SelbySoft has a complete line of the new EMV or chip and signature machines available for you! EMV is the safest way to make sure you are not involved in credit card fraud and that you, and your customer, are completely covered.
With our integrated side terminals, you are no longer touching the credit card. The customer simply inserts the card and follows the prompt. They can even tip right on the machine!
Give us a call to see how we can simplify the process for you and your coffee or pizza shop.
Here is some great EMV information from Novera Payments, a valued partner of SelbySoft.
Four Frequently Asked Questions about EMV
Visa and MasterCard have begun to bring the new EMV technology to the United States. For financial institutions, this means issuing cardholders new credit cards and updating networks to process EMV data. For merchants, this will mean purchasing new EMV-capable credit card processing equipment. EMV will benefit you in the form of increased security, reduced fraud, and even expanded marketing opportunities for small businesses. Here are four frequently asked questions to help you better understand this new program.
What is an EMV Credit Card?
In light of several recent major data breaches, you may have heard the term “EMV credit card” used in news reports. When it was created, EMV stood for Europay, asterCard and Visa. It is a global standard for credit cards equipped with computer chips, as well as technology used to authenticate chip-card transactions. Simply put, this technology better protects consumers and makes it more difficult for people to counterfeit cards and commit fraudulent
What Makes EMV Cards Different?
When you look at your credit card, if you see a small metallic square, that’s a computer chip and it is what makes the card an EMV card. The basic difference between traditional credit cards with magnetic stripes and EMV cards with computer chips is that the magnetic strip cards hold static data and the computer chipped EMV cards hold dynamic data. If the magnetic stripe card is compromised, the data can be used over and over again because it doesn’t change. This makes it easy for fraudsters to profit from stolen card holder data. For the EMV card computer chip, with each transaction, a unique transaction code is generated and cannot be used again. That means if the credit card data is stolen from a single sale or transaction, the next time it is used, the card would simply be denied because the transaction code is no longer valid. This makes it much more difficult for nefarious people to profit from stolen card holder data.
What Does this Mean to Me?
For merchants and financial institutions, the switch to EMV means adding new in-store technology and internal processing systems, as well as complying with new liability regulations. For consumers, the switch to EMV means receiving and activating new credit cards and
learning new payment processes. The fundamental difference in the way the cards are used is with the magnetic stripe the consumer swipes the card through a terminal for the data to be read. With the new EMV cards, the consumer will “dip” the card in a terminal slot and wait for it to be processed. It is a little slower than the magnetic stripe swipe, so consumers will need
to get accustomed to it. Technology also exists called “contactless card reading” where the consumer taps the card against a terminal scanner to be read. However this “contactless” technology is not as prevalent in the United States as of today
When is the EMV Shift Going to Happen?
The shift to EMV technology has already started. This first issuance of EMV cards will have both technologies, magnetic stripe and the computer chip, but will ultimately transition to the computer chip only. The deadline set by major U.S. credit card issuers MasterCard,
Visa, Discover and American Express was October 1, 2015. That doesn’t mean that EVERYONE had been transitioned by then, but what it does mean is that the fraud burden shifted on that date. Basically the liability will shift to whoever is the least EMV-compliant
party in a fraudulent transaction. Novera and Selby Soft have an EMV implementation plan in place. Please click below to request more information.
Did you know that if you have Mercury Payment Systems, you have a great feature you may not even know about?
It’s MercuryStand-In. This service allows Mercury to safeguard you against network (credit card processing) outages. During stand-in, Mercury will approve all transactions up to the limit the merchant has. This makes sure that normal credit card outages don’t affect you or your bottom line.
Non on Mercury for credit card services? Check them out – It’s who we use at SelbySoft!
Bill Downey ETA CPP
Senior Sales Executive
Toll Free 800-846-4472 x4247
Are you still using a side terminal for your credit cards? If so, take a look at integrating them into SP-1. Why? Because it is easier for your staff and your customers. Let’s look at some of the ways that integrated credit cards can help:
One of our Customer Service guys recently took a call from someone that was asking about some specifics in the way our Credit Card system is setup. That sounded like a good blog topic!
SP-1 allows for some customization on the credit card side of things. Here are some of the most common items that we can customize.
Occasionally we are asked how to record a payment made in some way other than our default methods. As a quick review, SP-1 has the ability to accept:
Credit Card (five per transaction)
Account Charges (billing a customer)
Gift Cards (five per transaction)
Sometimes, that’s not enough. We have customers that take paper gift certificates, accept script, barter cash or even credit card transactions from an outside source like Square or Mogley.
