I have blogged in the past about how slow the processing industry is moving towards adopting smart cards and contactless payments.

These two technologies present some major benefits and some major flaws compared to the ancient magnetic stripes that we have all come to know. For anyone not knowing what RFID (Radio Frequency Identification) contactless payments are, check out: New-wave pay plan. Smart card credit cards are credit cards with an embeded smart chip in them in addition to or in replacement of the magnetic stripe. The smart chip can securely store a lot of information compared to a traditional credit card.

Now, at some point I think that either smart cards, or RFID contactless payments are going to make a jump. If I were to bet on it, I would have to bet on contactless payments.

Here’s why contactless payments are going to be ‘the next big thing’ in payment processing!

Smart cards have been around for quite a while now. But, they have never gotten anywhere in payment processing in the US. They offer superior security compares to the current situation, so much that a person’s PIN number can be safely stored on the card itself. Smart cards have the potential to make the entire process of processing, much simpler.

However, smart cards are expensive, and they have never been that much better to justify the cost, time, and difficulty required to replace magnetic cards, to really catch on. They aren’t that much faster than normal credit cards if any, and how much information do you really want to store on your credit card?

Contactless payments on the other hand are in a position to become the standard, very quickly. Nowadays, processing cards is all about speed and convenience. I regularly see mom-and-pop businesses setting up their terminals through an Ethernet connection, because it is so much faster than dial up. Fast food restaurants are always looking for ways to speed up the ordering process. Sonic recently started using QSR self serve terminals at many of their locations. For these high output businesses where budgeting is calculated on hundredths of a penny, even a few seconds extra per person costs a lot in the long run.

Contactless payments simply have several key ingredients in every necessary sector which sets them apart from Smart Cards.

First off, contactless processing is cool.
Swiping your key chain or wallet over a terminal to pay is much more amusing than handing your card to a cashier. MasterCard curently uses a keychain tag for their contactless program. The cell phone ringtone industry is currently grossing more than 3 Billion dollars per year in the US. Believe me when I say that the coolness factor is a big part of it for consumers.

Second, it is more secure.
Since the card never leaves your hand, there is very little chance that your information can be illegally recorded. Yes it is true that someone could potentially intercept the radio signal that transmits your information from the card to the terminal, but this information is encrypted, and the equipment to do it is a little more complicated than a pen and paper. If you’re really worried about it, then you can get a RFID shield. Information on RFID payment cards is encrypted anyway, so if someone decides to scan your card while you’re walking by, the data wont be readable.

Third, they are very, very, fast.
RFID is significantly faster than swiping a card through a machine and even faster than processing a smart card. It takes only a second or two to hold the card over the reader, then green light you’re done. This will please even the most time-conscious McDonalds restaurant, and they don’t even have to reach out to grab the card.

Four, the technology is already there.
Contactless RFID systems have been used in many country’s train and other transportation systems for years. RFID is a well developed technology that will migrate perfectly into credit card processing.

Fifth, magnetic strips are old, have limited storage, are unsecure, and simply suck.
Magnetic strips were first added to credit cards in 1979 before the first IBM PC was created. Lets just say that technology has moved on a little bit, and sometimes old technologies are due to be retired. magnetic strips can only hold a few bytes of data on them, and they aren’t encrypted. Anyone with a computer and a card reader can get all of the data on the card. With a RFID or Smart Card the data can be encrypted so that it cannot be read by simply swiping it onto a computer. When you scratch your stripe it stops working. Magnetic stripes are very weak and can easily be destroyed. Even placing your wallet neat a magnet or a checkout scanner can wipe the data on your card. Stripes were great when they were invented, but it’s time to move processing into the 21st century.

Sixth, they are cheap.
With smart cards coming in at several dollars per card, the sub $1 price of RFID tags is another hugely important factor for the banks that issue the cards. Replacing millions of cards costs a lot of money, and by saving over a dollar per card, banks will be much more likely to take the initiative.

Contactless programs already being pushed:
Mastercard Paypass
Amex ExpressPay
Visa Contactless

With the increased awareness in transaction security from consumers and businesses, and an ever present belief that things need to go faster, contactless cards are in the position to become the standard. Obviously this change will take years to complete, but when compared to smart cards, contactless look to be far superior, and in a far better position to make a move.

