Here we go again... PCI Compliance

[gillumhouse]

OK, here we go again. I got a letter today from Elavon telling me I have to go to their web site and get verifiedthat I am PCI compliant - AGAIN!! If this is going to be a yearly thing I am going to scream! May do that any way. I might feel better.
Now the kicker - if I do not do this by Nov 29, 2009 I will be assessed a $20 PER MONTH non-compliance fee! It gets better! I have just been informed I will be charged $55 per year because I have a credit card machine (and I am supposedto be happy it is not the $175 per year that I COULD be charged. Another way to squeeze small business.
This nickel & dime chipping away at me makes me wonder if it is worth staying in business. Every time I turn around there is another fee, tax, something..... Maybe I should just get on the welfare rolls. Oh I forgot! I actually worked so since I get social securtity I cannot get welfare. One cc processor is going to charge me $195 to discontinue using them or I just give them $5 per month. THIS kind of crap is what puts me over the edge! I am not using someing and have to pay for it. I have to prove I am not doing something (whatever happened to innocent until proven guilty) or pay $20 per month and even after I prove I do not use it, I have to pay $55 for the year - EVERY YEAR after I prove I am in compliance. Excuse me while I retire to a corner in a fetal position.....

 

[JBanczak]

I couldn't agree with you more. PCI is quickly becoming a daily activity here. We have had three banks now this summer tell us that they will no longer allow their customers to use any product that is not certified as a Level 1 Service Provider (the highest level - think what Wells Fargo goes through), AND also must be listed as a trusted partner on the Visa website. Visa now charges companies like us $5000 to be listed on their website as a trusted partner, and processors are not supposed to allow any merchant to process Visa through a company that is not listed on the Visa website! And there is another annual fee of I believe $2500!
So - we have officially contracted with a PCI-certified assessment company to do a full Level 1 Service Provider PCI 3rd party audit and report on compliance for all of BB.com, RezOvation, and Webervations, and are also going through the trusted partner process. This on top of the full PA-DSS audit RezOvation GT has already gone through. Is anyone else's head spinning now?
It really is frustrating to hear of these fees you are incurring though. I'm not going to make a sales pitch here, but there are processing options that don't come with this baggage, and will enable properties to be PCI compliant beyond a shadow of a doubt.

 

[gillumhouse]

Yes, but those cost more than $55 per year. They are NOW telling me it is because I use a Hypercom-7 that i have to pay the $55. That was not an issue last year. I am on Podunk. My annual revenue would make may others laugh. I am truthfully getting to the point of wondering if it really IS worth it.
I know my town needs a B & B and am fighting like hell to keep it here. But I am also getting tothe point of asking is it worth the effort. Directory fees have risen to the point that Podunk cannot afford them. CC companies and processors are taking their pound of flesh. The county hits business with the highest tax rate possible. Everyone and his brother has his handout for a freebie for their "good cause". And then there is a shocked "what happened?" when the business folds. I have NEVER felt this discouraged. It is bd enough that I cannot afford to take the chance of the old processor dipping into my account to take the $195 fee they plan to charge me for NOT doing business with them (the bank will accept my sidpute the unauthorized charge and take it back BUT there may be a few days window because I have to be able to predict EXACTLY the amount they will charge AFTER I fax the discontinue service forms) coming and bouncing other checks I have written.
It is so discouraging. This is a wonderful business to be in. It is the outside forces (gimme everything you have or will have) that kill ones spirit.

 

[JBloggs]

Hang in there K. You will be back to fighting speed tomorrow, and roll with the punches.
I had a rez come through with a discount, andmentioned they are a college parent can they get that as a discount, oh and they have aaa can they have that as a discount. My discount stated not combined with other offers/discounts. It really bugged me, I felt like saying "Here are the keys, the place is yours" but ya know, they are talking to a computer, they will see MY face tomorrow night. So all this rubbish is never "personal" so they keep slammin' us with this stuff.
Perhaps PAYPAL is in your future - get rid of those losers altogether!

