Merchant Account Services Online Blog

NASDAQ Breach: You Should be Concerned

2011-02-10T09:50:00.001-06:00

How Long Were Hackers Prowling Around the Systems?

February 10, 2011 - Tracy Kitten

If hackers were trolling around NASDAQ systems and servers for months and we're just now hearing about, we all should have some serious concerns.

Since news of the NASDAQ systems breach broke earlier this week, I've been reading with interest the updates about this still-unfolding cyber case.

On Feb. 5, a story broke about the NASDAQ breach. In a statement issued by NASDAQ this week, NASDAQ says it learned of the breach through routine monitoring. "We detected suspicious files on the U.S. servers unrelated to our trading systems and determined that our web facing application, Directors Desk, was potentially affected," the statement says. "We immediately conducted an investigation, which included outside forensic firms and U.S. federal law enforcement. The files were immediately removed and at this point there is no evidence that any Directors Desk customer information was accessed or acquired by hackers. Our trading platform architecture operates independently from our web-facing services like Directors Desk and at no point was any of NASDAQ OMX's operated or serviced trading platforms compromised."

Read the full story at bankinfosecurity.com

54 reported banking-related data breaches so far in 2010

2010-12-30T12:17:00.000-06:00

There have been 54 reported banking-related data breaches so far in 2010, according to the Identity Theft Resource Center -- slightly fewer than the total of 62 breaches in 2009. But it is possible that additional 2010 breaches will be reported after the new year.

Of the 54 breaches tracked by the ITRC:

9 are related to insider theft;
6 are related to missing paper documents;
8 were linked to card skimming attacks;
5 resulted from stolen or missing hardware;
8 are blamed on cyberattacks or outside network intrusions;
4 are related to the exposure of data on the Web;
6 are linked to an accidental breach;
3 were of unknown origin.

Read the Full Article

How Cybercriminals Make Their Millions

2010-12-27T16:44:00.000-06:00

Botnets have been getting a lot of headlines lately, whether from last month’s arrest of the man allegedly behind the Mega-D botnet, or angry supporters of the WikiLeaks organization who have voluntarily allowed their computers to become part of the Low Orbit Ion Cannon (LOIC) as part of Operation Payback. Most botnets are used as part of a criminal enterprise, and their purpose is simple: make money.

Stealing from Bank Accounts

Another common task for botnets is stealing from Internet bank accounts, Lee said. He explained that the malware on an infected machine waits until the victim connects to a bank's Internet service. It allows the victim to do the authentication. It then takes over the connection and injects its own money transfer commands into the system and hides those transactions when the victim looks at the balance.

SAS 70 evolution grows into SSAE 16

2010-12-22T11:25:00.006-06:00

We were all hearing about this new version of the SAS 70 Audits for Data Centers and as of January as we will see more companies moving into this space.

Major changes effective June 15, 2011:

More detailed requirements for the description of the service organization’s system of controls.
Adds a written assertion from management.
Adds a risk analysis.
Increases clarity and reporting requirements for the use of subservice organizations.
Changes auditor opinion on control design effectiveness from a single date to the entire period of time covered by the report.

The new standards must be adopted for periods ending on or after June 15, 2011, with earlier adoption permitted.

SSAE 16 Resources:

Download more information on SAS 70 Evolution: Here Comes SSAE 16
SSAE 16 Resource Guide
SSAE16.com - A site dedicated to the SSAE 16 Auditing Standard
SSAE 16 - Overview
SAS 70 Audit Solutions
SSAE 16 Assessments

Website Optimizer Security Alert

2010-12-07T11:51:00.003-06:00

Just issued by Google, they have found Cross-Site Scripting (XSS) attack opportunities by hackers or attacker might be able to execute malicious in the code on your site. They have since fixed this issue and require anyone running Google Website Optimizer tests to re-install the code to reduce risk for attacks on your site.

Very important as we do our holiday sales...

More Information can be found on how to fix this at Search Engine Land

http://searchengineland.com/google-website-optimizer-googl-url-security-58006

Firesheep Fix as Easy as HTTPS

2010-12-07T08:49:00.000-06:00

November 2010 will be remembered as the month that Firesheep exploded onto the computing scene, much to the delight of college students everywhere. The Firefox browser add-on makes it trivial to gain access to anyone's Facebook account while they're connected to the Internet using an open, unsecured Wi-Fi connection.

Of course, the session hijacking attack vulnerability that Firesheep exploits has been well-known in hacking and security circles for ages – all that Firesheep does is make the attack spectacularly easy. And it's a bit unfair to highlight Facebook as being susceptible to the attack, if only because many other popular sites, including Flickr, Foursquare and Wordpress are just as susceptible to it, too.

