Blog

Guide to Parking Payment Options

At some point, everyone who drives motor vehicles will have to pay for parking, but not all parking facilities are alike. The available payment options are more varied than ever. Whether it’s a parking garage for short-term parking or a facility for long-term parking at an airport, customers will encounter all kinds of parking payment systems.

Historically, quarters have been the primary method of payment for street parking meters and parking lots. But today, times have drastically changed. This post will outline what all the different modern payment methods are, and how they work.

Cash Payment

Cash is king! Or, at least, it used to be. In the early days of parking meters, only quarters were accepted. For parking facilities staffed by employees, coins and cash were the only option. Today, while options have expanded, both coins and paper money are still accepted by many parking machines.

With time, however, other payment methods have eclipsed cash as more popular. This is a good thing—cash payments have a number of potential pitfalls. These include:

  • Convenience: A lot of people don’t carry cash or coins with them, leaving them unable to use cash-only parking facilities
  • Operations: Cash is clunky to deal with and requires physical transport. It also makes it more difficult to determine payment amounts
  • Security: With cash payments, it’s much easier for dishonest employees to be able to pocket some of the money, or for thieves to commit a parking meter heist

Pay by Coupon

Also known as “pay and display” parking, this system requires that the customer pay in advance for a book of parking coupons. These coupons or vouchers are then left on the customer’s car dashboard, and display the time and date. Human parking attendants can then check what time each car was parked, and when their parking period is set to expire.

Pay by Disk

The pay by disk model is almost identical to paying by coupon: the customer pays the fee with a debit or credit card or cash, according to how much time they need, and then leave the disk on their dashboard. However, there is one key difference: Unlike coupons, which are single-use, the disk is reusable. The same disk can be used to pay for parking over and over.

Disk parking systems are often found in parking facilities that have a time limit, but don’t charge money. However, they can be used in pay-to-park facilities as well.

Pay by Phone

With the advent of mobile apps, some facilities now offer a way to pay for parking with your phone. The convenience of mobile online payment is becoming more and more popular. Typically, this is done with a third-party app, which provides the service of accepting payments.

The app charges the customer, and then reimburses the parking operator. To enforce parking, parking attendants can access a back-end database in the app that displays the license plate numbers and payment/time status for each car. When time is expired, the attendant will see it on their console and issue a parking ticket.

Sometimes, these systems cost more due to server costs, convenience fees, and other factors. It’s up to the parking lot operator to ensure their system is cost-effective.

Extend by Phone

Used in conjunction with the pay by phone option, extend by phone allows customers to add parking time remotely. This is done within the same app they used to pay for parking, and lets them add time to the meter without returning to their car or a physical pay station.

Once time is added, an alert is sent to the parking attendant, and the time is updated in the back-end database. If time runs out for a customer, many apps allow operators to set up a late fee after a pre-set grace period. Penalty parking fees could also be applied to a customer’s account remotely.

Pay by Plate

This system requires customers to pay in advance at a pay station upon arriving at the parking facility. At the pay station, they enter their plate number and pay via cash or payment card. Sometimes, information from the customer’s driver’s license may be required as well.

Parking attendants can then use a console to see which plate numbers have time left, and which have expired.

Pay by Space

In the pay by space model, the customer pays at a pay station before they park. At the pay station, they can select from available parking spaces. They select a space number, and then park in that specific spot.

Attendants can then view which parking spaces have paid, and which are parked illegally.

Pay on Foot

In a pay on foot facility, customers pay at a pay station before they leave. Once they pay, they take their receipt to the car and scan it at an exit terminal as they leave the facility. After payment, you are given a certain window of time within which you have to vacate the facility. This prevents people abusing the system.

Modern pay on foot systems offer all kinds of payment types, from Visa and MasterCard to debit cards to American Express and, sometimes, even mobile payments.

Final Thoughts

Once only the domain of coins, parking payments now take a wide variety of forms. The result is a renaissance of choices for parking facility owners that offers reduced losses, lower costs, and more automation for customers and parking attendants alike.

 

Paying Gig Workers

A Brief Guide for Entrepreneurs

The gig economy is upon us, and that’s great news for parking industry business owners. But how do you pay a gig worker, and how are they different from full-time employees? This article will give you an overview on what gig workers are, why you should use them, and how they are paid.

What is a Gig Worker?

A gig worker is someone who earns income beyond the traditional setting of long-term employment. They are often known as independent contractors, contingent employees, or in certain industries, freelancers. They often work for different companies at different times, but may have clients they work for on an ongoing basis.

Gig workers tend to be temporary hires typically brought on board to complete or contribute to a specific project. In other instances, instead of contributing a single project, they are brought on for a pre-set period of time. In today’s world, full-time jobs are becoming less common as short-term gigs and contract work takes over.

Why Are More People Choosing Gig Work?

Gig work, or “contingent work,” offers a high degree of flexibility, especially when contractors can work remotely. Gig workers have also been shown to have a higher overall level of job satisfaction than long term, full-time employees.

Being a contingent worker also gives you greater variety in terms of the companies you can develop relationships with. In some cases, these relationships can be nurtured for repeat work over a period of many years. Occasionally, they can also turn gig workers into permanent hires.

Why Are More Companies Hiring Gig Workers?

Gig workers are attractive to companies for a variety of reasons. First and foremost, gig workers are a great solution for projects that require extremely specialized talent that you won’t immediately need again.

