Information on Merchant Accounts,
Ecommerce and Credit Card Processing

October 16th, 2016 by MSI Newsletters

Clover vs Square Register

Filed in: Monthly Newsletters |

If you’re in the market for a point of sale (POS) system odds are you have run across both Square’s Register and the Clover POS System. There is a lot of information out there to go through, so we wanted to compile an easy to read comparison of two of the Clover offerings, the Mini, the Mobile, and Square’s Stand. All of these are POS systems are designed to be low cost tables based systems aimed at small businesses.

Hardware Capabilities

As far as what you get out of the box, both Clovers have unique advantages over the Square Stand. Where the Stand is nothing more than an iPad stand with a built in card reader the Clover options are both purpose built POS devices based on tablet computers. The Stand lacks current payment technologies like EMV and NFC (think ApplePay), and most of its accessories cost more than the equivalents from Clover. Another thing I like about the Clover options is that the Mini comes with a built in printer and the mobile a built in bar code scanner, which are usually quite expensive if you have to buy them separately.

Before we get into price please take a look at the table below to see how each system is configured out of the box.

Printer Cash Drawer Kitchen Printer Bar code Scanner EMV/NFC Connectivity
Square Stand Optional Optional Optional Optional Optional Depends on Ipad model
Clover Mini Built in Optional Optional Optional EMV & NFC Ethernet / WiFi
Clover Mobile Optional Optional Optional Built In EMV & NFC WiFi / 4G

App Markets

Both offerings have their own app markets where you can add just about any features you can imagine. Both Clover and Square have worked hard to build an app ecosystem to enhance small businesses and I highly recommend looking at both Square’s App Marketplace and Clovers App Market.

Unfortunately I found you have to register with Square to get much information about the cost of their apps, and of the ones I could find costs on it seems most were variable rate based on different metrics. With Clover on the other hand their App Market is open for anyone to view without registration, and while some of the apps use variable pricing based on usage, many, if not most are either free, or have a flat rate regardless of usage.

I really like the use of App Markets, as it doesn’t lock you in to paying for features you will never use and its give you the ability to change aspects of your Point of Sale without having to buy an entirely new system. This is a huge improvement to what merchants using legacy POS systems are used to.

Purchase Price

Let me preface by stating the Square Stand is $99, however you have to have an iPad to go in it. Whether you already have the iPad or you’re having to buy one, at some point that device cost a minimum of $399 new, so I included as part of the Square Stand unit cost. Depending on the actual iPad being used, it’s possible that the initial cost is more than $498, and using a refurbished iPad may lower the initial cost.

Looking at the table below you can see right out of the gate that Square’s Stand with the cost of the iPad included actually costs slightly more than the Clover Mini, even though it’s missing a printer and the ability to accept current EMV payment types. Alternatively the Clover Mobile is almost $125 cheaper than the Square Stand, including the IPad cost, and includes a bar code scanner which will set you back $119 from Square.

Let’s say you have a retail store front and you need a point of sale, a printer, cash drawer, bar code scanner, and the ability to accept payments based on current EMV technology, the Square Stand and accessories would cost you $1,194. By contrast, the Clover Mini would run you $718, and the Clover Mobile at just $624. This was surprising to me, when I started researching this article as I thought the costs would be exactly the opposite. What’s most surprising is even if you didn’t have to buy an iPad, it’s still cheaper to go with either of the Clover options, we also put together a Clover configuration builder to see what a system costs with only the accessories you need.

Unit Price Printer Cash Drawer Kitchen Printer Bar code Scanner EMV/NFC Total (POS, Printer, Cash Drawer)
Square Stand $498 $299 $229 $299 $119 Starts @ $49 $1075
Clover Mini $490 Included $99 $349 $129 Included $589
Clover Mobile $375 $150 $99 $349 Included Included $624

Monthly Costs

I was thinking this is where Square would have an overwhelming advantage, but it’s not nearly as wide a margin as I thought. Square and its associated accessories do not carry a monthly fee for the basic setup, where either Clovers cost about $40 per month when you have the POS software activated. A note on this, both Clovers can operate without full functionality for no monthly fee. This is actually sufficient for many merchants, but to gain full access to the features and app market, a merchant needs to pay the $40 monthly fee. That being said Clover comes with a ton a benefits and many of the apps in their App Market are free, or have free trials you can use to test out the app. If you’re just looking for a basic register capabilities you don’t have to activate the POS function in Clover, you can just use it as a very advanced cash register. When the POS functionality is turned off, many of the apps in the Clover Market won’t function, but there are still many available apps that will work when not using the full POS mode.

Once you start adding apps to the Square register, the costs really start to add up. For example if you want employee management capabilities and your using Square, your going to pay $5 per month per employee. Clover has some very basic employee management built in, but you can add an employee management app, like Homebase. Homebase has a free subscription level which is more than adequate for most businesses, but if you are in need of some of their premium services they charge a flat monthly price instead of basing it on the number of employees.

