On October 1 2015 an important change occurs that tips the balance or risk in the payment system that places almost all small business owners at greater financial risk. There are three simple steps that small businesses can take to protect themselves and reduce this new payment risk.
In the past credit card companies were responsible for the risks associated with stolen or forfeited cards. On October 1, 2015 it becomes the seller’s problem if you are still using the same payment processing system and technology. Simply put, it you accept a payment on your current system and the credit card processor later reports that the card was used fraudulently, you don’t get paid. That is a huge change from the past and it eliminates one of the primary attractions of accepting credit cards as payment in the first place. New security technology known as EMV is on the way to combat the use of stolen credit card information but it won’t be here by October 1 for most of us. At this point we do not even have a clear idea when the new technology will be in place. What is a small business to do in the meanwhile? Small businesses that can’t afford the risk of not being paid need to plan their response now.
I covered this topic from a strategic perspective in a recent blog post but as a practical matter for many small businesses it comes down to there three simple steps:
1) Use debit instead of credit. Many customers pay with payment cards linked to bank accounts anyway. When presented with a payment card, ask if the customer can use the debit option. Debit bards do not expose the business owner to this new payment risk.
2) If you are dealing in person with a customer you don’t know then get ID. A clear cell phone photo of your customer’s driver’s license will go a long way. (I use Microsoft Lens on an iPhone that reads and imports the customer data directly into the accounting system). Also, make sure that you have the customer’s working telephone number. A pre-delivery customer service call could actually serve a duel purpose here.
3) If you are handling an online or remote transaction simply delay shipment or fulfillment until the payment clears on your bank or credit card processing statement. This is usually only about 2-3 days.
These are the same two safety procedures commonly used by businesses that accept personal checks for retail payments. For now it makes sense to expend these same seller protection measures to credit card payments.
No merchant is taking a picture of my driver’s license/ID. Not sure how the hell you think that is going to fly.
I understand the security concern. If you’ve ever paid for an isolated transaction by check then you may be aware that recording the address and driver’s license are standard practice among U.S. point-of-sale retailers for decades. It is standard practice at many major U.S. retailers to scan the bar code on the driver’s license to electronically capture the check writer’s identification. The driving force behind this is that law enforcement requests this specific customer information in the event of a complaint of bad check writing. A retailer who accepts a bad check without the name, address and driver’s licence of the maker can not expect much help from law enforcement. After October 1, 2015 that same information will be required by law enforcement if a retailer expects cooperation in the investigation of a credit card scam. If a customer objects, as you indicated, to an electronic scan of the ID then the old-fashioned way of manually writing out the customer’s name address and driver’s license will suffice. My comment was simply reflecting the fact that many merchants do not have equipment to scan a driver’s license through the terminal but virtually all have the ability to capture the same information using programs that interact through cell phone cameras. But one way or another, it is important to be able to identify the customer making an electronic payment.