 

[gillumhouse]

Hang in there K. You will be back to fighting speed tomorrow, and roll with the punches.
I had a rez come through with a discount, andmentioned they are a college parent can they get that as a discount, oh and they have aaa can they have that as a discount. My discount stated not combined with other offers/discounts. It really bugged me, I felt like saying "Here are the keys, the place is yours" but ya know, they are talking to a computer, they will see MY face tomorrow night. So all this rubbish is never "personal" so they keep slammin' us with this stuff.
Perhaps PAYPAL is in your future - get rid of those losers altogether!.

I think I have decided to open a new checking account - just have to notify the honking loan payment that is an automatic dip - and close the original account. That should get one monkey off my back - I will get the discontinue form and fax it after I have closed to original account. Then I will call First Data to find out what it will cost if I never swipe a card. It may cost less in the long run to just punch in the numbers through the phone. They will probably just find another fee for me to have to pay. It is just so discouraging to work so hard to build something and then find yourself to be the little red hen after the loaf of bread is baked. How appropriate - my breads are very well known........
I did have one bright spot today. The people who took my aunt and got everything she had missed something. I found out they found the large insurance policy that I was beneficiary on - Prudential told me today that policy is no longer in force - but they missed a small one that I found in going through her papers looking for the Prudential policy! I am going to get that. We are going to name DH's new shed The ________ Memorial Shed because there is almost enough to pay for that. She died in Nov 2004 and I just found out a couple months ago thanks to a friend who does searches for people with her genealogy. Funny thing, Social Security told me just a couple years ago funds were being deposited in her name..... I told them I was not asking them to tell me where she was, just if she was still alive and that is the answer they gave me.

 

[swirt]

That sounds like a load of crap. Why is the Hypercom7 not compliant? The whole thing sounds fishy / crazy.
Look into Intuit processing or one of the others that were recently suggested in the other recent thread.

 

[Samster]

Sorry, you're having a bad day, GH. But this is the thing that aspirings HAVE to know! The actual cost of this B&B business where they are located. I could highjack this thread and start a whole thing about the gamut of costs that seem to be rising for us in just 18 months, which is mind boggling to me!!... but I won't. Unfortunately here, everyone whips out a credit card so we have to deal with this. It is the cost of doing business. Wah!

Hang in there.

 

[Tim_Toad_HLB]

Sorry, you're having a bad day, GH. But this is the thing that aspirings HAVE to know! The actual cost of this B&B business where they are located. I could highjack this thread and start a whole thing about the gamut of costs that seem to be rising for us in just 18 months, which is mind boggling to me!!... but I won't. Unfortunately here, everyone whips out a credit card so we have to deal with this. It is the cost of doing business. Wah!

Hang in there..

Sorry, you're having a bad day, GH. But this is the thing that aspirings HAVE to know! The actual cost of this B&B business where they are located. I could highjack this thread and start a whole thing about the gamut of costs that seem to be rising for us in just 18 months, which is mind boggling to me!!... but I won't. Unfortunately here, everyone whips out a credit card so we have to deal with this. It is the cost of doing business. Wah!

Hang in there.

I suppose the flip side to PCI complaince and the minor financial and small time inconvenience it presents is to have a less secure and trustworthy credit card processing world.
There are highly motivated and tehcnologically advanced people out there trying every avenue they can to rip off people's identities, credit card information, etc.
A few minutes of our time once a year and a small fee for peace of mind that our systems and the processor we do the bulk of our business with each year seems a small price for that security.
I finished my complaince questionaire in less than 30 minutes and my processor's fee was waived by virtue of my passing the test.
I don't know about others, but about 99.99% of our revenue is processed via credit card. Going to bed each night knowing that my valued guest's personal data is secure and safe is very comforting.
It's the law and if you don't like it, go lobby congress. We'll see how much more pull B&B owners have over the huge financial sector and its lobbying arm has.

 

[Samster]

Sorry, you're having a bad day, GH. But this is the thing that aspirings HAVE to know! The actual cost of this B&B business where they are located. I could highjack this thread and start a whole thing about the gamut of costs that seem to be rising for us in just 18 months, which is mind boggling to me!!... but I won't. Unfortunately here, everyone whips out a credit card so we have to deal with this. It is the cost of doing business. Wah!

Hang in there..

