CONTINUE TO SITE »
or wait 15 seconds

Article

Payment processing trends: What every operator should know

As credit and debit card use grows, restaurant operators must stay vigilant in the protection of consumer data.

May 31, 2010

While there are many trends in the credit and debit card industry, security is the trend that most restaurants should put at the top of their list. Security goes beyond locking the front door at closing time. Restaurant operators also must secure the sensitive information their customers provide when paying for their services.
 
Identity theft and credit card fraud are chief concerns for consumers and the credit card industry, and should have great significance to the restaurant operator. Card and identity thieves are becoming increasingly more capable.
 
In 2009, there was a considerable increase in businesses affected by security breaches in the hospitality and restaurant industry. In response to the growing threat, major credit card brands like Visa and MasterCard have continued to increase the scope and rigor of consumer protection standards.
 
The PCI DSS (Payment Card Industry Data Security Standard) has been implemented in phases, with various deadlines, to control the way card data is transmitted and stored. Credit card processors have a looming deadline of July 1, 2010, to ensure their customers operate in a PCI compliant manner.
 
The PCI DSS standard covers many aspects of storing and handling credit card data. The PCI PED (PIN Entry Devices) component is focused on the hardware used at the point of sale (POS) for capturing the 4-digit PIN number on a consumer's debit card. Restaurant owners must ensure that debit card accepting devices are PCI PED compliant, or they risk fines and fees from their processors and the card brands.
 
While the July 1 deadline is directed at the member organizations (banks), processors enabling the acceptance of these transactions are expected to ensure their customers comply with these standards. Many processors are mandating that their customers undergo a PCI audit to ensure compliance and are assessing fees for those customers that do not comply.
 
The goal of these fees is to encourage customer compliance, which will help reduce the risk to both the merchant and the processor. A PCI audit varies in cost, based on the price negotiated by the customer or processor, but is intended to identify security concerns, including devices, software, and processes, that may expose the merchant to the risk of data theft.
 
Software Serves Up Innovation and Risk
 
Another payment processing trend in the restaurant industry is continued software innovation. For example, numerous vendors are introducing digital technology to offer dynamic menus, as well as provide assistance with labor scheduling and advanced reporting.
 
It is important to note that software also falls within the purview of PCI guidelines. The PA-DSS (Payment Application Data Security Standard) requires that all software handling or transmitting cardholder data be certified. Restaurant operators must ensure that any software used, including POS devices that run on PCs, is PA-DSS certified by July 1.
 
Skimming is a Security Spoiler
 
While hardware and software are an obvious focus for the PCI Security Standards Council, processes within an organization are also a focus, since they greatly contribute to the security of information within a restaurant. A process-related issue with card acceptance is the act of "skimming."
story continues below... 
 
 
Pizza Executive Summit 2010 

Pizza Executive Summit '10 – FREE Early Registration!
Join top executives from the pizza industry for two and a half days of networking, workgroup sessions and an exchange of ideas and innovations on the industry's top strategic issues.

 
Skimming is the stealing of sensitive information by employees who handle customer credit cards. The method used to steal this information can range from using a device to capture the information stored on the magnetic stripe of the card, to simply writing down the card number and the cardholder name. The former can be sold to high tech criminals who can create fraudulent credit cards; the latter can be used to facilitate identify theft or to make purchases online.
 
Restaurant operators can help guard against skimming by implementing procedural changes geared at making it more difficult for an employee to record credit card data. A PCI audit can help educate restaurant owners and managers in applying these procedures.
 
Delivering a Better Customer Experience
 
A growing trend contributing to the protection of cardholder data, as well as the delivery of better customer experiences and a higher overall return to the restaurant, is the use of ‘pay-at-the-table' technology. Pay-at-the-table involves the use of a wireless device to allow customers to finalize payment at the table, rather than giving their credit cards to servers for processing.
 
As consumers gain identity theft knowledge, this method of payment will become more desirable. Pay-at-the-table is a common protection recommended by consumer advocates and the credit card brands, because it means that a credit card never leaves a customer's sight during the transaction.
 
In addition to the security it provides, pay-at-the-table has the added benefit of increasing tips, since most devices allow for prompts with preset tip amounts. The technology can also improve table turn by allowing the customer to record, sign for, and obtain a receipt for their purchase in one step.
 
As credit and debit card use grows, restaurant owners must stay aware of payment processing trends and, more importantly, stay vigilant in the protection of consumer data. Proactively obtaining the necessary hardware and software for PCI is highly recommended, and employing trends like pay at the table offer an opportunity to increase security and drive revenue.
 
 
* Robert "Rob" Bertke is senior vice president for product development at McLean, Va.-based Sage Payment Solutions, Sage North America's payments division. He has worked in the commercial payments and business-to-business electronic commerce industry for more than 13 years.

 

Related Media

Recent Posts
High tech meets high touch at Woworks, powered by Qu
Lean, smart, scalable: Fast Casual Executive Summit panel explores the future of self-service
PAR rolls out AI-powered assistant to streamline restaurant operations
Einstein Bros launching new store design
Playa Bowls restructuring leadership team after acquisition


©2025 Networld Media Group, LLC. All rights reserved.
b'S2-NEW'