A couple other examples: Inventory management, while Clover includes a solid base inventory system you’re going to spend at minimum $10 per month to get similar functionality out of a Square setup. Or if you’re a restaurant, on Square you can add the TouchBistro app for $69 per month, where restaurant and retail functionalities are built into Clover from the start.

When you start adding up software add-ons from both Clover and Square their costs become fairly equal for basic usage, and while Square’s monthly fees come out a little better in some scenarios the same can be said for Clover. When the amount of apps and usage increase substantially, Clover often has a significant advantage in cost.

These monthly costs often come as a surprise to merchants who have not used legacy POS systems, but in our experience the cost of these tablet based POS system is an incredible discount. Some of the monthly or annual licensing fees for POS systems are almost unbelievable when you look at it all on paper. We routinely see single station POS systems costing upwards of $200 per month, and often there are 4 digit fees to make any changes to the system. Tables based POS systems remove this blatant gouging and complicated licensing almost entirely.

Merchant Account Costs

Most people know Square offers a two tier pricing structure without any monthly or annual fees on their merchant accounts. We have already written extensively about when using a full service merchant account with monthly and annual fees become more cost effective than Square. So in this section I’m just going to give you a quick summary. If you would like to read the previous article you can find it here.

If you’re processing less than $2,000 per month in card sales, then a Square is probably the cheapest option for you. Once you consistently exceed $2,000 per month in total card sales, a full service merchant account starts to become the lower cost option. In any case with Square, you need to deal with the absence of quality customer support. Additionally, because Square’s pricing is setup so they actually lose money on small ticket transactions, we do not anticipate Square or their investors to stomach this pricing model indefinitely. It wouldn’t be the least bit surprising to see Square add a transaction fee or increase their processing rate to compensate for the rate they are losing on small transactions. Time will tell how they finally address it though.

We also have a Clover builder where you can build and price a Clover system with additional stations or peripherals. We’re currently offering a discount which gives a free Clover Mini or Mobile to new merchant account customers. Call us at: (888) 528-0058, visit our website, or if you’re in Austin, TX, stop by our showroom and check out a Clover in person.

No matter how you are processing card payments today, if you’re wondering if it would be more cost effective to process card payments a different way we would be happy to help. You can contact one of our specialists at (888) 528-0058, or by email at and we will build you a custom report specific to your business comparing your current setup to alternatives and give you a recommendation.

September 16th, 2016 by MSI Newsletters

Wireless EMV – Cellular Devices

Filed in: Monthly Newsletters |

For many small businesses mobility is a must, and over the years more and more options have been coming out to meet the needs of these businesses. From smartphones, to credit card terminals, to fully mobile point of sale systems, there is an option out there to fit any type of mobile business, but many seem to be lacking in the newest payment technologies like Smart Cards (EMV) and Apple/Samsung Pay (NFC). For those merchants who would benefit from mobile processing and would like to take the EMV and NFC, we have put together a short list of devices that we think its worth looking into.

The Quick and Simple – Smartphones and Tablets

Clover Go

This small card reader connects through your phone or tablet’s head phone jack and can accept swiped or EMV transaction through the Clover Go app. Clover will soon be releasing a model that will connect wirelessly to you Smart Device so a phone and the Clover Go no longer need to be physically connected.

While the Clover Go app is quick and easy to use it does not compromise security or convenience. This app comes with TransArmor, the industry’s leading data protection solution, which secures each transaction all the way through the transaction process. For merchants already using a Clover system the Go can be integrated into the existing system to make it a mobile extension of the business.

More Robust / Higher Frequency – Desktop Wireless Terminal

Ingenico iWL255

For businesses that need a device dedicated to payments most turn to wireless terminals. Good wireless terminals are absolute work horses, designed to take a high volume of credit card transactions in rapid succession. On the down side wireless devices tend to costs more than standard terminals and do carry a monthly wireless fee however if your business needs a fast and robust processing solution these are many times the best option.

The Ingenico iWL 255 is one example of a great wireless terminal option that supports both EMV and NFC transactions as well as Pin Debit. Its compact and light weight design features a bright full color display that provides outstanding readability both inside and out.  Between its extended life battery and 3G cellular communication the IWL 255 will last all day in most active retail environments.

If you are looking for a wireless terminal don’t skip over the next option below.

Full Point of Sale

Clover Mobile

This device can be as minimal as a wireless terminal, or as tricked out as a full blown point of sale system. While it costs about the same as many wireless terminal options it’s as flexible as you would ever need it to be. In terminal mode you have access to a small number of apps through the Clover Market which allow you to customize the device to your needs. If you want to take full advantage of Clover Mobile you can upgrade it to Point of Sale mode, which opens up inventory controls, and the full Clover app market.

Like the Clover Go, the Mobile’s transactions are secured through TransArmor, and can integrate with existing Clover systems. It comes with EMV, NFC and PIN Debit capabilities and communicates over 3G and Wifi. It features a large full color touchscreen, bar code reader, camera, and can be connected other optional hardware. For example you can add the Clover Mobile Printer which can print wirelessly and operates on an all-day battery.