For example, say you need to migrate your company’s website from the HTTP protocol to the more secure, modern HTTPS protocol. While your typical website upkeep can be done in-house, this sort of more specialized task might require outside help. That means it’s time to hire a gig-based web developer to help you make the upgrade. Once they’re done with the update, their services will no longer be needed.

Choosing a gig worker is inexpensive, since you won’t be expected to provide benefits such as health insurance coverage or a 401(k). Worker’s compensation and other insurance may still be required, but not in all cases. It depends on what kind of work you are hiring for.

Overall, the smart use of gig workers can reduce your overhead costs substantially.

How Do You Pay a Gig Worker?

Gig workers are usually paid by the task or project, though some are paid hourly. Today, more and more gig workers are asking to be paid up front, at least in part, for their services. This is due to the explosion of activity in the gig economy—with more and more independent contractors in the workforce, worker’s rights coalitions have sprung up throughout the country to encourage gig workers to demand more from employers.

Freelancers are taking more precautions to avoid ending up with clients that don’t pay them, and requesting partial upfront payment is one trend that reflects this.

Alongside the explosion in gig workers, there have been huge leaps forward in the digital payments industry. This means more and more contract workers seek to be paid digitally, whether in cryptocurrency, or their native currencies on digital platforms like PayPal. The days of mailing checks are quickly ending.

Oftentimes, paying a gig worker involves fees from middlemen like payment processors or costs associated with currency conversion. Any side costs need to be factored into the gig worker’s final payment. Make sure to research what these are before you agree on a price.

Also, when you hire contract workers for gig jobs, take note of the different tax ramifications. The required tax forms are different for different types of workers, and ignoring the issue could result in harsh penalties. Freelancers are often responsible for self-employment taxes and, as the hiring company, you may have to deal with different tax implications as well.

Final Thoughts

From minimum wage positions to high-paying freelance assignments, independent work and gig-based positions are more common than ever and can be very beneficial in the parking industry.

Gig workers offer many benefits to employers, but they come with different rules and considerations. Always make sure the terms of the project, payment guidelines, and other factors are clearly agreed-upon in writing before you start. A contract signed by both parties is a must, both to protect the rights of the freelancer, and to protect yourself as an employer.

 

Best Credit Card Processor for the Parking Industry

As a parking facility operator, you need to be able to accept payments through credit cards like American Express, Visa, and Mastercard. But that means you need to hire a credit card processing company. There are an overwhelming array of choices for providers of credit card processing and payment gateway services, and it can be hard to figure out where to start.

Since the company you choose for your credit and debit card payments will be a long-term partner, you want to pick carefully. To help, we put together this guide to the features you want to look for, and what factors you want to consider to make the right choice for your parking facility’s needs.

 

What to Look for in Choosing a Credit Card Processor

When you’re choosing a credit card processor, here are some things to look out for:

PCI Compliance

Credit card processing companies need to have top of the line security, and PCI compliance is one way to ensure they’re up to modern standards. PCI, also known as PCI-DSS, refers to a set of international standards to ensure that payment processors are up to snuff. Many credit card providers require merchant services companies to adhere to these standards.

Regardless of PCI, however, these payment providers know they need top-notch security in order to stay in business. PCI compliance comes with increased fees for merchants, as it costs time and money to enforce the standards and certify that all companies are in line.

PCI compliance tells you exactly how your information is secured, so you have peace of mind that the industry-leading security practices are in force to protect you and your customers. As competition heats up, however, more and more credit card processing companies are doing away with PCI fees entirely. With or without PCI fees, make sure you do a deep dive into the security practices of any company you’re considering.

This leads us to our next big thing to look for in choosing a credit card processor.

Security

New security features, such as tokenization, provide new ways to guard against fraudulent activity. Tokenization allows for secure transactions regardless of the currency types and payment methods being used. It converts payments into a secure token by turning sensitive payment data into a string of numbers that can’t be deciphered by hackers.

In addition to securing payments, tokenization can also help shield your business from liability. With the rise of online payments and purely digital payment methods, security breach liability is a more important concern than ever.

Reporting

When researching payment processing companies for parking facilities, always look into what kind of reporting they offer. Detailed reporting allows you to track your transactions and make operational and marketing decisions.

Different tools allow you to view trends over time, peak business hours, and other important information with the click of a button.

Different payment companies offer different reporting software, however, so find one that has all the features you need as a parking operator.

Integrated Payments

Integrated payments allow you to get paid faster after a transaction completes. They use software to automatically post payments both to your accounts receivable and to a general ledger. Both are features of most modern credit card processing systems.

Semi-Integrated Solutions

Semi-integrated solutions have to do with EMV compliance. EMV refers to the small microchip in credit and debit cards. Merchants now need to have equipment capable of reading these computer chips. They are slated to eventually phase out magnetic stripe cards entirely.

Semi-integrated solutions are credit card terminals that accept EMV payments. These terminals store data, so data is never sent to a POS system. What this means is that merchants aren’t required to store any sensitive data, greatly reducing the likelihood of a hack or data breach.

In addition to being less risky, semi-integrated solutions can save merchants time and money…especially if a major data breach is avoided. EMV, or “chip cards,” also provide customers with contactless payments. This means the chip doesn’t need to touch anything to be read. This reduces wear and tear, saving money for customers and banks as well.

Which Factors Influence Which Processor is Best for My Parking Company?

