Keep The PCI Compliance Process Top Of Mind

Data security and the PCI compliance process always need to stay top of mind for our merchants.

To make sure this is the case, we can’t think of PCI as a one and done deal. We have to reinforce the issue throughout the complete merchant lifecycle. Below are three convenient occasions when you can bring up the PCI compliance process and PCI compliance assessments with your merchants--keeping them compliant and their customers safe.

1. Installation

We often view installation as the final step in the sales process, but you can make it much more than that.

Many merchant service providers will use it as a convenient time to ask for referrals. Others use the occasion to train the business’s personnel on how to operate the terminal. Some try to sell additional services. While all of these are great ideas, we should also use this time to discuss PCI compliance.

Remind the merchant that they must complete a PCI compliance assessment. Reiterate that the way they handle transactions is crucially important. If they have a computer-based point-of-sale system, make sure they know how important it is that they secure their network. If they’re going to be using a terminal, tell them they should never write down complete credit card numbers or keep receipts where someone could see or steal them.

And right before you leave, you should remind them that although they may be PCI compliant today, if they’re not cautious, a single mistake could make them non-compliant. And that mistake would be expensive.

2. Retention

Good communication is the best way to retain your merchants. So if you don’t have a newsletter, you should start one. There are many tools out there to help you create one electronically.

And you should talk about PCI in every edition. It doesn’t have to be the main topic, but you should always bring up data security in some way, shape or form.

3. The Problem Call

Every time a merchant calls you, you have the chance to bring up PCI compliance.

Fix their problem first, of course, but then ask them how they’re doing more generally.  Catch up with them for a few minutes, and see if their situation has changed or if they need something that you can help with--a new product perhaps.

Then ask them if they’ve heard anything new about data security. Talk them through any new insight you might have, then remind them of the steps they should be taking to protect their customers.

I’ve found that these are great times to bring up PCI compliance with merchants. When do you like to broach the subject?

Three Things You Need To Know About PCI Requirements

Although “PCI requirements” and “PCI compliance fees” aren’t quite the buzz words that they were a few years ago, PCI is still vitally important to your business, your clients and their customers.

Here are three things you need to know to keep your merchants compliant and their customers safe.

1. Breach Insurance Isn’t Enough

Most merchants understand that it’s important to keep their cardholders’ data safe and sound. 

But I have found that many still believe that, because they have breach insurance, they don’t have to worry. And so when I ask them what concrete measures they’ve implemented to protect their customers, they give me a blank stare.

Don’t get me wrong--breach insurance is great. But it’s no substitute for taking the necessary steps to fulfill PCI requirements and keep cardholders safe.

That’s why, as merchant service providers, we must constantly emphasize the PCI process.

2. Never Let Them Forget PCI

To ensure that merchants are protecting their customers’ data, you have to emphasize PCI throughout the merchant lifecycle.

I like to bring up PCI at the following occasions: 

• Installation

At installation, many providers ask their customers for referrals, or they teach the business owner and staff how to operate the terminal. But installation is also a great time to talk PCI. Remind the merchant that they need to complete a PCI compliance assessment. Reiterate how important it is to secure their network. And be transparent about any PCI compliance fees that they’ll have to pay.

• Retention

Communication is the best way to retain your merchants, so if you don’t have a newsletter, you should put one together today. And in every newsletter, you should touch on PCI. It doesn’t have to be the main article, but a short blurb in every issue will help keep PCI top of mind. 

• Problem Calls

Every time a merchant contacts you, you have the opportunity to mention PCI. Of course, you should answer their question or solve their problem first. But then ask them how they’re doing. Have they heard anything new about data security? 

3. Compliant Today, Breached Tomorrow

Perhaps the most important thing to communicate to your merchants is the need for constant vigilance.

You could be doing everything right. You could have completed all your compliance assessments. You could have secured your network.

And then, one day, you make a single mistake, and your customers’ accounts will be compromised. You will no longer be compliant. And that mistake will cost you.

What do you think are the most important things to know about PCI?

Having Trouble With The Visa FANF Fee?

Introduced last year, the VISA FANF fee, also known as the Fixed Acquirer Network Fee, is a fixed fee that merchants have to pay it in order to participate in the Visa payment network.

Although the term “fixed fee” makes the fee sound simple, the FANF fee can actually be pretty complex and tricky.

For instance, many merchants aren’t sure how to handle the fee when it comes to card present vs. card not present sales volume. This is because Visa calculates its FANF differently depending on whether the activity is card present or card not present. One would think that this means that merchants would be charged the fee for either card present or card not present activity, but the opposite can be true. Sometimes merchants are assessed the fee for both.

There are other issues associated with the fee as well, so it’s important to talk to your payments professional and learn all you can about it. If you want your merchant service to be top notch, you’ll have to be able to clearly explain FANF, and other interchange modifications, to your customers. The moral of the story? Do your homework.