Sorry, you're having a bad day, GH. But this is the thing that aspirings HAVE to know! The actual cost of this B&B business where they are located. I could highjack this thread and start a whole thing about the gamut of costs that seem to be rising for us in just 18 months, which is mind boggling to me!!... but I won't. Unfortunately here, everyone whips out a credit card so we have to deal with this. It is the cost of doing business. Wah!

Hang in there.

I suppose the flip side to PCI complaince and the minor financial and small time inconvenience it presents is to have a less secure and trustworthy credit card processing world.
There are highly motivated and tehcnologically advanced people out there trying every avenue they can to rip off people's identities, credit card information, etc.
A few minutes of our time once a year and a small fee for peace of mind that our systems and the processor we do the bulk of our business with each year seems a small price for that security.
I finished my complaince questionaire in less than 30 minutes and my processor's fee was waived by virtue of my passing the test.
I don't know about others, but about 99.99% of our revenue is processed via credit card. Going to bed each night knowing that my valued guest's personal data is secure and safe is very comforting.
It's the law and if you don't like it, go lobby congress. We'll see how much more pull B&B owners have over the huge financial sector and its lobbying arm has.
.

Yes, I said it's the cost of doing business. I have no problems with doing what it takes to make my guests' information secure. What I also said is that people hoping to get into this business, need to know all the associated costs so there are no surprises.

 

[Proud Texan]

I'm way ignorant here.

What the heck are you guys talking about? What exactly is PCI compliance and why are you having to pay for it?
FYI: I use Webervations and manually enter info into my Hypercom unit. Do I have issues that I'm not aware of? (no smart ass remarks for the peanut gallery)

 

[gillumhouse]

I'm way ignorant here.

What the heck are you guys talking about? What exactly is PCI compliance and why are you having to pay for it?
FYI: I use Webervations and manually enter info into my Hypercom unit. Do I have issues that I'm not aware of? (no smart ass remarks for the peanut gallery).

PCI compliance means there is no way- no how you store credit card numbers in your computer making them available to your friendly neighborhood hacker - in a nutshell that is what it is. If they enter a cc number while making an online rez, whoever is processing that transaction must be compliant. You use Webervations which now belongs to bandb.com and they have spent a boatload of money proving compliance. Since I take credit cards and have to process those cards - I have to prove a negative, I have to prove I do not store any credit card numbers in my computer. I just have to pray the processor is also compliant.
The fee was waived last year ($20 last year and $55 this year). I do not know if they are going to waive it since I did not go in to do the prove I do not yet. Last year BTW, I not only went online as was told, I printed it out and mailed it certified mail and was STILL charged the non-compliance fee until I called and jumped them. By mailing it, I had the proof of the post office that it was done and they removed the fees. It was worth the cost of the certified return receipt requested to have done it that way.
It is a bigger and more expensive gorilla than most any other we get hit with.

 

[Proud Texan]

I'm way ignorant here.

What the heck are you guys talking about? What exactly is PCI compliance and why are you having to pay for it?
FYI: I use Webervations and manually enter info into my Hypercom unit. Do I have issues that I'm not aware of? (no smart ass remarks for the peanut gallery).

PCI compliance means there is no way- no how you store credit card numbers in your computer making them available to your friendly neighborhood hacker - in a nutshell that is what it is. If they enter a cc number while making an online rez, whoever is processing that transaction must be compliant. You use Webervations which now belongs to bandb.com and they have spent a boatload of money proving compliance. Since I take credit cards and have to process those cards - I have to prove a negative, I have to prove I do not store any credit card numbers in my computer. I just have to pray the processor is also compliant.
The fee was waived last year ($20 last year and $55 this year). I do not know if they are going to waive it since I did not go in to do the prove I do not yet. Last year BTW, I not only went online as was told, I printed it out and mailed it certified mail and was STILL charged the non-compliance fee until I called and jumped them. By mailing it, I had the proof of the post office that it was done and they removed the fees. It was worth the cost of the certified return receipt requested to have done it that way.
It is a bigger and more expensive gorilla than most any other we get hit with.
.

