Jump to content

People Here Processing Credit Cards for your Business


TTQ B4U

Recommended Posts

What do you think of this:

 

https://squareup.com/

 

I'm looking to add this to my world as many of the photo shoot I'm doing are done and presented to the client right there on location via my iPad. Now I can simply ask for the business and take and fulfill the payment right there on the spot.

 

Thoughts?

Link to comment
Share on other sites

im wondering about security issues with it.... i know relatively little about square up, but if wifi is open on the phone while transacting, you could be subject to man in the middle attacks, outright stealing of CC numbers if they are stored on the device, etc.

 

my gf is interested in using it, but i have not yet researched it. report back with how well it works. i did talk to one merchant using it, she said she was having trouble accepting certain types of CC's.

Link to comment
Share on other sites

The numbers are not stored on the phone.

I dont use WiFi in public with mine.

 

Many vendors at Craft and Food shows have been using this for two years now. Its made its way up through the small time vendors who couldnt afford the stupid credit card machine rental rates, (or didnt want to afford). My moms been using it for quite some time. We have taken thousands of orders at shows, and have very few issues. Sometimes we have to enter a card because its too worn out or it just wont scan, but its few and far between.

 

Akula, who is a security guy here on CR, is who actually sold me on this.

 

 

Secure data encryption

Security is one of our biggest priorities at Square. To protect Square users and their customers, all information by our users has been encrypted and submitted to our servers securely. Our software and hardware meet (and in most cases exceed) all PCI-Compliant regulations as well. As per our User Agreement, Security Policy and Privacy Policy, we will never sell information to third party vendors.

Physical & Network Security

Sensitive data is encrypted using industry-standard methods when stored on disk or transmitted over public networks.

Only standard, well-reviewed cryptographic protocols and message formats (such as SSL and PGP) are used when transferring data.

Symmetric cryptographic keys are required to be at least 128 bits long. Asymmetric keys must be at least 2048 bits long.

Security updates and patches are installed on servers and equipment in a timely fashion.

Security settings of applications and devices are tuned to ensure appropriate levels of protection.

Square’s website and API are accessible via 128-bit, extended-validation SSL certificates issued by VeriSign.

Networks are strictly segregated according to security level. Modern, restrictive firewalls protect all connections between networks.

Card-processing systems adhere to PCI Data Security Standard (PCI-DSS), Level 1.

Web and Client Application Security

Card numbers, magnetic stripe data, or security codes are not stored on Square client devices.

Applications developed in-house are subject to strict quality testing and security review. Web development follows industry-standard secure coding guidelines, such as those recommended by OWASP.

Card-processing applications adhere to the PCI Data Security Standard(PCI-DSS), Level 1.

Organizational Security

Access to sensitive data, including application data and cryptographic keys, is strictly controlled on a need-to-know basis.

Two-factor authentication and strong password controls are required for administrative access to systems.

Security systems and processes are tested on a regular basis by qualified internal and external teams.

All access to secure services and data is strictly logged, and audit logs are reviewed on a regular basis.

Security policies and procedures are carefully documented, and are reviewed on a regular basis.

Detailed incident response plans have been prepared to ensure proper protection of data in an emergency.

Link to comment
Share on other sites

Isn't PayPal 3% or higher? I'll take 2.75%.

 

If you have to enter the card number (i have to do this, as i do orders over the phone) its 3.5 i think + .15.

When you key-in credit card information rather than use the card reader, the fee is slightly higher (3.5% + 15¢ vs 2.75%.)

The convience is worth it to me

Link to comment
Share on other sites

I have it and have used it quite a bit. There is a secure end-to-end connection so going over public lines doesn't matter MITM isn't possible as the inner connection is secure. POS machines don't transmit card numbers anyway, they transmit a salted-hash of the number.

 

Whenever I see a company that doesn't take cards I think about how easy this is and just laugh.

 

I wonder what they will do when PCI makes everyone shift to chip-and-pin.

Link to comment
Share on other sites

what if the credit card is found to be stolen later? (like if the card isnt reported immediately) after your product or service is long gone

 

i know that visa/mastercard/etc. will withdraw the money from the business' bank account if found by them.

 

will they do this with this thingy too?

Link to comment
Share on other sites

what if the credit card is found to be stolen later? (like if the card isnt reported immediately) after your product or service is long gone

 

i know that visa/mastercard/etc. will withdraw the money from the business' bank account if found by them.

 

will they do this with this thingy too?

 

 

Verify ID to CC?

 

:confused:

 

KillJoy

Link to comment
Share on other sites

Verify ID to CC?

 

what if the credit card is found to be stolen later? (like if the card isnt reported immediately) after your product or service is long gone. i know that visa/mastercard/etc. will withdraw the money from the business' bank account if found by them. will they do this with this thingy too?

 

^^ would be in the vendors best interest to verify id and copy down Driver License Number.

Link to comment
Share on other sites

All the concerns are common sense items. If you have your own business, you should be checking ID with any payment other than cash. I deal face to face and check ID with every piece of paperwork signed - Sales Receipts, Bills of Sale, Checks and Credit Card purchases. Yes I still take checks. Easy to verify identity with drivers license and never had an issue (in 7 years). For shipping transactions I use PayPal only and will ONLY ship to verified/confirmed shipping address. I get a tracking number and purchase insurance with every shipment. Some folks think insurance is the responsibility of the buyer, but it is actually the seller who needs the insurance. (But that is another topic)

 

This device is a great way for a small business to accept credit cards without the expense of a terminal, monthly maintenance fee and high fees for low-volume of transactions.

Link to comment
Share on other sites

Yes my wife uses it as a POS on her ipad at, Fantasy Cupcake. It has made things sooo much easier! I would highly recommend it for any small business that doesn't do a majority of high dollar sales, in which a flat per transaction fee would be cheaper. I'm on my iPhone right now but I'll post up a longer more informative post later. Also here is a link to the article http://techcrunch.com/2011/08/22/a-woman-a-cupcake-a-bank-and-a-square-why-credit-card-companies-are-scared-of-change/
Link to comment
Share on other sites

Oh and in regards to drug dealers, you'll never see them use it cuz that would lead to a paper trail if anyone was to look at the accounts!

 

ok so we have been using Square since before it went public, my brother-in-law was a part of the development team and we were able to snag a prototype for testing and such. (FYI it looks ALOT better then the very first prototype!) but like i said before she is using it as a standalone POS (point of sale) system, which its not necessarily meant for. it does have its drawback but the benefits outshine them. for what we do, i wish there was a button to apply discounts or be able to pay with a giftcard, but these may be implemented in the future. otherwise its great. one bonus is, is that you dont have to wait for a separate deposit for AMEX and Discover, they usually take a few extra days, and that can make it confusing on the accounting side. it is VERY easy to use, people love it and think its really cool that we use an ipad and that they are signing on it!

 

if anyone has questions feel free to email me (slammedcrx at gmail dot com) or PM and i can help!

Edited by Murse
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...