With so many factors to consider, how can you figure out which credit card processing company offers all the features you need? Here is how to assess how the different factors should influence your decision:

Pricing

Pricing isn’t just a matter of how much something will cost…you have to take into account what value you will be getting for the money spent. One company might look more expensive, but have more robust security or better customer service. This is why you need to take all factors into account. Make sure the features included are ones that you specifically need to process payments as the owner of a parking business.

Make sure you look at fees closely, as with interchange rates and other factors, fee structures can be complex. See if there are minimums and maximums on fees. If you get the sense that a company’s fee structure is too difficult to understand, they may not be the right choice for your business.

Look out for “convenience fees,” late fees, and other potentially vague charges. Some companies offer an easy to understand flat rate with per-transaction fees, while others use a different model.

On the same note, some payment processors are very flexible, while others lock you into a long-term contract with steep cancellation fees. Make sure you read contracts carefully, and fully understand the policy for cancellations, refunds, and other fee issues. Determine what you want ahead of time, and try to match those terms with whatever contract you sign. Also sign up for recurring payments so that your billing process is automated.

Customer Service

Sometimes, what separates a good payment processing partner from a great one is superb customer service. Make sure you choose a provider with 24/7 customer service, so that help is there when you need it.

This is even more important if you run a 24-hour parking facility, but even if you don’t, issues can still occur outside of normal operating hours. When they do, you want to be able to address them right away to minimize lost revenue.

Integration

Integration with your existing hardware, software, and other systems is extremely important—after all, what good is a payment processing partner if their equipment isn’t compatible with your operating system? Do you want a system that automatically charges parking violations when necessary, and will such a system work within your existing equipment setup? Think about how everything will fit together.

Full integration of a payment processing system may require you to update servers, operating systems, routers, gateways, or other equipment. This might cost you nothing, or it might cost tens of thousands of dollars, so make sure integration will be smooth and easy, without the need for costly upgrades to hardware or software.

Final Thoughts

Choosing a credit card processing partner is a big decision with a lot of factors to consider. This is a company you will be working with every day, on every single transaction you process, so you want to make sure the choice is right. At the end of the day, it all depends on what kind of facility you own: if you own a parking lot with parking meters, your needs may be different than a multi-floor parking facility that accommodates hundreds of motor vehicles.

Remember that credit and debit cards are only the beginning. Research if your customers want to be able to use mobile payments through their mobile devices, as many payment processing providers offer a variety of payment types that go beyond the physical payment card. You want to offer as good a customer experience as possible, which means providing many different payment options.

With these factors in mind, you can make the right decision for your company, and hopefully find a long-term partner you can scale with as you grow your business.

Processing CBD Companies’ Payments

CBD products are taking the world by storm. However, CBD is a unique chemical that has a murky legal status, confusing customers and merchants alike. To make matters more complicated, there are lots of misconceptions about what CBD is and what it all means for payment processing and retail sales.

Here we’ll demystify CBD itself, and then tell you what you need to know about processing payments for merchants that sell CBD-based items like tinctures, gummies, vape pens, vape oil, and other CBD oil products.

What is CBD?

Short for Cannabidiol, CBD is a chemical compound extracted from the cannabis plant. When you ingest it, however, it doesn’t get you high. The cannabis high is caused by the ingestion of THC, which is an entirely different compound than CBD. Both THC and CBD work with the brain’s cannabinoid receptors, but to a very different effect.

Once CBD is extracted from cannabis, this naturally-occurring substance is then incorporated into products like oils, tinctures, edible snacks, baked goods, even creams and lotions with supposed anti-inflammatory effects.

It’s different from medicinal marijuana, because medicinal marijuana is just like the kind you buy on the street. That is, it alters your perception. CBD takes its effect without intoxicating you. Both CBD and THC are cannabinoids, which means they are chemicals taken from the hemp plant. However, there are different effects and legal implications regarding different cannabinoids. That’s where people start getting confused.

Even though it doesn’t get you high, consumers find that CBD seems effective for a variety of ailments. While limited scientific research means there’s still much to be learned, people use CBD for everything from chronic pain and post-traumatic stress disorder to multiple sclerosis and Alzheimer’s disease.

Processing CBD Industry Payments

Because of its association with marijuana, the CBD industry has faced challenges when it comes to accessing financial services. Banks, payment processors, merchant accounts, and other institutions have been hesitant to offer services to companies selling a product that still has a murky legal classification.

This provides potential opportunities for other companies to step in, however. This section will get into some of the complications with processing CBD industry payments, and some of the solutions CBD companies have figured out.

Hemp and Banking

Hemp and cannabis are often confused, and with good reason: there are strains of the cannabis sativa plant that can be grown without THC…that is, they don’t get you high. These plants fall into the category of industrial hemp.

Once hemp is harvested, there are hemp products called hemp oil and hempseed oil that can be made from it that are often sold legitimately. Sometimes, however, they are disguised as CBD oil, despite containing no CBD. They are sold as dietary supplement called “CBD Hemp Oil,” or under a similar name. But because the industry is still unregulated, product labels are often deceptive.

Regardless of where the plants end up, non-THC containing hemp plants are legal to grow. Since it isn’t a controlled substance, there shouldn’t be any legal issues associated with growing it and using it to make products like hemp oil. However, financial institutions are notoriously conservative and always err on the side of caution. Hemp is no different, and the fact that there’s still lots of confusion on the hemp vs. cannabis, THC vs. CBD question. Hence, the industry is facing lots of resistance when merchants try to find payment processing services.