Related Articles:
Contactless payments take hold

I’m not sure what to think of the statement released by Bank of America this week.

NEW YORK – Bank of America Corp. has begun offering credit cards to customers without Social Security numbers, typically illegal immigrants, the Wall Street Journal reported on Tuesday.

Not to get into a political debate, but it comes across as a bit crazy for a bank to start doing this. I would think that there would be some really high risk that the card holder may never pay back the debt that is due. I also have to questions whether fair practices and rates will be given for such circumstances.

Link to the Whole Article

Forewarning, This is one of the few posts on this blog that is going to contain some self promotion, but just a little.

We recently began taking the steps to move into Canada to provide services to Canadian businesses. We will be one of the first independent ISOs in Canada, and treading this new path is very exciting. I have learned a lot about the differences between the way merchant services work in Canada and the US, and it looks to me like Canada is moving in a much more positive direction compared to the US. Both for providers, and for businesses.

US vs. Canada
The biggest difference in consumer card use in Canada, is that PIN debit takes up a majority of transactions. In the US, PIN debit is only a percentage of total credit and debit transactions. It is growing in acceptance and popularity, but it still has a long way to go. This PIN debit use is one of the shaping factors in the entire Canadian system.

The positives in Canada: The best thing I have seen regarding the Canadian processing scene, is the interchange fee structure. In the US there are literally hundreds of interchange fees and levels, and the entire setup is extremely confusing. Canada is completely opposite. There are about 10 interchange levels, and that’s it. Retail, MOTO / Ecommerce, ARU, Corporate and a few levels based on processing volume and nothing else. What is also great is that there is no transaction fee for Canadian processing. There is a processing percentage, and we’re done. No transaction fee, no other surcharge fee, just a processing percentage.

Oh yeah, there are no downgrade charges in Canada!

The negatives: The processing equipment situation in Canada is at best, very ugly. In the US you can go online and buy processing equipment at near cost, from a variety of online retailers. I know this because the primary online function of my company’s website is equipment sales. In Canada, the situation is again, completely opposite. In Canada you must purchase pre-encrypted equipment from the bank you are going to process through. To purchase a terminal that would cost about $300 in the US, you will pay at least $1200 in Canada, and most likely $2000. Equipment from the US in not compatible in Canada either (I learned this one the hard way). Leasing and renting are most common and offer a somewhat reasonable monthly cost, but compared to the US, it is far more expensive for equipment. Leases and rentals in Canada start at about $50 per month for basic equipment and go up to about $100+ per month for higher-end and wireless equipment. Ouch!!

Unfortunately, there’s no way to get around it that we have found. The banks control the encryption, and businesses must have encrypted equipment to process or they lose more than half their customers. Hopefully the equipment conundrum will change in the next few years, but for now businesses are stuck dealing with the bank’s nasty equipment pricing.

Now the self promotion:
Since we don’t yet have a significant presence in Canada we are looking for businesses, websites, and people in Canada that are interested in becoming merchant account sales agents there. You will be able to offer businesses rates starting at about 2% for retail businesses, and about 2.5% for online and MOTO businesses. These rates should beat most any bank’s quoted rate in Canada. We are looking for friendly, honest people that are not wanting to rip off a bunch of businesses, because that’s not how we do business. Check out our Canadian Agent Program for more information if you are interested.

And Finally:
It’s very exciting to see Canada open it’s doors to an ISO structure. I’m not sure how soon, or even how probable it will be for the banks there to ease up on their equipment monopoly, but the fee structure is looking good enough to almost completely offset it.

Canada has a very simple and efficient system, and that is not something that I would like to see change. The last thing Canada needs is an interchange table with three hundred different levels on it, and thousands of confused and angry business owners that have no idea how to understand it.

I absolutely hate writing this post, because it is so generic, broad and over-done. But, I was searching on Google today to see what was out there, and as usual there are very few objective sources that are worth reading on the topic. Apart from that, I don’t have a guide on this site, and seeing as how this is a merchant account blog, it sort of fits the genre. Without any further rambling…

Accepting credit cards on a website is absolutely necessary for the success of any online sales efforts. While there are several other available payment methods for websites, credit cards surpass every other one because of their wide use and convenience.

