumers authored as many as 19.4 billion checks, that was a complete loss of 3.1 billion over 2012 figures. However, the Given also reports that the need for the checks risen has elevated — and therefore while individuals are writing them less often, they have a tendency to create them for more and more bigger purchases. Check acceptance isn’t universal, however if you simply do accept checks, utilizing a digital service for example Telecheck to instantly convert payments and flag dangerous transactions is a great way to safeguard yourself.

I am not likely to really enter into CNP fraud, as the majority of it requires running an eCommerce store. This short article won’t cope with ATM or check fraud in-depth simply because they don’t affect nearly all retailers. Our focus is particularly card fraud at brick-and-mortar stores, whether it is debit or charge card related.

The Charge Card Fraud Game-Changer: EMV

Before the EMV liability shift required place, fraud experts were predicting that CNP fraud would increase with a tremendous amount in america because other nations that implemented EMV observed an identical pattern, and individuals predictions have held true. Credit monitoring agency Experian reported a rise of CNP fraud totaling 33% when compared with 2015.

One of the reasons for elevated CNP fraud may be the development of shopping online. As increasing numbers of use online, the entire amount of charge card fraud is likely to increase. However, the rollout of EMV can also be playing a job within the increase of card-not-present fraud.

Particularly, the chips in EMV cards tend to be harder to repeat and reproduce than the usual magstripe card (which is dependant on technology straight from the 1970s). So rather, scammers are switching to purchasing online, where you can find no techniques to physically authenticate the credit card. Rather, most security checks depend around the CVV or AVS checks to recognize suspicious transactions.

That’s not saying cloned or counterfeited cards aren’t an issue whatsoever. They’re. EMV market saturation in america isn’t 100%, as well as if consumers have nick cards, that does not mean retailers are outfitted to simply accept nick cards. As well as if counterfeited card fraud is decreasing, there’s still lost/stolen card fraud to bother with.

6 Methods to Reduce Charge Card Fraud in Brick-and-Mortar Stores

So, your house you need to antiques store. Someone is available in to purchase some furniture for his or her new house. Two days and a few 1000 dollars later, you discover the card used would be a stolen card. The cardholder has filed a chargeback, meaning the entire transaction amount continues to be deducted from your bank account and put on hold pending analysis. Not just that, but you’re the actual merchandise, effectively doubling whatever is lost.

Regrettably, this could and does occur to retailers. Although some industries are much more likely than the others to become victims of card fraud, any and each business should know the potential risks and take safeguards.

Which industries are most in danger? Based on an american Bank presentation, a few of the MCCs (merchant category codes, accustomed to identify the kind of services or products a business offers) which are most focused on fraud range from the following:

  • 5411: Supermarkets and Supermarkets
  • 5732: Electronics Stores
  • 5812: Dining Establishments and Restaurants
  • 5999: Miscellaneous and Niche Stores
  • 4722: Travel Agencies and Tour Operators
  • 5311: Shops
  • 5661: Shoe Stores

Exactly what do you need to do to safeguard yourself? To begin with, you should know of whether you’re in the kind of industry that’s enjoy being focused on card-present fraud. A dry-cleaning business or perhaps a cafe? Most likely less. An gallery, a furniture or electronics store, or other business where consumers can drop hundreds or 1000s of dollars all at once? Most certainly a target.

Second, make certain you implement procedures and policies that will help mitigate fraud. We’ll begin with a very fundamental one, that we suspect lots of retailers overlook:

1. Check Network Guidelines for Card Acceptance

I mention mtss is a lot — by a great deal, I am talking about in nearly every review I write — but READ YOUR CONTRACT. Understand what you’re signing and just what rules and needs you’re being certain to. It’s important to maintain your credit card merchant account open so that you can keep accepting cards. But it’s also wise to consider the merchant guidelines the various card systems (Visa, MasterCard, American Express and Uncover) offer. They often cover guidelines for example displaying marks of acceptance, surcharging, and minimum/maximum transaction amounts. Hidden in individuals guidelines will also be policies which cover safety measures you’re likely to take and list of positive actions if you feel a card is fraudulent or even the transaction otherwise seems suspicious.

To help you get began, I suggest checking the Visa card acceptance guidelines, in addition to MasterCard’s rules.

2. Secure Your POS and Hardware

What is POS

In addition to the threats resulting from counterfeited or stolen cards, it’s also wise to be familiar with the opportunity of an information breach. If a person has the capacity to access the body and compromise your customers’ private information, it may be devastating for both you and your business. Data breaches can occur in lots of ways.

Among the apparent ones is skimming, in which a fraudster installs a tool over your terminal or pin pad that captures the credit card data and stores it. Skimmers may take only seconds to set up and therefore are difficult to place unless of course you are aware how to acknowledge the twelve signs. Scammers may also result in a data breach by using adware and spyware in your POS system or else hacking it. They are more complex techniques in most cases directed at high-value targets, but they’re possible you should know of, particularly if you store any type of customer data.

PCI Compliance: What you ought to Know

Technically, PCI DSS compliance (usually just known as PCI compliance) isn’t just about POS systems. Sturdy your hardware, too. More often than not that’s lumped along with your POS, though, particularly if you come with an integrated solution.