There is another factor to the resistance, however. Since many CBD and hemp-based products make medical claims, the industry is considered high-risk. This is because of a lack of clinical trials or FDA approval for any claims that CBD can be used to treat disease. Without a stamp of approval from the FDA, the industry will remain high-risk. And as with all high-risk industries, it is harder to find financial partners. Once CBD companies do find a payment processor and bank, there are often higher fees associated with doing business.

Using Square for CBD Company Payments

Square is one payment processing and merchant services company that is taking the plunge, offering select CBD merchants an invite-only chance to beta test a payment processing solution for CBD sellers. It’s a huge opportunity for them that could come with pitfalls, but also the chance to fill a need and corner a rapidly-expanding market. The forward-thinking approach could pay off hugely for Square.

Final Thoughts

For a natural product with none of the inebriating effects of THC, CBD could hold great promise. As the CBD industry expands and matures, more legal clarification will develop regarding its status. There will likely also be more clinical trials showing whether or not CBD has health benefits like easing anxiety, reducing pain, and powerful anti-inflammatory properties. As a result, payment processors, banks, and other financial institutions will become more willing to offer services.

In the meantime, forward-thinking innovators like Square are getting a head start. CBD doesn’t look like it’s going away anytime soon, so the only question is, how long will it be until banks start treating it as a mainstream industry with a moderate risk profile?

No one knows for sure, but when they do, the industry will have an opportunity to expand faster than ever. And as more states legalize THC itself, there will be a whole new flood of cannabis products on the market with merchants in need of payment services. As the cannabis plant gains further acceptance, doing business in the industry will become easier and easier.

3D Secure: What is it, and how can it protect your business?

In the age of ecommerce, data security protocols are needed to protect merchants and their customers. Enter 3D Secure. 3D secure provides extra layers of authentication for each credit card and debit card transaction, making it harder for hackers and fraudsters to steal your customer’s identity. This article will explain what 3D data is, and how to use it to decrease fraud and reduce the chances of identity theft for your customers.

What is 3D Secure?

“3D” usually refers to three dimensional. However, the “3D” in 3D Secure means “three-domain structure.” This refers to three components involved with any 3D Secure credit or debit card transaction. These are called the Acquirer Domain, the Issuer Domain, and the Interoperability Domain:

  • Acquirer Domain:This domain refers to you (the merchant) and your bank
  • Issuer Domain:The issuer domain the bank that issued the customer’s payment card
  • Interoperability Domain:This domain is the payment system or credit card infrastructure that allows the payment to occur.

When customers make an online card not present transaction, 3D Secure protects data between all of the three domains. For online purchases, many major credit card brands are implementing their own version of 3D Secure for their customers. Visa has branded their service Verified by Visa, and Mastercard calls their version Mastercard SecureCode.

How 3D Secure Works

3D secure uses XML messaging, which is part of a computer programming language called Java. XML is essentially a secure way to move data from one software system to another. Essentially, once a customer enters their credit card data, the system looks at a directory server that contains a ledger of legitimate credit card customers. Once the customer is found, the server confirms to the 3D Secure system that the card is legitimate.

The customer is then prompted to enter a unique pin code. If the pin is correct, the transaction is sent to the acquiring bank to be authorized. Finally, the customer will receive a message confirming whether their payment was successfully processed.

Not all transactions on your website need to be 3D Secure enabled. You can reserve them only for certain transactions, such as those that are higher-risk or are above a certain dollar amount.

Pros and Cons of 3D Secure

3D Secure is fantastic for reducing fraud, but it does come with certain limitations. First off, not all credit cards participate in the program. Secondly, it doesn’t eliminate instances of credit card chargebacks. Chargebacks are caused by customers themselves, rather than hackers.

However, there is still a chargeback-related advantage to 3D Secure. Since it routes the payment differently, authenticating through the acquiring bank, as a merchant you are more protected from liability. Instead of you being liable for chargebacks, 3D Secure shifts the liability to your issuing bank.  In addition, certain companies like Visa (but not Mastercard) have additional chargeback protection, giving you extra peace of mind that excessive chargebacks won’t drag down your business.

Also, because security is improved, using 3D Secure can net you lower interchange fees. These fees are tacked onto every single transaction, so even a slightly lowered interchange rate will add up fast. Lastly, your customers will feel more secure if your site uses the latest and greatest security protocols. Having a high level of trust in your company and website will keep them coming back to buy again and again.

The only real potential pitfall of 3D Secure is that it adds an additional step for customers to complete before their transaction can be finished. This can cause a reduction in conversion rates if customers decide to leave before finishing the transaction. Many ecommerce buyers are used to “one-click ordering” and a fast transaction process, so be sure to clearly notify them early in the process that your site uses extra protection to keep them safe.

A very simple explanation of 3D Secure at the beginning of checkout does the trick, preparing customers by letting them know that there will be an extra step during the transaction, but that it adds security to protect their payment information. Make sure to include the Verified by Visa or Mastercard SecureCode logos, and linking to their homepages. This allows the customer to find additional information on the process, if desired.

Do I Need 3D Secure for My Business?

Not all businesses need 3D Secure, but whether or not to implement it is up to you. Ecommerce merchants who sell high-priced items or take large deposits may want to enable it for the extra security it offers.

Risks of 3D Secure

A reduced conversion rate is possible when any new step is added to the checkout process. For customers, phishing fraud is still a risk with 3D Secure. Phishing is when someone creates a fake web page that impersonates yours, getting customers to click on their fake website instead of your real one. Then, when they check out, whoever set up the scam website collects your credit card information and pin code as the customer enters it.