Small Business Confidence Up In November

2010-11-30T09:34:00.002-06:00

It looks like it is going to be a great holiday shopping season, from what I was just reading in the Small Business Newz , the monthly index rose to 87.2 in Nov, up 3 points from 84.2 in Oct. The economy looks like it may be in a turn around for online businesses as well storefront sales. This is a good thing ..

Here is a link to the article I was reading,

http://www.smallbusinessnewz.com/topnews/2010/11/29/small-business-confidence-up-in-november

Cash-flow concerns were at their lowest level in 17 months: 43 percent of small business owners experienced cash flow issues in the past 90 days, down from 46 percent in October. The highest this percentage has ever reached was 53 percent in August 2010 and July 2009; the lowest it has ever been was 32 percent in January 2007.

“We see slight improvements in nearly every survey category of the index, with significant improvement in the confidence of small business owners who sell consumer goods and services,” said Ryan Scully, director of Discover's business card.

“There would appear to be some measurable hope for the holidays that business will improve. Even still, there’s no getting around the fact that 59 percent of America’s small business owners still rate the economy as poor.”

Cleveland Federal Reserve Hacked

2010-11-22T09:11:00.000-06:00

A 32-year-old Malaysian man was arrested shortly after his arrival last month at John F. Kennedy airport in New York City. His crime? Authorities say he hacked into the Cleveland Federal Reserve Bank and several other computer systems, including a defense contractor.

Lin Mun Poo, a Malaysian national, faces a four-count indictment that charges him with hacking into computer systems and the possession of more than 400,000 stolen credit and debit card numbers.

Cybersecurity 101 Webinar

2010-11-18T12:43:00.000-06:00

Tuesday November 30, 2010 12:00pm ET 9:00am PT

Really tired of hearing a lot of opinions and spin on cybersecurity but no definitions or facts? Still deciphering through marketing clutter after “Cyber Security Awareness Month” trying to determine what cybersecurity means and how it impacts your agency? If so, join us at the beginning. Let’s start with Cybersecurity101.

In this webinar presented by Level 3 Communications, we will serve as the introductory professor you have been looking for. Positioned as a high-level, educational session, the webinar will cover cybersecurity basics, review the cybersecurity risk management process and framework, and highlight our nation’s critical infrastructure areas where cybersecurity is most important. The webinar will also present a snapshot into some of the ways the Level 3 protects its own information assets to mitigate risk.

Presenters:

Ben Courter

Senior Federal Segment Manager, Level 3 Communications

Ben Courter is a Senior Federal Segment Manager for Level 3 Communications responsible for marketing Level 3's portfolio services to Federal agencies. Ben has twelve years experience in telecommunications with a variety of roles including Product Marketing, Business Development and Competitive and Market Intelligence.

Dale Drew

Vice President and Chief Security Officer, Level 3 Communications

Dale Drew serves as Vice President and Chief Security Officer of Level 3 Communications. His responsibilities include ensuring the security of all of Level 3's Global Security concerns, including maintaining Architecture, Engineering, and Operational responsibility for Physical Security, Logical Security, Federal Security, Business Continuity and Managed Security services. Dale's team oversees the security of internal (enterprise) security as well as products and services security.

He has over 23 years of professional security experience working in the Law Enforcement investigative and global ISP security capacities having worked for US Secret Service, Arizona Attorney Generals Office and telecommunications companies such as MCI and Qwest.

Erik K Linask

Group Editorial Director, TMCnet

Erik oversees the daily operation of TMCnet, which delivers news, information, videos, white papers, podcasts, and more to three million visitors each month. He is also a contributor to TMCnet as well as TMC’s IP Communications publications. Prior to joining the TMC team, several years ago, he was Managing Editor at Global Custodian, a global securities services publication, where he also managed the magazine’s survey research. Erik began his professional career at management consulting firm Leadership Research Institute.

Register Now!

Nov. 18: 2010 Announcing the Barracuda Security Bug Bounty Program and other news from Barracuda Networks

2010-11-18T10:11:00.001-06:00

Barracuda Networks announced the Barracuda Security Bug Bounty Program, an initiative that rewards researchers who identify and report security vulnerabilities in the company's security product lines. Click here for the press release as well as the blog post and follow up articles in Computerworld, Dark Reading, eweek.com, SC Magazine, ThreatPost and more in our newsroom. For additional information, including a list of frequently asked questions, which products and bugs are eligible, and how to claim the bounty, researchers are encouraged to click here.

Barracuda Networks has published an updated version of their corporate catalog. Click here to download.

