Discussions about pricing are a huge part of setting up a merchant account in preparation for accepting credit and debit cards. And it’s not unusual for merchants to scratch their heads over how the rate they will need to pay for each transaction processed is determined.

Essentially, per-transaction pricing is based on the risk involved in the particular type of transaction(s) you are executing. The greater the risk, the higher the per-transaction rate you must prepare to pay. The lowest possible rate you will incur when accepting a credit card is called the “qualified rate”, and it applies primarily to transactions in which the card is present or has been swiped through a magnetic stripe reader rather having had its number key-entered into the POS system. Telephone and e-commerce transactions do not qualify for this rate because they are unable to swipe credit cards.

The second-lowest rate, called the “mid-qualified” or “partially qualified” rate, is the percentage you will be charged if you accept a credit card whose number is key-entered into the POS system. This rate also applies to transactions completed online and is the best rate available to retailers transacting business via Web site or by telephone.

“Non-qualified”, the highest percentage rate, is charged for transactions that pose the greatest risk. Transactions completed with rewards or business credit cards fall into this category, as do those for which customer address verification is not performed. Merchants that do not settle their daily batches within the allotted time are subject to this rate as well.

So you’ve decided to start accepting credit and, hopefully, debit cards….now what? Establishing a merchant account with a bank or third-party provider is the next step. In order to set up such an account, you must be the principal owner of your store or restaurant, and your business must be located within the United States. You must also have a Social Security number. When applying for a merchant account, ensure that you have a copy of a voided check from the bank account into which you would like your funds deposited, a copy of your driver’s license, a copy of your business license or similar documentation to prove that the business is legitimate, photographs of your operation’s location (and, if a retailer, inventory) and a copy of your tax return.

In determining whether to accept your application for a merchant account, the provider will look at the length of time you’ve been in business to ensure that you understand the market in which you operate, know the potential business risks you face, and more. Your credit rating will be examined to assess how well you have repaid past loans, and if you’ve had any liens, judgments or bankruptcies filed against you.

Shop around for a merchant account provider that best suits your needs, and don’t be afraid to ask questions. Inquire about the per-transaction transaction fee, or flat rate that will be charged for each transaction processed; as well as about the discount rate, or percentage of each transaction paid to the merchant account provider. If monthly charges fall under a certain volume, the processor may charge a higher percentage. Discussed too should be minimum fees, collected each month if your discount rate and transaction fees don’t add up to the monthly minimum specified on the original merchant application. Remember, also, to find out about fees for covering disputed charges (“chargebacks”) and about whether you will be required to set up a reserve account with the merchant account provider  to cover possible future losses.

Shop around for a merchant account provider that best suits your needs, and don’t be afraid to ask questions. Inquire about the per-transaction transaction fee, or flat rate that will be charged for each transaction processed; as well as about the discount rate, or percentage of each transaction paid to the merchant account provider. If monthly charges fall under a certain volume, the processor may charge a higher percentage. Discussed too should be minimum fees, collected each month if your discount rate and transaction fees don’t add up to the monthly minimum specified on the original merchant application. Remember, also, to find out about fees for covering disputed charges (“chargebacks”) and about whether you will be required to set up a reserve account with the merchant account provider to cover possible future losses.

Working with a POS software, point of sale hardware and service provider such as pcAmerica is the easiest way to obtain a merchant account. pcAmerica, in conjunction with A-AAccess, offers a complete cadre of merchant account and credit card processing services.

If you’re among retailers and restaurant operators that have yet to jump on the credit and debit card acceptance bandwagon, you’re almost definitely doing your business a disservice. For one thing, offering customers the convenience and option of paying with “plastic” increases their satisfaction—a boon to repeat business. Accepting credit and debit cards also improves cash flow and offers enhanced views of sales data and other information that can then be used to make better business decisions going forward.

Even more importantly, the volume of consumers who use credit and debit as their primary form of payment is overwhelming. According to economic research firm Moebs Services, debit card transactions accounted for 33 percent of payments in 2009; credit card transactions, 23 percent. By contrast, check usage has, over the past 30 years, dropped from 85 percent of all transactions to less than 25 percent.

In addition, like other retailers and restaurateurs, you may be questioning whether you really need to accept debit as well as credit card payments in order to play your best “plastic” game. The answer is a resounding “yes”, as the recession has spurred many consumers to choose “debit” rather than “credit” if given a choice at the point of sale. Nearly two-thirds of respondents to a survey by Mercator Advisory Group described themselves as “payment changers” who have taken specific actions to reduce their credit card usage. A majority of survey participants said they plan to extend the shift away from credit beyond the recession, possibly making it a permanent habit.

Still unsure about whether to get your feet wet in credit and debit? pcAmerica offers a wealth of assistance and services to customers in this arena; to get started, simply contact your pcAmerica representative for more information.