PCI DSS means Payment Card Industry Data Security Standard. It’s a unified policy indicating the steps retailers have to take to secure their transaction data through hardware and also the POS system, laid by the PCI Security Standards Council. Retailers are sorted into certainly one of four levels with respect to the type and number of transactions yearly. Most small companies are Level 3 or Level 4, that have the least steps to consider to keep compliance.

There’s an excellent chance that, should you didn’t construct your system yourself, you’re already PCI compliant. Software and equipment vendors will need to go via a certification process when they handle payment card information. However, should you store any customer data (particularly in a database you develop and keep yourself) or route it via a website you maintain yourself, that won’t function as the situation. You need to speak to your credit card merchant account provider or software vendor by what steps are needed to make sure your compliance. You might be needed to accomplish quarterly scans or self-assessments.

PCI compliance could be summarized into 12 points of action lumped into six groups. The reason here is obtained from the PCI SCC Quick Reference Guide.

Build and keep a safe and secure Network
1. Install and keep a firewall configuration to safeguard cardholder data.
2. Don’t use vendor-provided defaults for system passwords along with other security parameters.

Safeguard Cardholder Data
3. Safeguard stored cardholder data.
4. Secure transmission of cardholder data across open, public systems.

Conserve a Vulnerability Management Program
5. Use and frequently update anti-virus software or programs.
6. Develop and keep secure systems and applications.

Implement Strong Access Control Measures
7. Restrict use of cardholder data by business have to know.
8. Assign a distinctive ID to every person with computer access.
9. Restrict physical use of cardholder data.

Regularly Monitor and Test Systems
10. Track and monitor all use of network sources and cardholder data.
11. Regularly test home security systems and procedures.

Maintain an info Security Policy
12. Conserve a policy that addresses information to safeguard all personnel.

For retailers, I believe the important thing takeaway is the fact that PCI compliance (and knowledge peace of mind in general) isn’t a one-and-done type deal. You have to positively take preventive steps and monitoring the body, from updating software and firmware when updates seem to watching the employees and ensuring they’re educated on card security issues and proper procedures to handle.

Beyond PCI Compliance: How to maintain your POS (and knowledge) Secure

Learning all the intricacies of PCI compliance is most certainly challenging for anybody, the experts! However, since, data security isn’t something take proper care of once rather than consider again, you need to certainly take a moment to discover security.

Two big terms at this time are file encryption and tokenization. PCI DSS signifies that the POS and hardware should secure transactions. There’s two major kinds of file encryption, point-to-point and finish-to-finish.

Tokenization isn’t yet a business standard, though it’s increasingly common, mostly because of NFC/contactless payments. Tokenization generates a 1-time-use card number and substitutes it for that actual card number. Even when information is breached and decrypted, that tokenized number is useless to scammers. That’s just how Apple Pay and Samsung Pay and Android Pay keep the card data secure: Your card number is kept in a cloud vault which your phone have access to. Your phone generates the token and passes it to the system, which verifies the amount.

If you would like to understand more about how you can secure your POS, check out our POS 101 article around the subject, in addition to PC Mag’s article regarding how to place skimmers.

3. Capture Signatures, Even on Low-Value Transactions

accept mobile credit card payments

Credit (and debit) cards possess a space around the back for customers to sign them because, theoretically, retailers are meant to compare that signature towards the one around the receipt as a way of verification. The truth is couple of or no retailers really do that.

Within the interest of speeding along transactions, particularly in environments where customers be prepared to be interior and exterior the checkout fairly rapidly, the credit card systems have relaxed their guidelines with no longer need a signature on all transactions. Low-value transactions (under $25 or $50 with respect to the network) frequently waive the signature requirement.

mPOS systems — Square, PayPal Here, SumUp, etc. — plus some POS systems frequently allow retailers to disable signatures on low-value transactions. For mPOS systems, the brink is generally $25. For full-fledged POS systems, that threshold may also be in the merchant’s discretion.

Realistically speaking, quick-serve cafes and restaurants, supermarkets, etc., where you’re likely to encounter low-value transactions, aren’t an enormous risk. And also the losses, unless of course you’re experiencing a huge string of fraudulent transactions, are minimal. It isn’t that you simply absolutely must enable signatures on all transactions to safeguard yourself. That’s not true. However if you simply want to maximise your protection out on another mind the additional time to gather a signature throughout the checkout phase, you are able to enable them.

For top-value transactions, you need to absolutely be collecting signatures on everything. Actually, for large transactions, signed invoices are an easy way to safeguard your company and reduce the chances of chargebacks.

4. Request Customer Identification

Some consumers, rather of filling out the backs of the cards, decide to write “SEE ID” for the reason that space. This informs retailers they ought to request a photo ID and compare it towards the name around the card.

A great practice. Not every retailers get it done, especially with increasingly more consumer-facing PIN pads and terminals in which the cashier never handles the credit card.

But there’s only one small problem:

A merchant can ask to determine a photograph ID for any transaction, but legally, the customer isn’t obligated to supply it. Visa’s guide, 5 Important Visa Rules That Each Merchant Ought To Know, explains it such as this:

“A Merchant may request cardholder identification inside a face-to-face atmosphere. When the name around the identification doesn’t match the name around the card, the merchant could decide whether or not to accept the credit card. When the cardholder doesn’t have, or perhaps is reluctant to provide, cardholder identification, the merchant should recognition the credit card should they have acquired evidence of card presence, a legitimate authorization, along with a valid signature or PIN.”

