Tag Archives: PCI DSS

Top Free Online Shopping Carts

Leave a reply

Today The Official Merchant Services Blog shifts its focus to the E-Commerce industry — specifically some tips we’ve found online to help small businesses with their e-commerce solution.

An article written by Nova Scotian Vangie Beal details the ins and outs of ten open source online shopping carts that are available to merchants or really anyone who wants to sell things on the internet. Beal’s been covering small business, e-commerce and internet technology for more than a decade with her writing. You can find the original article here.

E-Commerce has become an integral part of the economy throughout the world. Shoppers have embraced online shopping as part of their normal shopping routine. So businesses have responded by jumping into e-commerce and providing those consumers with competitive options that focus on the convenience that can be had with the click of a few buttons — the classic clicks vs. bricks debate is showing that clicks beat bricks.

So what do Merchants need to know about E-Commerce to get started?

Step One: Get A Payment Processor

The first step is something Host Merchant Services can handle — payment processing. Merchants need to accept payment in the form of credit cards and debit cards to stay healthy and viable as a business. So merchants need to incorporate payment processing solutions both in their brick and mortar stores as well as on their website with their online shopping solution. Host Merchant Services provides merchants with these options — along with free equipment and a guaranteed low rate that will save them money.

So step one in setting up your e-commerce business is to get a merchant account, with the services Host Merchant Services provides.

Step Two: Your Online Shopping Cart

Now that you’ve got a merchant account set up and are reedy to process payments online, step two is to get an online shopping cart for your website. As Vangie Beal says in her article, “When shopping for your own e-commerce shopping cart software the most important aspect toconsider is how well the cart software meets your business objectives.”

The shopping cart has to be customizable so that you can alter it to fit your business needs. It also needs to be able to fit your branding so that the shopping cart melds seamlessly with the rest of your website. It needs to be flexible so that as your business grows, your online shopping card and ability to process payments online can also grow. It needs to be secure and it needs to support industry security standards such as PCI compliance.

You can read about PCI Compliance Standards in the Host Merchant Services Article Archive.

We provide a PCI FAQ here. 

We provide a step by step guide on PCI Compliance here.

Open Source Shopping Cart

Vangie Beal’s article discusses the top 10 free or Open Source shopping carts. Beal says “Open source shopping carts are an attractive option. Storeowners might look to open source e-commerce software because it will typically deliver the features and tools to manage a product catalog on a website without the hefty licensing fees that come with proprietary or off-the-shelf packages.”

Continue Reading – Top Free Online Shopping Carts, Part 2

A Look at VeriFone’s Vx Evolution

Leave a reply

The Official Merchant Services Blog has been covering the basics of payment processing, offering insight and tips on the general topics of the credit card and debit card transaction industry for merchants. Today we’re going to go a little deeper, and delve into a nuts and bolts topic: payment terminals. This kicks off the first two-part series where we shine a spotlight on specific terminals that are available to merchants. After the first two-parter, we’ll occasionally revisit the topic of terminals and look at offerings from other terminal manufacturers.

Keep in mind that Host Merchant Services offers free terminals to its merchants, so reviewing what’s available and finding the terminal that fits you best can create a lot of savings on your processing bottom line in the long run. Our first spotlight shines on terminal manufacturer VeriFone, specifically the Vx series.

The Vx Evolution

VeriFone offers a series of terminals on its Vx Platform that have been slightly rebranded as the Vx Evolution. The terminals are being marketed under this evolution tag as being proven, advanced and evolved. What that boils down to is a new look with some upgrades to a line of terminals that have a history of working and working well.