Experts have long pegged the average return from a computerized POS system at five times the annual investment, reflected in higher profits—for example, a $20,000 hike in profits would be garnered by a store with sales of $200,000 per year and a $4,000 annual in investment in computerization.  But where do these increased profits come from? Here are a few key areas:

1. Increased employee honesty. “Sweethearting”—a practice wherein employees give inventory or food to their friends at a reduced price or for free—decreases many-fold when staff knows management is monitoring the “goods” with a POS system. One restaurateur reported a double-digit increase in gross profits after implementing pcAmerica’s Restaurant Express software. The increase stemmed from a reduction in the amount of food and drink being “sweethearted” by the operator’s wait staff.

2. Reduced inventory shrinkage. Theft causes some, but not all, of stores’ inventory shrinkage. A good POS system, such as pcAmerica’s Cash Register Express, allows retailers to record incidents of breakage, misplaced items and goods given free to customers for legitimate reasons (for example, to replace defective merchandise). Neglecting to track these could induce additional shrinkage.

3. Improved inventory control. Knowing what is and isn’t selling—right down to the SKU level—leads to better buying decisions and, in turn, increased profits.

4. Increased transaction accuracy. Left to their own devices, many employees will just guess how much an item costs rather than take the time to check its price. With a POS system in place, merchandise is scanned at the checkout counter, and its price automatically comes up in the POS system.

5. Enhanced contact with customers. Computerized POS systems make it easy to communicate with existing customers by maintaining a database of email addresses and/or other contact information. These systems also allow retailers and restaurant operators to incorporate coupons into customer receipts; the receipts, in turn, cultivate repeat business.

It may only be mid-March, but retailers and restaurant operators that are reaping the benefits of offering gift cards must look five months ahead to August 22. That’s the “effective date” of new gift card rules introduced by the Federal Reserve Board in conjunction with the credit card reform law enacted in 2009.

The new rules forbid merchants from charging dormancy fees for an unused gift card unless the card has been unused for at least 12 months. They also limit merchants to charging one dormancy/inactivity fee per card per month, and issuers’ policies on dormancy fees must be prominently displayed—for example, on packaging.

In addition, by the deadline, disclosures of all dormancy fees and other service charges associated with gift cards and gift certificates must specify the exact amount of each as well as how frequently it will be subtracted from the balance (for example, a $2 dormancy fee every month).  Merchants cannot wait to tell customers about these disclosures until after the fact; this information must be shared before the consumer buys the card or certificate–regardless of whether it is purchased at the store or restaurant, over the Internet or by telephone. Many of the gift cards currently on the market have packaging that contains or covers important consumer disclosures.

Finally, gift cards cannot expire for at least five years after they were last loaded with money—unless the full value has been spent. Merchants may want to set the expiration date of each card they sell for five years from the purchase date, or use prominent disclosures that point consumers toward their replacement cards. The rules prohibit “the imposition of any fees for replacing an expired certificate or card to ensure that consumers are able to access the underlying funds for the full five-year period.

“To learn more about the gift card programs in our POS software, visit www.pcamerica.com.

Gift Cards Keep On Giving (Part One of Series)

If you haven’t thought about introducing a gift card program, there’s no better time than the present.

Consider the popularity of gift cards among consumers. Aite Group, a consulting firm, says the volume of private-label (store) gift card transactions processed in the U.S. rose from 810 million in 2001 to 2.43 billion in 2007 and will reach a level of 2.45 billion cards, representing sales of $39 billion annually, by 2011 (up from $38 billion in 2008). The average number of private-label gift cards purchased in the U.S. each year stands at 4.2 cards per consumer. Even better, many consumers not only spend more than the value of a gift card in the store or restaurant; they opt to reload the card and use it for future spending.

Another factor to consider: Innovations in technology have made gift card programs much simpler and less expensive to implement, as well as more appealing to consumers. Vendors, including pcAmerica, now offer programs that let merchants tie gift cards into their POS systems, eliminating many of the accounting problems caused by paper gift certificates. pcAmerica also makes it easy for merchants to administer a combination of gift-loyalty card programs, where a single card stores both a dollar value and accrued points or spending totals.

The ABC’s of PCI Compliance Continue (Part Three of Series)

Regularly monitor and test networks. All access to network resources and cardholder data must be tracked and monitored, and regular testing of security systems and processes is required.

Maintain an information security policy. The policy must cover every aspect of information security. The newest wrinkles in PCI DSS are additional compliance mandates issued by Visa. One mandate, known as PCI PED (PED stands for PIN entry data) is intended to guard consumer PIN data against theft and to enforce the hardware security of devices that accept consumer PINs and house merchant acquirers’ secret encryption keys. According to PCI PED, merchants that accept PIN-based debit must, as of July 1, 2010, use only PIN pads that meet the Triple Data Encryption Standard (TDES)—in other words, units whose encryption keys encrypt cardholder information several times in the keypad. Before July 1, merchants must also retire all PIN entry devices that have not been certified under the PCI PIN Transaction Security (PCI PTS) program or the older Visa PED program. If your PIN entry devices were manufactured before 2004, they are probably not qualified for use after the July deadline.

Visa has said it won’t fine acquirers for non-compliance with these latest mandates until July 1, 2012. However, acquirers can fine merchants, VARs and ISOs at any time beyond that date. Liability for any breach of an unapproved device after July 1 falls onto merchants’ and acquirers’ shoulders.

