Common Credit Card Processing Mistakes (you’re probably making)

Long gone are the days of running a tab or keeping a house account at the local grocery store.  Today’s customer relies heavily on the use of credit cards, with 77% of consumers surveyed preferring to use debit or credit over cash, check or other form of payment.  Further, the trend towards using a credit card for everyday spending (vs as a means to finance purchases) has seen a significant increase, now representing more than half of all credit card holders.  And it appears that cash has ended its reign as king as a 2016 Gallup poll found that far fewer Americans are using cash than five years previously, with only 10 percent using cash for all of their purchases.  

So your customers expect to be able to pay with credit cards when they enter your store.  They expect the usual contingent of options as well – Visa, Mastercard, potentially American Express.  They may not know what all is involved in your ability to offer these payment methods, and frankly, they likely don’t care.  It’s a convenience for them, and one they’ve come to expect with so many moving towards cashless, and even exploring alternative options to carrying a credit card such as mobile pay.  But as a small business owner, you need to not only understand the logistics of offering these payment methods but account for the fees and leverage systems that allow for accuracy of reporting to avoid fines and other repercussions.  

The good news about credit card processing

There are a multiple reasons why accepting credit card payments is a beneficial move for a small business, especially a neighborhood grocery store.

First, it increases trust amongst your current and potential customers.  The association with major credit card brands such as those mentioned above, allows for even new shoppers to feel comfortable with your business, and you meet their expectation of a retail experience.  

Second, they spend more.  Customers not only tend towards higher checkouts when they plan to use a credit card, they also are prone to impulse purchases as they are limited by the amount of cash on hand.  Interestingly, they also tend to shop more frequently, giving you further opportunities to interact with them and occasions for them to discover more products in your store that they may want to add to their cart.  This is especially helpful as you grow your business and make deeper connections with your customer base as you get a better sense of what products they’re interested in and how product pricing should be structured.

Lastly, efficiencies can be found by accepting credit card payments.  The systems used to process credit cards offer an easy way to keep a transaction record which can help your accounting and simplify tax preparation.  It also cuts down on time required by yourself or your staff to count, record, store and transport cash payments. And funds are often available quicker which helps timely payments for bills, vendors and payroll.

Choosing a credit card processor

Once you’ve decided to take credit cards as a form of payment, you’ll need to select a payment processing system.  As you evaluate the many choices available, from a simple Square reader to a dedicated merchant account, cost considerations are obviously top of mind.  Reading the fine print is also critical as in certain situations fees can vary based on which credit card the shopper uses and how the transaction is processed while in other cases there is a single rate for all transactions no matter the type.  As with any contract, understanding whether rates can fluctuate and terms around getting out of the agreement should you need to (many are multi-year commitments), are important before committing to a system that will affect your operations and potentially, product pricing.

Maximizing efficiencies

To ensure you’re getting the most out of your credit card processor, it is important to choose equipment suited to your needs, train employees and review statements on an ongoing basis.

Whether taking credit card payments at your store requires a simple reader attached to a device such as a mobile phone, or a table top terminal that accommodates swiping as well as chip insertion depends on your setup, customer base and size of typical transaction.  When choosing equipment, discuss these factors with your processor and also be knowledgeable about the pricing of this equipment. Some processors will offer equipment for free, or extend a leasing arrangement, which can seem appealing to offset initial expenditures. In the first case, sometimes a processor will mark-up the rates per transaction to cover the cost of the “free” equipment.  In a leasing arrangement, there may be an added fee for “terminal insurance.” And in both cases, the small business is typically responsible should the equipment become damaged, destroyed, lost or stolen, requiring the business to pay for the equipment as well as as well as purchase new equipment to continue accepting payments.

Next, ensure you train all employees on taking credit card payments, whether you are implementing a new system or bringing on new team members.  Rather than assume they know the process, it pays (or at least, saves) to outline the steps necessary to avoid accidentally processing a transaction at a higher rate.  For example, employees should avoid keying in a customers credit card number if the card is available to swipe or insert (chip reader) into the payment terminal as keying in can automatically add an extra 40-60% in fees to a transaction.  Additionally, lower processing rates can be achieved by prompting for additional information so that the system has less work to do. Programming your POS system to request Address Verification Service (AVS) information such as zip code and/or the three-digit Card Verification Value (CVV) number on the back of the customers’ credit card can ensure you are paying the lowest possible rate for processing each transaction.