The App Market give you access to add additional inventory controls, employee management, Gift Cards, customer communication and much more. Unlike traditional point of sale systems where you are stuck with the features built in by the vendor, and you pay for every feature regardless of if you use it, the App Market allows you to customize the system to your business and use the features you want. There are many free and paid apps in the market, and first and third party vendors are adding more every day.

Final thoughts

Above are just a few wireless options that are available to businesses today. All are reasonably affordable, fast, and secure, offering a unique user experience. At The Merchant Store we offer all of these devices to any business owner at wholesale prices.

If you have any questions about the options here, or even general industry questions please contact us at your earliest convenience at (866) 937-5973. For the first 5 businesses who setup a merchant account with us and mention this article we will also pay for the first 3 months of monthly fees.

If you don’t have a clover station, check out the Clover POS system today. Clover is a well developed POS system for a fraction of the cost of many legacy POS systems.

We offer a free Clover mini or mobile, or up to $500 off the cost of a new Clover system for new merchant account customers.

Learn About or Get your Clover today.

June 16th, 2016 by MSI Newsletters

Capital Advances

Filed in: Monthly Newsletters |

Are you looking for money to expand your business, add inventory, purchase new equipment, or do renovations? A capital advance could be a helpful tool to expand your business and are much easier to get than more traditional forms of small business funding. There are two sides to every coin however and it’s important to know that this option does tend to have a higher overall cost. If your business is looking for funding it would be a good idea to review this options and see if its good fit for your business.

How it works:

Unlike a loan where you are borrowing money that then needs to be paid back in regular amounts and on regular intervals, in a capital advance your selling your business’s future receivables for cash today. Once your account has been funded we will take a small portion of each batch you process until the advanced funding is paid back. That means no fixed monthly costs, your automatic payments fluctuate with your credit card processing volume.

Application Process:

capital advances are based on your monthly credit card volume and ranging from $5,000 to $1 million. Most capital advance options out there are designed to have a simple application process with no application fee and no obligation accept the funds once approved.

While I can’t speak for other companies offering capital advances, at The Merchant Store once you complete our one page application you will be contacted within 24 hours by a funding specialist who will discuss the funding solutions with you. We can have funds deposited in your bank account in as little as 5 business days from receiving the application in most cases. See below for our approval criteria.


Approval Criteria:

  1. Monthly credit card volume: $5,000 or greater
  2. Business age: Greater than 12 months
  3. Tax liens: $20,000 or less
  4. Bankruptcy: Older than 12 months
  5. Primary residence: Must not be in foreclosure
  6. Business rent: No more than 30 days delinquent
  7. Bank account: No frequent overdrafts
  8. Business location: Not home based
  9. Average ticket: $600 or less
  10. Capital advances: No previous capital advances in past 60 days.

If you interested in more information about our capital advance options please contact us at (888) 528-0058 and we will help you get started.

capital advances: No previous capital advances in past 60 days.

Gateways aren’t just for e-commerce

The primary function of most gateways in the past was to handle a credit card transaction between a business shopping cart and their processor. These days however many gateways offer advanced features that can meet the needs many business types. Below are a few key features that apply to many different business types.

QuickBooks Integration

If you are using QuickBooks to process your credit card transaction you are most likely using Intuits credit card processing. Many gateways, including our own, now integrate directly with QuickBooks which give your many more options when it comes to credit card processing. These integrations can also include the ability to access other features in the gateway right from Quickbooks. See Customer Vault, and Recurring Billing below. Also if you are processing with Intuit and have not reviewed what you’re paying them to process your transactions recently I suggest you start seeing what other options are available to you.

Customer Vault

This feature allows you to store you customer’s credit card data in the gateways secured environment so you can access it for rebilling without having to request the credit card details for each returning customer. This ability to keep a card on file lowers risk of error, and makes transactions much easier for both the business and their consumers.

Recurring Billing

For businesses that have customers who are on service plans, memberships, or any other type of regular payment recurring billing allows you to automate the payment process. You can set recurring amounts per induvial customer or create plans and assign your customer to the billing plan that your agreement. This can be a great time saver for many businesses.

Mobile Processing

Processing transaction on a Smartphone is an easy, and low cost solution for mobile merchants. Our gateway allows you to add multiple smartphones, tablets, and computer to their system so you can run transaction anywhere from your device. Whether you just need access to hand key a transaction every now and again, or need to be able to swipe a credit card at a high place trade show, this is a flexible option without the cost of the traditional wireless terminal.


Our gateway gives you the ability to invoice your customers and provides a direct link to make payment. Just a few clicks and your customer has an invoice in their inbox, and they are just a few more clicks from finalizing payment. While you don’t have to customer the look of the invoice or the payment page, you have the ability brand everything so it fits your business.

These features are just a small handful of what the MSI Gateway offers, and can be mixed and matched together to fit any business needs at a very affordable price. Our gateway service, including a virtual terminal and recurring billing starts at $8.00 per month and $0.08 per transaction. If you are interested in hearing more about the gateway features here or any additional features please contact one of our representatives at (888) 528-0058 or visit our website.