Upcoming Partner and Customer Webinars

You and your customers are invited to these upcoming Webinars:

Dec. 1: Barracuda Message Archiver - Ranked a Top Archiving Solution by Network World presented by Aseem Asthana, product manager. Learn why the Barracuda Message Archiver earned top industry honors and how to maximize your email infrastructure.

Click here to register for 7 a.m. PT

Click here to register for 9 a.m. PT

Dec. 1: Link Reliability and Bandwidth Optimization with the Barracuda Link Balancer presented by Sanjay Ramnath, product manager. This is a technical demonstration of the Barracuda Link Balancer.

Click here to register for 11 a.m. PT

Barracuda Networks in the News
IT Business Edge: Cloud Never Far From Minds of Midmarket CIOs. Click here to read more.

Please visit Barracuda Networks Product Management Blog and Barracuda Labs Blog and the Barracuda Networks Newsroom regularly for more insights on the latest product updates and industry trends as well as the latest security threats and research.

And for more partner-specific news, Webinars and other training session, please visit the Barracuda Networks Partner Portal or contact your regional Barracuda Networks sales representative.

Thank you for your continued support!

Regards,

Michael Hughes

VP Worldwide Sales

Barracuda Networks

1-888-ANTI-SPAM (1-888-268-4772)

Improved Trojans Target Banks

2010-11-11T09:51:00.001-06:00

I ran across this article about Trojans targeting banks... and felt I would pass it on.

The more well-known Trojans and their variants, Zeus and Spyeye, are all available for sale on the black market, says Rivner, head of new technologies, consumer identity protection at RSA, The Security Division of EMC. Qakbot, first discovered by Symantec in 2007, is most likely being run by one group. "It is not available as a kit on the Internet, or offered for sale," Rivner says. Instead, it is likely that an organized crime group developed it, focusing on their own specific methods, and tailored the Trojan to a specific segment -- large banks and their commercial customers.

Read More

Fraudsters Swapping Out POS Devices, Stealing Card Data

2010-04-22T09:23:00.001-06:00

New Trend:

An unsettling trend in this type of crime is that some criminals have resorted to collusion with employees, or even used threats of violence to get the PEDs replaced, says PCI and security expert Branden Williams, Director of the Security Consulting Practice at RSA, the security division of EMC.

Typically, this crime begins when criminals target a single store, or -- as in the case of Hancock Fabrics -- multiple stores in various locations.

Urban describes how a gang of these criminals will go into a store. "They will feign illness to draw people away from a point of sale terminal in order to make the switch. It is a brazen act - almost to the point of opening the cash register - to swap out a POS terminal during business hours. In these cases, the criminals work together to create a cover of the terminal swapping activity."

Chase Bank Customers Targeted Via Texting

2009-11-05T10:44:00.001-06:00

Smishing Attack is New Variation of Classic Fraud
November 2, 2009 - Linda McGlasson, Managing Editor

Chase Bank customers in the New York metro area have been receiving bogus text messages claiming to be from the bank, asking for account information. A local New York television station reported the phishing attack last week, claiming that "tens of millions of dollars" have already been stolen by fraudsters.

Chase media relations spokesman Tom Kelly downplays the report, saying, "As you might expect, TV is a little breathless on an issue that has been around via email and now texts for a number of years." Kelly says this attack is a variation of phishing known as "smishing." He says the amount of money taken in the attacks or the number of customers receiving the text messages is unknown.

Read More about "tens of millions of dollars" have already been stolen by fraudsters.

Microsoft Windows 7 Ultimate VLC x64 - How to run your x32 programs

2009-10-26T23:00:00.005-06:00

Working with the new x64 bit version of the new operating system, Microsoft Windows 7 Ultimate VLC x64 ...I just got finished installing 2 x64bit systems one for work and one for home, I also have a x32 bit System at work side by side... Today I have to completely move my master computer into secondary mode, I was trying to install Adobe CS4 MasterCollection and it keep giving me an error and it needed the 64bit install.

Well long story short I had one of our technician take a look and he installed a cool tool called Sun VirtualBox. Then I stumbled more and ran across a cool resources that maybe helpful when running a computer with a x64 bit operating system such as the new Windows 7 Core Presentation Deck | Windows 7 News

Now I am going setup a new Download from Microsoft - The XP Mode Windows 7, so far it looks really cool now I need to figure out how to setup my external drives and run Adobe CS4 one of my favorite tools work with everyday.

