Integrated Credit Processing Moving Away From Authorize.net

16 comments Published in Help, News on by .

If You Want To Process Credit Cards Through MerchantOS…

You will need to transition away from Authorize.net and on to either MerchantWARE (from Merchant Warehouse) or Element Payment Systems.

What You Need To Do

MerchantWarehouse customers: You will need to get setup on the MerchantWARE gateway and purchase an encrypted credit card swiper from MerchantWarehouse (~$70). Once your new setup is running smoothly you will want to cancel your Authorize.net account. The MerchantWARE gateway is free which should help you offset the new card reader price over time. We will guide you through this entire process and make it as smooth as possible. Give us a call to get started.

Customers using a 3rd party processor along with Authorize.net: You have two options. Sign up for a new merchant account through either Merchant Warehouse or Element. Or have your processor board the ElementPS gateway on to your account. You will also need to purchase an encrypted credit card swiper from ElementPS (~$100). This second option may or may not be an option depending on how your merchant account is setup. Give us a call and we will help you through this process.

Deadline For The Transition

We do not yet have a hard and fast deadline for when we will turn off our integration with Authorize.net. But the day is coming and you should move to change your setup as soon as you are able.

Why Are We Doing This?

To improve our security and limit both your liability and our own regarding credit card fraud. Read on to learn more…

Going Beyond Payment Card Industry (PCI) Compliance

We’ve been working very hard over the last several months to make MerchantOS comply with PCI regulations. We ended up with a method to protect card holder data to such an extreme that it makes card data compromise from MerchantOS all but impossible. The methods we are using are so simple and secure, they will certainly become much more common in the future of payment processing.

MerchantOS No Longer Handles Cardholder Data

You might be wondering if MerchantOS no longer handles cardholder data, how on earth are they running my customer’s credit cards? We do it by working with payment processing gateways like the one made by Element Payments. These gateways only work with special credit card readers. The credit card readers encrypt credit card data with a key before the data leaves the device and goes on to your computer. MerchantOS has no way to decrypt this data. We just pass the encrypted data along to the payment gateway along with additional information about the transaction. Only the payment gateway has the necessary key to decrypt the data after which they let us know if the transaction is authorized.

What This Means For You

You will still need to maintain PCI compliance since you are handling credit cards. This new method may reduce the rigor of the requirements necessary to make your shop PCI compliant. You would have to ask your merchant processor what level of requirements you would need to fulfill with your chosen gateway.

What This Means For MerchantOS

We are devoted to protecting your information and we spend a lot of our resources on security. We meet or exceed many of the requirements to be PCI compliant. MerchantOS however will not be certified PCI compliant. PCI compliance is designed to protect cardholder data and since we no longer handle cardholder data we are outside the scope of these regulations.

16 thoughts on “Integrated Credit Processing Moving Away From Authorize.net

  3. Does this new CC system cost more or less than Authorize.net. Why do I have to purchase a new swipe device. I do not like being forced into something else when what we are currently doing is working great.

    Reply

    • If you process through Merchant Warehouse switching to their MerchantWARE gateway will cost you less (same if you sign up for a new account with either Merchant Warehouse or Element). If you are processing through a third party the cost will be about the same. We don’t like being forced to do thing either but unfortunately that is the price we both pay for dealing with the credit card industry. On the upside this new method is much more secure than the old method.

      Reply

    • The two new gateways we are working with are more secure than the Authorize.net implementation, yes. This is because with the new gateways the card info is encrypted right when it is swiped within the swiper hardware before it even reaches your computer. So the card data is secure from the swiper all the way to the gateway. We also have implemented a way to enter card numbers manually that goes straight to the gateway so that MerchantOS doesn’t ever touch any card holder data with the new gateways. This is more secure than Authorize.net, because the card holder data had to pass through our system (another place it would be possible for a hacker to get it).

      Reply

  5. I am just setting up a account with merchant os and already have a MagTek Magnetic Swipe Card Reader PS2 21080148. This is a encypted swiper. Is that compatible.

    Reply

    • It probably will not work. The card reader has to be setup by the gateway (Element or MerchantWARE). You could ask them if there is a way they can set it up remotely, but I’m doubtful.

      Reply

  6. On merchantware website, they have authorize.net for processing option, when i sign up, and inform them that im with merchant os, will they know NOT to use authorize.net?

    Reply

    • Yes. We have the exact same functionality with the new credit card processing system. To manually enter a card number you will be taken to a page at the gateway when you complete the sale. You enter the card number there and you are returned to our system to print the receipt.

      Reply

  12. Pingback: Mercury Payment Systems Now Compatible With MerchantOS

Leave a Reply

Your email address will not be published. Required fields are marked *