Here’s How Old POS Systems Get Retailers Screwed

Here’s How Old POS Systems Get Retailers Screwed

News, Restaurant, Retail

Here’s How Old POS Systems Get Retailers Screwed

Understanding the potential implications of the Sonic breach to your business.

Hold the onions … and my personal banking info!

Double burgerTwo years ago, Sonic Drive-In experienced a massive Point of Sale system breach. In September 2017, financial institutions noticed fraudulent charges on numerous cards that had previously been used at the fast food chain. Days later, Krebs on Security reported that a batch of five million credit and debit cards had suddenly shown up for sale online. Krebs’ banking insiders bought some of the cards to investigate, confirming that they had indeed been recently used at Sonic.

Fast forward a year and a half to last May for the real day of reckoning. American Airlines Federal Credit Union—the financial institution that incurred most of the cost stemming from this breach—sued Sonic last spring to recoup millions in expenses.

“The credit union said that because of the breach, it had to cancel or reissue cards, close accounts, block transactions, refund affected customers and increase fraud monitoring efforts,” reported The Oklahoman. (Sonic is headquartered in Oklahoma City.)

Lawyers representing AAFCU claimed that “nearly a quarter of Sonic’s restaurants used POS systems that were nearly thirty years old.” More to the point, that ageing software wasn’t receiving security updates, making it vulnerable to malware that was used to hack it and collect credit card information.

The basic mechanics of a POS security breach

Krebs explained, in the article cited above, how hackers use credit card info.

“Malicious hackers typically steal credit card data from organizations that accept cards by hacking into point-of-sale systems remotely and seeding those systems with malicious software that can copy account data stored on a card’s magnetic stripe. Thieves can use that data to clone the cards and then use the counterfeits to buy high-priced merchandise from electronics stores and big box retailers.”

And you thought your mother-in-law was annoying.

Who gets stuck with the tab when a security breach occurs?

Person counting moneyBreaches such as the Sonic incident and the prior Wendy’s breach are especially costly when the breached locations are independently-owned franchises rather than corporate-owned chains. In such cases, banks and credit unions that issue cards bear the up-front burden because cards tend to be breached, re-issued and breached again. The Wendy’s breach went on for nine months and was far costlier than the notorious Target and Home Depot breaches.

On Oct 1, 2015, much of the liability for credit card counterfeit schemes shifted from financial institutions to merchants. Those who had failed to adopt chip technology for processing credit cards were officially on the hook for damages stemming from in-store security breaches. In the last 3 ½ years the shift has been impossible not to notice in day-to-day consumer transactions.

Visa’s concise explanation of the EMV liability shift

The change of law has also pertained to several 7- and 8-digit legal settlements. For instance:

  • Home Depot settled a similar suit brought against it by financial institutions, in the amount of $25 million in March of 2017.
  • Wendy’s lost even bigger, settling for $50 million for its 2018 security breach.
  • In addition to the AAFCU suit, Sonic settled a $4.3 million class action lawsuit on behalf of numerous customers. The settlement entitled individual customers to payments ranging from $10 to $40. It concerned all 325 locations that were hacked, listed here.

Writing 172,000 checks (that’s $4.3 million divided by the average of $10 and $40) sounds like an unpleasant way to spend the weekend.

The good news is that, even in the event of a security breach, you won’t be held liable if you’re compliant with PCI (Payment Card Industry) Data Security Standards.

Stay Safe!

Not only do modern POS and CRM solutions keep you and your customers secure—they actually take a lot off your plate, including manual data entry, running promotions and other tasks.

What’s the solution?

Even if your POS system doesn’t predate household internet, you don’t want to leave security up to “common sense.” Whoever you’ve partnered with for your CRM and point of sale needs should be experienced, responsive, and able to discuss issues like PCI compliance in plain English. You don’t just want a vendor—you want a partner who can act as needed as an advisor.

Whoever you’ve partnered with for your CRM and point of sale needs should be experienced, responsive, and able to discuss issues like PCI compliance in plain English.

If you have less than complete confidence in your software, or you’re using antiquated hardware, hopefully this will encourage you to deal with it proactively. Making big changes may sound like a pain, but it’s also an opportunity: Modern POS and CRM solutions actually take a lot off your plate, including manual data entry, to running promotions and other marketing and administrative stuff.

Today, our POS solutions feature dozens of industry-specific customizations, allowing you to operate more effectively online and in-store. We’ll help you manage and track inventory, promote special events, maintain healthy margins, and so much more.

Are you and your customers at risk? Don’t wait to find out. We’ll work with you to determine what’s lacking in your current system, and how to improve upon it.

Vantiv and Worldpay Merger

Vantiv and Worldpay Merger

RCS Payments

By Stuart Kehler & Leland Bolleter

In August of 2017 the US company Vantiv agreed to acquire Worldpay for $10.4 billion. The combined company will be valued at $30 billion. The new company will keep the Worldpay name with global and corporate headquarters in Cincinnati, Ohio. Worldpay’s London offices will become their international headquarters. The acquisition was completed on January 16th, 2018.

