No business wants to find themselves the victim of a data security breach. As we’ve seen with Target, Home Depot, Neiman Marcus and so many others, the size and frequency of these intrusions continue to increase with no signs of relief. Costs for these events stretch far beyond the impact of dealing with refunds and chargebacks from fraudulent transactions but also includes enrolling impacted members in credit monitoring services and fines assessed by the card brands. The most substantial financial impact of all may be the effect the breach has on the label. Sometimes brand loyalty is never regained.
Never look back
In retrospect, any of these businesses would have gladly invested in infrastructure and security to have avoided their costly mishap. This error is repeated with almost every violation reported. Weak areas within the businesses payment ecosystem are identified, proposals are generated for resolution, yet costs push the project back.
It’s not as hard as you might think
The truth is, cost does not have to be a factor when upgrading payment technology. Forgot clumsy websites, third-party gateways or costly technology companies when payment platforms exist that offer robust payment functionality at a fraction of the price. Combine this with secure payment technology like Point to Point Encryption and Tokenization (P2PE), safe hosted vault storage of card data, and you have a new payments ecosystem that significantly reduces the scope, cost and experience need to validate PCI Compliance.
Ultimate PCI compliance protection
Whether you operate a SaaS, subscription or any recurring payments business, the ability to securely store credit card data is paramount. With P2PE all card data is completely removed from your environment, which means you never see it or have access to it. While you can still have to use your token to process another transaction/refund at any time in the future, the token is useless with any other merchant processor. Access to the customer profiles and tokenized card data can now be freely shared with anyone on the team.
For many businesses in today’s economy, the process of accepting payment will continue to be pushed to a recurring or subscription-based model. Building automation into your payment ecosystem reduces cost and improves the delivery timeline of your goods and services, and like security can quickly pay for itself over a very short period. Choose a payment vendor with an open API so you can easily customize and see your payment ecosystem evolve as your company does.
No two businesses, and therefore, no two payment systems are the same. Evaluating options can be confusing, and it’s critical that you only work with a Certified Payment Professional to ensure your working with someone that has invested enough into their own personal knowledge and are therefore best suited to help guide you into a solution that best fits your needs. Never believe in the “one size fits all” solution and seek someone that can adequately explain the intricacies of accepting payments.
Chargebacks can come back to bite
Many merchants don’t take chargebacks as serious as they should, nor understand the risk model by which merchant processors operate. Chargebacks happen when a customer disputes the product or services with their card issuing bank. This typically occurs after the customer has reached out to the merchant for resolution, but was still unsatisfied. The Card Issuing Bank will then contact the merchant processor, who reaches out to the merchant for detail on the transaction. Once the merchant obtains all information, the resolution is negotiated between the card issuing bank and the merchant processor.
If the merchant shows an increase in chargebacks, risk management will want to know why. They will investigate things like changes in the business, changes in quality, inconsistent advertising and most importantly, the financial health of the company. The risk management department wants to know that this merchant can pay for all the refunds that would result if a large percentage of the customers began disputing transactions. For example, if a SaaS business with $50,000 per month in sales, had a massive influx of chargebacks that the SaaS company lost it’s right to, can they pay for them? If they can’t the liability becomes the merchant processor. These are the reasons underwriting departments will often ask for financial data as well as business details.
Features never go out of style
While we predict that P2PE enabled devices will become the norm in the years to come, some elements could have a significant financial impact on your business and will truly separate the best merchant service providers with anyone else:
Full subscription payment management – Dashboard for managing all payments
Account Updater – Never see declines for expired or replaced cards again.
Interchange Pricing – True pass-through pricing from the card brands
API – Easily bring payments into workflow
ACH Processing – Enable more payment types