PCI compliance means there is no way- no how you store credit card numbers in your computer making them available to your friendly neighborhood hacker - in a nutshell that is what it is. If they enter a cc number while making an online rez, whoever is processing that transaction must be compliant. You use Webervations which now belongs to bandb.com and they have spent a boatload of money proving compliance. Since I take credit cards and have to process those cards - I have to prove a negative, I have to prove I do not store any credit card numbers in my computer. I just have to pray the processor is also compliant.
The fee was waived last year ($20 last year and $55 this year). I do not know if they are going to waive it since I did not go in to do the prove I do not yet. Last year BTW, I not only went online as was told, I printed it out and mailed it certified mail and was STILL charged the non-compliance fee until I called and jumped them. By mailing it, I had the proof of the post office that it was done and they removed the fees. It was worth the cost of the certified return receipt requested to have done it that way.
It is a bigger and more expensive gorilla than most any other we get hit with.

Who are you having to comply with? Is this something I need to be doing or is it just because of the way you take credit card numbers.?
I print the guest information with the credit card number directly from Webervations THEN, I delete the number online.
Does the problem arise when you are using an innkeeping software on your comptuter that interfaces with an online reservation service?

 

[swirt]

I have a hard time believing (doesn't mean it is not true) that the hypercom terminal is not (or can't bemade to be compliant). these machines are all reprogramable. If they were programmed to remember a number, then they can be reprogramed to not remember a number, or not spit it out when someone digs for it. It is not like anyone can dial in to read your machine....they don't answer, they only dial out.
Sorry you are having a bad day....As for the other stuff, as much as you say you are not being political, you are. There is a lot of politics woven into the fear of healthcare reform, talk of regimes, etc. and as always, should be left outside the door to this forum.
[edited: thanks for removing it]

 

[swirt]

I'm way ignorant here.

What the heck are you guys talking about? What exactly is PCI compliance and why are you having to pay for it?
FYI: I use Webervations and manually enter info into my Hypercom unit. Do I have issues that I'm not aware of? (no smart ass remarks for the peanut gallery).

PCI compliance means there is no way- no how you store credit card numbers in your computer making them available to your friendly neighborhood hacker - in a nutshell that is what it is. If they enter a cc number while making an online rez, whoever is processing that transaction must be compliant. You use Webervations which now belongs to bandb.com and they have spent a boatload of money proving compliance. Since I take credit cards and have to process those cards - I have to prove a negative, I have to prove I do not store any credit card numbers in my computer. I just have to pray the processor is also compliant.
The fee was waived last year ($20 last year and $55 this year). I do not know if they are going to waive it since I did not go in to do the prove I do not yet. Last year BTW, I not only went online as was told, I printed it out and mailed it certified mail and was STILL charged the non-compliance fee until I called and jumped them. By mailing it, I had the proof of the post office that it was done and they removed the fees. It was worth the cost of the certified return receipt requested to have done it that way.
It is a bigger and more expensive gorilla than most any other we get hit with.
.

PCI compliance means there is no way- no how you store credit card numbers in your computer making them available to your friendly neighborhood hacker - in a nutshell that is what it is. If they enter a cc number while making an online rez, whoever is processing that transaction must be compliant. You use Webervations which now belongs to bandb.com and they have spent a boatload of money proving compliance. Since I take credit cards and have to process those cards - I have to prove a negative, I have to prove I do not store any credit card numbers in my computer. I just have to pray the processor is also compliant.
The fee was waived last year ($20 last year and $55 this year). I do not know if they are going to waive it since I did not go in to do the prove I do not yet. Last year BTW, I not only went online as was told, I printed it out and mailed it certified mail and was STILL charged the non-compliance fee until I called and jumped them. By mailing it, I had the proof of the post office that it was done and they removed the fees. It was worth the cost of the certified return receipt requested to have done it that way.
It is a bigger and more expensive gorilla than most any other we get hit with.

Who are you having to comply with? Is this something I need to be doing or is it just because of the way you take credit card numbers.?
I print the guest information with the credit card number directly from Webervations THEN, I delete the number online.
Does the problem arise when you are using an innkeeping software on your comptuter that interfaces with an online reservation service?
.