For More Information about the New Microsoft Windows 7 Visit the Site

Drive retail growth with Microsoft Dynamics Retail Management System (RMS)

2009-10-20T09:47:00.001-06:00

Deploy a complete point of sale solution with Microsoft Dynamics Retail Management System (RMS)

Drive retail growth with a flexible, connected solution
Microsoft Dynamics Retail Management System (RMS) offers small and mid-market retailers a complete point of sale (POS) solution that can be adapted to meet unique retail requirements. This powerful software package automates POS processes and store operations, provides centralized control for multi-store retailers, and integrates with Microsoft Office system programs, Microsoft Dynamics GP, and other popular applications. Microsoft Dynamics RMS is built on a proven Microsoft platform that adapts to meet unique and changing retail needs.

Learn More About Microsoft Dynamics Retail Management System (RMS)

New Phishing Attacks Target Institutions in Four States

2009-10-19T08:14:00.000-06:00

A fresh string of phishing attacks have struck financial institutions nationwide over the past two weeks, with customers of 10 banks and credit unions in California, New York, Pennsylvania and Wisconsin receiving fraudulent text messages or automated phone calls.

These incidents are concurrent with a new report from the Anti-Phishing Working Group, which says such attacks are up nearly 600 percent this year.
Text Messaging Scams

Members 1st Federal Credit Union of central Pennsylvania reported on Sept. 28 that it received calls from customers about text messages claiming that their cards were blocked. The calls were purportedly from Members 1st, and the customer phones that were targeted were reportedly AT&T mobile phones.

Read More: about the Phishing Attacks

2009-09-15T21:40:00.003-06:00

This New Storage System took me by having heard this being talked about by many IT Professionals here in Kansas City. One of the worst things in the world with Visa and MasterCard looking over your shoulder after a PCI Security Breach, just before an audit of your data center. Not fun remember this holliday season make sure you have a backup on your server clone ready to go at your Virtual VMware and Barracuda Networks to name a few. I did come across some great tips and tricks videos on many of those type topics of keeping business online all the time since the internet does not sleep.

Also remember to do those scans for PCI make sure your servers as safe especially you Joomla Hosted Sites.

------------------------

Cool Products to Look into:

-----------------------

1. HP StorageWorks Disk-to-disk-to-tape - the quick access of disk
with the long term archive ability of tape.

DATA DEDUPLICATION: STORE MORE WITH YOUR CURRENT INVESTMENT

http://www.hp.com/large/campaigns/1-7AQUD/index.html?jumpid=ex_r2848_kimess/4Q09Storage/1-7AQUD_mcc|ESTT/dm:_N5823.ArsTechnic_40828155_217707572_33204587

Make room for the data you need to run your business. Retain up to 50X more backup data on the same disk without 50X more budget.*

• Have more data consistently available without
increasing disk space

• Speed up disaster recovery via multiple backup points
and ensure business continuity

• Replicate deduplicated data across sites using low bandwidth lines to make remote backup and disaster
recovery more affordable

Learn why HP Data Protector won a 2008 Storage Magazine Quality Award

Top 3 | Managed E-Commerce | PCI Compliant Shopping Cart

2009-08-24T22:30:00.004-06:00

I cannot believe I fell for another shopping cart.
Volusion Hosting PCI Compliant Shopping Cart

This has just about everything I need so far, I spoke to great merchant selling eco-friendly lawn equipment

Other would be:

MonsterCommerce.com would use them before they changed to NetworkSolutions

and Yahoo Stores

The Biggest Security Hole on the Web?

2009-08-17T07:31:00.001-06:00

Two weeks ago, Adobe released a critical patch for Flash Player and Acrobat Reader. According to online security company Trusteer, about 80% of users are still vulnerable, and perhaps more startling, the company views this as being possibly the biggest security hole on the Internet today.

Learn More about this critical patch for Flash Player and Acrobat Reader

Paypal Personal Calls to Insure Security and Safty of Account

2009-08-14T08:56:00.002-06:00

It was the strangest thing last night I received a phone call from PayPal and once they verified me over the phone and just wanted to confirm my spending for the last few days since I rarely use the PayPal Credit Card attached to my account. I made a few small transactions and a few large transaction on different days that may have flagged a possible fraudulent usage trigger but it was great I have someone looking over my account and my money.

Thank You PayPal for that personal touch.

Network Solutions breach exposes nearly 600,000

2009-07-30T22:13:00.000-06:00

Network Solutions is investigating a breach on its servers that may have led to the theft of credit card data of 573,928 people who made purchases on Web sites hosted by the company.

Networks Solutions notified 4,343 of its nearly 10,000 e-commerce merchant customers on Friday about the breach. It affects 573,928 cardholders whose name, address, and credit card number were exposed between March 12 and June 8, said Susan Wade, a spokeswoman for Network Solutions.

