Beginning in 2004, the single most important question that merchants need to ask about their business software has to do with PCI Compliance. “The Payment Card Industry (PCI) has created the Data Security Standards (DSS) in order to support merchants. Credit Card companies now require merchants to be aware of and compliant with the Data Security Standards… Merchants, Is Your POS System PCI Compliant?”
Point of Sale or POS systems bear the brunt of the load when it comes to credit card transactions in the modern retail sales business establishment. It’s nice to know that according to VISA’s List of Validated Payment Applications , Intuit’s QuickBooks ranks as a fully PCI compliant software. I consistently recommend QuickBooks Merchant Services to clients mostly because it mitigates PCI risk.
I also recommend that people use the old style dial out or dual ip-dial out credit card terminal that uses a standard telephone line whenever possible because it shifts PCI compliance back to the merchant service provider. Avoid the newer network type terminals because no typical small business network can pass PCI’s muster without the business spending a great deal of money on special firewalls and logging software.
I’m simply amazed that since 2004, credit card companies and banks have successfully shifted the risk of data breach to merchants that use their services all while building inherently less secure transactional hardware and software APIs simply because of the need to connect through the Internet.
Merchants are in a terrible position. Check out this video.
The bankers birthed an entire new business model on unloading credit card risk to merchants. Kind of reminds you of the ridiculous fees and interest rates we are paying to the same banks.