May 16th, 2016 by MSI Newsletters

Make your terminal or POS last longer

Filed in: Monthly Newsletters |

Make your terminal or POS last longer

Credit card terminals and POS systems are typically designed with reliable components that should last for many years. However, there are ways to decrease the lifespan of credit card processing equipment and many merchant may not know they’re already doing them.

Common ways to reduce the lifespan of processing equipment

  • Heat
  • Liquids
  • Physical Damage
  • Power Surges


The most common way that the lifespan of processing equipment is reduced is having it in an area where the equipment overheats. This is especially true for systems that experience heavy usage like a POS system. The best way to keep equipment cool is to make sure there is adequate ventilation around it. These machines are typically designed to produce as little heat as possible but when they are placed in enclosed spaces or areas with poor airflow, heat can accumulate around the equipment. Unless it’s extreme, this doesn’t result in immediate failure, but over time will degrade the electronics and cause the equipment to fail before it otherwise would have. For POS system or equipment with fans, make sure the discharge is away from the equipment.


It goes without saying that liquid and electronics don’t mix well, but we commonly hear about drinks being spilled on terminals, especially in restaurants and counter service businesses. POS systems and credit card terminals are often in a location that makes then highly likely to be spilled on. Keep sodas, drinks, and other liquids away from processing equipment or put the equipment in a place where it is less likely someone would store a drink next to it.

Physical Damage

Credit card terminals, especially the portable ones, are built to be durable. But they’re still not designed to be dropped or heavily impacted. Even if there is no visible damage to the equipment, there are security features that may make the equipment unusable. Using a fixed stand or making sure cables are secured to the wall or counter will make sure it doesn’t get knocked onto the floor. Wireless terminals are more difficult because they’re constantly moved around, so diligence, or storing them in a padded bag when being transported, is the best way to prevent them from being damaged.

Power Surges

It is an absolute must to use a power strip that protects a POS system or credit card terminal from power surges. This is even more important if you live in an area that receives frequent lightning. Even if the power isn’t completely knocked out, power surges can wipe the programming, damage, or completely destroy processing equipment. This is by far the most common way we see terminals get damaged. A GFCI outlet does not protect equipment from surges, you must use a UPS (uninterpretable power supply) or power strip that is designed to protect from power fluctuation. The best ones also have ports for Ethernet and dial phone lines that protect from surges through these connections in addition to the power. Not all power strips actually protect from surges so unless the strip specifically states that it does, assume that it wont.

These are the 4 most common ways we see equipment get broken or the life reduced below what should be reasonably expected. Processing equipment isn’t going to last forever, but because of the slow nature of changes in processing technology, processing equipment can last a long time if treated properly.

April 16th, 2016 by MSI Newsletters

Smart Phone Processing Outside a Square

Filed in: Monthly Newsletters |

In the past there was only one option when it came to truly mobile processing, the cellular credit card terminal. While these devices work great and offer fast, stable, transactions, they are expensive and come with additional monthly fees from a wireless provider. As technology has progressed, so have the wireless processing options, like the smartphone or tablet. Setting up a smartphone or tablet to process your credit card transactions is a great alternative to traditional wireless devices, by offering a lower cost of entry and flexible options.

For many merchants smartphones and tablets offer a conventional way to accept credit card payments, however many of the popular options, like Square, come with high per transaction costs that can really add up. If  your business is processing less than $2,000 per month in credit card sales its generally more cost effective to use a company like Square because of their lack of monthly and annual fees. On the other hand if your processing volume exceeds $2,000 per month, paying lower transaction fees through a full service merchant account will generally more than offset any added monthly fees, not to mention the availability of dedicated support with a full service merchant account. Take for example a food truck processing $10,000 per month with a Square account. At a flat 2.75% per swipe fee they are going to be paying $275 per month in credit card fees. With a full service merchant account costing them $12 per month and a lower effective swipe rate of 2.00% they would pay $212 per month, which is more than a 20% savings.

Our team has a lot of experience with the many options out there and would be happy to help you get started in the right direction. We do offer several different variations of this service supporting both Android and Apple products through our MSMobile program. MSMobile customers are charged a small monthly fee, starting at $12 per month, and have a choice of rate structures including a flat rate option, which is lower than Squares 2.75%. From how you charge your customers to how your fees are structured MSMobile enables you the power to choose whats right for your business, which is why it has become one of our most popular wireless account options.

Reach out to one of our specialists or call us at (888) 528-0058 today and let us show you how we can put together a custom quote for your business.

Mobile Wallets (Apple and Samsung Pay)

Does your business accept mobile wallet payments? A couple years ago mobile wallets were mostly unheard of and merchant acceptance was low outside of the eCommerce environment. Today with the rise of Apple Pay and Sumsung Pay, mobile wallets have started to take off and are projected to increase in coming years as more and more businesses add the ability to accept these payments. In an article last year,, said that in 2014 0.5% of NFC equipped smartphones were used at least once a month, and they were expecting that number to be closer to 5.0% by the end of 2015. This does make up a small portion of today payment volume, however over the next few years we expect to see a substantial increase in processing volume.

