I previously addressed salon solutions with multimerchant terminals. Is that still the best choice today? Let’s explore the pros and cons of various merchant account options for the salon environment, where most workers are independent contractors renting a chair or a ‘booth’.

Under new IRS reporting requirements, credit card receipts are now reported to the IRS by the credit card processor on schedule 1099k. * This indicates gross proceeds so your tax returns will need to match accordingly or it will result in an audit. This can also result in fines from the IRS over whether the other stylists are employees of the salon or independent contractors. Separate merchant accounts may help prove there are no employee relationships.

Credit card processing options:

1. Single terminal, one merchant account:

• PRO: Contractors can easily be commissioned on product sales since everything is tracked
• PRO: Salon owner always gets their rent on time since disbursements are net
• CON: software is typically required to track sales to an contractor
• CON: Contractors must wait to get paid
• CON: Contractor may not have transparent reports, thus leads to discontent and higher turnover.
• CON: See IRS reporting requirements

2. Single terminal, one merchant account, with CenPOS:

• PRO: Easily track sales by contractor; optionally assign sales to type, including service, product, tip
• PRO: Automatically qualifies transactions for lowest cost, reducing processing fees
• PRO: Add/remove users and contractors on demand
• PRO: contractors can see their sales and estimated proceeds remotely any time
• PRO: 7 years records stored
• PRO: ensures the operation PCI Compliant
• CON: See IRS reporting requirements
• CON: Contractors must wait to get paid

3. Contractors bring their own terminal:

• PRO: Contractors get their money sooner- may reduce churn.
• PRO: Simplified bookkeeping
• CON: How many phone lines will be needed?
• CON: Potential rent collection issues
• CON: Contractors not likely to push high profit product sales without commissions, which cannot be integrated. Customers will have 2 charges if they want to buy products.
• CON: If a contractor has a terminal that is not PCI Compliant, or there is a data breach, can the owner be held liable?
• CON: Space – a wall of terminals takes up space you may not have

4. Multi-merchant Terminal:

• PRO: A multimerchant terminal eliminates need for contractors to invest in hardware.
• PRO: Contractors get their money sooner- may reduce churn.
• PRO: Simplified bookkeeping
• PRO: Owner is in control of hardware PCI Compliance
• CON: How many phone lines will be needed?
• CON: Potential rent collection issues
• CON: Everytime a contractor leaves or comes on board, new programming has to be downloaded
• CON: the terminals start at $499 and new regulations may require future replacement to support NFC

5. CenPOS with multi-merchant:  (signature capture terminal or card reader plus a receipt printer.

• PRO: eliminates need for contractors to invest in hardware.
• PRO: It’s host based so owners and contractors never have to download terminal updates.
• PRO: Contractors get their money sooner- may reduce churn.
• PRO: Simplified bookkeeping;
• PRO: PCI DSS (data security) Compliance for all contractors mitigates risks
• PRO: Mitigate risk of IRS issues
• CON: Unless their next salon has CenPOS, the contractor will have to either buy equipment or sign up for a CenPOS account, an additional monthly fee to bear.
• CON: Each contractor will have a login. Reception can login all users at the start of day, but to switch between accounts, the password will need to be re-entered.

BEAUTY SALON MERCHANT RECOMMENDATION:

The salon must take into account several factors including turnover and overall sales volume to make the best choice. My recommendation is #5, CenPOS with multi-merchant. The overall benefits for the salon owner and the contractors far outweigh any potential annoyance on the  switching.

• Owner can remotely view via web overall sales for the entire operation, including all contractors.
• A sales incentive program can be implemented for products by using a drop down menu to enter sales into ‘buckets’ for tracking.
• No extra phone lines needed, just one high speed internet line.

• 

PIN DEBIT COMMENT:

Pin debit requires an encryption key unique to each processor. Since not all merchants are likely to use the same processor, pin debit should not be used for multi-merchant. The main impact is risk from customer disputes is 120 days vs 14 days. This may not be an issue in the salon environment. Under 2011 law, regulated debit fees are now the same for both pin and swipe so this is no longer an issue.