Need help meeting PCI requirements? pcAmerica can help you with many facets of PCI compliance, including assistance in procuring devices that adhere to all standards.

(Part two of a Series)

In the first part of this series, we defined the Payment Card Industry Data Security Standard (PCI DSS) and explained why retailers and restaurant operators can’t ignore it. Now it’s time for a closer look at the actual mandates of the standard, which is built on several principles that incorporate a total of 12 requirements. To be in compliance with PCI DSS, you must:

• Build and maintain a secure network. This means installing and maintaining a firewall to protect cardholder data and avoiding the use of vendor-supplied defaults for system passwords and other security parameters.
• Protect cardholder data. Besides protecting stored cardholder data, PCI DSS says that merchants must encrypt any cardholder data they transmit to processors across open, public networks.
• Maintain a vulnerability management program. This kind of program involves using and regularly updating anti-virus software, as well as developing and maintaining secure systems and applications.
• Implementing strong access control measures. According to PCI DSS, these measures restrict access to cardholder data in line with whether employees need to see the information in order to do their jobs. For example, a server in a restaurant is responsible for handling customers’ checks, and he must see cardholder information to get those checks paid, However, a kitchen worker doesn’t need this data to prepare food. “Strong access control measures” also include assigning a unique ID to each person with computer access and restricting physical access to cardholder data.

Need help meeting PCI requirements? pcAmerica can help you with many facets of PCI compliance, including assistance in procuring devices that adhere to all standards.

(Part One of a Series)

By now, almost everyone in the retail and hospitality industry has heard rumblings about PCI (Payment Card Industry) compliance and the PCI Data Security Standard (PCI DSS). But what exactly is it, and why should you sit up and pay attention? For one thing, if you don’t, your business may be at stake.

PCI DSS is a set of 12 requirements for enhancing the security of payment account data, including consumer credit card information. The founding payment “brands” of an entity called the PCI Security Standards Council—namely, American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. Inc. International—developed the PCI DSS to promote widespread adoption of consistent data security measures worldwide. And the council was obviously on the right track with this project: Since 2007, there have been more than 1,600 data breaches affecting 385 million consumer records, says Javelin Strategy & Research, a consulting firm that focuses on the financial services and payment industries.

Non-compliance with PCI requirements—which we’ll discuss in the next part of this series and with which reputable technology vendors such as pcAmerica can assist merchants—can have major consequences. The average cost associated with a data breach that results from a lack of PCI compliance is $204 per customer record and stands at about $6.75 million per incident when fines, adherence to data breach notification requirements, and many other items are factored in, according to Ponemon Institute, which conducts independent research on privacy, data protection and information security policy.

What’s more, once a retailer or restaurant has experienced a data breach, it is likely to lose customers. By Javelin’s estimates, 43% of consumers avoid an establishment following a data breach and 31% spend less money there than they did before the incident occurred.

If all these statistics aren’t enough to convince you, think about this: Of operations in all industries that handle customer payment information, hospitality has seen the highest percentage of data breaches (38%); retail, 13%, according to the TrustWave 2010 Global Security Report.

(Part Three of a Series)

There’s no denying that loyalty programs have caught on with consumers–the average household has a dozen loyalty memberships, according to Consumer Reports. However, half of all consumers carry just one or two loyalty club membership cards with them at any one time, meaning retailers and restaurant operators must become increasingly creative with the structure of their loyalty programs. Recent developments in this arena include the launch of:

• Instant rewards, such as discounts off the first purchase at a given store or meal at a given restaurant after signing up to participate in a loyalty program.
• Targeted deals. Loyalty clubs members often invitations to exclusive promotions, such as “friends and family” sales events. Now retailers are kicking it up a notch further by targeting regular shoppers with customized incentives based on such information as their personal shopping habits. Customer loyalty solutions built into pcAmerica’s Cash Register Express and Restaurant Express POS platforms enable merchants and food-service operators to easily track the data needed to structure both instant rewards and targeted deals, as well as to communicate these offers to program members.
• Partnership programs between retailers and online shopping portals, where consumers earn points from one retailer that they then can use to shop at another.
• Integration with social networking sites. For example, the Tasti-D-Lite frozen dessert chain has launched the TastiRewards program, which allows customers to earn extra points when they connect their loyalty accounts to social networks Facebook, Twitter and Foursquare. Customers register their Tasti TreatCard online and opt-in to enable a secure connection to their social network(s) of choice. When their loyalty card is swiped at the POS terminal, messages–for example, “I just earned 5 TastiRewards points at Tasti D-Lite Scottsdale, AZ. http://myTasti.com”–are automatically posted to friends and followers. Customers earn one point for each pre-tax dollar spent and an additional point for each social network connection they have enabled. Application programming interfaces (API’s) provided by each social network enable the myTasti.com loyalty site to pass message information when customer transactions are completed. POS systems within all Tasti D-Lite stores are fully integrated with the chain’s loyalty processor (Mercury Payment Systems) and web-based loyalty site powered pcAmerica.