Person using a calculator with a pad and penPayments processors value add, is that they bring to the market correct information on approvals in a matter of seconds. Worldpay is considered a financial-technical (fin-tech) company. If one word can describe how many fintech innovations have affected traditional markets, it’s ‘disruption,’ as financial products move toward mobile devices or simply away from large, entrenched institutions. Worldpay routes transactions from retailers to banks to allow sales via credit and debit cards.

Worldpay will extend services to 146 countries and will be the world’s-largest-payment processor that handles over $1.5 trillion in transactions per year. Worldpay’s future goals include, understanding consumer behavior to drive competitive advantage for customers/retailers and help obtain maximum transaction acceptance rates. Lastly, Worldpay is working to optimize transaction costs through efficient routing to be able to offer the best rates to customers.

Google Runs the World, Not Your Business

Google Runs the World, Not Your Business

E-commerce, Just for Fun, Retail, Technical Tip, Web Tips

By Ryan Parks

Everyone on Facebook does a good job of updating me about enjoying a vanilla latte at their favorite coffee shop (at least my friends do). However, people don’t always remember to update their business profile on Google, Yelp, Facebook, and other platforms if there is a special event or something out of the ordinary happening.

Google search screen on a computer on a tableOn a recent trip to Seattle I was reminded how important it is to keep your business profile up to date. While visiting we went to one of the main attractions in the city. Now, we only had a few days and this particular attraction was only open the first day we were there due to construction, so we knew it was going to be a time crunch. According to their website they would be open till 8pm and the last tour left at 7pm. We arrived at 6:45 with what we thought was plenty of time, only to have the security guard tell us that they close at 7pm. But… we contested, the website says 8pm, he then proceeded to tell us, “well, that’s google’s listing, we don’t control that.” As someone who traveled from out of town and wasn’t sure when he’d be back, this was disappointing to say the least.

Google Business

Yes, you do control your business listing on Google, or at least you should… If you haven’t already, go add or claim your business listing on Google. Seriously, go do it now, stop reading this. Okay, you are now in control. You can now edit your post, add pictures, change the hours, add special hours for holidays, events, or construction. The Google business listing is often one of the first things people see when they google your business, if you don’t see one for your business you should create one. Keeping this listing up to date will greatly benefit your business, but it isn’t the only listing to keep in mind.

Facebook

Phone with Facebook next to computerIf your business isn’t using social media, you are missing out. Even if you feel like your company doesn’t have anything exciting to share on social media, it is an area you need to have a presence. With over 70% percent of Americans on Facebook, your business page has the potential to reach millions. Facebook now has a feature that allows people to ask for recommendations. For example, if I was traveling to Austin, Texas, I can now ask my friends who live there or who have traveled there if they have recommendations for a restaurant or a record store. Facebook will then add details about your friends recommendations. A Facebook business page is a great way to get more online traffic, but don’t forget to keep that information up to date as well. Learn more about creating a Facebook business page.

Website

Lastly, but certainly not least, your website. You want to make sure your website’s information is always accurate. Companies list their address and store hours in all sorts of places, the about section, the contact page, an information page. It’s okay to have this information in more than one area and certainly don’t remove it if you’ve always had the information in a certain location. However, the easiest and most convenient section is at the bottom of your site in the footer. The footer is on every page and is an obvious place for your location, phone number and/or store hours. Even if you only do online orders it is a good idea to have a physical location listed on your website. Sometimes people want to know how far away an item may ship from, if you’re local or what timezone you are in if they want to call. Also, it helps let people know that you have a physical location and aren’t just a vague concept floating around the internet.

These three areas are not the only places where your information can be listed, but they’re a good place to start. Keep in mind that people traveling from out of state or even out of the country may be relying on this information and you don’t want to damper their experience or cause them to write a bad review. Remember, Google knows a scary amount of information about your business, but you still control most of that information, for now…

Retail Control Systems & Biltmore Estate: Living Comfortably in America’s Largest Home

Retail Control Systems & Biltmore Estate: Living Comfortably in America’s Largest Home

Museums Attractions

(ENFIELD, NH | FORT COLLINS, CO) – Retail Control Systems (RCS) is pleased to announce our customer spotlight for the month of June, Biltmore Company.

Biltmore is the largest, privately owned, home in America. The Estate was built in 1895 in Asheville, North Carolina and sits on an almost 8,000-acre self-sufficient estate, with roughly 1.5 million visitors annually. There are 2 hotels and 6 different restaurants on the property. Biltmore hosts concerts, weddings, clay shooting, river rafting, fly fishing, and many other activities.