Who are you having to comply with? Is this something I need to be doing or is it just because of the way you take credit card numbers.?
Everone has to be PCI compliant. The major difference right now is that different processors are enforcing different fees and different pseudo penalties.
I print the guest information with the credit card number directly from Webervations THEN, I delete the number online.
You can't keep cc numbers, period...not in paper, not in electronic media. Once the charge is made, the cc numbers and exp dates and cv codes are supposed to go "poof" (with the added detail that cv data was never to be stored even temporarily in the first place). That's the short version anyway.
Does the problem arise when you are using an innkeeping software on your comptuter that interfaces with an online reservation service?
Then too..but really it arises at any instance where data has some persistance. I suppose you'd be out of compliance if you had a teller working for you with a photographic memory...you'd have to labotomize them after every transaction

 

[gillumhouse]

That sounds like a load of crap. Why is the Hypercom7 not compliant? The whole thing sounds fishy / crazy.
Look into Intuit processing or one of the others that were recently suggested in the other recent thread..

I have to check into terms of contract. I may be in the middle of this contract. According to Elavon, the Hypercom has the cc numbers in its memory. If this is true, why was it not an issue last year? They are also telling me it is an out-of-date piece of equipment that is no longer being made.
I give the best service I know how to give and my rates are not outrageous. I am not lowering my rates (I worked too hard getting them to where they are), but I cannot raise them either because there is so much blathering about how the consumer is getting screwed by the bad old lodging industry. I WANT to be affordable for the regular joe to be able to getaway some place special. But how long can small business continue taking the hits? I am grateful that more and more of my guests are using cash and checks. I will check on contract and then look into alternatives. I am walking a very fine line with taxes, insurance, and the cost of doing business. It will not take much to push me into saying screw it - today I was totally ready.

 

[JBanczak]

Sorry, you're having a bad day, GH. But this is the thing that aspirings HAVE to know! The actual cost of this B&B business where they are located. I could highjack this thread and start a whole thing about the gamut of costs that seem to be rising for us in just 18 months, which is mind boggling to me!!... but I won't. Unfortunately here, everyone whips out a credit card so we have to deal with this. It is the cost of doing business. Wah!

Hang in there..

Sorry, you're having a bad day, GH. But this is the thing that aspirings HAVE to know! The actual cost of this B&B business where they are located. I could highjack this thread and start a whole thing about the gamut of costs that seem to be rising for us in just 18 months, which is mind boggling to me!!... but I won't. Unfortunately here, everyone whips out a credit card so we have to deal with this. It is the cost of doing business. Wah!

Hang in there.

I suppose the flip side to PCI complaince and the minor financial and small time inconvenience it presents is to have a less secure and trustworthy credit card processing world.
There are highly motivated and tehcnologically advanced people out there trying every avenue they can to rip off people's identities, credit card information, etc.
A few minutes of our time once a year and a small fee for peace of mind that our systems and the processor we do the bulk of our business with each year seems a small price for that security.
I finished my complaince questionaire in less than 30 minutes and my processor's fee was waived by virtue of my passing the test.
I don't know about others, but about 99.99% of our revenue is processed via credit card. Going to bed each night knowing that my valued guest's personal data is secure and safe is very comforting.
It's the law and if you don't like it, go lobby congress. We'll see how much more pull B&B owners have over the huge financial sector and its lobbying arm has.
.

Sorry, you're having a bad day, GH. But this is the thing that aspirings HAVE to know! The actual cost of this B&B business where they are located. I could highjack this thread and start a whole thing about the gamut of costs that seem to be rising for us in just 18 months, which is mind boggling to me!!... but I won't. Unfortunately here, everyone whips out a credit card so we have to deal with this. It is the cost of doing business. Wah!

Hang in there.

I suppose the flip side to PCI complaince and the minor financial and small time inconvenience it presents is to have a less secure and trustworthy credit card processing world.
There are highly motivated and tehcnologically advanced people out there trying every avenue they can to rip off people's identities, credit card information, etc.

Absolutely - no question we are better off with more security in place, particularly knowing how awful cc security is handled in our industry. What drives me nuts are the fees. For our business, we have to pay to get an audit every year for Rezo and Weber (tens of thousands of dollars each year just for the audit itself, not to mention the work and IT expense of implementing new equipment), and now - even if we pass an audit - another $5k to Visa or no one is supposed to be able to use Visa through our system? Visa used to be PCI - now PCI is independent - and now there are two places to pay! The fees to properties are also ridiculous.
I would think that if you have a contract with a processor - and they impose an additional fee to you that is not in your agreement - that gives you some grounds to terminate....