However, this type of fraud is not unique to 3D Secure. It is a common scheme to get around many types of online security. To avoid it, encourage customers to bookmark your site and only visit by opening the bookmarked page. Visa has also added a secret phrase that appears during checkout, showing the customer that the checkout page is genuine any time the secret phrase appears.

Final Thoughts

3D Secure is a great way to add an extra level of authentication to your online checkout process. However, it comes with potential pitfalls and limitations. The best way to determine if it’s right for you is to learn more about it, so talk to your credit card issuer with any questions you have about implementation.

Overall reductions in conversion might be offset by savings in fewer chargeback disputes and a lower interchange rate. After you try it, see what effect it has—sometimes the best way to know if something is right for your business is to test it out for a short period and look at the data to see if it was successful.

How to Stay Up To Date on Your Payment Solutions

Payments have come a long way from cash and cards. As a business owner, to accept payments in as wide a variety of forms as possible is just good customer service. That’s why it’s important to stay up to date on developments in the world of payment solutions. With this guide, we’ll tell you more about why it’s so important to stay up to date, and then give you some tips showing how it’s done.

Why is it Important to Stay Up to Date?

Staying up to date on payment methods is important because it helps you know your customers better. By knowing your customers, you can increase sales. One of the keys is that by staying up to date on payment methods your customers want to use, you can give them more ways to pay than your competitors do.

Nowadays, these can include a ton of different options. In addition to paying with credit and debit cards, customers can use mobile payments through apps like Apple Pay, using contactless payment microchips, social media payments, and other technological advances.

One of the big benefits to offering these sorts of payment types is increasing your customers’ loyalty. When customers decide they love a new way to pay, whether it’s through a mobile app on iOS or Android, or some other way, you offering this payment method through your payment processor will keep them coming back.

On that same token, if they decide they have a new favorite payment method that you don’t offer, they may start shopping at a competitor that offers it. Keeping up can get you more loyal customers, and not keeping up could make you lose customers that you’ve had for years. With all the choices of payment method and merchants that customers have, it will impress customers to show that, even as a small business, you are on the cutting edge.

How Do I Stay Up to Date?

Know Your Business

Ask yourself the following question: Do you need embedded online payment solutions in an ordering system? Knowing the needs of your business is the first step to knowing what payment solutions you need to offer your customers.

Determine what payment types your customers want, and then figure out what upgrades you need in order to offer them. You can do this just by asking, getting an idea of what their expectations are. To accommodate them, you might need new software or hardware.

For example do you need an embedded link to an online payments portal? Do you need a mobile wallet reader? These are all potential equipment upgrades that might come into play.

Also note that to accept payment types beyond credit card payments, there may be different fees you have to pay. Mobile wallets may not come with fees from a credit card processor, but they may have a unique transaction fee all their own. Similarly, digital wallets and other types of online accounts might also require investing in special equipment. Do your research to determine how much these fees will cost versus processing credit card transactions. You might find that offering alternative payment processing solutions could actually save you money.

Know Your Customer

We touched on knowing your customers’ wants and needs earlier, as it’s one of the most important factors for what payment solutions your business should adopt. By knowing how your target market prefers to pay, you can make sure you’re satisfying their needs.

Talk to Your Payment Processing Provider

Your payment processing or payment gateway provider can help you get set up with the hardware and software you need to allow your customers to pay using their preferred method. They will help you figure out what solutions you need to add to your arsenal in order to satisfy your customers.

Final Thoughts

Payment solutions have evolved far beyond Visa and Mastercard. Five or ten years from now, payment methods will be common that hardly anyone today has heard of—if they even exist yet at all. Staying up-to-date means retaining the customers you have right now, and snagging new tech-savvy customers who will become loyal to your business for years to come.

How will EMV technology impact my business?

EMV chip-based credit cards are taking the payments world by storm. It’s clear now that the further spread of EMV is inevitable, so merchants are left wondering how it will end up affecting their business in the long run. This article will give you a full rundown on what EMV is. From there, we’ll tell you what you need to know about how it will impact your business on a day to day basis.

What is EMV?

EMV stands for the credit card companies Eurocard, Mastercard, and Visa, and it represents the three major credit card carriers that now use microchip technology instead of magnetic strips. This technology is now known as an “EMV chip.” Because the microchips offer better security than magnetic strips, other carriers like American Express and Discover are using EMV credit cards as well.

For EMV, the card is inserted into a contactless system rather than swiped. This is important—because the chip never has to make actual contact with anything, cards don’t wear out as fast. For further card authentication providing an added layer of security, the customer can then be prompted to enter their pin.

Contactless EMV microchips have become the global standard for credit card security. This is an improvement from the less secure magnetic strip, which has appeared on debit cards and credit cards since they were invented. The magnetic strip contains card payment data and while EMV cards still have the strip, sensitive cardholder data is now protected in the microchip instead of the much more vulnerable magnetic strip system.

The reason cards still contain the magnetic strips is so that merchants who can’t afford to upgrade to EMV card readers yet will have time to catch up. Eventually, magnetic strips will most likely be phased out completely in favor of EMV readers and verification methods.

Why is EMV the New Standard for Credit Cards?

EMV cards are an enormous step forward in terms of verification and fraud reduction. First off, the old magnetic strips are easy to replicate if a credit card is stolen. Microchips, on the other hand, are extremely expensive and time-consuming to replicate. For a lost or stolen card’s EMV microchip to be duplicated, it would take tremendous technical skill and special equipment.