Therefore if a person provides an ID that does not match the name around the card, the merchant can pick to say no the transaction. When the customer will not offer an ID or doesn’t have one, Visa’s rules condition that you ought to process the transaction, provided you will find the card in hands plus they sign or enter their PIN.

That stated, requesting ID continues to be generally a great policy. Just be familiar with the credit card systems acceptance rules (see point #1 above).

5. Avoid Keyed Transactions

It’s story time!

A lengthy, lengthy time ago (OK, a lot more like eight years back), after i labored like a cashier somewhere that shall ‘t be named, I recall from time to time getting to place a card inside a plastic grocery bag and swipe it to obtain the POS to see it. I’m still unsure why this labored, however it did. Them which had this issue were usually old and worn — sometimes worn to the stage the elevated figures weren’t as elevated because they must have been, and also the whole card appeared thinner, even extended. They often left worn-lower, overstuffed wallets, therefore i just generally assumed the put on evolved as the result of in which the card was stored. Sometimes, though, even that didn’t work, since the card might have a split inside it within the magstripe or it simply wouldn’t read. In individuals cases, I could (and did) by hand go into the card.

I do not determine if the cards I processed by doing this were fraudulent, but I know since it was a danger. Card network guidelines, in addition to other security experts, suggest that you inspect the physical card for indications of damage or tampering before you decide to process a transaction. Broken cards — particularly if it normally won’t swipe — can (but don’t always) indicate counterfeit or cloned cards. Entering the transaction means the POS does not have to physically look into the card, because it’s treated like a card-not-present transaction.

First, keyed transactions always are more expensive than swiped or dipped ones. PayPal and Square both charge 3.5% + $.15, that is well over the 2.7% and a pair of.75% (correspondingly) they charge for swiped or dipped transactions. Traditional merchant services may also assess a greater fee, although it varies more.

Second, getting a lot of keyed transactions is frequently a warning sign for a free account provider. It shows that someone may be processing cards that aren’t even physically contained in the shop, that is, clearly, a large no-no. A particular quantity of keyed transactions should be expected, but a lot of can result in a hold, freeze, or termination.

So your very best to prevent entering card information, because this will safeguard your company. Most security experts also recommend searching at the processing background and making note associated with a patterns — whether these transactions happen in a particular time consistently, or maybe one cashier is much more vulnerable to keyed transactions than the others.

6. Change to EMV Acceptance

EMV credit card terminal

Should you not curently have a POS and hardware that accepts EMV transactions, it’s about time you are making the switch. No exceptions, no excuses. Yes, it may appear costly, you will find, the EMV rollout continues to be rather slow partly due to the backlog on hardware and software certifications. But there are many EMV-certified hardware and software open to retailers. If you were postponing the switch, just start it already. It’s probably the most important methods for you to safeguard your company from charge card fraud.

Like I stated earlier, it’s a great deal harder (not possible, but very, very hard) to repeat a nick card. That is why many scammers are relocating to CNP fraud. On October 1, 2015, liability for fraudulent nick card transactions shifted in the banks to “the least-secure party,” which within this situation means retailers who aren’t outfitted to simply accept EMV.

Remember the instance I began with, using the antique furniture. Repeat the person purchasing the products have a counterfeit nick card. However, you, the merchant, have only a magstripe readers. If you’d had an EMV readers, it could have been in a position to identify the card was fraudulent. But rather, you processed the magstripe transaction — which leaves you entirely responsible for the entire mess.

The problem could be different when the fraudster were built with a stolen EMV card and tried on the extender in an EMV terminal. For the reason that situation, the liability would fall around the card provider.

Should you haven’t already, get EMV-capable card-readers and make certain your POS is EMV certified, too. It’s absolutely worthwhile, and every one of our top-rated merchant providers offer EMV acceptance, just like our top-rated mPOS providers.

Conclusion: How Large a danger is Card-Present Charge Card Fraud?

Realistically, retailers who sell online face an even bigger threat than brick-and-mortar retailers. That’s largely because of the EMV liability shift and rollout of nick cards. Unfortunately, even nick cards can’t safeguard against stolen or lost card fraud. And until EMV market saturation hits 100%, there’s still a danger of accepting counterfeit cards.

Fortunately, you are able to take measures to safeguard your and yourself business. Understanding is power, especially within the payments industry. So review your processing contract, the credit card networks’ laws and regulations, and also the legal matters affecting your industry. Make certain that you simply keep the POS secure, out on another overlook simple defenses for example collecting signatures or requesting IDs, and keeping keyed transactions low. Applying EMV, should you haven’t already, is among the most critical methods for you to safeguard your company.

If you have questions, we’d like to respond to them! Take a look at our comment guidelines by leaving your question inside a comment. Thanks for studying!

Melissa Johnson

Melissa Manley is definitely an independent author and editor who loves e-commerce, internet marketing, technology, and social networking. Not so long ago, she earned a journalism degree, but she continued to uncover that they could work at home, researching, editing, and covering the items she found most fascinating. When she’s not associated with her laptop, Melissa usually can be based in the kitchen, studying a magazine, or doing something from the nerdy persuasion.