In SP-1 we have the ability to create five special payment options to record items like this. When you select the gift card button, you will see those buttons at the top. In the example below, you see Mogley, Square and Gift Certificate options. This will also allow you to record an account number or approval number on the transaction. Keep in mind that it does not process through those methods, just record that it happened.
Of course, we will report on each of these as well (see below). Call us for more information!
PCI DSS is confusing stuff. The fact is that as a business that processes, stores or transmits credit card data, you are required to validate your compliance with the PCI-DSS standards.
Note that I said you have to validate. That does not mean that your data is safe! Most stores are responsible for completing an annual Self Assessment Questionnaire (SAQ) and a quarterly report from an Authorized Security Vendor (ASV) that you have passed a network scan.
Note that the PCI SAQ C-2 is the document that most of our customers are required to fill out. It’s 26 pages long and considered the “shortened version”.
So, what does it say? In short, use common sense. There are 11 sections to the document and each has its own particular bit of verification. NOTE, don’t take any of the following as legal advice or as the final word on how to fill out your PCI documents!
1) Installed a firewall and have it configured properly. Hopefully you have secured your WiFi and separated it from your POS system.
2) Don’t use default passwords . We won’t let you do this in version 7.60 and above but you still need to do it with your other passwords in Windows, your router etc.
3) Protect cardholder data. Make sure that your POS does not store data and insure that the credit card numbers are masked etc. Don’t write credit card numbers down and use an integrated solution.
4) Encrypt transmission of the card data on networks. We encrypt the data per standards between the local nodes on the network.
5) Use an anti-virus. We like Microsoft Security Essentials.
6) Develop & maintain secure systems. Make sure you maintain your POS with the most updated version . Also your Windows critical updates need to be kept up to date.
7) Restrict access to cardholder data to people that need it. Since the cards are not stored in SP-1, this is handled. If you write numbers down and save them, then you are opening a whole other can of worms.
8) Assign unique ID’s to each person with POS access. You do have unique employee ID’s right?
9) Restrict physical access to cardholder data. Since we don’t store cardholder data this should be a no brainier. If you write numbers down for some reason you need to have polices and procedures in place to insure that the data is not taken off site. Also, they need to be destroyed and secured in store (i.e. locked) until they are destroyed.
11) Test your processes and security systems. Make sure that you have a way to see if the network has been comprimised (hacked). Even just USB drives plugged in, software downloaded that is not approved or a wireless devices installed can through this question. Make sure you don’t let your POS become a home computer. Also, you have to have an qualified internal or external party perform a quarterly scan.
12) Maintain a policy that addresses information security. This concerns a lot of security issues in your store. One of the things most stores have never thought about is that you must have policies and procedures in place as far as employee electronic devices. Yes you are supposed to have a list of which employees are allowed to have what type of electronic devices in your store!
Contact us at:
8326 Woodland Ave. E
Puyallup Wa 98371
Contact us at:
8326 Woodland Ave. E
Puyallup Wa 98371
Who doesn’t take credit cards in today’s world? We all know the statistics regarding how accepting credit cards will boost your sales and increase average ticket sizes.
So, the question is how can we make this more efficient at the store level? By integrating the credit card system and getting rid of those separate units.
With a separate unit, the transaction usually goes something like this. . .
Employee rings up the order, selects credit cards, selects visa and then swipes the card through the separate terminal. . . at that point the employee enters at least the total and possibly the last four of the credit card, expiration and possibly the cvv. End result? The line is waiting. If you have multiple stations, then you are sharing or buying additional terminals.
If it’s a phone or delivery order, it gets worse! The employee has to actually write down the information and hand key it in while the customer is on hold. Twice the work and twice the security risk!
Now at the end of the night, you have to hope that the totals match, that an employees did not select cash in the POS and then still take a credit card and so on.
So how can we make this easier?
With our Integrated Secure Credit Card Processing System activated, the whole process is simplified:
The employee rings the order up, swipes the card and is done. That’s it!
Multiple stations? The interface works on all the computers in the location, each station will just swipe it on the monitor.
Phone or Delivery orders? Simply type the credit card number directly on the screen and it will process.
So there you go. . . A couple ways that integrating your credit card system can make your store more efficient and eliminate headaches for you, your employees and your customers!
Contact us at:
8326 Woodland Ave. E
Puyallup Wa 98371