There are two types of companies that can enable a website to accept credit cards. The first is a 3rd party processor, and the second is a merchant service provider (called an MSP, or ISO). The primary differences between 3rd party processors and MSPs are the way a website integrates with their service, the liability that the website owner has over the transactions that they process, and the price that a they will pay for the ability to accept credit cards. 3rd party processors include companies like Paypal, Google Checkout, 2checkout.com, CCnow, Clickbank, and many more.

The difference between MSP’s and 3rd party processors:

MSP’s

• The business apply’s for a merchant account directly with a MSP.
• Business is personally liable for everything that they process.
• Customer’s credit card statements have the business name on them.
• Use with a Payment Gateway (Seamless integration available).
• Some fixed monthly fees in addition to processing costs.
• Possible setup fee.
• Possible long term contract requirement.

3rd Party Processors

• Business processes under the name of the 3rd party processor.
• Customer’s credit card statement has 3rd party processors name on it.
• Any dispute is made through the 3rd party processor and not the processing bank.
• Business and customer have limited protection from being ripped off.
• Must use 3rd party processors checkout system (Paypal has one exception).
• No fixed monthly fees.
• Some have setup fees.
• Most have high processing costs (Paypal and Google Checkout don’t).
• No contracts.
• Business is partially liable for the transactions that they process.

Which should a business use?

Assuming that you are based in the US, this depends mainly on how much business you do, the type of products you sell, how you want to integrate payments into your website, and whether you sell on eBay or not.

For businesses in the US, Paypal is pretty much going to be the lowest cost method of accepting payments that you will find. As much as I personally hate to admit it, it will be very hard to find a company that can beat the cost of paypal. However, paypal has many negative attributes which often make it a poor solution for serious ecommerce websites.

Personally, I think paypal makes an excellent supplementary payment method, as there is a fair number of online shoppers that prefer to use it.

• How much you business you do:Merchant accounts have fixed monthly fees associated with them. If you are only processing a few dollars a day, it is simply a waste of money to use a merchant account. 3rd party processors don’t have fixed monthly fees, and will be a more cost-effective solution for low volume businesses or an individual. If you do a lot of business, then a merchant account will give you better control over the funds that you process, and how your payment method integrates into your website. Many people consider the threshold of switching from a 3rd party processor to a MSP at about $1000 per month in processing. Personally, I would switch to a merchant account at about $500 per month, so that I could provider a cleaner experience for my customers. But either way, these aren’t huge volumes of processing before a merchant account may be warranted.
• The type of products you sell:Many product types are considered high risk. High risk refers to products or services that carry an increased risk of being charged back, or being obtained by or sold to fraudulent buyers. A few examples of high risk businesses include anything adult related, travel related, online pharmacy, and download-able products. Online in general is much higher risk than retail. On a personal note, I think that most online businesses will experience some sort of fraud in their online ventures. Neither 3rd party processors or MSP’s like providing services to high risk businesses. In these cases a business will have to contact everyone to find a company that can provide service to them. In some cases they may have to process through an offshore merchant account provider.
• How you want to integrate payments into your website: If you want a completely seamless system where your customer never leaves your website, then you are going to need a merchant account and a payment gateway. Payment gateways generally have two integration methods, but I only recommend using an API method of integration. 3rd party processors require your customers to fill out their information on a website owned by the 3rd party processor. A seamless integration method is considered by many to be fundamental in providing a smooth and efficient shopping experience. Paypal does provide a system called payments pro, which is a step in the seamless direction, but it is difficult to integrate into a website, and still creates some usability barriers. If you look on any major ecommerce website, you will find that they are all using a seamless integration with their payment processing method. 3rd party processors may be an alternative payment method, but they are rarely the primary method for a serious company.
• Do you sell on eBay? If you sell on eBay, you should accept Paypal. Paypal integrates seamlessly with the eBay checkout system, and the majority of eBay users expect to be able to use Paypal to complete their purchase. Merchant accounts are difficult to integrate with eBay and must always rely on multiple independent systems for them to work smoothly and automatically. Businesses that sell a lot on eBay will probably look into one of these checkout management systems at some point, but Paypal is the perfect solution for the majority of smaller eBay businesses.

Now that you have your processing method:

I am making the assumption that you already have a shopping cart in place on your website. This can either be a custom designed system, or can be a pre-made cart system like oscommerce, zen cart, and many of the other popular carts.

