There are other issues that might be considered regarding
credit card systems. I almost went with cryptopay a few years ago when I bought my wash, but I was not able to verify that cryptopay is PCI compliant. I still can't verify that cryptopay is PCI compliant. I could be making more out of PCI compliance than I need to, but I'm thinking that it isn't going away and the liability for fraud and data breaches will remain with the merchant. Businesses that accept credit and debit card payments are expected to certify that adequate security is in place to protect the privacy of card holders. It is easy to think that a business can certify compliance one time each year, but I've learned that is not the case. If you are using the internet to support card transactions, security is an ongoing process that requires businesses to keep on top of internet and physical security of transactions. A good article on the issue can be found at
http://www.tomsitpro.com/articles/pci-compliance-overview,2-849.html.
https://www.pcisecuritystandards.org/pci_security/why_security_matters is the site for the organization that prescribes the compliance standards. Not an easy site to navigate or understand.
I went with USA Technologies eports for a couple of reasons. 1. One came installed on an ice
vending machine that was purchased for my wash and I wanted to stay with one solution. 2. eports are PCI compliant. I have them in my self serve bays and on a
hamilton DRS
coin changer to vend
tokens. I've been pretty happy with the eport, but it has some limitations and I don't see USA Technologies thinking towards the future. For example, the eport doesn't have an EMV (chip and pin) solution and they are not able to provide any guidance on what is expected of me regarding documenting PCI compliance. I have been trying to figure out a way to make the eport work with my
Hamilton Goldline, but I've given up on that idea and I'm looking at other options. I recently sold the ice machine, so I'm now looking into
Nayax which is PCI compliant, has an EMV solution, accepts every type of
transaction that I am aware of and can be made to work with the Goldline. I'm working through the process of switching to
NAYAX, but I didn't ask if the customer will be able to generate receipts.
My goal is to minimize the amount of time and effort I have to spend worrying about and addressing PCI compliance and liability for fraud or data breaches. I also want a solution that will work well into the future which to me means that it accepts all versions of payment and provides an EMV solution.
Nayax uses verizon wireless to process transactions and no data is held by me as the
transaction is processed immediately. I have to have internet service right now because I need a phone line for the goldline and couldn't find a different option. If I go with
Nayax and it will work with the goldline I will be able to take the internet out of the equation and the only issue I'll need to worry about is the physical security of the card readers. Wish I had known more about PCI compliance and EMV when I went with eports and I hope I don't have to say the same thing a few years from now.