How is your payment processor adjusting to the Visa FANF fee? Are they calculating it accurately and passing it through without markups? Are they handling it like other interchange and card association fees? Because the fee is so complex, it wouldn’t be surprising to see some processors taking shortcuts or estimating what to charge.

What types of questions are your merchants asking about the fee? Does it seem clear to them? Or are they confused? And are they coming to you with questions about the Visa integrity fee as well?

If you have any questions about the Visa FANF fee, the VISA integrity fee, or any other fees associated with the Visa payment network, please leave a comment below.

Three Rules For Being The Best Merchant Credit Card Processing Service

In your quest to be the best merchant credit card processing service or debit credit card processing service, you may be tempted to adopt gimmicks and shortcuts.

You may try to build your business by offering catchy discounts instead of quality service. You may offer merchants a technical support number instead of actual customer service. You may give them free equipment and supplies instead of proven, long term solutions.

You may turn a profit in the short term, but your clients won’t stick with you for long. But, unfortunately, the bad reputation you develop will.

Instead, follow these three rules. They’re not easy, but if you’re interested in building a credit or debit credit card processing service with long term success, they’re the only way.

1. Be dedicated to customer service.

To be one of the best merchant credit card processing services, you have to stay in touch with your customers. You need to call them, visit them in person, send them emails and keep them up-to-date via periodic newsletters. You have to check to make sure they’re getting everything they need, and if not, fix it right away.

2. Transparency is key.

Always give your merchants information in a format that’s easy to read and digest. No one likes to wade through the sludge of incomprehensible reports, so don’t make your merchants do it.

You should also promptly tell your merchants any news – good or bad. Bad news is bad enough without finding out that someone has tried to hide it from you.

And make sure to clearly explain any fees they’ll have to pay.

3. Know your merchants’ businesses.

Your merchants know everything about their respective industries, and you need to learn as much you can about them, too. How can you expect to give them good advice if you don’t know how they do business?

That being said, you don’t have to know it all. If they ask you a question and you don’t know the answer, it’s completely fine to say so. Just tell them you’ll do some research and get the answer to them as soon as possible.

Lastly, make sure your merchants understand these three important rules, and that they know you’re trying hard to live up to them. You want them to think of you as a partner –not just some company they have to pay.

And when they start thinking of you as a partner, you’ll build relationships with merchants that last – as well as a reputation that will attract new business.

Do you follow any of those rules? If so, which ones? If not, do you have any of your own? Leave us a comment below.

#

Jeff Fortney is Vice President of ISO Channel Management at Clearent. He has 35 years of experience in financial services, with 17 of those in the debit and credit card processing industry. As many ISOs and agents will tell you, Clearent will help your business thrive by providing you with some of the best merchant credit card processing services and debit credit card processing services.

PCI Compliance Fees: What They Tell You About Your Processor

Recently, many agents and ISOs have come to me and complained about PCI compliance fees.

Monthly PCI fees can range from $5-$20, and annual fees can set you back $60-$130 (and sometimes merchants have to pay both!). But while merchants certainly don’t like paying them, the real problem is often that processors don’t clearly explain them. They stick the fee information in the fine print or they don’t communicate all the details so when merchants receive their monthly statements and find the fees on them, they grab their phones and give their merchant processor an earful.

But while murky PCI compliance fees are a pain in the neck by themselves, they often tell a much bigger story: the general state of your relationship with your processor.

Delve into your processor’s PCI compliance process and ask yourself these questions. They’ll let you know if you need to think about a change:

• How does your processor handle interchange fees? Do they pass them along at cost, or do they mark them up?
• Does the merchant application or agreement clearly disclose merchant fees? Or are they hidden in the fine print somewhere?
• On the merchant’s monthly statement, are fees labeled clearly and are the counts and amounts used to calculate the fees included?
• Is it easy to read and understand your residual report? Or is it filled with long paragraphs of jargon and winding, tortuous sentences that go on and on, not really say anything, repeating themselves, kind of like this?

After asking yourself those questions, ask yourself one more: does your partner consistently hide fees in order to make more revenue? If so, this pattern will probably continue.

Will the amount they charge be reasonable or exorbitant? Will merchants be able to control the amount of the fee, or will they be left helpless? And will processors clearly explain the fees to merchants and ISOs, or will they conceal or camouflage them so that they can increase their profits?

Pay close attention to how your processor responds to these types of situations. If it isn’t to your liking, you probably have other issues as well. And you may need to start thinking about changing processors.

#

Jeff Zimmerman is Vice President of Product Management and Marketing at Clearent. He has 15 years of experience in marketing, finance and product management. Clearent can offer you a hassle-free PCI compliance process with no PCI compliance fees for merchants.