If you went the merchant account direction, you will also need a payment gateway. It is easiest to get a payment gateway from the same company you are getting a merchant account through. If you already know what payment gateway you want, make sure that the merchant account provider can set this up for you. If you don’t know what payment gateway you want, Authorize.net is always a safe bet. There are many payment gateways available, with the most common being Authorize.net, and Verisign. You will want to use a payment gateway that has an API (Application Programming Interface) method of integration. The API is what allows your website to transparently integrate with the payment gateway.

Requirements to process on your website:

1. A SSL (Secure Socket Layer) Certificate (needed if you use a payment gateway API).
2. A shopping cart system (This can be custom made or you can use ready made shopping cart software).
3. Integration of your payment gateway or 3rd party checkout system.
4. Merchant account providers also have a list of requirements to setup an ecommerce merchant account. I recommend making sure that as many as possible are met before applying for a merchant account.

Depending on whether you have a custom designed or a generic shopping cart system, it can be as easy as pressing a button, or as hard as writing a complex integration script, to integrate your website with the payment gateway. Most shopping carts that are widely used will have a module or plug-in to integrate with most of the popular payment gateways. Custom carts will need a custom payment module, which should be coded by the person who designed the cart or another competent programmer. Here is a guide on how to integrate Authorize.net with a website using php5. Also, if you are interested in purchasing a Authorize.net integration script, authnetscripts.com has scripts for PHP, ASP, PERL, and Cold Fusion. I have used their scripts myself and highly recommend them. The price of one of these scripts is far less than hiring a programmer to write one for you. Integration tutorials for most payment gateways are available in just about every programming language, but again these should be programmed by a professional. If you need to hire someone to do the integration for you, I recommend services like getafreelancer.com and rentacoder.com. Make sure to pick a service provider with positive feedback, and make price a secondary factor. Here is a brief guide on how to use freelance marketplaces.

If you do use a payment gateway, make sure you are not storing credit card numbers or other sensitive information unless you know exactly what you are doing, how to properly encrypt the data that is being stored, your server is PCI compliant, and your website does not have security vulnerabilities.

Once you’re integrated:

Once your website is integrated with your payment gateway or 3rd party processor, you are ready to start accepting payments. This whole process is not really as complicated as it seems, and should be takes in steps to prevent problems.

Quick Overview:

Merchant Account / Payment Gateway Flow -is the order of setting things up that I recommend for the least amount of potential problems.

1. Setup Website
2. Setup Merchant Account and Payment Gateway
3. Purchase and Install SSL Certificate
4. Integrate Website with Payment Gateway
5. Test Integration, and Run A Real Transaction
6. Go Live!

3rd Party Processor Integration – requires less structured planning, but some ordering will make a difference.

1. Setup 3rd Party Processor Account
2. Setup Website
3. Integrate Website with 3rd Party Processor
4. Test and Run A Real Transaction
5. Go Live!

For a better comparison of merchant account and 3rd party processors checkout the Merchant Account Comparison.

Hopefully this whole process goes smoothly for you. Once everything is complete, you can focus on the marketing and promotion of your ecommerce business. As always, feel free to contact me if you have a question, or you need some direction on what to do.

Best of luck to you…

In the nearly two years that the blog has been up, I think I have only written one or two articles about electronic check acceptance services. These lesser known services are often excellent additional methods businesses can accept from their customers.

What is an electronic check service?
Electronic check services serve several purposes. They can convert a paper check into an electronic transaction (Check Conversion), they can verify the check writer against a database of check writers to see if there is a high risk of them writing a bad check (Check Verification), they can guarantee the value of the check to the business accepting it (Check Guarantee), and they can electronically draft funds from a checking account (Bank drafting, ACH).

The most common types of check services available for businesses in the US are check conversion, check verification, check guarantee, ACH, bank drafting, eChecks, and a few combined services.

What do they all do?