 

[gillumhouse]

Sorry, you're having a bad day, GH. But this is the thing that aspirings HAVE to know! The actual cost of this B&B business where they are located. I could highjack this thread and start a whole thing about the gamut of costs that seem to be rising for us in just 18 months, which is mind boggling to me!!... but I won't. Unfortunately here, everyone whips out a credit card so we have to deal with this. It is the cost of doing business. Wah!

Hang in there..

Sorry, you're having a bad day, GH. But this is the thing that aspirings HAVE to know! The actual cost of this B&B business where they are located. I could highjack this thread and start a whole thing about the gamut of costs that seem to be rising for us in just 18 months, which is mind boggling to me!!... but I won't. Unfortunately here, everyone whips out a credit card so we have to deal with this. It is the cost of doing business. Wah!

Hang in there.

I suppose the flip side to PCI complaince and the minor financial and small time inconvenience it presents is to have a less secure and trustworthy credit card processing world.
There are highly motivated and tehcnologically advanced people out there trying every avenue they can to rip off people's identities, credit card information, etc.
A few minutes of our time once a year and a small fee for peace of mind that our systems and the processor we do the bulk of our business with each year seems a small price for that security.
I finished my complaince questionaire in less than 30 minutes and my processor's fee was waived by virtue of my passing the test.
I don't know about others, but about 99.99% of our revenue is processed via credit card. Going to bed each night knowing that my valued guest's personal data is secure and safe is very comforting.
It's the law and if you don't like it, go lobby congress. We'll see how much more pull B&B owners have over the huge financial sector and its lobbying arm has.
.

Sorry, you're having a bad day, GH. But this is the thing that aspirings HAVE to know! The actual cost of this B&B business where they are located. I could highjack this thread and start a whole thing about the gamut of costs that seem to be rising for us in just 18 months, which is mind boggling to me!!... but I won't. Unfortunately here, everyone whips out a credit card so we have to deal with this. It is the cost of doing business. Wah!

Hang in there.

I suppose the flip side to PCI complaince and the minor financial and small time inconvenience it presents is to have a less secure and trustworthy credit card processing world.
There are highly motivated and tehcnologically advanced people out there trying every avenue they can to rip off people's identities, credit card information, etc.

Absolutely - no question we are better off with more security in place, particularly knowing how awful cc security is handled in our industry. What drives me nuts are the fees. For our business, we have to pay to get an audit every year for Rezo and Weber (tens of thousands of dollars each year just for the audit itself, not to mention the work and IT expense of implementing new equipment), and now - even if we pass an audit - another $5k to Visa or no one is supposed to be able to use Visa through our system? Visa used to be PCI - now PCI is independent - and now there are two places to pay! The fees to properties are also ridiculous.
I would think that if you have a contract with a processor - and they impose an additional fee to you that is not in your agreement - that gives you some grounds to terminate....
.

You know, John, I am beginning to wonder if some of those hack jobs on major chains were not done by some of these compliance companies. Look at the industry it has set up? Look at the fees they are generating? I am not a "conspiracy" person, for the most part I go with the "Crap happens" but this has grown so fast and is generating a vast fortune in revenues and fees. And they have gotten legislation passed to give them teeth. They KNOW they have us by the "short ones" as Daddy used to say. If we do not take credit cards we lose a lot of business and if we do take them, we have to pay every which way - the processor takes theirs, the cc company takes theirs, the PCI takes theirs......

 

[JBanczak]

Sorry, you're having a bad day, GH. But this is the thing that aspirings HAVE to know! The actual cost of this B&B business where they are located. I could highjack this thread and start a whole thing about the gamut of costs that seem to be rising for us in just 18 months, which is mind boggling to me!!... but I won't. Unfortunately here, everyone whips out a credit card so we have to deal with this. It is the cost of doing business. Wah!

Hang in there..

