Read on for more information about payment processing services, charges, and the credit card processing industry.
GENERAL & HISTORY
Q: What is PCI compliance (PCI-DSS)?
A: PCI-DSS Stands for Payment Card Industry Data Security Standard, a standard set by all major Credit Card Associations (Visa, MasterCard, American Express, Discover and JCB) to insure that each business maintains a secure environment. The main reason for the compliance is to avoid data breach in your business and its consequence.
Q: Why PCI-DSS?
A: Before PCI, all costs of a card breach were borne by the parties that accepted fraudulent cards. Once PCI was introduced, the source of the breach is now held responsible and carries financial consequences.
Q: We have been processing for years – what happened that we need to become compliant now?
A: PCI-DSS, while existing for years (applied mainly to ecommerce and high volume processing), was recently extended to include merchant “level 4”, which essentially means every single merchant (accepting CC), regardless to its industry or volume.
Q: What’s the difference between compliance fee and non-compliance fee?
A: As with any risk assessment, the likelihood of data breach is much higher when a business is not PCI compliant. This means that such a business is more likely to be subject to fines, penalties and costly forensic audits. This is why non-compliance fee costs the merchant 3-4 times as much as the compliant fee.
Q: Where can I find more information about the PCI standards?
A: A great source of information is the originating council (PCI Security Standards Council). Their official website: https://www.pcisecuritystandards.org/.
Q: What type of business must be PCI compliant?
A: All type of businesses, regardless of size, volume or number of transactions, that accepts, transmits or stores cardholder data. If a business accepts Credit Cards - PCI compliance applies to it!
Q: I’m a retail business and I don’t store any card data - why should I become compliant?
A: Experience shows that retail businesses are not protected from data breach. In fact, 2013 data by industry shows that 35% (!) of all data breach came from retail, and if we combine it with restaurant, this number goes to 53%.
Q: I accept only Interac. Do I need to be compliant?
A: The answer is NO. PCI compliance applies to all card brands belonging to the credit card associations.
Q: My shopping cart is already PCI compliant. Do I still need to do anything?
A: Yes. The fact that your third party provider is compliant is helpful but that doesn’t exempt you. You are still required to be compliant and go thru the process of PCI manager.
Q: What happens if I refuse to be PCI compliant?
A: Merchants that don't comply with PCI regulations may be subject to fines, card replacement costs, costly forensic audits, brand damage, should a breach event occur. While PCI is not mandatory, agreeing to become PCI compliant helps you in both, maintaining secure work environment and reducing your cost in case of a data breach.
Q: I store all credit card data in an electronic file secured by a password - why it’s not enough?
A: This is a common mistake- protection by a password doesn’t protect data breach. All credit card information can potentially be stolen from any computer.
Q: Where could I keep my data if I can’t keep it on the computer?
A: As a compliant merchant, you must receive all your Credit card authorizations on paper documents. Those documents should be stored in a safe place (but not electronically). When the document is no longer needed, it should be shredded in a way that reconstruction is impossible. You want to minimize keeping credit card data, and you can use Virtual Merchant to store those numbers for you.
Q: By becoming PCI compliant am I protected from fraudulent transactions?
A: Unfortunately not. You still need to be careful and use all available tools of fraud prevention.
OUR MERCHANTS SPECIFICS
Q: How do I become compliant?
A: As our merchant, Elavon went far and beyond to help you become compliant by hiring a dedicated company specializing in PCI security to assist our merchants in the process of becoming compliant. Note that if hired privately, cost could be form $15,000-$50,000 (as a few of our merchant can attest).
Q: What is PCI compliance manager?
A: PCI compliance manager is a tool provided in order to help each merchant to become compliant. Please log in to the following website and follow all the steps http://pcicompliancemanager.com (a summary of the steps required on our Nov 7th newsletter).
Q: What is the schedule for PCI compliance fee?
A: Effective December 1, 2014 all merchant will be charged PCI compliance (or a Non-compliance fee). However, merchants have a grace period of 90 from the date their account was opened to become compliant, before a non-compliant fee is applied.
Q: What does the PCI compliance fee cover?
A: The fee covers the cost of becoming and maintaining the status of PCI compliance (must be done yearly). It also protects a compliant merchant in the event that data breach occurred for related costs of up to $100,000.
Q: What benefit I get from becoming PCI compliant?
A: By becoming compliant you protect your name and customers. Shoppers feel more comfortable and secure to buy at a location that notes: “we are PCI Compliant”. You also reduce your risk for fees, penalties and forensics.
Q: Do I need vulnerability scanning after I become compliant?
A: If you electronically store cardholder data or if your processing solution use internet connection, a quarterly scan by a PCI Approved Scanning Vendor (ASV) is required.
Q: Does the PCI Certificate need to be renewed?
A: Yes, all merchants need to renew it every year.