How do mobile devices work with mobile wallets?

Both Apple Pay and Sumsung Pay use Near Field Communication (NFC) to communicate with a business’s Point of Sale using tokenization to secure the card data. Basically when you register your credit card with your Apple or Samsung device the card issuer registers your card number to your mobile device. This means that neither the mobile device or its manufacturer needs to keep your card number on file. When you make a purchase on an NFC enabled point of sale the mobile device sends a one time use token, instead of a card number, that is recognized by the card issuer and linked back to your credit card.

Some devices equipped with Samsung Pay magnetic secure transmission (MST) which can work on almost any existing point of sale system. MST basically broadcasts your credit card data to the point of sale device just as the device would read the data from the traditional magnetic swipe on the credit card. This feature is clearly less secure than NFC, however MST only works within 3 inches of your mobile device and the transmission only lasts a second or two. Meaning if someone wanted to steal your card data, they would have to be awkwardly close to you for the moment that your mobile device sent the MST signal.

How do I start accepting payments from mobile wallets?

Start by speaking to your processor first. You just need an NFC enabled point of sale and the correct software, however you will want to make sure the hardware you purchase is supported by your processor. Many credit card terminals like Verifone’s Vx520 have an optional NFC reader, or you may even be able to add an accessory to your existing device to enable NFC payments. Once you have the required hardware your credit card processor can help you install the required software in your terminal.

March 16th, 2016 by MSI Newsletters

What do you get for your Statement Fee ??

Filed in: Monthly Newsletters |

You have probably noticed one to two little fees on your merchant account statement that would range anywhere from $5.00 to $30.00. This little monthly fee has many names such as account fee, account on file, mailing, processing, statement, internet, access and even just plain monthly fee. All of these pretty much pertain to this charge that is generated from the processing company and can be lumped together as a statement fee. The charge began when merchant accounts first came out back in the 70’s and covered the bank’s cost of mailing statements and overhead pretty much like the monthly fee for a checking account. Over time this monthly fee still covers the mailing of the statements and has become a profit source for some processors. Most processors charge a statement fee even if the statement is online or emailed to the merchant and some even charge a second fee for the privlege of an online statement.

For most merchants they will get something that looks like this for their money:

This statement will have your basic information from the previous months. Very much like a bank statement, it will have your monthly volume, broken down by card type and your daily deposits from your credit card processing. Your statement will also have the fees you paid for your credit card processing from the previous month. Hopefully your processor is breaking down your fees down to your discount rate, transaction fee, and any monthly fees associated with your merchant account. So basically this statement is a receipt for the fees that you have paid for processing credit cards.

At The Merchant Store, our statement fee covers a lot more than just the mailing of a standard statement. Our fee covers an Online service called Access One. This is an Online portal that is included with your merchant account to give you the abilities that up to now were only available for an additional fee or for very large companies and nationwide chains.

First, when you log in you will have a dashboard that gives you a snapshot of the the current batch, month to date and year to date processing. The dashboard gives you a 13 month rolling history of your processing. This information is broken down by card type, gross sales, returns, and net sales after any returns or charge backs.

Not only do you have access to your current statement but you will have every statement you have ever had available to you any time that you need it.

Access One gives our merchants access to the following information and reports:

With this system you will be able to see your batches, deposits and all voids/declines or returns. This is a way to double check your returns on a daily basis and make sure they are all approved.

A very cool feature is the transaction search feature where you can find any transaction that ran through your system:

Our Access One system goes way beyond a statement receipt for our merchants. This is a tool you can use to keep abreast of your current processing as well as the past history of your statements, transactions as well as batches and deposits. Access One also enables you to open customer service questions while you are in the system that will be answered in expedited way.

Make sure you have a system working for you, get the Access One system included with your merchant account.

February 16th, 2016 by MSI Newsletters

Who is PCI and why is he charging me every month???

Filed in: Monthly Newsletters |

If you are like a lot of merchants when you take a close look at your credit card processing statement you will see a $20 to $35 monthly fee for PCI non-compliance. PCI or actually “PCI DSS” stands for Payment Card Industry Data Security Standards and is a list of requirements for all companies that process, store, or transmit credit card information. These standards were created in 2004 to focus on improving payment security. Then in 2006 PCI DSS 1.0 was released and businesses accepting credit card payments were required to be compliant. Version 1.0 was the first time all of the card brands supported one security standard for card payments. Unfortunately, less than 25% of small businesses have become compliant, and processors charge the rest a “non-compliance” fee until they go through the procedures to become certified.

In this article we will go over some details about PCI and shed light on a topic that many merchants feel is unnecessary and many never go through the certification process.

Most small business owners see PCI as an added expense both in time and money, but the truth is the costs are quite low when compared to the potential risks. Many small business owners think they are too small for an attacker to spend time going after them or that since they don’t process online transitions that they are safe from data breaches. That being said as a business owner you may be more vulnerable than you think. Small businesses are far more likely to have unresolved system vulnerabilities making them much easier targets. In fact, it could take an attacker weeks or months to beach a large target, but many small businesses can be breached in a matter of minutes. Not just talking about e-commerce businesses either, in Verizon’s 2015 Data Breach Investigations Report one of the most affected industries for POS intrusion was retail. The PCI requirements are designed to teach you about data security and help you secure your business. Below are some key points pertaining to compliance and your business.

