Categories

The Future of Credit Card Security

Monday, January 20, 2014
posted by admin

The method of acceptance of credit card payments is changing. The old model of swiping a card is being replaced with a new smart chip because of the added security. This new technology is called EMV. Some customers have even stopped carrying the physical credit card and instead choose to use their phone as their form of payment. This technology is called NFC. If your business is not accepting these forms of payment you are potentially missing out on revenue and will soon be shifting the liability of fraud onto your business.

The following video will explain this new technology.

What Can We Learn from The Target Debacle?

Monday, December 23, 2013
posted by admin

Is your business PCI compliant?

As you have likely heard, Target recently had credit / debit card information stolen from over 40 million of their customers. Target’s credit/debit card data breach is a great reminder why every merchant needs to be PCI compliant. You don’t need to be a multi-billion dollar retailer to be concerned about the safety of your customer’s credit card security. These types of breaches happen to large and small merchants alike, but whether or not your business is PCI compliant can drastically change the outcome of a breach. If a merchant has a breach and is not PCI compliant, they will receive severe fines and be responsible for any charges of any stolen information. If you take credit card payments and are not comfortable with PCI compliance requirements, please contact me.

We reached out to our friends at Nelson Mullins, a leading law firm with expertise in the payments industry. They shared this advice with us to share with you!

Top Ten Things Companies Can Do IN ADVANCE Of A Data Breach:

10. Review Your Breach Response Plan – If you have a plan, review it now and if necessary update it immediately. The threats are constantly changing, and everyone needs to have thought carefully about current risks and current risk tolerances within the company. If you don’t have a plan, you need one and you need one fast. The environment is volatile, and there are serious consequences from a regulatory and governance perspective for being inadequately prepared.

9. Assemble Your Team – Your team leader needs to be identified now, in advance of a crisis. During a breach or crisis situation, things happen fast and decisions affecting the entire company will need to be made thoughtfully, with judgment and maturity and in the best interest of the company. There will need to be a balance among the various interests and a person to call balls and strikes when disagreements about the appropriate course of action develop. What legal wants may not be what marketing wants under the circumstances. Decisions of consequence will need to be made and in a short period of time.

8. Secure Outside Counsel Immediately in the Event of a Breach or Data Loss – In the event of a breach or data loss requiring notification, every part of this process should be subject to the attorney client privilege. This should be someone that can effectively marshal the internal team and provide leadership and guidance while the company is under sustained fire from the media.

7. Begin the Investigation Immediately – The sooner you are able to get your arms around what has happened or is happening, the sooner you can fix it. The investigation will be real time and require a constant flow of information to the necessary decision makers. Here is where the attorney client privilege is very important. Until you know the scope and seriousness of a breach or data loss, things should be on a need-to-know basis only, and a record must be made along the way to explain how decisions were made based upon the known information at the time. This record becomes important from a legal and regulatory perspective, and it must be protected by the privilege.

6. Be Prepared To Engage Outside Experts – Depending on the nature and scope of the data breach or data loss, you will need to engage outside experts. You will be required as part of the notification process to describe the incident and what was accessed and how you stopped it. If the breach is the result of a network intrusion, you will need to understand and be prepared to explain how this happened and what it means to your consumers. Depending on the complexities, outside experts will need to help you answer these questions.

5. Be Prepared to Explain Some Things – At its core, this “event” will be a crisis. Even the most steady executive may panic. You will need professional crisis communication to work closely with your team and most importantly your outside counsel to deal with implications to the brand, your customer’s questions, and any legal or regulatory fallout that may occur as a result of the breach. You will be required to give your customers a telephone number where questions can be asked and answered. You will need to be prepared to do this soon after the data breach or data loss. A well-developed script for those customers and any media inquiries will be valuable and important as things begin to unfold.

4. Correct the Problems – Consider your whole environment. Consider a thorough and complete risk assessment. Proper preparation involves a plan, but a comprehensive review of overall data security, IT governance, and information governance is critical and necessary. A weakness in any of these areas or a lack of focused planning can lead to vulnerabilities for bad guys to exploit.

3. Have A Well-Developed Response to Explain to Regulators – Once a data breach or data loss occurs, you should think in terms of immediately being “on the record.” People need to think in terms of hours and not days. You will be required to notify your primary regulator as soon as possible. You are going to want to have something to say, and your reporting of the matter will immediately be followed with a question regarding what steps you have taken in response to the data breach or data loss. It is important to remember that from the first minute the breach is reported, you are making a record that could be reviewed by your regulator.

