PCI (payment card industry) compliance will be mandatory, and the deadline for all merchants and processors to be PCI compliant is July 1, 2010.  PCI compliance is required if you are receiving, storing or processing the Primary Account Number (PAN) or the main credit card number of the customer, which is usually no longer than 19 and no less than 16 digits in length.  In addition, a merchant or acquirer must remember that if a PAN is being stored or processed, the other information such as CVV/CVC and card holder information must be protected as well.

A common misconception is that PCI Compliance is a law, it is not a law yet.  It is a security standard set by the five major credit card companies Visa, MC, Amex, Discover and JCB.  The official name for the group is the PCI Security Standards Council.  Prior to the councils formation, each credit card company had its own set of security standards, now with the unity of the five credit card companies forming PCI SSC there is one set of security standards instead of five.     

There are 4 different merchant levels along with requirements for PCI DSS Compliance:

Level 1 – a merchant that transacts over 6,000,000 per year.  The merchant will be required to bring an assessor on-site called a QSA to evaluate the security and create an in-depth report on compliance.  Quarterly PCI Scans will also be mandatory.

Level 2 – a merchant that transacts between 1,000,000 – 6,000,000 per year.  Instead of a full report on compliance, the PCI Council will allow Level 2 merchants to complete a PCI Self-Assessment Questionnaire (SAQ).  Quarterly PCI Scans are mandatory.  Level 2 merchants will also need to complete a one page document that states that they don’t store certain card data information on file.

Level 3 – a merchant that transacts between 20,000 – 1,000,000 per year.  In place of a full report on compliance, the PCI Council will allow Level 3 merchants to complete a Self-Assessment Questionnaire (SAQ).  Quarterly PCI Scans are also required.

Level 4 – a merchant that does between 1 and 20,000 transactions a year.  Instead of a full Report On Compliance, the PCI Council will allow Level 4 merchants to complete a Self-Assessment Questionnaire (SAQ).  Quarterly PCI Scans are mandatory.

If you are a merchant that does not understand what PCI compliance means to you, check with your merchant service provider or website programmer so they can guide you through what you will need to do to become PCI compliant before July 1^st.

Have you ever heard of 3D Secure Processing?  What about SSL Credit Card Processing?

3D Secure Processing stands for Three Domain Model processing.  This refers to payments being split up into three different domains:

*  The Issuer Domain – this domain deals with the mechanisms of the card issuer and the cardholder

*  The Acquirer Domain – this domain deals with the merchants.

*  The Interoperability Domain – deals with the functions of the Issuer and Acquirer Domains.

This model is used for secure payment processing systems.  This credit card processing method also helps to better the performance of transactions online.  When using this processing method, customers begin to trust you more, and your business starts to increase.  During this process, when customers make a purchase, the system will be able to tell whether or not the transaction is legitimate or fraudulent. 

The performance of transactions should be impacted in a positive way as to benefit the merchants as well as the customers.  Both VISA and MasterCard have used the 3D Secure Payment Processing Program for branding purposes.  With VISA, it is called “Verified by VISA,” the brand for MasterCard is, “SecureCode”.

For both. the branding of VISA and MasterCard brands, merchants can participate if they wish.  However, if the merchant has a lot of chargeback’s on their account, then their participation is limited. 

This credit card processing program was created to keep credit card transactions flowing and reduce or eliminate the number of fraudulent accounts.

Any merchant website should be branded with an SSL certificate.  When a customer sees this on a merchant’s website, they’ll know that the website is legitimate and their data is secure.  SSL is an acronym for Secure Socket Layer.  SSL lets users on the internet get involved with websites that are deemed secure.  One example of such a website is a bank.  It is imperative that they have this certificate on their website because there is so much sensitive information regarding customer bank accounts. 

The SSL certificate lets people know that the data that goes between the web server and a merchant’s browser is safe and cannot be leaked out or hacked.  Having an SSL certificate on a merchant’s website can:

*  Get customers from all over the world.

*  Influence customer’s confidence in the merchant’s website.

*  Customers will feel a sense of security knowing that their sensitive information is safe.

*  Customers will have that sense of trust that merchants are looking out for them.

On the other hand, if a website does not have an SSL certificate, there may be some question marks.  Their sensitive credit card information might not be as secure as customers thought.  Hackers may take advantage of the oversight and invade the website.  Customers may decide to go somewhere else because of the breach of security.

It’s very important that merchants keep their customers happy and their credit card processing secure by providing having a SSL certificate.  There’s nothing worse than having a website and the customer’s information has been compromised.  When you go that extra mile to put those measures in place, your customers will thank you for it.

Like any business, online commerce has its own obstacles. Though they may present themselves differently than a brick and mortar establishment, many of these challenges are rooted in the same fundamental issues of trust, communication, and convenience. Creating a profitable eCommerce business with a positive reputation depends on your ability to navigate these challenges and provide customers with the best online shopping experience available.

The first thing to realize as an online business owner is that the vast majority of visitors to your site will not trust what they see. Customers are unimpressed with stylish layouts and amazing graphics when it comes down actually spending money. Most people want to see legitimacy. This can be displayed in many ways. Start by including a physical address and phone number, along with several contact emails and company bios. These things can go a long way in establishing legitimacy, but don’t stop there. Partnering up with other valued websites and becoming a member of organizations such as the Better Business Bureau are other proven ways to build trust. Beyond that, you must be good at answering the phones and responding quickly to customer inquiries. Some customers will even call just to see how quickly you respond, looking for comfort in the fact that your business is active and on top of things.

Product presentation is the second most important obstacle to overcome in online business. Unlike in a real world store, customers cannot touch and feel the product under consideration, and for this reason, the level of product showcasing must be very high. Provide several image views, elaborate descriptions, customer reviews, as well as links for other information. Most successful ecommerce sites provide at least five pictures of each product. Descriptions should be unique to your business and as clear as possible. If you or your team is not comfortable writing attractive product descriptions, hiring a writer is well worth the expense.

The last major issue in online business is security. The security of your website determines a customer’s willingness to enter their personal payment information. Part of establishing trust in your security is in having an online merchant account. A credit card merchant account will allow you to accept card payments while keeping shoppers within your website. Moving from your site to a third party processor’s site can be quite unsettling for potential buyers and can also cause a host of other problems. Once a merchant account is in place, making sure your site has adequate encryption will also reassure your customers in the level of informational security employed by your business.

The challenges of online sales are easily overcome with the investment of some time and thought. Without tackling these obstacles, the probability of sales will be very low. Of course, it doesn’t stop there. There are an infinite number of improvements you should continue to make as your business grows and develops. These major obstacles are merely the roadblocks that have a tendency to shut businesses down before they even get started.

Merchant accounts make it possible for businesses to provide online credit card processing. For more information on credit card processing visit www.stradafee.com.