PRODUCT SALES COMMENT:

Regardless of how you choose to sell products, you’ll want to provide some incentive to involve contractors. The receptionist can be key, but when a stylist tells their customer to buy a product, it carries a lot more weight. A program can be as simple as a chart with each stylists name and then add a check or sticker for each time their customers bought something. The person with the most stickers gets a $100 gift card.

Other articles you might like:

IRS Link  Cash Intensive Businesses Audit Techniques Guide – Chapter 10, Beauty Salon Defined
Salon merchant account solutions SPECIAL DEAL (older)

In some respects, the Common Short Code Administration (CSCA) is to Common Short Codes as ICAAN and Whois are to Domains. Common short codes are administered by the CSC Administration (CSCA) for wireless carriers. In addition, the CSCA oversees the CSC Registry, which provides the technical and operational aspects of CSC functions and maintains a single database of available, reserved, and registered CSCs.

With mobile messaging exploding, CSC’s are certain to become as valuable as URL’s. Businesses cannot buy short codes, rather they lease them for a specified period of time, and for a specific campaign type. Leases are offered at different prices fromt the four provider types (see below).

What is a Common Short Code (CSC)?

Common Short Codes (CSCs) are short numeric codes to which text messages can be sent from a mobile phone.

• They’re compatible across all participating carriers.
• CSCs are either five-digit or six-digit numbers.
• CSCs can be leased by anyone.
• USA CSC’s are not recognized by phones issued in other countries, which are developing their own CSC’s.
• Applications route all messages addressed to a registered CSC number from any and all wireless networks initiating a message.
• There are four (4) groups of companies that work together to bring CSCs to wireless subscribers; they include content providers , application providers , connectivity aggregators, and wireless service providers. Merchants lease short codes from a provider.

Should I lease my short code directly from the CSCA?

Not necessarily.  If you’re ready to begin a campaign, research what solution you’ll be using for delivering and managing your SMS messages and payments first. They may offer a bundled package. If you’re not ready and have the funds to spare, you may want to reserve your short code to ensure availability when you need it.

501(c)(3) Non-profits must lease directly from the CSCA to be eligible for a 60% reduction in published rates.

How much does a short code lease cost? On the CSCA site 1/1/2012, registering and leasing a CSC costs $1,000 per month for each “Selected CSC” and $500 per month for each “Random CSC.” THESE FEES ARE NON-REFUNDABLE REGARDLESS OF WHETHER ANY WIRELESS CARRIER AGREES TO ACTIVATE YOUR CSC. The Registry must receive payment in full for the duration of the registration at the time your application is approved. The CSCA offers Registration Terms of 3 months, 6 months and one year. Because fees are due up front, if you register a Selected CSC for three months the cost is $3000.00, and Random CSC for three months is $1500.00.

Do I need to register a CSC for each type of campaign? Yes.

Are there discounts for charities? Yes, provided that all conditions of the Mobile Giving program are complied with. That includes donations only, no recurring billing, and not product sales.

LINKS:

More information about the Mobile Giving program.

Official Common Short Code (CSC) directory (links to CSCA) and information center.

Official CTIA Guidelines for Mobile Giving (links to CTIA PDF)

This is a great question. Should non-profits have a field on their mail order donor response cards? Reading the 2011 Visa Card Acceptance Guidelines for Visa Merchants, it’s still  open to interpretation as to whether to ask for CVV on mailings. Here’s the official excerpts:

General Card-Absent Transaction Procedures

Pg 46 “Always ensure that, at a minimum, you collect the following details from your customer:

• The card account number
• The name as it appears on the card
• The card expiration date as it appears on the card
• The cardholder’s statement address”

Pg 46 “If you are taking an order through the mail or via a fax:

• Obtain a signature on the order form .
•  Always retain a copy of the written order .
• Get proof of delivery”

Pg 48  “A cardholder’s CVV2 may never be stored as a part of order information or customer data . The storage of CVV2 is strictly prohibited subsequent to authorization.”

“An initial, or set-up, recurring transaction should be processed the same as any MO/TO or Internet transaction . If set up by mail or telephone, you should submit both AVS* and CVV2** queries with the authorization.

The sales receipt for an initial recurring transaction must include the following information:

• The phrase “recurring transaction.
• The frequency of the charges.
• The period of time the cardholder has agreed to for the charges.”