• Check Conversion – Check conversion is the process of converting a paper check into an electronic transaction similar to a credit card transaction. To convert a check, the check must be physically run through a check imager or a magnetic check scanning device. The check is then deposited into a business’s bank account a few days later. Check conversion is normally accompanied with a check guarantee service, so that there is a less likely chance of the bank account having insufficient funds.
• Check Verification – Check verification services compare the check writer with a national list of check writers. If that customer has a history of writing bad checks, you can avoid accepting a check from them. This service does not electronically deposit a check, but it can greatly reduce the chance of accepting a check from someone known to write bad checks. Checks are also normally scanned through a magnetic check reader.
• Check Guarantee – Check guarantee is similar to verification except the check processing company also guarantees the value of the check to the business. In the event that the check is returned insufficient, the business still gets the full value of the check, and the check processing company takes further action against the check writer.
• ACH / Bank Drafting – Bank drafting and ACH (Automated Clearing House) are electronic systems where a routing number and checking account number are manually entered into a software system. The business can then debit their customer’s checking account electronically, and can setup recurring payments for that same checking account.
• eChecks – Using a system similar to bank drafting, an echeck is a check processing service that is integrated with a website allowing a business to accept checks from their customers online.

Benefits of check services

• Reduce the chance of accepting bad checks.
• Reduce or eliminate trips to the bank to deposit checks.
• Integrate with a website to offer an additional payment method.
• Reduce the time to have funds from checks deposited into a bank account.

Who can benefit:

The businesses that are going to benefit the most from check services are those that already accept a large quantity of checks, or if bad checks are common. Online businesses can benefit by providing another simple and convenient method of payment from their customers. Rental and other businesses that need recurring billing options, can greatly benefit from an ACH or bank drafting system.

Nearly any business can benefit, but they should be accepting enough checks to justify the cost of the check service. If you only accept one or two checks per month, then a check service probably isn’t a cost-effective choice. If you accept hundreds of checks per month, and you don’t have an electronic check service, you should really look into it, because it could save a lot of time, and hassle.

The cost:

Check service costs are very different depending on the actual service that is being used. Different services have completely different fee structures. Some charge a processing and transaction fee like credit cards, and others charge a flat rate per transaction.

Example costs:

• Check Conversion and Check Guarantee: 1.7% and $.25 per transaction + $10 per month..
• Check Verification: $.25 – $.50 per check + $10 per month.
• ACH and Bank Drafting: $.50 – $1.00 per check + $30 – $50 per month.
• eCheck: $1.75 – 2.00% and $.20 – $.50 per transaction + monthly fee.

Almost every check service that I seen has a monthly fee, and the majority have a monthly minimum in addition to the monthly fee. There may be a few other fees, but nothing like a merchant account contract. ACH and bank drafting will definitely have other fees such as ACH reject, chargeback fees, and a few other specific fees. Contract terms for check services are generally for one year.

Before you sign-up:
As with any service, do your homework before you sign up for a check service. Make sure that you accept enough checks to justify the cost, and research different companies to find the best service for you. If you are a new business, you may want to hold off until you know that you accept enough checks for a check service to make sense.

Also, most check services require additional equipment to process a check. This can be as cheap as a hundred dollars and can be up to a thousand dollars. Some check services themselves are also very expensive, and some have very lengthy contracts. Telecheck for example, is one of the best check conversion and guarantee services available, but is very expensive, and can only be used with the Telecheck Eclipse terminal, which costs $600+.

If you already accept credit cards through a credit card terminal, there is a good chance that you can process checks through your terminal with an additional check scanner.

Finally, find out if you have to process credit cards through the same company that is providing your check service. It is common for check services only to be available to merchant account customers. While this isn’t necessarily a bad thing, it is something that business owners should be aware of.

Look at all of you options before making your decision to ensure that you get the best system for your business.

Conclusion:
There is a check service available for just about every type of business. If you take a lot of checks or you take a lot of bad checks then a check service can be a great way to make accepting checks easier.

The only exception with check services are high risk companies. Especially businesses like check cashing services, payday loans, etc., these business types are extremely high risk for check acceptance, so it will probably be very difficult or impossible to setup a check service for a business of this type.

Related Resources:
Wikipedia – ACH
Federalreserve.gov – Check Conversion
Allbusiness – Are Check Guarantee Services Worth the Money?
eCheck.org: What is eCheck?

Merchant accounts are a vital service that most businesses need to survive. Merchant account providers can be some of the most deceptive companies in the world, because they can prey on business owners with little knowledge of how not to get ripped off. Merchant accounts haven’t changed much in the past 10 years, and surprisingly business owners haven’t changed either.

