Category Archives: Uncategorized

Why you shouldn’t rent an EFT 930 Terminal

EFT-930-TerminalFrom April 2017 the EFT 930 terminal cannot be used under the latest regulations. Because by then these terminals, which are PCI PED 1.3 products, will not be compliant. So what do we mean by this?

Early Security Standards

Prior to 2004, each credit card brand policed their own PIN Entry Device (PED) requirements for security. In 2004, Visa and MasterCard collaborated to align their specifications and PCI PED was born.

Subsequently additional card brands collaborated. The PCI SSC (Payment Cards Industry Security Standards Council) was formed in 2006 with the PCI-DSS (Data Security Standard) standard in its scope. PCI PED was brought under the PCI SSC umbrella in September 2007.

The initial release of PCI PED, call it version 1.0, harmonised the requirements of Visa and MasterCard and provided a security baseline that the card brands felt represented a minimum level of security required in any PIN accepting device.

Maintaining Security

As security threats have evolved, PCI PED has been enhanced to maintain a balance of compliance and expense. PCI participants have agreed that, in general, PED security will be updated at least every three years.

As these changes are made, the PCI SSC (Payment Card Industry Security Standards Council) publishes the transition dates between versions. They usually publish a date whereby the previous version can no longer be certified, as with the EFT 930 Terminal, as being compliant with the current version of the standard and a second date when that product can no longer be purchased.

PCI PED version 1.3 devices are no longer certified but can be sold until December 2014, such as the EFT 930 Terminal range.

What this means to you the Retailers

So why should a retailer making a product purchasing decision today care about the difference between products approved for either PCI PED versions 1.3 or 2.0. The most fundamental answer is to reduce the risk of compromise and to extend the serviceable life of the product selected today.

EFT-930-Terminal

EFT 930 Terminal

In other words EFT 930 Terminal products are no longer compliant and a classed as “Old Stock”.  Here at PDQ machines all machines we currently rent are PED 2.0  and so will be compliant until 2020.

Why is this happening?

All changes to the PCI PED standards are driven as a result of actual product attacks that are detected in the field, by an analysis of criminals increasing skill and sophistication and by the ever decreasing cost of technology. As technology capability continues to increase and technology cost continues to decrease, the risk – reward ratio continually changes.

When you purchase the latest version PCI PED certified product from PDQ Machines, you are ensuring that the device can withstand the latest generation of attacks and will remain sufficiently secure for the longest period of time. (Note:  it is quite possible that an attack will be mounted that forces PCI to alter the current dates for installation and usage of a particular version of device.)

In closing, it is PDQ Machines’ strong recommendation that any retailer making a device purchase decision in 2014 seriously considers the risks associated with purchasing a non-PCI version 2.0 device and that any organisation selling or hiring to new customers a EFT930 Terminal product or non PCI 2.0 device after April 30th 2014 should be reported to Visa and Master Card.

Technically PCI PED version 1.3 devices like EFT 930 Terminal range, can be installed during the first quarter of 2014, but it should be remembered that the initial requirements of PCI PED version 1 were written in 2004 and the sophistication of technology and skill of criminals has progressed significantly since then. So click here to ensure your new credit card machine not only complies with the legislation but is a great deal as well!

 

How to accept a Credit Card Payment

credit-card-paymentsSay you’re at a show and a customer is interested in your product, but he’s spent all his cash.  “Do you take a credit card payment?” he enquires.

It’s the sales you lose by not having a credit card machine that you should worry about, but whether the fear is real, it’s hard to quantify.  More and more customers like to pay by credit card.

People like a credit card payment because it gives them security. However, would the potential extra sales cover the costs of setting up to receive payments by card?  There is no doubt that it will cost you money, and time too, as credit card processing providers won’t give prices until they have risk-assessed your particular business, making shopping around for the best deal a time consuming process. However, PDQ Machines offer their customers a competitive rate and a straight forward order form through their website which in turn cuts down the time spent shopping around.