2. Practice the Plan – Train your employees to execute the plan. Run scenarios. Have the team meet and work through some practice scenarios and hypothetical situations. Yes, people are busy and don’t like to play pretend crisis. Yes, people think they have too much to do with actual real life business scenarios, but the truth is that practice makes perfect and training is part of any disaster response scenario. The same thing is true with respect to a breach. Day one of the breach is not the time to be introducing team members to one another.

1. Act Now Don’t Wait – The sooner you can review your plans and engage your team the better. Budgets matter and planning is important, but delaying a plan or re-prioritizing this could be an expensive mistake. Data breaches and data loss matter to customers. The loss of trust cannot be accounted for in next year’s budget. The stakes are high, and the risks are real.

Please don’t hesitate to contact Equitable Payments or Nelson Mullins for assistance with PCI compliance to protect your customers and your business!

How Do I Know Which Merchant Services Provider To Choose?

Tuesday, November 26, 2013
posted by admin

Using Credit Card Processing Consultants: Big Savings for Small Merchants

By Darrah Brustein

Even the financially savvy may have trouble navigating the complexities of merchant processing. Between the varying fees, equipment costs and the time it takes to acquire funds, every merchant processor is different. Though it can be confusing, this is actually good for your business if you play your cards right. It means that all of these factors can be negotiated. If you don’t have the time or inclination to bother negotiating with banks and processors, you’re in luck. There are firms that can negotiate on your behalf. When it comes to credit card processing, the rule of thumb is to think small. Small consultancies can save you money and give you better service than larger, big business providers! Here’s how:

They know the market and can navigate it on your behalf. Look for a firm that has access to multiple processors as opposed to being affiliated with one processor or bank. Consultants with access to a variety of processors will work for you to negotiate fees based on factors such as volume processed, whether the business is new or established, credit history, industry and transaction method (online/in person/by phone/mobile/etc). Having access to multiple processors allows these consultants to compare processors and force them to compete for your business.

They can keep you out of contracts and help you eliminate unnecessary expenses. Processors know they can turn a larger profit on small merchants by requiring contracts and tacking on setup fees, annual fees and equipment leases. These terms are also negotiable. A consultant’s knowledge of the industry and bargaining power will help you avoid these additional costs. You benefit by saving money and larger processors like to work with these smaller consultants who will take great care of your business.

They monitor industry fluctuations in fees and rates to insure that yours stay competitive. And if the size or scope of your business changes, consultants can help you renegotiate the terms of your agreement or find you a processor that better suits your needs.

Using a consultant will not cost you any more. The margins that consultants earn are typically very small and are no different than what their competitors who represent banks or the big name credit card processors will cost. Unless you’re processing millions of dollars per month or have more than 100 locations, you will save by going through a small consultant who is more concerned with winning and keeping your business, rather than gouging you on your pricing because it’s challenging to understand (and you trust their big name) and in turn, lock you into a long-term agreement so you aren’t motivated to leave if/when you realize you’re being overcharged.

Consultants supplement the customer service that processors and banks offer. Because merchant processing involves such a large volume of transactions, bigger banks and processors are unable to provide personalized service. In most cases, they rely on Independent Sales Offices (ISOs) and Member Service Providers (MSPs) to handle their accounts. The problem with these organizations is a high turnover rate; the number of representatives and depth of their industry knowledge is inconsistent. The result is longer hold times and more call transfers for merchant customers. Though consultants do not replace the ISOs and MSPs, they can circumnavigate roadblocks by connecting their customers with the right people.

If you’re a small business, think twice before you go with a big bank for your credit card processing needs. By leveraging the knowledge and bargaining power of a small consultancy, you’ll gain access to better service and savings that can make a big difference for your profit margin. Lastly, when you support small consultancies, you support small businesses like your own.

Need an Influx of Cash? Try a Merchant Cash Advance.