In addition, EMV cards can’t be hacked using card-skimming machines. ATM skimmers are essentially fake ATM card swipe readers that can be installed over an ATM machine by a thief. Since they seamlessly integrate with ATM machines, skimmers look and feel just like real ATMs. But when you swipe your card, your personal data is stolen and stored in the skimmer. Later, when the fraudster retrieves the skimmer, they have the debit and credit card info of everyone who used it.

With EMV cards rendering skimming attempts useless, the credit card industry has defeated one of the most powerful weapons used by credit card thieves. As a result data breaches will become less likely for the life of your business.

How Will It Impact You?

EMV magnetic chip cards primarily impact merchants taking payments in person, where a customer uses their physical credit or debit card. For service-based merchants, the impact will be minimal. There will also be very little impact for certain types of transactions. If your business operates primarily with one of the following forms of payment, EMV cards will have very little if any impact:

  • Mail or Telephone Orders: If your business primarily processes transactions through the mail or over the phone, the EMV system won’t matter much for you. While modern retailers are doing fewer and fewer of their transactions this way, it is sometimes necessary to use a mail or telephone ordering system. Since these systems collect credit card data by hand, the existence of a microchip makes no difference.
  • Orders Where Payment Info is Entered Manually: For Ecommerce merchants who only collect orders via an online ordering system, either through a mobile application or a virtual terminal, EMV has no impact. For these card-not-present transactions, payment info is entered manually. Since the card is never physically swiped or inserted, the EMV chip is replaced by other security methods.

Technology Upgrades

For other merchants, however—those that process cards in person, using card readers—the EMV system requires that they upgrade their point of sale terminals. Merchants who only have a swipe reader capable of reading magnetic strips will have to buy a new card reader that allows cards to be inserted for the microchip to be read.

If you don’t upgrade your POS equipment, your business could be held liable in cases of credit card fraud. The reduction of fraud liability can make all the difference when just one data breach can bring on a lawsuit where plaintiffs are demanding tens of thousands of dollars. While some businesses might be hesitant to upgrade due to cost, EMV payment technology is becoming more and more affordable. You can also use it as an opportunity to modernize your front-end operations by accepting mobile payments through apps like Apple Pay.

For these apps to work, your registers and POS terminal needs to have NFC-compatible payment technology. This means “near-field communication,” and it essentially allows a machine to register data from a card even though no physical contact is made between the card and the machine. Since EMV and NFC are companion technologies, investing in smart EMV readers that can read both microchip credit cards and mobile devices alike.

Lastly, if you have even one instance of fraudulent activity due to not having EMV-compatible equipment, the cost of the upgrade could end up paying for itself.

More Benefits to EMV

The benefits to EMV don’t stop at security. EMV also allows transactions to happen faster, meaning reduced wait time and shorter lines. That means happier customers.

As an added bonus, this also means that EMV allows you to process more transactions in a day. That means more sales revenue, but it could also snag you lower credit and debit card processing fees and a better interchange rate from payment processors. Added cardholder security can improve your negotiating power for a lower interchange rate as well.

Final Thoughts

There is no escaping the rise of EMV technology for credit cards. But don’t fret! Consider it an opportunity to reach more customers, reduce liability and instances of fraud at your store, and process more transactions than ever. Change can be scary, but if you play your cards right, it can also come with enormous opportunities along the way!

Airline Miles: How we got here and why merchants bear the cost

Airline mile points on credit cards are a great way to increase customer engagement, because they’re a dream come true for travelers. After building up enough points on a credit card linked to an airline brand, frequent flyers accumulate “frequent flyer miles” that they can cash in for flights anywhere in the world. As a result, customer loyalty is rewarded, which in turn keeps those customers coming back to the same airline. In short, it creates loyal customers for life.

Who Pays for Frequent Flyer Loyalty Programs?

When you rack up enough loyalty points for a flight, it feels like a free trip! But is anything truly ever “free?” As our investigation discovered, it’s actually merchants who are bearing the cost of these accrued airline miles, through the processing fees charged by credit card companies.

When a customer earns miles as part of a flyer program, there is a cost associated with that. And someone, somewhere, has to pay it. That’s where fees like interchange fees and foreign transaction fees come in. When legislation like Dodd-Frank cut the maximum fees that credit card companies could charge, loyalty programs took hold.

Card companies shifted to interchange fees for more profit, and those fees are passed onto merchants. Merchants have had to charge more, but customers paying with rewards cards will earn reward points that are funded by these same fees.

The end result is this: Customers earn bonus miles through their card’s rewards program, while merchants pay higher interchange fees.

Loyalty Program Costs

In Europe, interchange fees are capped at a very low amount. This is great for merchants, but has resulted in credit card companies getting rid of their travel rewards cards, and reducing other types of loyalty rewards and benefits for cardholders.

The effect is the same for loyalty programs that get you elite status, early boarding, and other perks. Each of these perks comes with a cost, and the cost is usually borne by merchants in the form of interchange fees from credit card issuers.

Customer Loyalty & Your Interchange Rate

This creates a secondary form of customer loyalty: loyalty to the credit card brand. With the partnership between airlines and credit card brands, loyalty to both is rewarded, while merchants bear the cost.