* In certain markets, CVV2 is required to be present for all card-absent transactions . ** In some markets, if the transaction is approved, but the CVV2 response is a no match, the merchant is protected against fraud chargebacks.

In summary, the merchant can leave the CVV off and reduce risk, but should use the correct indicator for authorizations, “You have chosen not to submit CVV2.”

If the merchant has a history of mail order fraud, then the merchant may want to collect the CVV2 using a lockbox service to reduce risk. If the merchant is retaining response cards, then the response card should be designed so that the CVV can easily be detached after the initial authorization, and securely shredded. If the response card is scanned, the fields with sensitive data cannot be scanned.

Please note PCI DSS compliance rules always take precedence over individual card network rules.

See also, new 2011 card absent receipt requirements.

At what point does it make financial sense to convert from a Paypal to a regular merchant account? I frequently recommend new small businesses start out with a Paypal account initially. There are factors you need to consider in making this decision, including risk of chargeback and whether you’ll be in front of your customer at the time the payment is needed. Below we examine two  business scenario’s and solutions. Both have customers that pay mostly by check or cash so credit card volume is low.

• A home improvement company meets with customers in person. Multiple salespeople are in the field so traditional wireless devices could be expensive. Some customers make a decision later and fax over their signed contracts.
• A boat towing service company has a fleet of part time captains that respond to emergencies on the water. Most customers pay cash so the credit Traditional wireless devices are impractical due to the number needed and inability to withstand weather elements.

All companies have their service personnel call in the credit card information for an approval over the phone, or they key enter it back in the office later.

Charge slips are impractical and expose the company to risk of a data breach whether through internal or external theft. Paypal is month to month, enabling new businesses to test the waters and build credit card volume before seeking prices from traditional merchant services companies. On the negative side, deposits to your bank account will usually take 3-5 days.  A merchant account will deposit funds to your bank in 1-2 days automatically, and deduct fees once per month.

Paypal is $30 per month plus the table below:

Paypal -month to month, no application fee. Deposits to your Paypal account, then you have to manually transfer it to your bank account which takes 3-5 days. Fees are deducted from every transaction, so you receive net transaction deposit. Some find this to be inconvenient for accounting.

Merchant account- Usually a 3 year agreement, and penalty for early termination and application fee may apply. Deposits to your bank account in 1-2 days and fees are deducted via ACH monthly.

How much will a merchant account cost? All credit card processing fees are based on interchange rates.  There are hundreds of rates. Hardly anyone charges $30/mth, so if your volume is low, be sure to include this when calculating your effective rate.

PAYPAL VS MERCHANT ACCOUNT FEE COMPARISON

The chart below shows examples of multiple scenarios of credit card processing for card not present transactions.  Foreign cards can have a major impact. Paypal charges 1% for foreign bank issued cards and most merchant accounts will pass through the extra fee which varies from .4% to .6% depending on the card brand. The chart assumes NO foreign cards which is a bit unrealistic.

Every situation will vary by number of transactions, types of transactions and actual merchant account fees. For your convenience, you can download the excel spreadsheet above and put in your own numbers. This spreadsheet is offered FREE for your convenience. It may not be used for commercial purposes, nor modified and distributed without express written permission from 3D Merchant Services.

Click to download the xls file Paypal vs merchant account fee calculator .

Have you ever needed to check if a credit or debit card is valid, but you don’t want to authorize or charge yet? We’ve added a new feature for our CenPOS Virtual Terminal called Positive Card. CenPOS will go out to the networks with a zero authorization amount to validate the card with the issuer prior to being stored.

REVIEW OF ENCRYPTED PAYMENT STORAGE OPTIONS NOW AVAILABLE:
Positive Card- validates card. Merchant validate CVV, address and zip code passes fraud check and decide whether the answers are acceptable before storing. Why would you accept a card if it doesn’t pass everything? Only Canada and the UK participate in AVS check; If you know your customer, you may wish to allow the card anyway. This feature allows you to enter a card, then make an educated decision as to whether you want to store it for recurring billing.
Repeat Sale- Offered for check/ACH and credit/debit. Process a transaction and it creates a new token to use for future sales transactions. CVV not allowed per PCI Compliance. Later, check the Token Box, enter the Token ID, amount and invoice #. That’s it.
Recurring Payments Module: Offered for check/ACH and credit/debit. Set up client contracts and store multiple cards, payors, and payment methods for a single account. Regardless of where a token was issued (resale, recurring, positive etc) the token is the same for all.
Securely store any payment type for variable amount token billing or fixed recurring billing.