Read More at CNET NEWS http://news.cnet.com/8301-27080_3-10296817-245.html

Top 10 ways to Steel Money with Technology

2008-12-15T14:12:00.004-06:00

Wow, I was reading today on BankInfo Security a really scary article titled "10 Faces of Fraud: The Greatest Risks to Banks in 2009"

and it really got my attention, one of the most interesting parts of this article was on page 3 when they talked about two types of computer attacks

Zero Day Attacks

Another area that financial institutions will need to keep an eagle eye on is the shift in the way financial fraud is happening. CRI's Kocher sees the attacks will change from criminals trying one thing and increasing their attacks against a particular vulnerability or fraud strategy, to where it becomes similar to hackers attacking computer vulnerabilities, where the smartest adversaries will identify a problem, but try to keep what they learn really secret and then attack the target in a very sudden and catastrophic way. Read More

Low 'N Slow Attacks

Imagine having the best firewalls, intrusion detection systems and an unbeatable monitoring system installed, says eIQnetwork's Rothman. But your computer systems are still compromised. What happened? Rothman says it may have been a "low and slow attack" that happens not over a period of a few minutes or hours, but over a period of days, weeks, or even months. Read More

MonsterCommerce Major Update

2008-11-25T20:53:00.003-06:00

For all the members that use Monster Commerce currently known as Network Solutions E-Commerce made some major updates to its PCI Compliant Shopping Cart this year.

I am very excited to learn more about these new updates however I started out a bit on the flip side.

First off if you are an online store owner and have a MonsterCommerce Store you must make sure to check to make sure your payment gateway is "turned on" if you have noticed your orders have stopped.

Some merchants have noticed that their store may have a different look and feel with the admin, it is much easier to maintain our stores than ever before.

You will need to go into your admin panel and click on the tab above called Operations then down to Payments scroll down to your payment method in my case it was Autorize.net you will click edit button from the actions tab and make sure you have the check mark to enable the Activate this payment method by default after the migration from the older version to the new update they do not enable this feature.

I must have missed these emails, however as it comes closer to the holiday shopping season we need to make sure our online stores are ready for the traffic and can accept those orders flawlessly.

I hope this helps.

Identity Theft and Breaking the Wrong Record

2008-09-11T09:16:00.002-06:00

The record number of 449 data breaches that have happened (and been made public) and recorded by the Identity Theft Resource Center. Unfortunately for some unlucky players (and their customers) in the financial services industry, they're on this year's list.
ep, some big players and some not so big are on this list - Countrywide, Bank of New York Mellon, Wells Fargo, to name a few of those among some of the big players that had customer records go missing or stolen.

Read More : Identity Theft and Breaking the Wrong Record

Online Scammers Prep for Gustav

2008-09-04T09:36:00.002-06:00

Nearly 100 domains registered, perhaps for repeat of Katrina phishing attacks.

August 31, 2008 (Computerworld) Nearly 100 domains related to Hurricane Gustav have been registered in the past 48 hours, security experts said Sunday, some of which may be used by bogus charity and relief scams after the storm strikes the U.S. Gulf Coast.

According to television station KTAL in Shreveport, La., the office of Louisiana's Attorney General Buddy Caldwell has warned residents of Gustav phishing attacks already in progress.

Read the Full Story Gustav Phishing Attacks

Retailer's Database Breached, Customers Not Notified

2008-07-10T09:55:00.001-06:00

The parent company of the Montgomery Ward website had at least 51,000 records stolen out of a database last December, but failed to notify its customers.

The breach, first detected by Citigroup, a financial services company, showed hackers found a way into HomeVisions.com, a separate website of Direct Marketing Services, Inc., and then stole records from a database holding account information for all the company's retail holdings. Direct Marketing Services, Inc., which has owned the Montgomery Ward brand since 2004, says it promptly told its payment processor and Visa and MasterCard, and it also notified...

Read More

Internet Security Even More Important with PCI

2007-09-20T23:04:00.000-06:00

Online Thieves Getting More Professional this is a great WebPro News Update on the recent studies on online theft.

PCI Compliant Hosting Provider Kansas City

2007-07-26T00:37:00.001-06:00

As things grow to gain in the security arena I have finally found the coolest hosting company in Kansas City, MO ...... Cyteworks Hosting Offering the one stop shop for your Shopping Cart hosting from their High End Top of the line Dell Servers sitting on the backbone of the internet with a ton of bandwidth to spare... Redundant backups with 2 Datacenter Locations and Full Time IT Staff willing to help solve your business problem.