Tuesday, June 11, 2013
posted by admin

Is your business in need of a cash influx to help with expansion, upgrading or any other number of reasons?  If so, have you considered a merchant cash advance?  Darrah was recently published in ISS’s publication Impressions discussing this often overlooked tool.

http://impressions.issshows.com/shirt-printing-business/Small-Business-Advic-6649.shtml

 

Also see her quote in Technori regarding money management.

http://technori.com/2013/06/4580-13-smart-ways-to-spend-and-manage-your-startup-money/

Even the financially savvy may have trouble navigating the complexities of merchant processing. Between the varying fees, equipment costs and the time it takes to acquire funds, every merchant processor is different. Though it can be confusing, this is actually good for your business if you play your cards right. It means that all of these factors can be negotiated. If you don’t have the time or inclination to bother negotiating with banks and processors, you’re in luck. There are firms that can negotiate on your behalf. When it comes to credit card processing, the rule of thumb is to think small. Small consultancies can save you money and give you better service than larger, big business providers! Here’s how:

They know the market and can navigate it on your behalf. Look for a firm that has access to multiple processors as opposed to being affiliated with one processor or bank. Consultants with access to a variety of processors will work for you to negotiate fees based on factors such as volume processed, whether the business is new or established, credit history, industry and transaction method (online/in person/by phone/mobile/etc). Having access to multiple processors allows these consultants to compare processors and force them to compete for your business.

They can keep you out of contracts and help you eliminate unnecessary expenses. Processors know they can turn a larger profit on small merchants by requiring contracts and tacking on setup fees, annual fees and equipment leases. These terms are also negotiable. A consultant’s knowledge of the industry and bargaining power will help you avoid these additional costs. You benefit by saving money and larger processors like to work with these smaller consultants who will take great care of your business.

They monitor industry fluctuations in fees and rates to insure that yours stay competitive. And if the size or scope of your business changes, consultants can help you renegotiate the terms of your agreement or find you a processor that better suits your needs.

Using a consultant will not cost you any more. The margins that consultants earn are typically very small and are no different than what their competitors who represent banks or the big name credit card processors will cost. Unless you’re processing millions of dollars per month or have more than 100 locations, you will save by going through a small consultant. They are more concerned with winning and keeping your business, rather than gouging you on your pricing because it’s challenging to understand (and you trust their big name) and in turn, lock you into a long-term agreement so you aren’t motivated to leave if/when you realize you’re being overcharged.

Consultants supplement the customer service that processors and banks offer. Because merchant processing involves such a large volume of transactions, bigger banks and processors are unable to provide personalized service. In most cases, they rely on Indpendent Sales Offices (ISOs) and Member Service Providers (MSPs) to handle their accounts. The problem with these organizations is a high turnover rate; the number of representatives and depth of their industry knowledge is inconsistent. The result is longer hold times and more call transfers for merchant customers. Though consultants do not replace the ISOs and MSPs, they can circumnavigate roadblocks by connecting their customers with the right people.

If you’re a small business, think twice before you go with a big bank for your credit card processing needs. By leveraging the knowledge and bargaining power of a small consultancy, you’ll gain access to better service and savings that can make a big difference for your profit margin. Lastly, when you support small consultancies, you support small businesses like your own.

http://impressions.issshows.com/shirt-printing-business/Credit-Card-Processi-6410.shtml

World Economic Forum

Thursday, February 7, 2013
posted by admin

Equitable Payment’s co-founder had the distinguished honor of attending Davos for the World Economic Forum’s Annual Meeting in January. Here’s an article in Global Atlanta that highlights the work of she and her peers who attended the prestigious meeting.

http://www.globalatlanta.com/article/26042/at-davos-coke-calls-young-people-to-global-activism/

How PCI Compliance Can Help Your Business

Tuesday, February 5, 2013
posted by admin

If you take credit card payments, it’s due time you understand Payment Card Industry (PCI) compliance. It is a requirement for anyone accepting credit cards but it is still a mystery to most merchants. Darrah Brustein was recently published in Impressions magazine with an article discussing how PCI Compliance works and why you want to make sure you complete the process.

http://impressions.issshows.com/shirt-printing-business/How-PCI-Compliance-C-6175.shtml

16 Quick Tips To Become A Better Networker

Monday, December 3, 2012
posted by admin

Networking is one of the best ways to generate new business. The leads and resulting relationships are generally much stronger when developed through networking as opposed to obtaining a lead through cold calling. It creates long lasting relationships and referral partners and opens doors to places that one person typically will not be able to open alone. Darrah Brustein was recently asked by Forbes to give some insight on how to become a better networker. You can read her tips in the following article.

http://www.forbes.com/sites/theyec/2012/11/30/16-quick-tips-to-become-a-better-networker/