FAQ:
How do I get this feature? Administrators login to the Virtual Terminal and turn on for each user you want to have access. (This also applies to the other options.)
Will this also validate checks? No, It resides in the credit/debit. If you have a need, let us know.
Are there fees? Yes. 6/14/11 MasterCard charges $.03 for this service, effective with their announcement to support zero auth address verification (AVS), card verification code 2 (CVC 2) validation or both. Expect similar fees on all networks now or in the future. Standard CenPOS per transaction fees apply.
Can we use tokens for the EBPP/ E-invoice service? Not yet, but it’s in development. Currently customers will click the email and enter payment information for each invoice.

The tools are in place for you to eliminate faxed authorization forms that expose payment data and reduce PCI Compliance scope. If you need help using the features or how to deliver the token approval form for signature to your clients, please do not hesitate to call.

What is the payment flow from beginning to end of an ecommerce transaction? This is the credit card processing payment flow for MOST but not all gateways.

1. If ecommerce, the customer places an order. The ecommerce solution defines what data will be passed to the gateway. It uses an API to pass specified data to the gateway.
2. The gateway receives the transaction information and securely passes it to the payment processor.  Each gateway defines what data it will pass to the processor and it may collect more information than it passes. Each processor defines what information it will accept from a gateway.  The API uses the approved data and data format. The gateway must be certified to connect to the processor via a rigorous approval process to ensure security. The gateway transaction file includes yes/no parameters that were predetermined at the account set up level. For example, the “zip code must match or decline the transaction”. The gateway may also kill the transaction before sending to the processor based on merchant risk parameters that were set up.
3. The processor submits to credit card interchange network.
4. The credit card interchange network routes the transaction to the customers credit card issuer.
5. The credit card issuer approves or declines.
6. The credit card interchange network relays the answer back to the processor.
7. The processor records the transaction details and deposits funds in your account per your merchant account terms. It relays the results to the gateway.
8. The gateway records the transaction results and passes it to the ecommerce solution, which then stores on the customer record.  Again, the ecommerce solution defines which data it will accept from the gateway.

At the very beginning I noted the above applies for most but not all gateways. The exception is if the gateway is also a switch. In that case, the switch can bypass steps and go straight to the credit card issuer. This is more rare and none of the most popular gateways can do this.

No. Our hosted payment processing platform is NOT in a cloud. On the surface there are similarities, but the reason not to use a cloud is to control the integrity of the entire system from security to reliability. Amazon’s cloud failure, now impacting businesses for the second day, is the perfect example of why we will not use cloud computing for payment processing related services.

In cloud computing, the user’s computer may contain almost no software or data (perhaps a minimal operating system and web browser only), serving as little more than a display terminal for processes occurring on a network of computers far away.

In our hosted payments solution, the user’s computer will only need a small bit of software if using a signature capture terminal. All users connect to the platform via a web browser (except mobile). Like cloud computing, the merchant is accessing the power of remote software via the internet. But that’s where the similarity stops. With a triple redundant set-up, each PCI Compliant data center can operate completely independent and all are ‘hot’, meaning each are updated in real-time to mirror each other. All of the equipment is owned, not shared. This maxmimizes control over every aspect of system reliability.

Yes, there is a daily purchase limit on debit cards in addition to ATM withdrawals. This can cause a decline when a merchant tries to process a transaction over the customer daily limit. The customer may know they have the money in the bank but are not aware of purchase restrictions. Although merchants have no way of knowing reasons for a decline, if you sell big ticket items, this is something you can alert cashiers to look for.

The daily limits vary by the card issuing bank and the person issued to. For example, Wachovia Bank, a division of Wells Fargo Bank N.A. has issued cards in 2011 with a daily cash withdrawal limit of $500 and daily cash purchase of $7500. In other cases, the limits are much less.