Melissa Johnson

“”

All you need to Learn About PCI DSS Compliance

PCI DSS complianceRather of explaining each and every detail about PCI compliance, I’ve made the decision to provide you with a short rundown from the basics then, I’ll show you some sources that will get much more in-depth about them.

The most crucial factor to keep in mind coming from all this really is that PCI DSS compliance standards are continually altering. What’s needed today may be unnecessary tomorrow, and vice-versa. Furthermore, your compliance obligations will be different based on which kind of business you’re.

If you are a little eCommerce site that utilizes a repayment gateway like Authorize.Internet, your obligations will be much under if you are a sizable brick-and-mortar merchant that stores your customer’s charge card figures. The bottom line is to determine which needs have to do with your company type, then make sure that you follow individuals guidelines to get compliant.

With this stated, let’s cover the basics…

Table of Contents

The PCI Security Standards Council (PCI SSC)

You’ve most likely learned about this option already. They’re the one’s that set the guidelines and inform us how you can adhere to them. They’ve probably the most current details about PCI compliance, so visit their website to find out more. Remember, their coverage is altering regularly, so make sure to stay updated. Clearly, the most crucial page for you personally will probably be their “Merchants” page.

What’s PCI DSS?

PCI DSS means Payment Card Industry Data Security Standard. They are standards set through the PCI SSC that merchant’s are needed to follow along with, to be able to remain compliant.

How to start

Most likely it’s not necessary time to become PCI expert, therefore if I had been you, I’d watch this PCI rock video, look at this Quick Reference Guide, and stop hunting. The recording will expose you to the entire PCI DSS stuff, and also the guide provides you with enough info to consider on how to proceed next.

This PCI for Dummies ebook by Qualys can also be worth a read.

What’s Your Merchant Risk Level?

When I pointed out above, PCI needs vary according to what your risk level is really as a company. Click the link to discover what risk level your company is.

Following a 12-Step Program for PCI DSS Compliance

The key to the PCI DSS compliance program would be the 12-needs as outlined within the Quick Reference Guide. Understand these, and you will be on the right path to understanding PCI compliance.

  1. Install and keep a firewall configuration to safeguard cardholder data.
  2. Don’t use vendor-provided defaults for system passwords along with other security parameters.
  3. Safeguard stored cardholder data.
  4. Secure transmission of cardholder data across open, public systems.
  5. Use and frequently update anti-virus software or programs.
  6. Develop and keep secure systems and applications.
  7. Restrict use of cardholder data by business have to know.
  8. Assign a distinctive ID to every person with computer access.
  9. Restrict physical use of cardholder data.
  10. Track and monitor all use of network sources and cardholder data.
  11. Regularly test home security systems and procedures.
  12. Conserve a policy that addresses information to safeguard all personnel.

Self-Assessment Questionnaire (SAQ)

As you’ll learn within the Quick Reference Guide, the Self-Assessment Questionnaire (SAQ) is an easy and quick method for retailers (business proprietors) to find out what of the aforementioned needs they have to adhere to.

Everyone needs to accept SAQ, so you may too go now. Remember to see the instructions first.

While using Right Equipment for PCI Compliance

Ends up you need to be utilising the best kind of terminal/equipment if you are considering being compliant. Make use of this internet search engine to determine if your devices are certified. Otherwise, you most likely need to upgrade.

Generally, whenever you join a brand new credit card merchant account, your provider provides you with up-to-date and compliant equipment.

Small Retailers

If you are a little merchant that does not store anyone’s charge card information, consider yourself lucky! Besides a few minor tasks, your obligations will be minimal. Read this link to find out more.

Conclusion

Very little more to state here. Browse the above, stick to the links, browse the documents I’ve referenced, and you will be all right. Don’t panic within the complexity from it all. It need not be too hard.

Tell me for those who have questions regarding PCI DSS compliance.

“”

PCI Compliance Charges: What They’re, and How To Handle Them

pci-compliance-feeHave you ever observed a PCI compliance fee in your statement recently? Need to know what it’s for? Need to know if it is legit? Need to know how you can eliminate it? Then, keep reading…

Previously year, I’ve had a number of retailers ask me relating to this new PCI Compliance fee that’s been appearing on their own statements. It sometimes comes by means of a yearly fee ($99+/year), along with other occasions it’s really a fee every month ($19.95/month). In certain rare cases, you may be seeing both a yearly fee along with a fee every month.

For retailers that do not understand PCI compliance, the PCI compliance fee appears like yet another garbage fee tacked on by their processor to earn them much more profit. The reality, however, is somewhere in the centre.

There is a great two part series on GreenSheet.com which i recommend you read (here’s part 1, and part 2). GreenSheet.com is definitely an “insider” website for that charge card processing industry. It’s what your processor/provider, as well as their sales people read regularly. It is also an excellent way to find out about the business using their perspective. Should you browse the two part article, you’ll most likely understand much more about this PCI compliance fee then about 90% of the peers.

The title of this Eco-friendly Sheet article is “What will a merchant have for a PCI fee?” That real question is the best inquiry that retailers ought to be asking using their charge card processor.

Which kind of products or services are you currently barely making it having to pay this extra fee?

Since there’s a lot misinformation around PCI compliance, the sphere is ripe for illegitimate charges. You shouldn’t be among individuals business proprietors that will get billed without receiving anything of worth in exchange.