VeriFone lauds the Nine Advantages of the Proven Vx Platform:

  • The Verix system that the terminals use has a decade of proven use.
  • The terminals maximize communication, speed and flexibility, support value-added transactions and deliver multi-app capability that essentially enables applications to securely co-exist on the same device.
  • A seamless transition for the next generation of the line, letting you continue to run the hundreds of existing applications that work on Verix.
  • The worldwide use and support for the popular Vx platform.
  • The lack of obstacles for platform switching, making it quick and easy to get started on a Vx platform terminal if you switch from another brand.
  • The Vx series of devices is idea for virtually any vertical market or end-use scenario.
  • The enhanced toolkit, clear guidelines and helpful documentation let users quickly build solutions based on Vx Evolution’s core technologies and capabilities.
  • The intuitive user interface helps the Vx platform get deployed quickly.
  • The ARM RealView Developer Suite (RVDS) 4.0 Complier helps you compile your applications with the Verix eVo Toolkit.

 

You can review those advantages in a downloadable PDF found here.

The Other Two Benefits of Vx

VeriFone also is lauding two other advantages for its Vx Evolution of terminals: speed and security.

The Need for Speed

According to VeriFone, the Vx Evolution delivers secure payment processing eight times faster than its competition. It claims it can do this with a superior single processor that outperforms dual processors that competitors use. Using the metric of MIPS –– Million Instructions Per Second –– this graphic shows how VeriFone’s 500 MIPS ARM 11 processor works:

Essentially what VeriFone is saying is that competitors use a 450 MIPS processor to run applications and a second 50 MIPS processor to handle critical security tasks. They claim this slows down secure transactions to 50 MIPS. But VeriFone, with its Vx Evolution brand, utilizes a built-in, integrated security processor. It’s running at 500 MIPS for everything –– applications and security.

You can fully review VeriFone’s documentation on speed by downloading a PDF about it here.

Staying up to Date on Security

The next advantage VeriFone is lauding its Vx Evolution brand with is security. This is of particular interest to The Official Merchant Services Blog because we’ve written in the past about PCI Security Standards. In fact, we took a close look at a study by Verizon that showed 79% of merchants surveyed were not fully compliant with PCI DSS standards.

Host Merchant Services offers a free PCI analysis for merchants and makes PCI Compliance a priority for its merchants. Which is why the Vx Evolution brand is noteworthy.

According to VeriFone their Full Spectrum Security package –– which is standard with all of its Vx terminals in the platform –– gets their terminals up to PCI PED 2.0 standards. So Host Merchant Services, in its push to keep all of its merchants compliant year in and year out, embraces the Vx platform of terminals that are stamped with the PCI PED 2.0 Approved seal.

At a time when many merchants are having issues maintaining the old PCI security standards, the VeriFone terminals are stepping up their game and making it easier for merchants to maintain the new PCI compliance standards. This lets Host Merchant Services merchants stay compliant moving forward and gives HMS a leg up in its initiative for quick, easy, and worry-free PCI Compliance.

You can read more about the security benefits of Vx Evolution by downloading a PDF here.

To Be Continued …

In the next part of this series, we’re going to look at the terminals themselves and see how they apply those Nine Advantages VeriFone has lauded.

In the meantime, what do you think of this branding? Have you used any Vx terminals? In the past? In the present? Let us know.

Merchants are Slacking on Security

Leave a reply

According to a study by Verizon, 79% of organizations were not fully compliant with the Payment Card Industry Data Security Standard (PCI DSS) in their initial audit in 2010. That’s about the same level as the previous year, the first year the study was done. This is distressing news since PCI Compliance is extremely important for merchants and non-compliance carries heavy penalties.

Host Merchant Services offers its customers and potential customers a PCI Compliance Initiative, which includes a free scan, analysis and report.

HMS works with its customers to ensure they are PCI Compliant, offering resources, information and assistance every step of the way.

 

Secure transactions are important for merchants and a key element of the customer service HMS provides. Which is what makes the following statistics from the Verizon study somewhat disconcerting, considering how easy PCI Compliance is to maintain through Host Merchant Services:

This article by Information Week delves into the statistics from the Verizon report, and offers five reasons why merchants are letting their PCI Compliance slip each year.