I have been working on hosting for my OsCommerce Storefront and for months I have gone from shopping cart to shopping cart and always have landed back at OsCommerce I have finally tonight been able to setup my store on a non Unix Box running on a Windows Platform using the Plesk - Control Panel Software for Hosting Websites.

I have also run a PCI Scan from ScanAlert and have passed with flying colors.... Thx Cyteworks Hosting, Robb you Rock Man... Thx for all your help

Cyteworks Hosting
PO Box 554
Lees Summit
64063
Phone: +816 (272) 5246 EXT. 101

The Basics of eCommerce Processing

2007-03-01T12:04:00.000-06:00

Listen to the Podcast from Rick Noble of BCC Enterprises and eMarketing Talk Show with
"Everything a Merchant Needs at a Webmaster's Fingertips" within the show eMarketing Talk Show and Rick Noble talk about the basics of creating and managing merchant accounts including how a merchant can protect themselves as well protect the card holders. Rick also talks about the different types of security a ecommerce website owner needs when accepting online payments and much more. Enjoy the Podcast!

Recorded Live February 16, 2007

Accept Credit Cards

2007-03-01T08:29:00.000-06:00

Since I have been involved in the credit card business, I have heard many people and many questions when it comes to accepting credit cards and setting up a merchant accounts for small and large business.

When searching online for accepting credit cards online you should not just research the prices yet the cost is one component but the most important is the reliability of the merchant provider you are going to use, since this is your money and your business at risk.

What is a Merchant Account?

A merchant account is an account that is setup to allow businesses to accept monies from credit card holders using an ecommerce store or retail pos terminal, the merchant provider provides the gateway between the Visa, MasterCard, Discover and American Express and allows the money to be transferred into the merchant’s bank account. In order to get setup to accept credit cards you must supply the merchant provider with a few important documents that the bank requires during the underwriting process.

Everyone asks me what is the normal cost for a merchant account, and like every other provider they can offer a base rate however based upon your credit score and your industry type will allow us to better understand your business and estimate a rate to best fit your needs. The most important thing I feel about having a merchant account provider is can I count on them when I need them.

Being a webmaster I work on many ecommerce stores and get a chance to run into many different issues with connectivity and not every time can I find documentation on the internet to help me fix a problem so I sometimes have to call the merchant provider.

Recently I have posted a document on Authorize.net Response Codes and found a really cool tool that helps kick out Response codes and tells me what they mean so I can put them in my shopping cart so when the customer shopping on my store gets an AVS mismatch or Decline or any other error when trying to process their credit card they will be prompted with the proper message so they can respond correctly.

How Can I Setup a Merchant Account?

1. Please Complete this Small Questionaire and a Merchant Account Specialist Will Be In Contact to Discuss you Business Needs...
Accept Credit Cards Today

2. Please Fax the Following information to 816-777-0686
- Download and Fax the PDF application
BankCard Central Merchant Application
- Completed Application
- Business License
- Driver's License
- Voided Check
- Applicable logins if required for your web site

Most people looking for a merchant account just go out onto the internet and find the lowest credit card processing rates and signup not understanding all that goes into the process. I have had many clients I have worked with and currently process credit cards in their retail stores as well online with their ecommerce stores.

Accepting Credit Cards also has it's risks for the fact when it comes to chargeback’s you need to make sure that your merchant provider can help you when these issues arise because you do not want your business to be listed on the "TMF List" Terminated Merchant File is essentially a BLACKLIST from which it is almost impossible to be removed.

Accept Credit Cards Online
Get a FREE Rate REVIEW

I would recommend speaking to a credit card processing rate review analyst at BankCard Central to analyze your current rates to see if there is anything they can to help reduce your monthly fees since they guarantee that they will meet or beat your current processing rates based on your current statements. What a great program I have sent a few of my people over to Kathy Hase at BankCard Central and she was able to save my merchants a ton of money per year. 800-331-8882

Creating Static Pages in MonsterCommerce

2007-02-15T10:30:00.000-06:00

What a great topic that was started in the MonsterCommerce Small Business Community Forum. The forum topic was created by sem0816 and has many of the key MonsterCommerce Store owners involved.

The Subject is based on making sections within your MonsterCommerce Online Store get ranked and found better from the search engines.

Just to start out the MonsterCommerce / Network Solutions Team has been working with the cart for many years to improve the visibility of their shopping cart making it easier for the search engines to crawl the content and index the product within the store more effectively.

Monster Commerce has also done a great job with providing a great Knowledge base on the the site as well a great forum community, that all store owners get to post questions and get answers from other members within the community. This providing permanent content for others to pull from, it is a value added service for all small business owners.