It is still common to see people get duped into deceptive and expensive rates, sign overly priced equipment leases, pay high annual or monthly fees, or purchase additional equipment when none of it is necessary. Just a little research could save many businesses hundreds or thousands of dollars a year.

Why nothing has changed:
The main reason that business owners are no wiser now than they were ten years ago is that they don’t want to know about their merchant account. I find this sad, but completely understandable. Every business owner that I know has more important things to do than learn about merchant services. Merchant services are also boring. There is very little excitement in the day-to-day operation of a merchant account.

Businesses want something that operates invisibly beneath their company, allowing them to accept payments from their customers. The only time that many take time to learn about merchant services, is either when they think they are being over charged, and when something breaks. Coincidentally, making sure that you process with a good company from the start will minimize both of these situations before they can get out of hand.

Do a little research:
I know it hurts to do research on something that you would rather not have to know about, but believe me, it is more than worth it. Especially if you are a new business, do research weeks before you will actually need to accept credit cards.

Learn the basics:
Take an hour or two out of your schedule, even if it has to happen on a weekend. Do some basic research on merchant accounts including the types of merchant accounts, the fees associated with each type of account, and take a look at common pitfalls that many new businesses fall into. These few hours of research could save you thousands of dollars and days worth of headaches in a few years time.

Check your rates:
I have signed up many customers that didn’t even look at the rate that I gave them before signing their contract. They had a good rate, and they are happy with their service, but I could easily have thrown in extra charges and they would never have known. Even if you trust the company you are signing up with, check the application and make sure you understand all of the rates.

Don’t rush:
Businesses most often get ripped off, when they remember two days before opening, that they need to be able to accept credit cards. They instantly go with the first company that guarantees they can be setup by tomorrow. As far as sales go, urgency has probably sold more products and services than all other selling points combined. Start looking for a merchant provider about a month before you need to accept credit cards, and submit your application about two weeks before you need to be setup.

If it sounds to good to be true:
As with just about everything, if it sounds too good to be true, it most likely is. Always look for things like miscellaneous fees, yearly fees, monthly fees, and other flat rate service fees. Things like free terminal programs may seem like a great program, but there are always strings attached, and you should know exactly what you are getting into before you sign the contract.

Some resources for business owners looking to research merchant accounts:
This website…
The Merchant Account Services Website
Wikipedia Merchant Account Article (Very Basic)

Ask Questions:
Sitepoint Forums
Digitalpoint Forums
Yahoo Answers

Why would you need to setup multiple merchant accounts on one credit card terminal?

There are a few reasons that a business/businesses would want to setup multiple merchant accounts on a single terminal. There are a huge number of businesses that could benefit from using multiple merchant accounts, and they may already have all the equipment they need to do so.

The first scenario for multiple accounts is when a business has multiple merchant accounts for different transactions that they accept. Many restaurants and businesses that have a delivery service, or a phone order department, have a merchant account for their keyed transactions and another for their swiped transactions. Using a single terminal often is a much simpler system for charging credit cards than using multiple terminals or software programs.

The second situation that I commonly see is hair salon type businesses where there are multiple, independent parties that all need to accept credit cards in a single location. Rather than using some complicated system to deposit money into each professional’s account at the end of the month, a merchant account will automatically deposit each person’s money where it needs to go.

Setting up a terminal for multiple accounts:
The most important part in setting up a terminal for multiple account processing is to use a terminal that is compatible with multiple merchant accounts. Not all terminals are compatible with a multiple account setup.

Compatible Terminals:

• Verifone Tranz 380×2 (2 Accounts)
• Verifone Omni 3740 / 3750 (# of accounts depends on memory and how complex each account is normally ~9)
• Nurit 2085 (9 Accounts)
• Nurit 3020, 8320 (9 – 11 Accounts)

Other important things to remember when you need to setup multiple merchant accounts through a single terminal, are that the merchant accounts must be on the same processing platform through the same processor. The exception to this is the Tranz 380×2, as it is able to handle two completely independent merchant accounts through the same terminal. The Verifone Omni 3740 and 3750 could potentially do the same thing as the Tranz 380×2 using a function called split dial, but I have never seen it successfully done.