Finally, spend time each month reviewing your statement, and ask for transparency from your provider.  Credit card processing statements can be difficult to read and many assume they are receiving the rates they were promised but this is often not the case due to a myriad of factors.  Among these are tiered rate plans and fees associated with line items that are difficult to decipher. One example is batching, also called settlement, a process in which all of the days transactions are added up and credit card numbers, amounts, etc are submitted to the processor to then be paid to the business.  If your terminal and/or POS system is programmed to handle this process after each transaction vs at the end of the day, you can end up with unnecessary fees associated with each batching. While the amount itself is typically minimal (ranging from $0.01 to $0.25 per batch), depending on the volume of transactions you’re processing in a day, this can add up quickly.  Typically one batch per day is sufficient and can avoid these extra charges.

Data security

Aside from the fees themselves, the biggest concern for retailers offering credit cards as a form of payment is usually the security of the customer’s data.  Ensuring you work with a payment processing provider that takes the issue of data and data storage seriously helps to avoid issues such as a data leak (which have been experienced by retailers as large as Target), and can protect your business from a potential lawsuit.

From an equipment standpoint, the gold standard since 2015 (with many retailers adopting the technology in advance of legislation being effective), is the EMV chip card.  This technology works to keep customer data secure and minimize fraud as well as business owners liability for such. In a Forbes article issued just before the legislation went into effect in October of 2015, Mark Ranta, then Senior Solution Consultant for Retail Banking, ACI, explained that “small businesses risk devastating consequences if they aren’t prepared. This is especially true if they are running on tight margins to begin with. Once the liability shift occurs, if the proprietor accepts a fraudulent charge via swipe, they will be held liable for that charge if the terminal is not EMV compliant. The shift moves the liability from the issuing bank to the merchant, so the consequences are more of the roulette variety – they could be devastating or they could be a non-event.”  As grocery and convenience stores have long been targeted by fraudsters, increasing checkout precautions such as asking for identification or preferring a PIN to be entered if a customer is using a magnetic stripe, can help show fraudsters your commitment to security and may send them elsewhere seeking out weaker targets.

Aside from equipment and checkout measures, businesses must ensure they understand and are in compliance with the latest standards issues by the Payment Card Industry Data Security Standards (PCI DSS).  This group works to “protect consumer’s personal information and ensure security when transactions are processed.” These standards cover items like storing card information, making it a fineable offense to write down and/or store customers credit card numbers on your computer.  Many small business owners find it difficult to not only understand the standards set forth, let alone comply with them, and some assume that when their vendor sets up their payment terminal they’re building in security, which isn’t always the case. Should a security breach occur, fines and fees can add up quickly, typically starting with a forensics investigation that may cost $10,000.  Doug Klotnia, executive vice president of payment services at Trustwave, says that “from there, the business will be fined by their bank and by the card brand if they are found to be non-compliant at the time of the breach,” and that “non-compliance fees vary by card brand and bank, but can be upwards of $50,000. On top of these basic fines, the merchant is responsible for the costs of re-issuing the cards that were breached, and any charge-backs that result.”  Further, PCI may continue to assess fees monthly until you’re in compliance, with the ultimate risk being that your ability to take credit cards may eventually be revoked.

Beyond the fines, fees and operational repercussions, 48 out of 50 states have breach notification laws which require businesses to notify anyone who’s name and address has been compromised, even if credit card numbers were not accessed.  Losing this trust among your customer base can be especially difficult to repair as they may shy away from your store and towards others they feel manage their payment information more securely.  If something like this does happen to your business, the best way to recover is to take responsibility immediately and ensure those affected are protected as best as possible, potentially even considering taking out an identity protection policy for those affected.  

Preparing for the future

It’s impossible to ignore the shift from cash and checks to debit and credit cards, and the future promises even further change along the lines of mobile pay, wearables and whatever may come after those.  The next generation of consumers demands choice, with 68% of those aged 18 to 33 saying they will only shop at businesses that accept multiple forms of payment, including credit cards. Embracing this reality, and understanding the logistics and precautions necessary, will ensure your business is on track for continued success and growth.  Klotina makes a striking analogy in saying that “the value of compliance is as important as locking the front door when you close for the day.” Ensure you meet the needs of your customers and keep your business safe by locking down your credit card processing methods to avoid fraud and data security breaches. While new technology and trends in payment preferences continue to evolve, proper practices will ensure your business and its employees are able to adapt and embrace changes in customer demand as well as implement security practices that protect all parties.