Sorry, you're having a bad day, GH. But this is the thing that aspirings HAVE to know! The actual cost of this B&B business where they are located. I could highjack this thread and start a whole thing about the gamut of costs that seem to be rising for us in just 18 months, which is mind boggling to me!!... but I won't. Unfortunately here, everyone whips out a credit card so we have to deal with this. It is the cost of doing business. Wah!

Hang in there.

I suppose the flip side to PCI complaince and the minor financial and small time inconvenience it presents is to have a less secure and trustworthy credit card processing world.
There are highly motivated and tehcnologically advanced people out there trying every avenue they can to rip off people's identities, credit card information, etc.
A few minutes of our time once a year and a small fee for peace of mind that our systems and the processor we do the bulk of our business with each year seems a small price for that security.
I finished my complaince questionaire in less than 30 minutes and my processor's fee was waived by virtue of my passing the test.
I don't know about others, but about 99.99% of our revenue is processed via credit card. Going to bed each night knowing that my valued guest's personal data is secure and safe is very comforting.
It's the law and if you don't like it, go lobby congress. We'll see how much more pull B&B owners have over the huge financial sector and its lobbying arm has.
.

Sorry, you're having a bad day, GH. But this is the thing that aspirings HAVE to know! The actual cost of this B&B business where they are located. I could highjack this thread and start a whole thing about the gamut of costs that seem to be rising for us in just 18 months, which is mind boggling to me!!... but I won't. Unfortunately here, everyone whips out a credit card so we have to deal with this. It is the cost of doing business. Wah!

Hang in there.

I suppose the flip side to PCI complaince and the minor financial and small time inconvenience it presents is to have a less secure and trustworthy credit card processing world.
There are highly motivated and tehcnologically advanced people out there trying every avenue they can to rip off people's identities, credit card information, etc.

Absolutely - no question we are better off with more security in place, particularly knowing how awful cc security is handled in our industry. What drives me nuts are the fees. For our business, we have to pay to get an audit every year for Rezo and Weber (tens of thousands of dollars each year just for the audit itself, not to mention the work and IT expense of implementing new equipment), and now - even if we pass an audit - another $5k to Visa or no one is supposed to be able to use Visa through our system? Visa used to be PCI - now PCI is independent - and now there are two places to pay! The fees to properties are also ridiculous.
I would think that if you have a contract with a processor - and they impose an additional fee to you that is not in your agreement - that gives you some grounds to terminate....
.

You know, John, I am beginning to wonder if some of those hack jobs on major chains were not done by some of these compliance companies. Look at the industry it has set up? Look at the fees they are generating? I am not a "conspiracy" person, for the most part I go with the "Crap happens" but this has grown so fast and is generating a vast fortune in revenues and fees. And they have gotten legislation passed to give them teeth. They KNOW they have us by the "short ones" as Daddy used to say. If we do not take credit cards we lose a lot of business and if we do take them, we have to pay every which way - the processor takes theirs, the cc company takes theirs, the PCI takes theirs......
.

You know, John, I am beginning to wonder if some of those hack jobs on major chains were not done by some of these compliance companies. Look at the industry it has set up? Look at the fees they are generating? I am not a "conspiracy" person, for the most part I go with the "Crap happens" but this has grown so fast and is generating a vast fortune in revenues and fees. And they have gotten legislation passed to give them teeth. They KNOW they have us by the "short ones" as Daddy used to say. If we do not take credit cards we lose a lot of business and if we do take them, we have to pay every which way - the processor takes theirs, the cc company takes theirs, the PCI takes theirs......

LOL - I'm sure there are plenty of folks who might feel that way. I'm not even going to touch that subject!!!!
I do think the cc processing industry is changing though. There are plenty of processors out there (like Intuit for example) that don't have a long-term agreement or early termination fee. The only way they keep business is to continue to provide good service at a low cost. Ultimately businesses practices like that allow for a good natural balance.

 

[happykeeper]

I need some education.
I go to Amazon.com and they have my credit card # on file so that I don't have to enter it each time. Is this PCI compliant?

 

[JBloggs]

Even Wal Mart.com with v code. I know as I had to get a new card and they won't let you easily delete the old card info at all, so I added it as a new card and have to SELECT it each time. (I do photos online from walmart)