Archive for August 2011


PCI Compliance

August 26th, 2011 — 4:39pm

If you are an online merchant, and you haven’t heard about PCI Compliance yet, you probably will soon.  Credit card companies are slowly pushing online retailers to tighten up their security to reduce fraud.

Maintaining PCI DSS compliance is a potentially a huge obstacle for online retailers.  This document provides some links to understand the basics of what you will need to do.  Essentially this requires two main steps: a questionnaire, and an external scan of your server.  Some scanning vendors are providing an “all in one” spot for you to handle both of these requirements.  We’re partnered with ControlScan, which provides this service for $249/ year.

Here are some links that will help you learn more about PCI compliance:

PCI FAQ: Click here – seems like most merchants will be level 4, which means you need to run quarterly scans from an “approved scanning vendor”.

Here’s a short blog post with video that explains PCI DSS.  It explains that this movement is largely to contain fraud, and stem losses being incurred by banks, businesses, and consumers.

Approved Scanning vendors: Click here

At this point it seems like few gateway providers are “pressuring” their merchants to be PCI compliant, which makes sense – the cost of becoming and maintaining compliance will cause many “hobby” merchants to pack it in, or move to a third party payment system (paypal, google, etc.), and cancel their merchant accounts altogether.  In the long term, I expect more hosting companies to offer and tout “PCI Compliant” server platforms.  Shopping cart vendors are also moving this way.  However, the burden will always be ultimately on the merchant to prove they are using a compliant setup, so I believe now is the time to get your site moving in that direction.

My recommendation at this point (if you are an online merchant) is to go through the process at least one time, to see how close you are to compliance.  Make changes based on the results to get as close as you reasonably can, then keep the documentation until your provider asks.  Then you’ll have a quicker path to pci compliance if you are required to be so.

Comment » | E-commerce, Web Tools

Mom and Pop stores didn’t disappear – they went online!

August 24th, 2011 — 12:44pm

A common lament (usually against Walmart) is that “Mom and Pop” stores have been driven out of business, by mega-stores and heartless corporations.  While it’s true that family owned businesses have difficulty competing against the big brick and mortar stores, the same is not true for online stores.

I do a lot of work with ecommerce stores as a freelancer, and I can tell you, “mom and pop” have gotten pretty web savvy over the years.  They now compete in niche markets, underserved by the big web retailers.  They can build a following loyal customers from around the globe, and earn enough to stay in business.  I’ve personally worked with dozens of “family owned” ecommerce stores that are doing well, or at least providing a supplemental income.

That’s one reason why proposals like this worry me.   Forcing online retailers to collect and remit sales taxes for all states they sell to would put many of these companies out of business.  They simply don’t operate on a scale big enough to support the extra cost of managing this.  Even as shopping carts get more sophisticated, the mechanics of keeping up with tax rates at the county level, then remitting the proper tax to each one, is more than a 1-2 person shop can take on.  Not to mention that there are now 50+ tax jurisdictions that can decide to “penalize” you if you are late or mess up a form somewhere.

Probably the biggest concern is the increase in cost on online products.  Bigger stores can absorb some of the tax cost, or offer lower or free shipping, but small shops would have trouble competing.  If the Internet sales tax went through, many of these small retailers would close up – the effort would no longer be worth it anymore.  Would the internet collapse?  No, not at all, but once again, we’d lose those “mom & pop” shops we all love to visit.

Comment » | E-commerce

Take Credit card payments via Authorize.net’s New Mobile app

August 18th, 2011 — 7:33am

Authorize.net merchant accountIf you are a merchant, contractor or any other business owner who has the need to charge credit cards when you are out of the office, Authorize.net’s new “mobile app” may be for you.  Here’s a page describing the mobile app.

Authorize.net is a leading payment solutions provider, and has been a leader in e-commerce since the early days of the Internet.  They have announced the release of a new “mobile app” that allows merchants to bill credit cards using their iPhone.

You need to have a merchant account with Authorize.net to get started.  Once you download the app, you can process payments anywhere you use your iPhone.

Here are some advantages to the new app:

  • Multiple Payment Types: Process real-time credit and signature debit transactions from major payment networks (e.g., Visa, MasterCard, AMEX, Discover)
  • Secure Access: Integrated with the Authorize.Net Merchant Interface–merchants use their existing credentials to access the app and can validate the legitimacy of a specific device from within the Merchant Interface itself
  • Flexible Settings: Set up a default tax rate, accept tips and gather shipping information when necessary
  • History: Review transaction history (processed or pending) and perform voids and refunds
  • Email Receipt: Merchants’ customers can receive a transaction receipt by email
  • Free Support: Merchants continue to receive Authorize.Net’s award-winning customer support for the mobile app through our online support center, eTicket, email, chat and phone

This app should primarly benefit those who frequently need to accept payments while on the road – contractors, handymen, craft show exhibitors, farmers market vendors, etc.  It integrates with your normal merchant account, so all your payments go through the same system.

If you are not currently a Authorize.net customer, you can sign up for an account through our reseller form.

Comment » | E-commerce, mobile

Back to top