History of Payment Processing Services
Payment processing was previously controlled by the banks. Due to the 1998 deregulation of electronic banking machines, new opportunities opened up for private Merchant Solutions Providers. Those opportunities have served the merchant as well. Competition resulted in significant reduction of rates associated with payment processing services. Furthermore, merchants are now able to shop around for better rates on their debit and credit card processing.
What are the Benefits of implementing a Merchant Account?
Every business is unique, but they all can benefit from a card merchant account with Nordex. Statistics show that switching from cash-based payments to merchant payment processing often boost sales by 20%. In fact, many of Nordex's clients have even seen their sales rise by 40%.
Is switching payment processor worth the hassle?
Every business is unique, but they all can benefit from a card merchant account with Nordex. Statistics show that switching from cash-based payments to merchant payment processing often boost sales by 20%. In fact, many of Nordex's clients have even seen their sales rise by 40%. Whether you are a new or an existing business, Nordex offers you the best rates for your industry, with top-tier personal service and assistance. Our experience shows that businesses that have switched to Nordex now pay between 10%-40% less than their original merchant payment processing fees.
Debit/Credit Card Merchant Processing Services – I’ve heard that there are hidden costs… where are they?
If you want better value for your debit and credit card merchant processing services, don't settle for your bank or other processor rates! Hidden charges of ten add up to much higher costs than you bargained for. Nordex offers low and transparent rates for payment processing services, which are thoroughly communicated and reviewed before you sign a contract. We keep our charge structure simple so that you always know what you're really paying.
If you haven't looked at your payment processing statements lately, now is the time to do so. Merchants are often surprised to discover that their credit card payment processing costs are much higher than they thought. Having analyzed numerous statements, Nordex realizes how difficult it is for most merchants to ascertain the true cost of their credit card merchant processing. This is why Nordex offers a free payment processing statement analysis with no obligation. Please contact us for details.
Glossary of terms
Automatic Teller Machine
Average size of a single sale made by a merchant
Card present / swiped
Cardholder is physically present at the time of purchase and the card is swiped
A customer may ask the merchant to charge his account for more than the value of his purchase so he can get the difference in cash
Reversing a sale made by merchant (dispute or fraud etc.)
Convenience fee (or surcharge)
A fee the merchant charges a customer for a debit transaction. Usually for a cash back or cash withdrawal
This is a percentage from the total transaction amount charged to the merchant to be able to accept credit cards.
Doing Business As, a name the company may use to operate a business although its legal name is different
Debit / Interac Card
An ATM card used to purchase goods or services or to obtain cash at point of sales
A fee that is charged on Credit card transaction per transaction
The interface that allows merchant to accept online payment
A company that processes debit transactions. (most popular method for electronic commerce)
Interac (debit) transaction fee
A fee charged to the merchant for each interact transaction
These are the base market rate for Visa & MasterCard transactions, determined by their respective association
Mail Order Telephone Order
Personal Identification Number
A device linked to the POS and used to enter a customer PIN at the time of purchase
Point Of Sales ; terminals used to process sales
The ongoing rate subject to type of business
Lowest DR to swipe transactions. Originally applied to all swiped cards, today is limited to personal cards
Higher rate applied to swiped transactions of special reward or business cards
Applied to non-swiped transactions, maybe be used interchangeably with Mid-qualified
This is an amount that a processor may chose to hold from a merchant sales
Factors that affect costs of payment processing services
In general, the cost of payment processing correlates directly with the risk perception of your business, your method of operation, and your preferred method of payment. For instance, a business that operates only by mail or phone order presents a higher risk to a credit card processing company than a business which makes sales face-to-face with a debit or credit card present.
In recent years the card type is a major component of changes in your costs. You are likely to pay different rates on different cards, depending on the actual card type you accept. For example: you will be paying higher rates for corporate cards or rewards cards, even if those cards were swiped.
All the above factors derive mainly from interchange rates which are dictated to our industry by the Visa and MasterCard associations. How we package those rates to merchant varies significantly from one company to another. This is where, Nordex excels in brigning you the best value to your payment processing.
Additional criteria that are typically considered in determining the pricing for your credit card payment processing are:
- Your business or personal credit standing
- The number of transactions your company performs remotely vs. face-to-face
- The average amount of a single transaction
- The number of transactions
- The volume of annual sales
Beware of hidden costs
Even though competition between processors keeps the cost of payment processing down, there is a lot of variability in the rates offered by different solution providers. Some processors appear to offer great rates on their payment processing services, but in reality they are more expensive than others. This is because hidden costs are the undisclosed secret of the payment processing industry. Merchants believe they are getting the lowest rates, but a closer look at their statements says otherwise. These hidden costs can add up quickly to affect your overall cost of debit and credit card processing.
How to get the best rates on your payment processing services
It is usually difficult to determine whether you are getting the best payment processing rates for your company, or whether a new proposal is significantly better than another. That's why Nordex offers free statement analysis to determine whether you could be saving on your debit and credit card processing.
We will honestly communicate to you if you have good rates or if we can significantly reduced them. Contact us today for your free payment processing analysis- no commitment required!