The payment processing industry is constantly developing new technology that raises the standard of what’s considered adequate safeguarding techniques to protect your business and your clients. There are various factors that go into choosing a payment processing company that offers everything you need to run a successful business.
Here are four things a new business should know about payment processing, from fraud detection to choosing a pricing plan that fits your needs.
- Security Standards
You need to ensure that your company is properly encrypted in the payment front in order to avoid hackers with malicious intent from gathering your clients’ sensitive information and ruining your credibility. The Payment Card Industry’s Data Security Standards (PCI’s DSS) provides guidelines to ensure your payment processing service is up to par.
First, you must have some firewall to protect a cardholder’s data, followed by avoiding vendor-supplied defaults for online passwords and security. You must also protect stored password and card information, as well as encrypt transmission of a cardholder’s data across public networks.
The PCI’s DSS also requires your business to regularly update anti-virus software, have secure systems and applications, restrict access to cardholder data to a need-to-know basis and make sure each person with internet access has a unique account.
Finally, you must restrict physical access to cardholder data; monitor all access to cardholder data; test security systems and processes on a regular basis; and ensure that your entire staff is aware of your company’s security standards.
- Encryption Tools
There are various tools you can implement to encrypt sensitive, personal data, one of which is Secure Sockets Later (SSL). This technology is considered an industry standard, encrypting a link between a server and a browser.
SSL protects all data that travels between the web server and browsers, ensuring these remain private. In order to create an SSL connection, you will need an SSL Certificate, which you acquire by answering questions about your company’s identity, yielding cryptographic keys that serve as a safeguard for your data.
Another common industry technology is tokenization, which masks sensitive data with a random string of characters that helps avoid hacks and data breaches. One such method uses a token to represent a credit card number.
Once the transaction has been authorized, the website’s centralized server gathers any sensitive data and stores it securely. Each merchant’s system has a unique number, allowing customers to buy payments and services with one click in future transactions.
End-to-end encryption (E2E) is another process that encrypts data once the mag stripe reader is swiped. E2E converts information from clear text to encrypted data immediately.
These are all fraud-prevention techniques to consider, along with 3D secure, a technology that adds an additional layer of protection in debit and credit card transactions. Whenever a customer makes an online transaction, 3D secure requires the consumer’s password to be confirmed before completing each transaction.
- Pricing
Pricing is important when choosing a payment processing service as there are a number of fees associated with hiring a company to run your website’s security. “Interchange fees” refers to a fee charged for every transaction you process, paid by the payment processor to each card’s bank.
The fee is usually around 2% to 3%, but the figure is often determined on the type of card accepted by your company (credit, debit, rewards); whether the transaction is done online, by phone or online; and the size of each transaction.
There may also be monthly statement fees, set-up fees, monthly minimum fees and even an early termination fee. You may also see a monthly gateway access fee for providing a payment gateway. This technology sends data from your processing system provider to credit card companies.
There are also various plans, including the interchange plus model, which offers a clear idea of what you will pay in terms and feeds. The model also itemizes wholesale fees, plus markups, revealing all of these in your monthly statement.
Tiered plans are a bit more complex, as they divide transactions into qualified, mid-qualified and non-qualified ones. These refer to low-money transactions, medium ones and large ones respectively.
A subscription service is similar to the interchange plus, with the cost of the transaction charged outside the markup. Instead of paying a percentage markup, you’re only responsible for a small fee per transaction. Blended plans are similar to tiered ones, but without the tiers as each transaction costs your company the same.
- Customer Convenience
When setting up a payment system, it’s important to understand and meet your customer’s changing needs.
Consider evolving technology, for example. EMV is the new standard for credit cards, whereby you insert a chip card into a card reader instead of swiping it, helping reduce fraud through additional security measures.
Everyone knows about credit and debit cards, but new forms of payment technology have pushed some merchants into accepting other types of payment such as Apple Pay, Android Pay, PayPal Mobile and other mobile payments.
Your business should also offer customer service 24/7 to help solve any issues through an account representative. Such a move may cost you extra fees, but it’s ultimately worth it.
Finally, you should ensure that the user interface (UI) of your payment service, especially online, is easy to use. Your financial workers will need to review fees, chargebacks, transactions and other data, and the easier your UI is, the better off your workers are.