7 Reasons Your B2B Business Should Accept American Express

Many business to business merchants don’t accept American Express because of the real or perceived high cost of merchant fees and risk of dispute losses vs. the negative impact on profit margins. Here’s a fresh look at the reality of accepting American Express cards in 2019, including as compared to other card brands.

Top Reasons To Accept Accept American Express

  1. Average higher order. Your best customers are also using American Express for corporate purchasing. You may be losing business by not accepting the cards. For example, an actual merchant 1.7X higher average order than other cards.
  2. Higher annual spend. For example, an actual merchant has 3.0 X higher annual spend from American Express buyers than other cards.
  3. Merchants can completely offset the cost of acceptance, usually by surcharging as explained in this article Credit card surcharge rules and laws 2019.
  4. Amex SafeKey provides card not present fraud liability shift as do other card brands. If merchants support it for customer initiated payments, whether online pay portal, invoice click and pay, or ecommerce, they’re protected from friendly fraud ‘it wasn’t me, I didn’t authorize it’ chargeback losses. Rather than defend the chargeback, prevent it from happening and fighting to get your money back.
  5. Customers can take advantage of your early pay discounts and also use the The Pay Over Time option from American Express to extend their cash flow. You get paid on time to improve your cash flow, and customers extend their credit with someone else to manage their cash flow.
  6. Free business promotion. It depends on your business, but in some cases, especially small businesses, American Express does a lot to promote your business online and via other methods. How valuable is that?
  7. Rates may be lower than you think. Fees have broadened into more categories by card type over the years so it’s not just one rate for everything. You may be able to negotiate if you’re a very large business. The biggest expense for other card brands is interchange; if not managed properly, fees may be the same or higher than American Express depending on the card type.

The Christine Speedy difference. Managing credit card fees is critical, and so is understanding the nuances of credit card processing that impacts all merchant fees. the reality is most players in the payments and consultuing industries are not familiar with rules that impact your profit and risk. Call 954-942-0483, 9-5 ET for expert advice about all things credit card processing.

Microsoft Dynamics AX ERP Verifone EMV Connector

Want to accept EMV chip cards with a Verifone MX 915 in your Microsoft Dynamics AX ERP? Ask me about best alternative to Payware for B2B and B2G sales. No Retail MPOS is needed. With our module you’ll be live in no time with all the protections you need to maximize profits, mitigating fraud risk and reducing merchant fees with your existing merchant account.

All transaction types are supported for all your sales channels, and you can accept payments via free text invoices, CRM and more.

The Christine Speedy difference. PCI compliance is important to mitigate data breach risk, but equally important is compliance with complicated card network rules. Have you read any of the 1,000+ pages of Visa Rules? Or 300+ Mastercard transaction processing rules? Have any of the people you rely on? I’ve spent countless hours educating myself on them and learning about the nuances that impact your profit and risk. Technology directly impacts compliance. It doesn’t matter how big or how old a company is; the reality is most players in the payments industry fall behind with every new rule that comes out, even though these rules are usually announced years in advance so that they can prepare. Call 954-942-0483, 9-5 ET for expert advice about all things payments for Microsoft Dynamics AX and D365.


D365 ERP F&O credit card processing

Need a credit card processing solution for D365? What you used in Microsoft Dynamics AX is probably not what you want for Microsoft D365 F&O. That’s because most payment gateways are horribly outdated with current payment processing requirements. Aside from PCI compliance, equally critical is compliance with the card network rules.

Three things you need to ask before selecting a payment gateway for D365:

  • Does the payment gateway support Unscheduled Credential On File?
  • How will you identify expired authorizations and update them?
  • If the initial authorization and final settlement are different, how does the payment gateway manage the authorization so that you can meet requirements for level 3 processing?

D365, ERP, and ecommerce consultants are generally not great resources for the last mile- getting paid, because it’s not their core expertise. If anyone tells you here are two or three options, you choose whichever you want, RUN! Each payment gateway has unique attributes. You need a consultant that not only knows payment processing, but also knows differences between payment gateways and how each will help or hurt your goals.

How can you find a good D365 payment gateway consultant?

While there is not a specific certification that is critical, it helps to have some type of certification vs just experience. The PCI Council offers a few different options, all of which are expensive which is why most people won’t bother getting them. However, because level 4 merchants are required to use only PCI QIR certified individuals, the PCI Council has lowered the cost (as well as the complexity, but that’s another story) to increase the number certified.

Since you’re reading this article, you’re looking for expert help. You’ve found it. I’ve been blogging about payment processing for years. I have used, sold and implemented solutions for authorize.net, PayPal, Payflow Pro, CenPOS, First Data, Chase Paymentech and many, many others. I’ve analyzed merchant statements, ecommerce shopping carts, ERP’s, merchant processors / acquirers, and a host of solutions that interact to impact merchant security, fraud risk, processing fees, and efficiency. Because I’ve seen what happens after the sale, including non-qualified transactions, chargebacks, risky security practices that often go against company policy but employees do it anyway, and more, I’m in a better position than most to give you the best advice for business to business, business to government, large transactions, card not present sales and specialty retail. If I don’t know it, I research everything and ask lots of questions that consultants and merchants don’t know to ask.