Self-Assessment Questionnaire:

We get many complaints from merchants that say the self-assessment questionnaire (SAQ) defeats the entire purpose. They say things like “what keeps people from just filling it out in a way that says they are complaint”, and I get their point, however I think this is the wrong way to look at it. The SAQ isn’t about a business saying they are secure; it’s about becoming more secure. On a conference call a couple years ago, a leading PCI security vendor made a good point. He said every business should treat the PCI requirements as a way to learn about securing their business and they should use it as a tool to make incremental changes each year. The card brands and PCI Security Council know credit cards are not going to be 100% secure no matter what they do, however continually putting the security standards in front of businesses helps to teach people how to best secure card data. Having worked on many of our own SAQs we know how frustrating it can be, however it is important. Start it early and do a little bit each day comparing the questions to your business and be prepared to make changes to operations to better protect yourself and your customers.

Vulnerability Scans:

As I said before, the card brands know they can’t make sure every transaction is handled securely, but vulnerability scans are a good way to at least alert a business to a known issue with their network. While this additional step is not required for every business, it’s an important step to securing many businesses. For small businesses that don’t have a team of IT people, this might be the only amount of system security verification that occurs. Most small businesses are connected to the Internet, and many of those are using household grade network appliances that are using out of the box configurations and don’t get normal security updates. According to Verizon’s figures in the 2015 Data Breach Investigations Report, 99.9% of exploited system vulnerabilities were compromised more than a year after they were published. What that means is most, if not all, of those breaches could have been prevented just by doing regular security updates. A vulnerability scan should catch most of those vulnerabilities and alert the business owner of the potential risks. Keep in mind the vulnerability scan from the PCI security vendor is only going to be able to scan the side of your network that touches the Internet. It is not able to test your internal computer systems so it’s good practice to make sure those are updated and properly maintained as well.

PCI Costs:

PCI fees vary from processor to processor but it’s pretty standard to be charged $90 to $150 per year for PCI Services. Some processors will charge this as an annual fee and some will charge it on a monthly basis. In addition to this service fee you may also see PCI non-compliance fees which normally run about $20 per month. The non-compliance fee is easily removed from your account by proving that you meet the PCI requirements. If you are using your processor’s PCI compliance service, the fee is usually automatically removed once you are shown to be in compliance. If you are using a third party you will be required to send them proof of compliance, normally in the form of a certificate which is obtained from your PCI vendor.

I suggest staying away from processor provided PCI insurance, unless it’s included at no additional cost. Hypothetically it’s “insurance” that covers your costs if you do have a breach, in reality it may or may not help. If you have some sort of fee for PCI insurance it would be a good idea to contact your processor and ask for the policy details, and maybe even how to remove the fee altogether as you may be paying for something that would not help at all. I am sure some processors have legitimate insurance they are providing, however you need to know what is covered and in what circumstances those things are covered. It’s likely there are many scenarios where the processors one size fits all insurance isn’t giving your business any real coverage.

Breach Costs:

If you are unfortunate enough to experience a data breach, the costs of both time and money add up very quickly. The PCI DSS requires that if a merchant even believes they have been breached they are to have a third party conduct a forensic examination to determine if a breach has occurred. This can last weeks or months, and during this time they require your point of sale be shut down. It’s estimated that a small business examination costs between $20,000 and $50,000.

Then there are those potential fines which start at $5,000 and can exceed $50,000. It’s true that many small businesses are not assessed a fine for their first breach, however the ongoing PCI requirements for those merchants become much greater and fines can and have been assessed to those businesses that failed to become and maintain compliance.

Other Potential Beach Costs:

Notification of Customers: This cost can vary; however, it’s going to require you to send letters to anyone who did business with you around the time of the breach. You’re going to have to be sending multiple communications so you’re probably looking at a cost of at least $2.50 per customer.

Card Replacement Costs: You could be required to pay back the card issuers for having to reissue new credit cards to their customers. These fees can range from $3 to $10 per card.

Credit Monitoring: You may be required to provide each customer affected by your data breach with credit monitoring services for a year.

Liability for fraud charges: Your business may be held liability for any fraudulent charges on any card associated with your breach. For large breaches, the liability in this situation is practically unlimited.

Non-Monetary Costs: Your business may be required to contact past customers and explain that you breached their credit card data. You may end up with a spot on the evening news. These things add up to much more than just lost sales and time. It also puts you at risk of not being able to accept card payments any more as the card association may choose to no longer allow you to accept their cards


The costs to be PCI compliant are negligible compare to the costs of even a potential breach. Becoming PCI complaint helps you better protect yourself and your customers, and if there ever is a breach, your penalties are likely to be significantly less than had you not been compliant. The next time you see that your PCI compliance certification is due, look at it as a way to secure your business and customers against fraud.