Check out the Latest Topic Spin:
Creating Static Pages in MonsterCommerce

----------------- MY POST ------------------------------------

Alright ... Yah it takes time, but to build a business it takes time. (I will try to explain this the best I can)
"Our Cat 5E cables are the best . . . no one sales a better cable than we do" come on how unique is a Cat 5E cable? then, how much different of copy would we have to create to differentiate between a 3' version and a 10' of that cable (not to mention the 7,14,25,50 and 100' versions of that cable)
Some Products you will not want to promote but if you had related articles pointing to your Network Cables Root Directory and you had your categories established with good well optimized landing pages for your internal pages then you will show up for combo keywords and rank well for terms like "Network Cables" and you also had relevant information that linked to topics of the use of the types of networking cables and tips and tricks to installing cat 5 cable.
Don't you think the search engine would then determine you are a value and are relevant to the search term for your visitors and rank you well for other terms such as "Network Cable Installation Tips" or "Types of Network Cables"

Once your visitors find the information they need to get the project done,
they can order exactly what they need. As for using the same copy from other
vendors sometimes we do not have control of that however you do have control of
your entire site and if you change your site to be different the every Joe blow
you will begin to gain authority on your site and will be given a form of Trust
Rank from the Search Engines......

Hope this clarifies things, in order to be a successful in online business
you need to think outside the box.
What would my Client want other than just spend money right away?
Can I help them?
Then the transaction happens and because the visitor and customer is now
educated on the product you will also get less chargeback’s and returns.

Read the Forum Post..... All the Store Owners have great things to say to help you increase your busines online without hurting yourself on the search engines.
http://forums.monstersmallbusiness.com/index.php?showtopic=17155

Payment Industry News Update - AMEX ExpressPay Now Accepted at Tully's

2007-02-09T08:38:00.000-06:00

American Express Announces Tully's to Accept ExpressPay for Contactless Payments

A recent article from Payment News GlenBrook Partners announced in their recent email blast that Tully's and AMEX and signed agreements to now offer a new service provided by AMEX for contactless technology credit card transactions.

Currently being used in many locations such as ski resorts for its convenient, quick and secure way to pay for food and other items on the slopes . The list of merchant that accept ExpressPay are listed on the American Express website. Featured Merchants such as 7 Eleven, AMC Theaters, Arby's, CVS Pharmacy, Jack in the Box and McDonalds along with many other vendors.

Benefits of Expresspay:

No need to swipe your credit card making it faster at the checkout lines
No Signature is required for most purchases (For Most Purchases under $25)
It makes making purchases more convenient with not needing to carry cash
Peace of mind for your security all American Express transaction you are not liable for fraudulent charges.

Check out what people are saying about ExpressPay from American Express Today....

BCC Enterprises All-in-One Solution for Business

2007-02-07T10:38:00.000-06:00

BCC Enterprises has developed a structured set of companies to help you build your business in every way, from Bankcard Central providing every possibility to accept credit cards online or offline in your ecommerce store to your retail location.

Then by offering the availability for a business cash advance on your future credit card processing transactions for up front monies available within 1-2 business days. We are providing you the help your business needs to purchase additional assets and get business done. This cash advance solutions are being offered within BCC Enterprises from Business Capital Corporation how could you go wrong...

If that was not enough we also provide a opportunity to increase your business marketing with their Silver Stream Marketing firm helping you pave your way to success with search engine marketing and other marketing opportunities in efforts to help you make those dreams come to reality.

They pull all this technology together with VirtualTrak a leader in new innovated business technologies improving your business together.

Let them help pave your way to success!

Another Small Detail with Authorize.Net if you need help

2007-01-03T20:43:00.000-06:00

I have found some great Authorize.Net Resources tonight..

For many small business owners most have to learn everything on their own and other have staff to handle these types of projects. However when Authorize.net tech support closes at 7pm PST I got the extra help of the internet and a few ideas.

After seeing another error message from MonsterCommerce / Network Solutions Pro E-commerce Shopping Cart...

This was a great help for learning response codes the "Response Reason Code Tool" this allows you to type in your authorize.net response code and it can tell you what to type in.... So when you see those Not Finalized orders within your MonsterCommerce admin panel. Then you can make the text message say what it means instead of a message click here to go back there was a problem with your transction. "AND nothing else leaving the customer hanging.

I saw an order today that had a code:

Response Code 1=2
Response Code 2= 27

The error returned from the processor was The transaction resulted in an AVS mismatch. The address provided does not match billing address of cardholder.

AVS Response = No Match on Address (Street) or Zip.