As for the rest of the terminals, I highly recommend using a single merchant account provider for the setup to ensure the terminal is programmed correctly and that each account is setup in the right place from the start. Also, if more accounts need to be added in the future, they can correctly setup each additional account from the start, and can easily program the terminal with the additional account information.

Why two merchant accounts for a single business:
A business can actually save money by having two merchant accounts if they do a decent volume of both keyed and swiped transactions. Keyed transactions will downgrade through a swiped merchant account, and swiped transactions are more expensive to process through a keyed account, so the lowest cost solution ‘can be’ to use a separate account for each transaction type. Very low volume businesses will probably not benefit from a multiple account setup, but businesses with higher volume can save a lot of money and can make their banking easier if they use separate bank accounts for their transaction types.

How to actually process a card through a terminal with multiple accounts:
This will vary from terminal to terminal and from processor to processor, but generally your terminal will prompt you for the id assigned to the merchant account in the terminal (Ex: 1, 2, 3…). All you have to do it remember which id is used for each account, and then process the card either by swiping it or by keying it in.

Quick example of a business that could save using multiple accounts:
Assume the business does about $20,000 per month in sales at an average ticket size of $75 split between keyed entry and swiped entry. Assume 2.3% + $.30 / transaction including AVS for keyed transactions and 1.75% + $.20 / transaction for swiped transactions.

Scenario 1 – Keyed Account
Processing Fees: $20,000 x 2.3% = $460.00
Transaction Fees: ~267 transactions at $.30 / transaction = $80
Total = $540

*Scenario 2 – Swiped Account
Assume keyed transactions downgrade to +1% over the swiped rate. Keyed transactions also get +$.05 / transaction for AVS.
Processing Fees Swiped: $10,000 x 1.75% = $175
Processing Fees Keyed: $10,000 x 2.7% = $270
Transaction Fees: ~267 transactions at $.20 / transaction = $53
AVS Fees: ~ 134 transactions at $.05 / transaction = $7
Total = $505

*This account is technically not allowed. With a swiped account, a business must be swiping at least 80% of their transactions. This account would eventually get shut down by Visa / MC or the processing bank unless they switched to a keyed account. Technically it would be cheaper than a keyed account, but the business risks getting shut down, having their money held or even getting TMF’d.

Scenario 3 – Swiped and Keyed Account
Swiped Processing Fees: $10,000 x 1.75% = $175
Keyed Processing Fees: $10,000 x 2.3% = $230
Swiped Transaction Fees: ~134 transactions at $.20 / transaction = $27
Keyed Transaction Fees: ~134 transactions at $.30 / transaction = $40
Total: $472

Not a huge savings (about 13.5% over a keyed only account), but over a few years it could really add up, and there are the other benefits that multiple account businesses have that often would be worth paying more for from an accounting perspective.

I just got back from a vacation, which is why the posting had ceased for the past week and a half. The following is a personal summary of a situation that I recently had the pleasure of enduring, and a personal opinion about businesses having fraud committed against them.

The Fraud:
We recently had a situation where a customer committed fraud against us. I am going to avoid disclosing exactly what this person did, because he essentially found a security gap in the processing system that allowed him to steal a lot of money, very quickly, very effectively, and that security gap has not been closed that I know of. As I know, he has stolen over $250,000 from several processors in the US.

Now, when a business is confronted with a situation like this, it is warranted to file a police report, and report it to the FBI and secret service. This is much easier said than done, and most businesses that have fraud committed against them, don’t even make it through this process.

To say that law enforcement personnel have no clue about anything related to electronic fraud, or fraud occurring across multiple states is a gross understatement. When trying to report this to the police, we were bounced between police stations about thirty times, and at no point did any person actually know where the fraud should be reported. It didn’t matter if we talked to an investigator or a receptionist, nobody knew where this actually needed to be reported.

Eventually, we found that the fraud needs to be reported where it actually occurred, which was in another state from us. We had to do the homework ourselves just to figure out where this needed to be reported at.

We then went to report it…

First we had to fight to even get the opportunity to fill out a police report. At this point we were absolutely sure we were filing it with the right state, but nobody at that state agency seemed to believe us (More likely they just didn’t want to deal with it). Finally we were introduced to an investigator that agreed that we were doing the correct thing at the correct location. Initially the investigator didn’t even believe that this situation could have happened. We are still shocked ourselves that it can happen, but it definitely did happen. After listening to the situation, he sent us some paperwork which was a police report and a bunch of signature documents, and we sent it back. He said he would look into it… The moment we first contacted the police station, to the moment the paperwork was actually filed took four days.

