Posted by Mike on March 27th, 2015
For many years we have been running our business accepting only cash or checks for our services. A couple of months ago we decided (once again) to begin accepting credit card payments for our clients and walk-in customers.
This decision was hard to make because we had avoided payment fees operating the way we did. But… since I use my personal cards for nearly everything and carry very little cash, I figured our clients may feel the same. My first attempt at credit card processing was when I first started the business. I signed with my local bank’s merchant account (mistake). The fees were killing me and I could not wait for the contract to run out.
So, we had to research payment processors and brush up on PCI (Payment Card Industry) standards and compliance. There are a lot of changes on the near horizon for any company that accepts credit cards. In a nutshell, the card companies are growing tired of absorbing the cost of stolen, hacked, and mis-used cards and they are going to start holding the merchants financially responsible if they have not beefed up their security. You don’t have to look hard to find examples like Target, Home Depot, Michael’s and a slew of other security breaches.
You may have heard about the new EMV (Europay Mastercard and Visa) or “Chip” embedded cards and may already have one. Estimates are that over 120 million of us have already have them. Just look for a little micro chip on your card. For those who accept credit cards, this may mean adding new in-store technology and internal systems along with complying to new liability regulations. For consumers it will mean activating new cards.
The first generation of these cards will still have the mag stripe on them for legacy systems. Other payment methods include ApplePay, however this may take some time since it only works with an iPhone 6. Look for other payment types fighting for market share as the whole industry gets a shake-up in the coming year or two.
As a business owner, you will need to review your PCI compliance and make sure you are certified for the PCI 3.0 standards. As we went through the new standards I was astonished at the level of complexity they are asking for. Personally, I don’t see how PCI expects everyone to be fully compliant any time soon. It is coming at us like a freight train and and business owners need to become aware. One thing you can be sure of is the credit card companies will start shifting responsibility for data security directly on the merchant. If your systems are compromised and you have not documented your PCI compliance and policies it can and will be costly.
Now, understand that PCI compliance is not a mandate from the Feds. PCI standards come from the credit card companies themselves. Believe me, they have the lawyers and cash to protect their interests.