January 16th, 2016 by MSI Newsletters

IRS and Taxes

Filed in: Monthly Newsletters |

Happy new year!

In this edition, we wanted to give a quick reminder about processing fees and how they affect a business’s taxes, have a few quick fraud tips for online merchants, and are introducing a limited time new year special. This month we are featuring the Salon Scheduler Clover POS application for salons and other businesses who have to manage customer appointments.

Happy new year and many more,
from all the staff at The Merchant Store

IRS and Taxes

Processing fees and costs are business expenses and are often overlooked by business owners filing their taxes. Make sure to, or have your accountant, deduct applicable processing fees when you file your taxes this year.

1099K / TIN Reporting

In 2008, buried in the middle of the Housing and Economic Recovery Act was a provision that had nothing to do with housing but was a new requirement that banks and credit processors must now report payments to the IRS. The rule, which took effect in 2012, was meant to “improve voluntary tax compliance” by business taxpayers to help the IRS determine whether their tax returns are correct and complete. This is where the 1099-k was born.

Merchants are now required to complete a W9 form for their credit card processor, if in the prior calendar year, they received payments:

  • from payment card transactions (e.g., debit, credit or stored-value cards), and/or
  • in settlement of third-party payment network transactions above the minimum reporting thresholds of –
    • gross payments that exceed $20,000 AND
    • more than 200 such transactions

Merchant’s now receive a 1099K statement from their processor detailing the gross sales that they accepted during the previous calendar year. Keep this statement for your tax records.

The amount being reported on the 1099K is very likely to be different than the actual net amount that a merchant processes throughout the year. This is due to the complexities in how the money is reported and that processors generally do not account for voided or canceled transactions, tips, refunds, and other non-sale transactions. We strongly suggest not using the amount directly from the 1099K for reporting actual revenue to the IRS, unless it matches a merchant’s actual sales amount. Instead, use processing receipts or the actual income recorded by your accounting procedures.

Important tips

For legal advice involving reporting your sales on your tax return, we strongly suggest speaking with a qualified CPA or tax attorney.

Merchant who do not file a W9 or the processor is unable to match the submitted information with what the IRS has on file may be subject to 28% withholdings by the IRS. 28% withholding is on gross sales, and occurs when the processor receives a withholding notice from the IRS.

If money is held at any point during the year, the only way to recover it is on the following year’s tax return. If you do have money held by the IRS, keep track of any applicable documentation, and make sure to report the money being held on your tax return. If a business owes taxes at the end of the year, the withheld money is normally applied against the amount owed to the IRS.

If you change your business structure, business name, EIN, or other information required to file your taxes, make sure to notify your processor so they can file the proper paperwork with the IRS. At any time, if the IRS deems that the information your processor has on file is not matching the IRS database, it is possible to be flagged for backup withholding.

December 16th, 2015 by MSI Newsletters


Filed in: Monthly Newsletters |

Chargebacks are something that almost all merchants who accept credit cards will have to deal with at one time or another. In our experience, there is often a lot of bad information about how the chargeback system works and what parties are involved in the chargeback process. We want to briefly overview how the chargeback system works and how this can affect merchants who receive a chargeback from a customer.

Chargebacks can be a costly surprise for the unsuspecting business owner and even more so for merchants in certain higher risk industries, where chargebacks are often a constant burden. Some consumers even know how to use the chargeback system so well, they commit a type of fraud called friendly fraud using the chargeback system.

What is a chargeback?

To begin, a chargeback is essentially a dispute made by a customer or the bank that issued the credit card to the customer. This dispute could be for a number of reasons but essentially they are disputing the validity of a transaction with their card card and a merchant who accepted it. The terms may vary by the type of card and how a transactions is processed, but the ability to request a chargeback is a fundamental protection that comes with all credit and debit cards. Once a chargeback is initiated, it is important for merchants to quickly respond to the chargeback claim, as they will lose the money they had previously received for the transaction if they do not respond.

The chargeback process

A chargeback is initiated when a card holder or their bank feel that a transaction was not valid, for the amount, service, quality of goods that a merchant sold, or a number of other reasons. One of the most common types of chargebacks is simply if a card holder’s credit card number is stolen and used by a thief. Some other common reasons for chargebacks are : defective goods or goods are not as described, non-authorized sale, key data points missing from point of sale system, delay in batching transaction, duplicate transaction or credit not issued and non-delivery of sale item. Unfortunately many of these chargebacks reason codes such as defective or goods not as described can be very subjective and the issuing bank tends to rule heavily in favor of their customer. Also, issuing banks will sometimes initiate a chargeback if the transaction is outside of the normal behavior pattern of the customer, and we’ve seen these types of chargebacks actually happen 3 to 4 months later. If you receive one of these issuing bank chargebacks, it’s a good idea to check with your processor because we have found that in rare cases you’re better off not responding. But, this is only in rare situations so make sure your processor has given you this advice otherwise, you’re guaranteed to lose the chargeback.

When a chargeback is requested, the card issuer files a chargeback request with the merchant’s processor. That processor immediately withdraws the funds for the transaction from the merchant. These are held in a reserve account pending the outcome of the chargeback investigation.