RCS has had the pleasure of working with Biltmore for ten years, they joined the RCS family in 2007. Boyd Winchester, Computer Systems Analyst, at Biltmore Estate states, “RCS has helped me with a wide range of problems, they support us with everything from creating custom reports to troubleshooting issues within Counterpoint. I appreciate the fact that no matter the problem, RCS is ready with an answer or they find a solution quickly. And, if the answer isn’t exactly what I’m looking for, they are always able to provide alternatives.”

Working with Boyd at Biltmore is gratifying for RCS.​ As a power-user, Boyd loves to push Counterpoint to new limits and we enjoy the challenges he brings to the table.  From discussions on the best way to slice-and-dice data for reporting, to consulting on the API design for his wine club integration, every day is an adventure and we truly enjoy being Biltmore’s trusted Counterpoint advisor.

With 13 distinct retail stores on the estate, Biltmore certainly keeps RCS on its toes. These retail shops sell a wide range of products including plants, apparel, jewelry, books, home furnishings, wine, and many other products. The Estate also boasts the most visited winery in America, with a wine club that currently ships wine to 37 states within the continental US.

NCR Counterpoint helps Biltmore keep their retail inventory on track. By utilizing Counterpoint’s inventory control tools, they have been able to reduce overall inventory holding costs and their risk of inventory shortages all while accounting for various sources of seasonality. This ensures that their customers are always able to find the perfect purchase to commemorate their visit to America’s largest home. After recently upgrading their Counterpoint Software to the newest version 8.5, they are able to utilize the new user interface. Read more about NCR’s newest Counterpoint Release. Biltmore also uses NCR’s CPMobile devices mostly for their specialty sale events.  Recently, they had a local event off-site event where Biltmore wanted to sell their wine. The store utilized their CPmobile devices at the event to sell the wine.

“RCS doesn’t just provide hardware and software, they also create numerous enhancements and provide the training needed to run a point of sale system.”
– Boyd Winchester, Biltmore Company

 

About Retail Control Systems

Founded in 1987, Retail Control Systems specializes in retail and restaurant management software and hardware solutions. RCS has built a reputation for finding specialized business management solutions that help businesses gain complete control over their operations and finances. From inventory control to daily sales management, RCS has the experience and expertise across the full-range of retail and restaurant industries to meet the unique needs of any business. RCS has been providing superior customer service, exceptional quality, and innovation to the retail and restaurant community for nearly 30 years.

To learn more about RCS, visit retailcontrolsystems.com or call 1-800-417-3030.

For more information about Biltmore Company, their products, and services, visit biltmore.com.

2017 Sales Tax Changes

Technical Tip

2017 sales tax changes took effect Jan. 1

Sales tax doesn’t often make headlines, but with changes in multiple states, sales tax is making waves and reshaping the way companies in the direct selling industry manage their business. That trend is likely to continue into 2017. The New Year brings new taxes, new exemptions, and renewed efforts by states to implement internet sales taxes. It will also bring plenty of the usual suspects, like sales and use tax rate changes.

State sales tax

  • The state sales and use tax rate in California will drop from 7.5% to 7.25% under Proposition 30, which temporarily increased the rate by 0.25% through December 1, 2016. The state rate decrease also affects certain partial state tax exemptions.
  • To offset a recent gas tax hike, the state sales and use tax rate in New Jersey will decrease from 7% to 6.875% on January 1, 2017. It will drop further in 2018.
  • North Carolina use tax will apply to businesses storing tangible personal property or digital property in the state for any period of time. This expansion of use tax is due to the enactment of Senate Bill 729.
  • However, Missouri sales and use tax will not be expanded to any currently exempt services in 2017. On November 8, voters approved prohibiting the expansion of sales tax to any services not taxed as of January 1, 2015. It will be interesting to see if Missouri legislators attempt to capture additional sales tax revenue another way.

Local sales tax

The following states have announced local sales and use tax rate changes, that went into effect January 1:

  • Arkansas
  • Florida
  • Illinois
  • Kansas
  • Minnesota
  • Nebraska (also boundary changes, which can impact rates)
  • Oklahoma
  • Utah
  • Washington
  • Wisconsin

Learn more about these changes and how they affect your business.

EMV Myths Debunked

EMV Myths Debunked

E-commerce, Specialty Retail, Technical Tip

Heard about EMV (Europay, Mastercard, Visa), but you’re not sure what’s real and what’s not? Be aware of these common myths surrounding Europay, Mastercard, Visa and stay in control of when and how you want to implement EMV in your store.

While a shift to EMV – ready POS terminals has been well under way for years, there are still a lot of myths remaining about this secure payment technology. So to help you separate fact from fiction, we have gathered the 10 most common misconceptions told about Europay, Mastercard, Visa and debunked them all just for you. Get the facts, now!

On October 1, 2015, a liability shift occurred relating to who is responsible for paying for charge-backs for counterfeit cards that are used at a retail store. Between the bank that issued the credit card, the retail store and the payment processor, whoever is least prepared to accept EMV-enabled payment cards is now responsible for paying for the charge-backs.