Three Types of Mobile Credit Card Processing Loyalty Apps

If you’ve been following the growth of mobile credit card processing, you may have come across a variety of new apps to help merchants manage their loyalty programs.

Some strictly help with loyalty programs. Others can handle processing credit cards as well. What’s for certain is that new apps are popping up all the time, and it’s hard to keep track of them all.

To help understand these apps a bit better, think about them in three broad categories.

Digital Punch Cards

These are digital versions of the punch cards that you carry around in your wallet. They track your purchases so that you can redeem an incentive after so many visits (think buy 5, get one free).

Usually, merchants will have a laminated card with a QR code on it their store, and consumers scan the code with a smartphone app to record their purchase.

One thing to remember is that these apps are not tied into the POS system.

Telugo, Klikt and Punched are three of the most popular apps in this category. And while they allow the user to empty their wallet of bulky loyalty cards, different merchants may use different apps, so consumers may have to download a handful of them.

Sophisticated Loyalty Apps

Other apps, including SpotOn and Belly, allow for more sophisticated loyalty programs.

These apps may be integrated with Facebook, Twitter or other social networks, allowing users to share their experience with their friends. Many of the apps require merchants to have a tablet or iPad at their store so that customers can sign up and check in.

Loyalty/Payment Apps

And yet other apps combine loyalty programs with mobile credit card processing.

The most famous of the apps that combines processing credit card payments along with a loyalty program is the Starbucks Mobile App.

Another solution is LevelUp. Users download the app then attach a credit card to it. The merchant installs hardware in their store, including a mobile phone. Then the user makes a purchase by holding up their phone to the merchant’s phone.

Some apps, like TabbedOut and Vibe, process credit card transactions by integrating with existing point of sale systems.

Merchants are just starting to experiment with these apps, trying to figure out what works best for them. For example, a merchant I know is promoting two apps at the same time.

Every day, some apps fold and new ones are born. It’s important to keep up so you can stay up-to-date on this ever changing space.

Are your merchants experimenting with loyalty apps? Which ones seem to be their favorites so far? Let us know with a comment.

 

Jeff Zimmerman, Vice President of Product Management and Marketing at Clearent, has worked in finance, marketing and product management for 15 years. Clearent can offer an array mobile credit card processing solutions for your merchant program, many of which go beyond just processing credit card payments and include loyalty program integration.

What’s Next for Mobile Credit Card Processing?

Everyone’s talking about mobile credit card processing.

Magazine editors, blogger and pundits are constantly forecasting the next development, the next startup to seize the industry, and how it will all affect merchant service providers. With so much buzz, it’s hard to keep up.

But the gist is that consumers are slowly adopting mobile payments, and that this rate should soon increase. A recent survey by MarketLive survey showed that during the 2012 holiday season, 16 percent of consumers planned to do all or most of their shopping on a tablet or smartphone. This was up from 3 percent in 2011.

Not Just One Option

When many merchant service providers think about mobile credit card processing and mobile payments, they think of Square. The company has been in the news a lot recently. They announced a partnership with Starbucks (Square will process all debit and credit card transactions for the company). They announced fixed merchant pricing. And they launched a television ad campaign.

Although Square is the big name in mobile processing right now, remember that there are many other options available. Your processor can offer you other solutions to compete with Square, including ePN Mobile, Magtek QwickPAY, VeriFone PAYware Mobile and TSYS Mobile Payment Acceptance.

The Jury is Out On...

Mobile Wallets. There’s a lot of buzz around them and many options have been launched, but consumers aren’t adopting them quickly. Furthermore, there aren’t many standards for mobile wallets, so some in the industry are questioning their security.

Near Field Communications (NFC). Near Field Communications is a type of technology that some in the industry have praised as the next big thing for mobile processing. But at a recent conference, many of the speakers were not as optimistic. NFC isn’t the only way data can be exchanged between mobile phones and POS systems. So the future of mobile payments doesn’t necessarily depend on it.

And the Future Holds...

Mobile credit card processing is in flux right. No one really knows the future. But you can count on one thing: the technology that becomes king will be the one consumers like best.

Most likely, it won’t be a simple option. It will probably include coupons and tie in to loyalty programs, offering extra value to the consumer instead of just being another way to pay.

What you think the future holds for mobile credit card processing? Which solution do you think will grow to dominate the industry? How will it affect you? Leave a comment below. We’re eager to hear your predictions.

 

Jeff Zimmerman is Vice President of Product Management and Marketing at Clearent. He has 15 years of experience in finance, marketing and product management, and has held management positions at Network Solutions and Intuit. Clearent is staying on the cutting edge of mobile credit card processing (http://www.clearent.com/financial-institutions/products-services/) and as one of the fastest growing merchant service providers, (http://www.clearent.com/about/) offers an array of different mobile payment solutions.