What are the potential products or services that the provider may be offering to acquire stated charges? Let’s review them below…

Non-compliance
The non-compliance fee is fairly self-explanatory. Your processor bills you a regular monthly fee because of not being compliant using the PCI DSS standards. The charge usually varies from $5 to $19.95, with a few processors charging around $30 monthly. It offers no value, and just works as a blunt indication that the processor does not have any kind of proof that you’re compliant.

In the Eco-friendly Sheet article…

How about individuals charging a ‘noncompliance fee’? Does this means that the [merchant] customer isn’t PCI compliant, and rather to be [introduced] to compliance or shut lower they obtain a free pass as lengthy because they pay $xx.xx/month? “Sounds just like a cop supplying tickets to drunk motorists rather of taking them in.

This kind of PCI fee can and really should remove easily by becoming compliant. Ask your processor exactly what you ought to do in order to become compliant, then…become compliant. There isn’t any reason they must be charging a “non-compliance” fee for those who have taken all of the steps to obtain compliant. When they continue charging a non-compliance fee despite you’ve met their needs, then it’s time for you to switch to a different processor.

Data Breach Insurance
Some processors offer “Data Breach” insurance for their retailers for any monthly/annual fee. This is valuable when the insurance was foolproof, but it isn’t..

Why is this subject so polarizing may be the magnitude of liability and also the uncertainty regarding who ultimately owns the liability. To wit, when an ISO or acquirer assesses a regular monthly PCI fee which includes insurance, who’s liable if, following a breach, the insurer declines the claim?

So, the bottom line is, you’re having to pay a regular monthly fee for insurance that might or might not cover you in case of an information breach? The straightforward proven fact that some insurance company can “decline the claim” ought to be sufficient cause that you should be hesitant of information breach insurance.

If you are being billed for data breach insurance, you need to ask your processor for the details or terms. If you are unhappy using the terms, or perhaps your processor doesn’t provide these to you, then start searching for any new processor

Compliance Support
This is actually the most legitimate of all of the charges billed, and it is usually by means of a yearly fee. In case your processor is frequently contacting you, assisting you, educating you, and providing you checking services, they have every to ask you for a compliance fee, because they’re providing you something in exchange. However , very few processors endure their finish from the bargain, but still ask you for this annual fee. In addition to this is the fact that more often than not, your processor will overcharge you for services you could have for less, should you just required time to discover PCI compliance yourself.

In certain markets, the individual with increased information normally has top of the-hands. PCI compliance is really a market where education takes care of. Even if you need to spend an entire weekend researching these items, you will be far better off your less informed counterparts. You’ll most likely finish up having to pay less in PCI charges too.

“”

The Reality Behind Free Charge Card Processing

Truth behind free credit card processing imageFree. Free like a bird. Free as with beer. Whatever saying you affiliate using the word “free,” the thought of getting something for free has a unique appeal. Obviously, just about everyone has learned right now that nearly nothing that’s marketed to be “free” comes with no price of some type. Whether it’s offering your individual information to Facebook or simply having to pay hidden charges on something you thought would be free, there’s always a catch.

Charge card processing services aren’t any different. You probably know this: every merchant is most likely just a little unhappy concerning the fact that they need to feel the hassle and cost of establishing a credit card merchant account so their clients may use charge cards. Getting to pay for the charge card processing charges whenever a customer utilizes a card causes it to be a whole lot worse. In a perfect world, having to pay having a charge card wouldn’t differ (or costlier) than having to pay with cash. Regrettably, within the real life, this really is not going to happen. Issuing banks basically need to loan customers the cash to pay for their charge card charges, which inevitably requires the risk they will not be compensated back. Charge card associations, likewise, only earn money by charging interchange charges whenever their cards are utilized. Because it stands today, someone has to cover charge card usage, which someone is nearly always you, the merchant.

How can this be? The primary reason is the fact that customers shouldn’t need to pay extra only for utilizing their charge cards. If you wish to take advantage of the additional sales that allowing charge cards brings, you need to accept the trade-from absorbing the price of processing individuals transactions. With charge card usage soaring and customers more and more not really transporting money with them, this compromise may even work out to your benefit. Nevertheless, it is easy to transfer the price of charge card processing on your customers, a minimum of in many states. This practice is known as surcharging, although you’ll also listen to it known as zero-fee processing or something like that.

Table of Contents

How Surcharging Works:

Surcharging is just the procedure for transferring the price of charge card processing on your customers by means of yet another fee that’s put into their bill once they develop a transaction. The very first factor you should know about surcharging is it isn’t legal in most jurisdictions. Presently, 41 states allow surcharging in a single form or any other, even though the needs you’ll need to meet to do this change from condition to condition. Nine states ban surcharging altogether. Here’s a summary of america in which you can’t surcharge:

  • Colorado
  • Connecticut
  • Florida
  • Kansas
  • Maine
  • Massachusetts
  • New You are able to
  • Oklahoma
  • Texas

If you are located in certainly one of individuals states, you will not have the ability to surcharge whatsoever. If you’re located elsewhere but conduct business within the affected states, you will not have the ability to surcharge any transactions via individuals jurisdictions. California has additionally banned surcharging, however the statute was discovered to be unconstitutional in 2015 with a Federal court and it is presently unenforceable.