We then went to the secret service to report the situation. While they were much more knowledgeable about situations like this and electronic fraud in general, it didn’t appear that our situation was large enough to warrant their investigation. Even so, they said that they would consider it. They took our information and said that they would get back to us. They were very professional, and I wish that the police stations were even remotely as organized. Our entire dealing with the secret service was about 30 minutes, and we felt like we got a lot more accomplished.

In the weeks following the fraud we reported, processors in the US saw several other cases of the same situation with other processors. The total amount grew, and passed $250,000 the last I had heard. It may still be growing.

Finally, after five weeks the police station got back to us and said that they would conduct a formal investigation. We then sent over all of the information that we had, and now we wait again.

No Justice:
The truly sad thing about fraud that is electronic in nature, is that there in virtually no recourse once it happens. Unless you have an extraordinary case involving a ring of fraudsters, months worth of fraud, and millions of dollars in losses, there is virtually no chance that you will ever recover your losses. This person got away with a quarter million dollars in a few weeks, and I highly doubt that he will ever be caught. There were several chances that police could have got him, and there will probably be many more, but the bureaucracy of the system and the quantity of fraud and theft that occurs, prevents any quick action which would be required to catch people like this.

This person committing the fraud had better knowledge of the internal workings of the processing industry than any person I have ever talked to. He knew exactly what to do, how to do it, and when to do it, to get away with a lot of money before anything could be done about it, and he did it several times. The last few times, he did it with large financial institutions, while they were looking for it, and he still got away. He is most likely some employee, or ex-employee of a processor or bank, that thoroughly did his homework.

Conclusion on Fraud:
Online and retail businesses need to take appropriate steps to prevent fraud, chargebacks, and data loss before they happen, because the simple truth is that once that fraud is committed, it’s already too late to recover anything.

Following the suite of MasterCard and the planned IPO for Visa, Discover has announced that they plan to go public in the second half of 2007.

So far the effects of MasterCard going public have amounted to little more than the publicizing of credit card interchange. It will be interesting to see how these companies going public effects the processing industry. Personally, I cant see it as a positive direction for businesses, but public companies often rely more heavily on a positive public image than private companies, and this may cause card companies to turn in a direction that will benefit everyone.

This is the first complete year that the merchant account blog has been going. Google finally let the site out of the sandbox a few weeks ago, and since then the search engine traffic has gone up by about 300%.

Since there are so many new visitors, I am posting this as an aggregation of a few better topics from each month this past year.

January 2006:

• A brief guide to SSL certificates for online businesses.

February 2006:

• How to convert a dial omni 3740/3750 to be ethernet compatible
• Paying with a credit card in a foreign country, forex fees.

March 2006:

• Gone Phishing – Protecting yourself and identifying phishing attempts.
• TMF’d – What to do if you are are placed on the terminated merchant ‘match’ file…

April 2006:

• Created the: Processing Equipment Lease Cost Calculator
• The History of Credit Cards
• The History of Credit Card Terminals

May 2006:

• Guide to Merchant Account Affiliate Programs – Part 1, Part 2
• 3 Tips For New Merchant Account Owners

June 2006:

• Processing Platforms
• Factoring – Credit Card Laundering

July 2006:

• Cutting the middle-man, who is it best to process with?
• Paypal Shopping Cart Makes Spam
• Credit card skimming, easy to get skimming equipment.

August 2006:

• How to spot a fake credit card
• Credit Card Logos for Your Website
• Other Ecommerce and Merchant Account Blogs
• Merchant Account Fees, Credit Card Interchange – Who are you really paying?

September 2006:

• A credit card terminal from First Data (FD-100)
• Technological Progression of Payment Processing – Not any time soon!!!
• Magazines for small business owners

October 2006:

• Required Actions for PCI Compliance
• A list of payment gateways
• Google Checkout vs. Everything else…, Updated Google Checkout Review

November 2006:

• Where do data losses actually occur?
• Merry Christmas, Return Fraud and the Holidays
• How long does a credit card machine last?

December 2006:

• Unembossed cards are going to kill mobile merchants
• MisShaping the merchant account industry…