1. Businesses See PCI As A Burden. PCI isn’t exactly a new standard, or complying with it a new requirement. Why aren’t more businesses taking it to heart? “Well, it’s hard to say, but one common reason is that they have not internalized the fact that PCI DSS is to help them (as well as card brands and banks) with security. It is not to punish them for failing an audit. PCI is seen by many as an ‘externality,’ not something they ‘adopted for themselves,'” said Gartner analyst Anton Chuvakin in an interview.”

Host Merchant Services understands that PCI Compliance, especially being an annual requirement, can be an added burden on its customers. That’s why HMS created its PCI Compliance Initiative. The company seeks to shoulder that burden for its customers, making PCI Compliance as hassle-free as possible.

2. Merchants Don’t Maintain Continuous Compliance. Many businesses don’t pursue PCI as a way to improve security, but rather treat it as a compliance obligation. “PCI is still often seen as a ‘one time per year’ thing, and such an attitude is pretty harmful–but mostly to the merchants themselves, by the way. Organizations keep ‘doing it over,’ not maintaining it,” said Chuvakin.”

Host Merchant Services, due to CEO Lou Honick‘s prior experience with the web  hosting industry, has a keen insight into how essential the security that PCI Compliance is attempting to standardize can be for its merchants. Which is another key reason why HMS is so involved in seeing that its merchants maintain their PCI Compliance.

3. Poor Awareness Means Lackluster Effort. Compliance officers–or perhaps senior managers–are failing to educate themselves about PCI, and according to Verizon’s research, the greater awareness of PCI found in a business, the greater the actual compliance. “The more aware your organization is of the standard, the more prepared you are for the type of approach you take,” said Verizon’s Mack.”

Host Merchant Services also understands the trouble it can be keeping informed on PCI details and information. Which is why the company’s PCI Compliance Initiative includes easily available online resources to answer as many questions about PCI as possible, an online guide for the most common merchant classification to become PCI Compliant, as well as offering all of this information directly to the merchants face-to-face or on the phone. The goals of the program are to keep the merchant informed, make PCI Compliance easy to understand and easier to maintain.

4. Compliance Checklists Trump Security Posture. To help businesses better comply with PCI, the council in 2009 released the PCI DSS Prioritized Approach to help businesses know which aspects of PCI to address first to most mitigate the risks to cardholder data. But Verizon saw a 10% drop in use of the prioritized approach, and little use of it overall. “

This issue is handled by HMS’ PCI Initiative as well. The company is there working directly with merchants step-by-step on PCI Compliance. So the checklists are handled, but there is also the HMS agent’s expertise on hand with each item on the checklist. So the merchant’s overall security posture is still taken into account. PCI Compliance is an important part of a merchant’s security and Host Merchant Services keeps that in mind through each part of the compliance process.

5. Businesses Not Prepping For PCI 2.0? Businesses that skimp on continuous compliance may soon find themselves called to account as they move to PCI DSS 2.0, with which businesses could have begun demonstrating compliance as of October 2010.”

Host Merchant Services stays up to date on PCI Compliance standards and takes all of the burden onto the company’s shoulders. HMS keeps its merchants well informed about changes, but also does all of the hard work to explain the details and make sure its customers are continuously compliant.

If you take some time to review the PCI Compliance information we have on our site you’ll see that the process is straightforward and it is easy for us to maintain compliance for our customers. This is a path we walk down with our customers. Security is essential in payment processing. And we are here to ensure our merchants are secure and do not backslide into a position where they could get heavy penalties for non-compliance.

The statistics from the Verizon study are somewhat dismaying to read. But our analysis of them seems to indicate that it’s simply an example of where HMS’ focus on customer service steps things up. PCI Compliance can be easy to slack on when the onus is completely on the merchant’s shoulders. And a lot of Merchant Services Providers haven’t taken HMS’ unique approach so the burden remains on the merchant. At Host Merchant Services we take the burden, and help keep you informed, up to date and secure. PCI Compliance is too important to let slide.