Surcharging will also apply simply to charge card transactions. If your customer pays with debit cards, cash, or eCheck (ACH) payment, you can’t give a surcharge. You’ll need to have your charge card terminal (or POS system, virtual terminal, or payment gateway) established to only apply surcharges to transactions in which the customer is having to pay having a charge card. Any processor can perform this for you personally, although most traditional credit card merchant account providers don’t advertise the supply of surcharging. You’ll also need to provide notice for your customers that they’ll need to pay a surcharge for implementing their charge cards. Retailers can meet this requirement with signs and placards published within their business, while eCommerce retailers will need to include these details online.

When you can surcharge with any processor, as well as your current provider, nowadays there are numerous companies available on the market specializing in supplying the things they call “free” or “zero-fee” charge card processing. We’ll check out a few of the more well-known zero-fee providers later in the following paragraphs. To understand more about surcharging and also the needs for applying it, please visit our article Every One Of Your Help guide to Charge Card Surcharges.

Legalities:

Surcharging hasn’t existed for very lengthy. In 2005, several retailers filed an enormous class-action suit (known as the Payment Card Interchange Fee and Merchant Discount Antitrust Litigation) against Visa and MasterCard, alleging the charge card associations were charging unreasonably high interchange charges and stopping them from passing this cost onto consumers. A $7.25 billion settlement was arrived at this year that decreased interchange charges and permitted surcharging. This settlement was initially authorized by the Federal District Court judge, which is when surcharging (and firms specializing in configuring it) first made an appearance in this area. However, the settlement was overturned in June 2016 through the U . s . States Court of Appeals for that Second Circuit if this was challenged on appeal.

Since that time, the situation continues to be appealed again, this time around towards the U . s . States Top Court. In March 2017, the final Court declined to listen to the situation. At this moment, the prior settlement is not valid and also the situation continues to be came back lower towards the District Court level, in which the parties will either must see trial or make an effort to achieve another settlement.

Although this may all appear really perplexing (which is), the conclusion here would be that the practice of surcharging is on very shaky legal ground although this action remains litigated. The next court ruling could invalidate the practice altogether – departing retailers to scramble to regulate the way they purchase processing charges and most likely forcing most of the processors who focus on surcharging bankrupt. If you are considering surcharging your clients, you’ll want to understand this legal cloud and an eye on the progress of the suit.

Pros and cons for Surcharging:

Whether surcharging is not going anywhere soon, there are many issues you’ll be thinking about prior to deciding to begin using it. Here are the benefits and drawbacks you have to consider:

PROS:

  • Lower costs for the business: Clearly, the main benefit of surcharging is it helps you save a lot of money, that ought to result in greater profits. At the very least, your clients is going to be having to pay your processing charges rather individuals, helping you save around 2.-3.5% on every transaction. You might, obviously, still need pay a variety of separate charges connected with preserving your credit card merchant account. Included in this are monthly account charges, annual charges, PCI compliance charges, yet others. However, some providers will help you to pass these charges on your customers too by charging a rather greater processing fee for every transaction.
  • It encourages your clients to make use of alternate payment methods: If customers know they’ll need to pay a surcharge to make use of their charge card, most of them will avoid having to pay extra by utilizing cash, debit cards, or perhaps a personal check. This benefits you too, because the surcharge isn’t likely to you anyway, which other payment methods cost little or free to process.

CONS:

  • High possibility of lost sales: It ought to go without having to say that the customers will not be at liberty about getting to pay for a surcharge. Retailers happen to be having to pay processing charges for such a long time since most consumers simply don’t realize that it is extra to utilize a charge card. They’ve been resistant to this added expense, with no one likes to need to start having to pay for something that’s been free previously. A current poll discovered that 65% of respondents would stop utilizing their charge cards and depend on other payment methods when they needed to pay a surcharge.
  • Surcharging doesn’t eliminate all your credit card merchant account costs: As we’ve noted, you’ll still may need to pay all of the charges that inevitably include getting a free account. When you could possibly pass a few of the fixed charges on your customers, you’ll still result in such things as chargebacks, Address Verification Service (AVS) charges, and terminal lease charges. Additionally you cannot charge a surcharge greater than 4.%, that is under the particular processing fee that some providers charges you. Within this situation, you’ll need to make in the difference.
  • Legalities regarding surcharging: As we’ve noted above, there’s presently a legitimate cloud hanging over the concept of surcharging. Opt for the variations in condition law concerning the practice. While only nine states have banned it outright, you may expect the dpi to develop if surcharging gets to be more prevalent and consumers demand action using their condition legislatures.
  • Competitive disadvantage: You should know whether your competition are surcharging before you think about following a practice. Clearly, there’s a strong possibility that you’ll lose a minimum of some customers permanently should you surcharge along with other competing companies don’t.

“Zero-Fee” Processing Providers:

Using the charge card associations now allowing surcharging (a minimum of for now, and just under certain conditions), there are many processors joining the marketplace specializing in it. Obviously, you are able to surcharge making use of your current credit card merchant account provider, however these companies take proper care of everything establishing your bank account and equipment that you’d otherwise need to do yourself.