The merchant is then notified by their processor that they have received a chargeback and asked to provide proof that the transaction accepted by the merchant was legitimate. The merchant has 14 days to respond to this request or the issuer will automatically rule against them. Proof for a retail merchant is often a signed receipt and evidence that the card was swiped through a terminal or POS system. Now with the advent of EMV terminals we are seeing more and more chargebacks initiated by card issuers for non-EMV terminals. For Online and other non-retail merchants, proof is often showing tracking numbers and a delivery signature, but in any case it is much more difficult to prove the legitimacy of a transaction where the customer’s card was not electronically captured. Even if a merchant has a signed receipt or invoice, this is not proof of delivery for a non-swipe environment such as a phone or Internet order.

The processor then sends whatever information received from the merchant to the card issuer.

The card issuer then makes a decision on the validity of the transaction, and either returns the collected money back to the merchant, or releases it to the cardholder, depending on which side they rule in favor of.

If the issuer rules in the favor of the cardholder, the merchant may still has an opportunity for arbitration over the validity of the transaction, but there is significant, and irrecoverable, cost to the merchant if they wish to go to arbitration. The cost is $500 to take the case to arbitration and most processors won’t take the case to arbitration unless the merchant has paid the $500 and they feel the merchant has a very good chance of success. The arbitration process then takes another 45 days to complete.

Important points

  • Chargebacks can generally be made for 120 – 180 days after a transaction is considered settled. This is important because in the event of custom, recurring, or prepaid products or services, the liability for a chargeback is often considered beginning on the date the transaction and service is considered complete, which may not be the initial date of the sale itself, but the date of the final payment. If the transaction is for a future deliverables the time frame for a chargeback can go up to 540 days.
  • Here is a brief description of chargeback time limits:
    • In cases that involve delayed delivery or performance of goods and services, the period is 120 days from the date the goods and services were supposed to be provided.
    • In cases that involve interrupted services that were immediately available, then the 120 days begins when the services cease and the chargeback cannot exceed 540 days from when the services started.
  • If you do receive a chargeback, make sure not to refund the transaction! The money from the original transaction is already going to be reversed from your account. Refunding after a chargeback has been initiated can result in losing the recaptured chargeback funds money and not being able to recover the refund you just made. If a chargeback is in process, let the process play out even if the customer is requesting a refund directly.
  • It’s important to understand that the card issuer is the one making the decision on whether a transaction was valid or not. The processor acts as an intermediately between the card issuer and the merchant, but they do not have any say in how the issuer rules. They will however help the merchant if there is specific technical information requested by the issuer, such as proof that a transaction was swiped, as well as offering customer support through the chargeback process.
  • It may not be obvious as to the processor’s entire role in the payment process, but because of the risk of chargebacks, processors are actually acting as a guarantee and lender to a merchant accepting credit card transactions. The processor is completely labile for the cost of a chargeback if the merchant is unable to repay it. So in essence, a processor is issuing a loan to a merchant, every time they accept a card from a customer. It is only after a period of months when the risk of a chargeback goes to zero, that the money actually guaranteed to the merchant.
  • Merchants who receive excessive chargebacks can be terminated by card associations, and in some cases are prohibited from accepting cards again in the future, both personally and the business that received the chargebacks. Card associations will levy hefty fines for merchant who continually exceed allowable chargeback levels. Most processors have their own limits but MasterCard will start fining a merchant if they have chargebacks and refunds over 2% or a total of 150 chargebacks in one month period.

Friendly Chargebacks

A type of fraud that has become increasingly common over the past 10 or so years is called friendly fruad. Friendly fraud is where a legitimate customer requests a chargeback to avoid paying for a good or service while at the same time having no plan on returning the product back to the merchant. Because of certain chargeback protections that favor the consumer, this is still something that many businesses experience. In the case of frindly fraud, if a merchant loses the chargeback, they can use the legal system. either by filing a police report, or can use the small claims or regular court system in effort to try and recover either the payment or the goods that were provided. This can be costly in itself, so it’s a good idea to be 100% sure that friendly fraud has occurred and the cost of goods is worth the time and effort to try and recover.

Retrieval Requests

Before initiating certain chargebacks, the issuer may require a copy of the electronic data or copy of the draft associated with a transaction to substantiate a chargeback. If proper documentation is not given to the issuer, the retrieval request will then move into a chargeback status, and depending on the reasoning behind the retrieval request, the merchant may not be able to win if they didn’t reply to the initial request. Treat retrieval requests like chargebacks if you ever receive one.


November 17th, 2015 by Jamie Estep

Credit Card Terminal Videos: Update Date and Time on Verifone VX520’s

Filed in: Credit Card Equipment, Videos |

We’re going to start publishing a series of videos on how to accomplish routine functions on credit card terminals, payment gateways, and other processing equipment. The first video in our series is simple but often requested: How to update the date and time on Verifone VX520 Credit Card Terminals. Additionally, this should work on most other VX model credit card terminals by Verifone.