As time goes on, more and more customer loyalty programs will begin issuing rewards based on money spent rather than simply on mileage. This means that first class flyers will be rewarded more than those who book economy class flights, racking up better rewards for their hard-earned dollar. By doing it this way, more of the cost can be reliably offset with higher interchange fees on the credit cards.

How to Offset High Interchange Rates

Since loyalty programs require credit card issuers to charge merchants higher interchange rates, many merchants respond by raising costs on their customers. Unfortunately, this is the easiest and most direct way to offset the extra cost. The good news for customers is that spending more money at your store can sometimes net them even more points.

You can also find ways to encourage customers to pay in cash, reducing the number of credit card transactions you process. The downside to this strategy? Lower transaction volume means higher overall interchange rates, so you might end up cancelling out part of or all of the benefit you get from cash customers.

Another potential way to offset the costs is to make your company more financially efficient. By lowering your bills and finding better ways to budget, you can make your business lean, saving precious pennies on things like payroll, inventory, even electricity. This frees up money for paying the hidden costs of loyalty programs, but will also make your business work better in the long run.

Final Thoughts

It’s an unfortunately reality of airline miles and other loyalty programs that merchants are the ones who shoulder the financial burden. How this might change in the future is anyone’s guess, but in the meantime, do what you can to offset the costs of these programs by becoming a more efficient business and negotiating the lowest possible interchange rate from your credit card processor.

 

Data Levels

What are data levels?

Credit card processing is involved in every digital transaction using a credit card or debit card. This process transfers credit card information to and from the issuing and acquiring banks involved in the purchase. These transactions must be secure and PCI compliant to prevent data breach and confidential information from being stolen. For security and PCI compliance purposes, different data levels are involved in various credit card transactions. Digital transactions that require secure data transfer may occur within the following parties: business and consumer, business and business, or government corporations. As the data level increases, the requirements for verification and authorization are heightened to ensure the security of processing. Level 1 data processing is used in business-to-consumer transactions, regardless of the size of purchase.  Level 2 data processing is required for business-to-business transactions. Level 3 data processing requires the highest amount of security for government or corporation transactions.

Level 1 Data

Level 1 data involves transactions between businesses and consumers. As the first data level, it requires minimal details for verification. This transaction is initiated by the consumer’s personal credit card. The only data required for this purchase is the credit card number, expiration date, and amount of the transaction.

Level 2 Data

For business to business transactions, level 2 data requirements must be met. These transactions require level 1 details, in addition to the tax amount, PO number, and zip code of purchase. As the requirements for level 2 processing increases, the consumer is better identified, and as a result, there is greater guarantee of secure transmission. The higher the data level, the lower the transaction cost. Considering, the increased verification of level 2 data, the transaction cost of credit card processing is reduced.

Level 3 Data

Level 3 data occurs between government agencies or corporations. Due to the highly classified nature of government transactions, this data must be verified by gathering detailed information regarding the parties involved. Although it may go without saying, level 3 data is the most secure. Each level 3 transaction must include the previous details from levels 1 and 2. In addition, the following information must be provided: line items and categories of shipment, destination of shipment, invoice number, freight amount, and duty amount. These transactions are only performed via eCommerce and primarily for government agencies. However, business-to-business transactions may occur at level 3 as well. Based on the severity of clearance required for level 3 processing, these transactions often cost the least of the three levels. As previously stated, an increase in information verified, lower the transaction risk, and therefore, reduces the transaction cost.

Acquiring Level 3

Due to the level of detailed verification and authorization required, not every transaction can be processed at a level 3 data clearance. Notably, not all credit card processors can accept transactions at the 3rd level, as a specific gateway and deeper integration is needed for these secure transactions. A variety of software companies, such as BluePay, Tidal Commerce, and Dharma Merchant Services, can provide the necessary gateway for processing. Additionally, comprehensiveinformation must be provided for Level 3 transactions.

Benefits

There are many benefits to level 3 data processing. At the highest security clearance, businesses and corporations can save up to 1% on interchange rates and processing fees. This can add up to a hefty savings for any business. When processing transactions at a Level 3 clearance, an itemized invoice is provided, allowing for simplified billing and accounting. Additionally, businesses and government entities can place restrictions on when or how the credit card is being used. Monthly upper limits for transactions can also be established.

While pursuing Level 3 data processing might sound ambitious, it can certainly be advantageous for many businesses. Due to significant financial savings and low-risk transactions, it is often wise for large businesses, corporations, and government entities to pursue Level 3 data processing.

PCI Self-Assessment Questionnaire – how to pass it and how to stay complaint

If you’re an ecommerce merchant processing card-not-present transactions, you need to be PCI compliant. PCI stands for “Payment Card Industry,” and being compliant means staying up to date on all the necessary data security practices.

Since hacks of customer credit card data could sink your business, a trade organization called the PCI Security Standards Council creates, updates, and enforces what are known as the PCI standards. These are protocols that are meant to protect merchants and customers from fraud. Collectively, these standards are called the PCI-DSS, or “PCI Data Security Standard.”

To enforce the PCI DSS, merchants fill out something called a PCI SAQ, or “Self-Assessment Questionnaire.” The PCI DSS Self-Assessment Questionnaire lays out step-by-step questions to make it easier to comply with PCI-DSS. In this post, you’ll learn more about the standard and the questionnaire.

By being ready for the PCI security questionnaire, you’ll be in the best possible position to stay compliant. That means avoiding costly penalties for non-compliance, staying one step ahead of hackers, and protecting your company from customer lawsuits resulting from credit card fraud.