Many of these companies bill their professional services as “free charge card processing” or “zero-fee processing.” The term “surcharging” is seldom used. This practice, obviously, is quite deceitful. They’re attempting to make you believe you’re in some way making your way around having to pay interchange charges, while in fact you’re really just passing them to your customers. Here are a few short profiles of the couple of from the more prominent zero-fee processors:

ChargePass:

ChargePass logo

ChargePass is really a small provider headquartered in New You are able to City, New You are able to. The organization markets their service as “free” charge card processing. They support all major charge cards (including MasterCard, Visa, Discovery, and American Express). Additionally they support NFC-based payment methods for example Apple Pay, as well as offer EMV-compliant charge card terminals.

ChargePass doesn’t disclose any one of their processing rates or charges online. Billing is month-to-month, without any lengthy-term contract with no early termination fee. You can try their Conditions and terms to see all the small print that pertains to their accounts. The organization sets your equipment to instantly use a discount for money payments. While account charges aren’t disclosed, additionally they provide a No-Fee Program. Should you join it, your clients pays a greater processing rate, that is then put on your monthly charges. Other choice is to pay for the monthly charges yourself, which enables your clients to pay for lower surcharges.

The organization also provides a radio charge card terminal, a “web portal” (really an online terminal) that is included with a USB-connected magstripe readers, a mobile payments application, along with a magstripe card readers for the smartphone or tablet. Regrettably, their service doesn’t presently use eCommerce platforms.

ChargePass mandates that retailers possess a minimum $10,000 monthly processing volume to become approved to have an account. While the organization markets to retailers and expertise, it seems that lots of their clients are taxi cabs along with other transportation providers (i.e., buses and shuttle vans).

We couldn’t locate much feedback – negative or positive – about ChargePass. The organization doesn’t actually have a BBB profile. While the lack of complaints isn’t a lot of an endorsement, it’s a minimum of a great indication that ChargePass isn’t a gimmick. One factor we noted online was they imply their service will come in all 50 states. As we’ve noted, surcharging is presently illegal in nine states.

Dynamic Payment Systems:

Dynamic Payment Systems logo

Dynamic Payment Systems is yet another “zero-fee” processing provider, situated in Traverse City, Michigan. In case your first impression of the company comes from their site, you most likely won’t want to use them. It’s quite awful, with lots of spelling and grammar errors in nearly every sentence on every page from the site. Nevertheless, they are doing disclose a bit more details about their service than many of their competitors. They list every condition where surcharging isn’t permitted, along with other limitations on the best way to use their service.

The organization can accept charge card payments from Visa, MasterCard, and Uncover. It normally won’t allow an atm card or payments made using PayPal (it is because PayPal bans surcharging). Additionally they support eCommerce along with other card-not-present transactions. Dynamic Payment Systems offers a number of charge card terminals, such as the Verifone Vx520 and wireless Vx680 models. Regrettably, it seems that terminals are just available via a lease, that you simply should absolutely avoid. The organization also provides an online terminal and POS systems, that they will sell you outright.

Dynamic Payment Systems seems to depend heavily on independent sales people to promote their professional services, and features a recruiting pitch for ISOs online. Although this practice doesn’t appear to possess generated any complaints, remember that independent agents through the processing industry possess a terrible status for misleading and dishonest sales practices.

The organization doesn’t disclose any prices info on its website, however they seem to charge a set 3.45% processing charge on every transaction. If you would like the surcharge to visit toward covering your monthly charges, the speed increases to three.65% per transaction. These minute rates are particularly greater than you’ll usually pay with a classical processor, and therefore are most likely suggestive of the rates billed by other “zero-fee” processors. When you will not be having to pay these rates yourself, they’re definitely not going to aid in having your people to accept the thought of having to pay a surcharge for implementing their charge cards.

Unless of course you go searching for the greater surcharge rate to pay for your charges, you’ll need to pay $5.00 monthly a account. You’ll also pay $6.99 monthly for PCI compliance, and perhaps equipment leasing charges too. Not quite “free,” could it be?

Dynamic Payment Systems doesn’t seem to sell to specific business types, so we couldn’t find any negative feedback about the organization online. It normally won’t disclose the size of their contracts either, so look out for a lengthy-term hire a potential early termination fee (ETF).

Shift Processing:

Shift Processing logo

Another “zero-fee” processing provider, Shift Processing offers both traditional and surcharged processing. The organization uses Pivotal Payments his or her backend processor, but seems to provide somewhat better terms overall. They don’t charge a yearly fee, and billing is month-to-month without any lengthy-term contracts. Additionally they claim that they can provide “free” equipment, but we’re very skeptical of the because it’s a typical misleading claim within the processing industry. There’s more often than not an expense mounted on equipment provided for you from your credit card merchant account provider.

Shift Processing also advertises the supply of high-risk merchant services, but it isn’t obvious from their site whether surcharged processing can be obtained of these retailers. The organization offers a number of charge card terminals, including mixers support EMV and NFC-based payment methods. Prices isn’t disclosed, so be very cautious about unintentionally registering for a terminal lease.

While the website includes a nice, professional appearance, it mostly contains marketing fluff and offers hardly any concrete information. Prices isn’t disclosed, and there isn’t any reference to prices models. You will find, obviously, lots of claims they have the “lowest rates.” They most likely don’t. This may not matter for you if you are likely to surcharge, however it could ultimately affect your main point here in case your customers choose that they’re having to pay an excessive amount of to make use of their charge cards and place their business elsewhere.

