Choosing the right payment solutions provider is critical if merchants are to ensure a positive payment experience for customers while minimizing the risk of data breaches and other occurrences that can have a negative impact on the business. This means carefully evaluating potential payment solutions partners. Here are five attributes to look for in a payment solutions provider.
1.Familiarity with and experience in the merchant’s market
Different types of merchants have different payment processing needs, which vary based on such factors as the customer base and the nature of the business itself. A payment solutions provider that does not serve a given merchant’s market will likely not be aware of its specific needs and may not be able to satisfy them. The probable end-result: customer dissatisfaction and a myriad of other problems immediately as well as down the road.
2.A varied menu of payment acceptance and processing options
The more digital payment options merchants offer, the better—especially given that according to recent research, 32 percent of consumers use multiple methods of paying their bills and 43 percent are more satisfied with companies that give them a choice of ways to handle payments. Look for a technology toolbox that includes, for example, solutions for processing payments made via interactive voice response, electronic check (ACH), web, mobile devices, and text.
Other desirable options: solutions that enable merchants to accept recurring payments and credit card payments made using a secure three-way calling center, as well as mobile wallet payments. Merchants will also do well to limit their shortlist to payment solutions providers with a willingness to customize payment processing solutions.
3.Top-tier data security
With the incidence of cyberattacks and the like continuing to increase, it is more important than ever to engage a payment solutions provider that prioritizes airtight data security and demonstrates this by harnessing powerful 128-bit SSL encryption to safeguard transaction data. Additional essential security measures encompass use of the CVV verification system and address verification system to verify credit cards.
Any payment solutions provider worth pursuing is certified as compliant with the Payment Card Industry Data Security Standard (PCI DSS). Developed and enforced by the PCI-DSS Standards Council, the PCI-DSS comprises a series of measures designed to thwart fraud. Merchants, payment processors, and credit card service providers are required to exercise these measures to safeguard and ensure consumers’ credit card information security.
For best results, opt for a partner that is a certified Level 1 PCI-DSS 3.2.1 Service Provider—the highest of four merchant levels. To hold such a designation and to be certified as PCI-compliant, the company must undergo an assessment by a third-party Qualifies Security Assessor (QSA) to evaluate whether and to what extent it meets the requirements outlined in the 12 sections of the PCI-DSS 3.2.1. (This will change to compliance with PCI DSS v 4.0, which remains optional until March 31, 2024, when PCI DSS v3.2.1—currently strictest, all-encompassing version of the PCI DSS, is retired). The requirements encompass more than 300 elements, and the QSA must obtain several thousand pieces of evidence and conduct a physical inspection in conducting its assessment.
Merchants in the healthcare vertical should also select only a payment solutions provider that is certified as compliant with standards contained in the Security Rule component of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). All merchants would also do well to work only with a payment solutions provider entity that is certified as complying with SOC 2 criteria developed by the American Institute of CPAs (AICPA) to manage customer data based on five “trust service principles.” Finally, ensure that the payment processing solutions provider has undergone an annual Automated Clearing House (ACH) audit, ascertaining its compliance with all rules and regulations set by Nacha, which governs the ACH network.
The payment solution provider should provide support to merchants 24 hours a day, seven days a week, 365 days of the year. It is best that this support is handled by trained in-house staff.