After all, nothing damages customer trust like a breach of cardholder data.

How Do I Get PCI-DSS Compliant?

Different merchants have different compliance requirements depending on their category. These categories are meant to give different types of merchants a way to report on compliance to stay in good standing with the PCI.

The first step to PCI-DSS compliance is figuring out where your business stands. There are different “levels” with various criteria from each of the major credit card companies. These levels determine your individual reporting requirements.

Different credit card brands have different criteria for each level. That’s why you have to check with each credit card brand—one company will have different criteria for meeting each level than another.

What Are the Levels of PCI Compliance?

As previously mentioned, the exact criteria for each level of PCI compliance is different for each credit card brand. For example, Visa e-commerce uses slightly different requirements than merchants processing Mastercards.

For all of the different brands, levels are based on your overall risk profile as a business. The information below gives you a good idea of what to generally expect based the total credit card payments your company processes yearly. The PCI Self Assessment Questionnaire helps you determine which level you fall into.

Level 1

Level 1 requirements come into play for merchants that process six million or more transactions per year.

Level 2

Level 2 merchants are those processing fewer transactions than those in the Level 1 category. To be a level 2 merchant, you have to process at least one million transactions per year. But process more than six million per year, and you’ll be bumped to level 2.

Level 3

Level 3 is applicable for merchants processing between 20,000 and one million transactions per year.

Level 4

Level 4 requirements are commonly for small companies. However, a company that processes very few transactions can still be taking in high amounts of revenue, it just means that each client comes with more revenue opportunity. Either way, level 4 merchants are those that process fewer transactions than any of the other levels: under 20,000 per year.

How Often is PCI-DSS Validation Required?

In order to be PCI-DSS compliant, there are validation processes that must take place. These involve self-assessment questionnaires and PCI representatives called Qualified Security Assessors, or QSAs. However, the details and frequency of validation varies according to which level your business qualifies for.

As outlined in the last section, your company’s level is based on the total number of annual transactions. But in addition to annual transactions, your level might be different depending on which card brand is assessing you. Consult each of them individually to determine your PCI DSS requirements for each.

Typically, merchants at levels 2, 3, and 4 are only required to complete a self-assessment questionnaire. Meanwhile, level 1 merchants are validated by a Qualified Security Assessor (QSA) from the credit card company.

What are the requirements to be in compliance with PCI Data Security Standards?

Security Management Procedures

If you’ve ever asked yourself, “How do I become PCI compliant,” the first step is in adopting the proper security management procedures. Proper security ensures that customer credit card information like account numbers and expiration dates are protected at every phase of checkout, both on your end and on the part of your acquiring bank.

Since ecommerce involves the transmission of information through various servers and networks, there are lots of opportunities for fraudsters to try to swoop in and hack the data. Protecting it requires security measures at every layer: the ecommerce store, the network architecture, and the actual payment processing software. We’ll discuss each of these in more detail.

Ecommerce Store

Your ecommerce store is where customers add items to their shopping cart and begin the checkout process. All ecommerce websites should be Hypertext Transfer Protocol Secure, and use https. HTTPS-active sites display “https://” at the beginning of a website address, before the “www.” On https sites, information moving across the servers is more secure than on non-http sites.

Your checkout system should also use SSL encryption. “SSL” stands for “Secure Sockets Layer,” and it refers to certain cryptographic protocols for securing digital information as it moves from place to place.

PCI-DSS Compliant Software

If you use checkout software from a third party, make sure they use SSL and any other necessary encryption methods. While you can usually expect SSL encryption to be a standard feature from any reputable credit card payment service provider, always double-check.

Without encryption, hackers could have free reign over your customer’s payment card information. Anti-virus software is only the beginning—you need to make sure your payment card payments processor and other vendors use the latest encryption technology. You also need to make sure that you have secure data storage and transmission throughout the entire process.

PCI-DSS Network Architecture

PCI compliance demands a strong network architecture…that means your networks need to take security seriously during the design phase, and that security not be phased in as an afterthought. Also, once a strong network is built, it needs to be maintained.

Maintaining a secure network requires ongoing checks and updates. You need to analyze your network systems for any vulnerability. You should also have a plan in place for dealing with them. Monitor your network for signs of intrusion or other issues, and perform security tests regularly so that you can catch weaknesses early, before a hacker has a chance to exploit them.

How Can I Stay Compliant?

To stay PCI DSS compliant, many merchants will have to get a quarterly self-assessment scan done by an approved vendor. The purpose of the scan is to find vulnerabilities in your credit and debit card payment systems.

These scans usually happen quarterly, but they are also necessary if there are any major changes to your network or system. For example, updating your computers or switching to a new provider would both be situations where you should be re-scanned to stay compliant.

For the scan to be effective, it has to cover all systems that communicate credit or debit card information. That includes the network itself but also your operating system, web-based application software, payment terminals, network, and any other software or hardware system that receives, transmits, or stores payment data. To keep up with proper PCI data security, get your systems scanned every 90 days.

Final Thoughts

The PCI DSS is there to protect you and your customers, and the PCI DSS SAQ makes the process quicker and easier, saving you time and money. But proper security controls shouldn’t be looked at as a nuisance. Rather, look at them as an investment.

By putting in the effort to become DCI compliant with the standard PCI protocols, you’re saving yourself the hassle of dealing with a data breach. These breaches can cause a loss of customer trust that can take years to earn back. The investment in avoiding serious data leaks with a regular PCI DSS assessment could be one that saves your business.