Read More about Authorize.net and Response Codes with MonsterCommerce

Happy New Years 2007 - What to think about for Credit Card Processing

2007-01-03T10:08:00.000-06:00

As the holidays wind down, and we look into getting another merchant account provider we need to consider some important things such as PCI Compliance one of many new things the credit card associations are enforcing. As always we hear about security of card holder information and technology is always improving to insure the merchant is safe as well the card holder. During Christmas and other large holidays where business is good online, make sure you are up to date with all your security online and offline to insure you don't insure fines when data is stolen. Think Ahead it's worth the time.Make sure you are following all the PCI Security Guidelines, people are always concerned about the cost of a merchant account and many are going for the lowest price they can find, however things I have found with my own stores being an owner of many online businesses you really need to have the right team of people helping with your store including the merchant provider. Especially during the time of Chargeback’s and Fraudulent credit card transactions. How does one protect from that?Make sure when you are looking for that provider you don't just look at rates, but ask the question of how can this provider help with my current team from your web developers, SEO Specialists as well my accounting department. Some merchants need more customization that others, will your provider help you solve your payment processing needs? Who do you contact if your service goes don't for any reason or you have questions and just need a simple question answered. Who can you rely on and how import would that be vs. a few percentage points.

Another element is how can I drive more people to my online store and get them to convert into customers. I believe that 2007 will be an even larger year for search engine marketing, and being able study your traffic to generate a better conversion in any business.

Authorize.net and MonsterCommerce Payment Setup

2006-12-29T10:37:00.000-06:00

There are some very important steps a merchant needs to understand before they can actually process credit card transactions through a Monstercommerce / Network Solutions Pro E-Commerce Store Account.

I recently posted this question on the MonsterCommerce Small Business forum asking about these response codes.

Response Code 1 = 3
Response Code 2 = 123

http://forums.monstersmallbusiness.com/index.php?showtopic=16885

When Setting up with Authorize.net you must log into your account and create a Transaction API ID Key"

Once you log into your account you will then go to the bottom left of the control panel under Account.

Go to your Settings link and then go to API Login ID and Transaction Key once in there you can create a new API Login ID by typing in your Secret Question. Once this is done you will go back into your MonsterCommerce Admin Panel and add the new information the username is your id and your password is the transaction key.

Once this is done save the settings and your are off and running.

ScanAlert PCI Compliant Scans for Merchants

2006-12-26T16:45:00.000-06:00

What is ScanAlert and why would you need this if you have an online ecommerce store? The purpose is to be compliant with the PCI Security Standard, ScanAlert offers many types of services including compliant scans required by Visa, MasterCard, American Express and DiscoverCard. These Requirements include quarterly scans done by a third party company that scan your ecommerce shopping cart for any vulnerability this way you know about them before a hacker does and it becomes to late. Read More about the PCI Security Standards

ScanAlert also offers the HackerSafe Seal that insures that it test your website daily this helping your visitors feel better about shopping on your site and also insuring security. During the process of setting up your PCI Compliant Scans you will be required to fill out a questionnaire asking security questions some you may not know how to answer but you can call your hosting company or ScanAlert directly for help.

Fraud Protection for Merchants and Credit Card Holders

2006-12-26T15:29:00.000-06:00

Well there are a few great things in this world and one of them is not chargeback’s... LOL

Merchants can protect there accounts with a provider offering "ChargeBack Insurance" and you ask what is charge back insurance well it can protect against most types of cardholder fraud from a Card Not Present Transactions known as ecommerce orders.

Sometimes people try to use counterfeit credit cards or credit card generator tools or credit credit card number generation software that makes keeping an online store safe.

There are many ways a merchant can protect against this from happening such as using a merchant processor that has all the proper security in place. Some merchants will reimburse the merchant for the losses.

Credit Card Processing Solutions for all Merchants Types

2006-12-26T12:32:00.000-06:00

In today's Market it can be very difficult to decide what merchant provider you are going to choose since there are so many in Google, Yahoo and MSN to choose from just do a search for some popular keywords such as:

High Speed Payment Processing
Merchant Services
Cash Advance
Business Funding
E-Commerce
Online Shopping Cart
Payment Authentication
Website Security
Gift Cards
Loyalty Cards
Pinless Debit
International Payment Processing
Multi currency conversion
Petroleum Payment Processing
Pay at the Pump Processing
Reseller Programs
Search Engine Optimization
Loyalty Marketing
Online Ordering
Sales Agent Programs
Alternative Payment Solutions
Mobile Payment Processing
Alternative Payment Solutions

Some would look for all these types of services in many different providers currently I know of one provider that helps build your business not only with setting up a merchant account but allows you to select from many other services offered within one company these services are provided by BankCard Central.