Electronic payments have advantages that outweigh the disadvantages of handling cash.
To receive credit card payments, you need a terminal to transmit the cardholder’s details to the acquiring banks, and a merchant bank account to receive credit card payments.

Merchant Accounts

Credit-Card-Machine

Credit Card Machine

The merchant account ‘acquirers’ process the credit card payment for you.  PDQ Machines offer both the terminal and the merchant account facilities. You can have a merchant account that covers face to face and CNP (cardholder not present) telephone sales and eCommerce (Internet sales). Therefore, if you are already with an acquirer and you are in need of an extra machine for a Short Term Rental, then PDQ Machines has a solution for you that can help you take sales at shows .

There will be, a monthly minimum service fee, transaction charges, PCI Compliance charges and authorisation charges, however PDQ Machines do not charge a set up fee.

Credit card payment transaction fees are charged as a percentage of the transaction value, while debit cards are charged at a flat rate. Some providers make separate charges for services such as statements and set up fees.  

Many acquiring banks and terminal providers’ want to assess the business before they’ll give a price.  They look at many factors, including how long you have been trading, turnover, proportion of credit/debit cards, and risks of fraudulent and/or disputed sales.  They may run credit checks, and ask for references. It’s a long process – could be from 2 to 8 weeks, so allow plenty of time to set this up before, say, a show. PDQ Machines are currently working on a time frame of between 5-11 working days depending on the type of business.

PDQ Machines acquirer partners will still have to see how long you have been trading, turnover, proportion of credit/debit cards, and risks of fraudulent and/or disputed sales and will run credit checks, and ask for references but we are only one of the providers that will offer you a price before all this happens.

PDQ Machines can set up your account to accept credit card payments but not commit you to hiring or buying a terminal on a permanent basis.  You pay a small monthly minimum merchant service charge (MMSC) account management fee per month and then hire a terminal on a short term rental when needed.

Price is not the only consideration, therefore, when choosing a merchant account provider, make sure that they are a reputable business.  Check that they are known to the leading credit cards, Visa and MasterCard, and perhaps ask contacts about their experience with providers.
Chip and Pin Terminals

credit-card-payment-terminal

Credit Card Terminal

As well as a Merchant Account, you will need a terminal to process the credit card payments.  In a face-to-face transaction, the favoured equipment and soon to be industry standard is the chip-and-pin terminal.  It’s the most secure system because it authorises the transaction before it takes place, then the customer endorses it with a PIN number.  To receive the authorisation, the terminal must be connected, either by telephone or broadband, to the bank’s computers. The machine prints a receipt for the customer, and saves a sales list for the trader.  At a show, you’re unlikely to get landline connections, so you need a mobile chip-and-pin credit card payment terminal.

Chip and pin terminals can be rented or bought.  If you buy, you still need to pay monthly telephone charges.  Rental fees  may or may not include telephone charges, so check this.

Mobile phone alternatives

There are some options based on mobile phones.  They cost less to set up, but are more risky, because they generally don’t offer the trader indemnity against fraudulent transactions.  They also don’t provide the customer with a printed receipt, although some offer the option of an e-mailed receipt.  Since a common reason for chargebacks is that the card holder doesn’t remember the transaction, this makes these solutions risky.

Show Organisers Process Card Payments

Some event organisers make arrangements to accept credit card payments on behalf of exhibitors.  This means that stallholders don’t have to worry about hiring terminals  and setting up merchant accounts : the show organiser does all that.  There is a high cost involved, but it could be modest compared with setting up credit card payment services  for one show only.

Increasing numbers of customers prefer credit card payment, either because they’re run out of cash, or for the protection a credit card offers them on higher-value purchases.

Only you can tell whether you can generate enough turnover to justify the costs.  Furthermore, only you can tell how many sales you might lose if you don’t take cards.  Why not go to the PDQ Machines website to get more information, just click here