The Christine Speedy difference. PCI compliance is important to mitigate data breach risk, but equally important is compliance with complicated card network rules. Have you read any of the 1,000+ pages of Visa Rules? Or 300+ Mastercard transaction processing rules? Have any of the people you rely on? I’ve spent countless hours educating myself on them and learning about the nuances that impact your profit and risk. Technology directly impacts compliance. It doesn’t matter how big or how old a company is; the reality is most players in the payments industry fall behind with every new rule that comes out, even though these rules are usually announced years in advance so that they can prepare. Call 954-942-0483, 9-5 ET for expert advice about all things payments.

Magento Security Alert requires action to maintain PCI Compliance

Magento 2.3.1, 2.2.8 and 2.1.17 Security Update

A SQL injection vulnerability has been identified in pre-2.3.1 Magento code. To quickly protect your store from this vulnerability only, install patch PRODSECBUG-2198. However, to protect against this vulnerability and others, you must upgrade to Magento Commerce or Open Source 2.3.1 or 2.2.8. We strongly suggest that you install these full patches as soon as you can.

PCI Compliance Requirement 6: Develop and maintain secure systems and applications. All critical systems must have the most recently released software patches to prevent exploitation. The average merchant relies upon third party developers for web site maintenance, but unless specifically contracted to update the e-commerce software and add-on modules, don’t count on it.

Only 16.4% of organizations that had suffered a data breach were compliant with Requirement 6, compared to an average of 64% of organizations assessed by our QSAs in 2014- Verizon 2015 PCI Compliance Report.

Payment gateway implementation requirements have changed over time as a result of cross-site scripting and cross-site request forgery (CSRF) to meet current PCI Compliance standards. Merchants should verify all components of their ecommerce ecosystem are current, and have a system for ongoing monitoring and updating.

RESOURCES

  • Magento Security Center
  • MAGENTO SECURITY ALERT, March 26, 2019
  • Christine Speedy, 3D Merchant Services, offers a Magento payment gateway module for merchants to improve their omnichannel customer experience and mitigate fraud and vulnerability risk. Special B2B customer benefits include friction-less payments across all sales channels; text and email Express Checkout, customer invoice portal for 24/7 ACH, credit card, wire and more payment types, and US EMV with level 3 processing. Magento and ERP modules combine to provide a powerful array of solutions to improve cash flow and profits while maximizing security. 954-942-0483.

Which Payment Gateways Support Stored Credential Requirements?

Rules for storing and using stored cards changed for merchants in 2017, yet many payment gateways in 2019 still don’t support the transaction requirements, opening risk of issuer chargeback, fines, and assessments to merchants. Since the card networks are now notifying acquirers of non-complaint merchants, it’s time to get serious about making updates.

The fours types of stored credential transactions are recurring billing, installment billing and Unscheduled Credential On File, where buyer agrees to store the card and future transactions will be initiated either by merchant or buyer. Read more about the stored credential rules either by searching the blog for ‘credential’ or click here for card network rules. The payment gateway manages most of the compliance after merchants make the appropriate changes for standalone or integrated solutions, but merchants also have responsibility for getting the proper wording and opt-in record keeping for agreements to store cards.

Which payment gateways support authorization requirements for stored credentials? Ask gateways if they support your specific card not present transaction type. Even if they do, merchant compliance is not automatic and merchants cannot rely on web developers to automatically get them updated either. This list is valid as of today. Please comment below if you have new information about updates or more payment gateways to add to the list.

  • Authorize.net- No, see developer forum for updates.
  • Bluepay- Unable to determine.
  • Braintree- Yes, added MasterCard 1/18/19, Visa 2018.
  • CenPOS– Yes, since 2017, all transaction types. CenPOS does not publish developer information online. See contact info below for sales, integrations and developer assistance.
  • Cybersource- No, not if this article is still valid.
  • Ingenico- Maybe. Yes, with Ingenico ePayments DirectLink on the international web site, but I was unable to find the related developer code for updating US ePayments needs.
  • Orbital (Chase)- Unable to determine.
  • Payeezy (First Data)- Yes, developer instructions.
  • PayFlow Pro- Unable to determine, doesn’t look like it.
  • Shift4 – No.
  • Vantiv/WorldPay- Maybe. With the merger of these companies, merchants might or might not be using a payment gateway that supports it. Developer info for Worldpay.

Call Christine Speedy, CenPOS Global Sales. 954-942-0483, 9-5 ET for a payment gateway compliant with stored credential rules that can be quickly implemented. CenPOS is an integrated commerce technology platform driving innovative, omnichannel solutions tailored to meet a merchant’s market needs. Providing a single point of integration, the CenPOS platform combines payment, commerce and value-added functionality enabling merchants to transform their commerce experience, eliminate the need to manage complex integrations, reduce the burden of accepting payments and create deeper customer relationships.