5 Things to Know When Picking a Merchant Processing Company Don't just pick the company that offers the lowest rate.
Opinions expressed by Entrepreneur contributors are their own.
A business needs to accept credit and debit cards to thrive, and regardless of how you accept payments -- online, in-person or over the phone -- you need a merchant processing company to process the transactions.
With more than 424 million credit card accounts in the United States alone, there is no way to avoid having a merchant account. However, picking the right merchant processing company isn't always a simple task. Entrepreneur and philanthropist River Cohen is extremely knowledgeable in this space -- he is the founder and CEO of Datainsure, a merchant processing company.
There are many pros and cons to consider while selecting a payment processor. There are also new payment options like Apple Pay coming to the market, making it extremely important that you pick the right company to work with. After speaking with Cohen, here are five things entrepreneurs need to consider when selecting a merchant company.
Related: Funding Options for Bad Credit Risks
1. Demand EMV and latest processing technology.
If you are accepting payments in person, your processing terminal needs to be equipped with the latest technology. Virtually all new credit cards issued these days feature EMV chip technology, but not all point of sale (POS) equipment is updated to accept payments via the chip.
EMV chip technology protects your business from hackers, breaches and fraudulent transactions, and using EMV-compliant POS equipment protects your business. "Your data processer will cover the transaction in the event something bad happens if it was processed via the chip. If not, there is a good chance it won't be covered," explains Cohen.
2. Ensure PCI compliance.
Payment Card Industry (PCI) compliance is a set of security standards designed to ensure all businesses accepting, processing, storing or transmitting credit card information maintain a secure environment.
Every company must renew their PCI compliance certificate yearly through their merchant company to keep accepting and processing credit and debit card transactions. Cohen advises that not all processing companies handle this the same way, stating, "A good merchant company will charge a nominal compliance fee and will take the steps required to ensure your business is complaint. Not all business owners have time to worry about compliance, so working with a merchant that is pro-active in this area will ensure you avoid penalties."
3. Use P2P encryption.
"P2P [point-to-point] encryption is a security necessity. You have to make sure you are encrypting data transmissions at every stage of the transaction since there are multiple points," explains Cohen.
When a business swipes a credit card or a customer enters his or her payment information on a website, a long series of digital communications take place. This leaves the consumer vulnerable to fraud.
Once the transaction is initiated (with a card swipe or when entered online) the issuing bank has to determine whether or not the card has sufficient funds (debit card) or sufficient available credit to successfully complete the transaction. If there are sufficient funds, then the issuing bank sends a message back to the merchant, verifying the purchase. Throughout these steps, point-to-point encryption protects the data, preventing it from being compromised.
4. Utilize API capabilities.
You need a merchant processor that will integrate with your accounting software and any third-party plugins you use on your website. My company owns some consumer brands, and we use our merchant provider's application program interface (API) to connect to multiple third party applications -- WooCommerce, Shopify, etc. Without that convenience, it would greatly reduce what we are able to accomplish.
Cohen explained how one of their integrations helped put them on the map. "With so many businesses using QuickBooks to handle their day-to-day operations, we knew it was important to integrate with the software, and it's one of our most popular features. It's also important that you use a unique API that encrypts the processing. This is a must for retailers or businesses that demand really tight security or has higher than normal security concerns."
5. Don't focus on discount rates.
"Discount rates will often mean discount service. Rather than just looking at rates, a business should be looking at the company as a whole and what they have to offer in terms of integration capabilities, hardware, technology and customer service. Focus on the total picture, not just the rate," suggests Cohen.
Rates have become very competitive among merchant providers, so don't be blinded by a company that boasts a low rate and nothing else. Look for extra value, and look for a merchant company that emphasizes security and compliance.
Bonus: Look into breach insurance (medical practice industry).
For those in the medical practice industry, breach insurance is a must. This protects your business in the event of a hack or data breach, causing customer data and medical information to become exposed.
"If you are a medical provider, you should make sure you have breach insurance. PCI HIPAA is something your processor should provide if you are in this space. If you are hacked, this is the coverage required under HIPAA laws. HIPAA protects the consumer, and this protects you, the business," explains Cohen.
Related: Best Credit Card Processors of 2024