The organization seems to promote to regional junk food chains, even though they declare that their “zero-fee” prices option works for almost any kind of business. Unlike another surcharging specialists we’ve profiled in the following paragraphs, Shift Processing has a number of testimonials from verified clients online. The organization does not have a BBB profile, so we weren’t capable of finding any negative feedback about the subject online. While the lack of negative feedback can often be a great sign – designed for a bigger company – we’re still suspicious given Shift Processing’s relatively small size.

Final Ideas on “Zero-Fee” Processing:

From the merchant’s perspective, it can make sense the customer should bear the additional price of utilizing a charge card. Customers have a wide range of payment methods to select from, and when they pick one that ultimately is more expensive to make use of, they should need to pay the additional expense associated with charge card processing. Regrettably, it is not how it operates within the real life. Customers have been receiving away without having to pay extra to make use of charge cards for such a long time that it is simply expected. Convincing the general public they should need to pay for something that’s formerly been freedom be a constant struggle.

Alterations in preferred payment methods through the years allow it to be less likely that surcharging is ever going to gain prevalent public acceptance. It was not that lengthy ago that many consumers transported a checkbook along with a wallet filled with money with them wherever they went. It is not the situation today. Having to pay with cash has delivered dramatically recently, and paper checks are nearly a factor of history. Simultaneously, using debit and credit cards has soared. Since consumers could make NFC-based payments using their smartphones (as well as watches), it’s less likely that they’ll acquiesce to having to pay a surcharge or revert to classical payment methods.

Overall, we’re simply not believing that surcharging your clients may be beneficial, so we doubt that it is ever likely to be advisable. Unless of course your competition happen to be surcharging, it’s probably that you’ll lose a lot of sales should you start surcharging. You may emerge ahead when the savings in processing charges over-shadow losing business, but on the other hand, you may shed more pounds money than it will save you.

The legal uncertainty surrounding surcharging is yet another valid reason to prevent it. We actually won’t know before the class action lawsuit from the charge card associations is finally made the decision whether surcharging is not going anywhere soon. Even if it’s upheld, there’s still the chance that more states will proceed to ban the practice because of an outcry using their voters.

We weren’t very impressed with the providers we checked out specializing in offering “zero-fee” processing. All of them seem to be really small firms that only have been around for any couple of years, and not one of them appear to possess established a status – bad or good – to assist their claims of having the ability to help you save money. Insufficient prices disclosures and frequent utilization of independent sales people are further reasons to step back.

You will find, obviously, always exceptions. Certain specific business types, where surcharging has already been a typical practice, could possibly surcharge without experiencing a loss of revenue of economic. Taxi cabs along with other transportation companies, for instance, can frequently pull off surcharging because of the nature from the transaction. If you’ve just finished a cab ride and all you need to pay with is really a charge card, you will not cash choice but to pay for the surcharge too.

Our final recommendation for retailers thinking about surcharging is by using your family processor – not among the companies focusing on it. It may need a bit more focus on your finish, but you’ll most likely have lower processing rates to pass through to your customers and (hopefully) better customer support. Additionally you won’t need to bother about switching providers.

Have you ever had any knowledge about the companies profiled in the following paragraphs? Have you ever had any knowledge about surcharging generally? For those who have, please inform us about this within the comments section below. Thanks!

“”

Figuring out Your Merchant Risk Level for PCI Compliance

PCI merchant levelsBoth VISA and MasterCard have produced a structure for figuring out the danger degree of a merchant. The greater transactions you process, the greater risk you pose towards the two charge card organizations. To be able to maintain some kind of order within PCI compliance, VISA and MasterCard have produced 4 risk levels which will affect any particular business.

Knowing which risk level you come under is essential due to the fact your credit card merchant account provider will need different documents/procedures for every level. Most retailers have no idea know very well what all these levels are, so before you submit the best documentation, you need to know very well what each level means, and which pertains to you.

Listed here are some PCI merchant levels and needs from VISA’s site. MasterCard’s levels/needs are nearly identical:

Level/Tier Merchant Criteria Validation Needs
Level 1 Retailers processing over six million Visa transactions yearly (all channels) or Global retailers recognized as Level 1 by Visa region.
  • Annual Set of Compliance (“ROC”) by Qualified Security Assessor (“QSA”) or internal auditor if signed by officer of the organization.
  • Quarterly network scan by Approved Scan Vendor (“ASV”).
  • Attestation of Compliance Form.
Level 2 Retailers processing a million to six million Visa transactions yearly (all channels).
Level 3 Retailers processing 20,000 to at least one million Visa e-commerce transactions yearly.
Level 4 Retailers processing under 20,000 Visa e-commerce transactions yearly and all sorts of other retailers processing as much as a million Visa transactions yearly.
  • Annual SAQ suggested.
  • Quarterly network scan by ASV if relevant.
  • Compliance validation needs set by acquirer.

As you can tell, the PCI compliance levels are pretty self-explanatory. I’ve highlighted Level 4 just because a large most of you’ll come under this risk level. So, next time your provider or processor informs you that you’re an amount 4 merchant, you’ll know precisely what they’re speaking about.

“”