Restaurant and Retail POS PCI & Credit Card Security: Background

Background on PCI & Credit Card Security

For many years, both restaurant owners and their diners have been enjoying the convenience of accepting and using credit and debit cards. However, given the skyrocketing cost and frequency of fraud on credit cards, well known card brands (Visa, MasterCard, American Express, Discover and JCB) have taken preventive measures to safeguard their stakeholders.

After IBM invented the mag stripe on credit cards in in 1968, it became the industry standard. Given that the track data on the mag stripe can easily be read and duplicated, the card brands, the Payment Card Industry Security Standards Council built a set of standards for securing cardholder data, and it begins with the directive: ‘Don’t store track data.’

PCI Standards

The PCI Security Standards Council had a three-pronged approach to protecting consumers, banks and merchants/restaurateurs:

• PCI DSS (Payment Card Industry Data Security Standard) ‐ covers all entities that store, process, or transmit cardholder data: Merchants, restaurateurs, service providers, processors, etc.

Deadline for Compliance: January 2007 (deadlines are long passed)

What it Means – Restaurant owners, regardless of their establishments’ size, must all complete and submit a PCI Self-Assessment Questionnaire to their Acquiring Bank yearly.

• Payment Application Data Security Standard or PA-DSS ‐ involves all applications used to store, process, or transmit cardholder data as part of authorization or settlement. (Point of Sale (POS) application developers)

Deadlines for Compliance:

Oct. 1, 2008 ‐ Only the software that is compliant with the new payment application security standards must be used by agents, merchants and payment processors.

Oct. 1, 2009 ‐ Terminate any noncompliant payment applications that merchants might still be using in their environments will be required.

July 1, 2010 ‐ Mandatory use of only the payment applications that support the new standards.

What this Means – After these deadlines, merchants/restaurateurs that are still running a non-PA DSS-validated application, they automatically fail the PCI assessment and may lose their ability to accept credit cards.

• Pin Entry Devices (PED) Standard – covers all PEDs and it aims to ensure that the cardholder’s PIN, and any sensitive information such as resident keys, are protected consistently at a PIN acceptance device.

Deadline for Compliance:

Jan. 1, 2004 ‐ Newly purchased Point of Sale (POS) PIN Entry Devices must have passed testing and approved by Visa from one of its recognized laboratories.

July 1, 2010 ‐ Mandates that all deployed Point of Sale (POS) PEDs must have passed testing by a PCI recognized laboratory and been approved by the PCI SSC.

Which Means ‐ Merchants/restaurateurs have two years to replace older, un-approved PEDs.

The Do’s With Payment Card Industry (PCI)

• Make routine vulnerability scanning of your systems.

• Do security awareness training for all of your staff.

• Do audits of system access.

• Monitoring of system activity logs.

• Access privileges should be removed for separated employees.

• Install software patches for your system.

• Be responsible when it comes to any threats, device an incident response plan.

PCI Don’ts

• Whole credit card numbers should not be stored or archived.

• Transmitting credit card data unencrypted should not be practiced.

• With Payment Card Industry, it’s not simply about proving you are compliant with the standards – it’s about protecting your business and your customers.

What Restaurateurs Get From PCI

Given consumers’ expectation of ever-present acceptance of using credit and debit cards, merchants’/restaurateurs’ validation that they are giving protection to their customers’ personal data is good for business:

Reputation / Image

In a competitive business – a restaurant owner does not want to be named in the media as the place were a card data was breached.

Protects Ability to Accept Credit / Debit Card Payments - neglecting the rules and/or a breach can endanger a restaurateur’s ability to accept credit/debit payments. There are several cases that 80% to 90% of transactions are through credit/debit payments. Losing the ability to accept credit cards means reduced traffic/customers.

The Effects of State Privacy Laws

A breach that discloses personal credit card information in one of the 40+ States with privacy laws may experience double impact on the side of the restaurateur. Being off-side with the Payment Card Industry can result in fines and lawsuit costs. Being off-side with State Privacy Laws is a crime punishable by confinement with possibly more serious consequences.

Compliance / Security Strategy

• Make sure you are using a PA‐DSS or PABP validated POS system

• Ensure you are using an approved PED

• Arrange for regular security awareness training for your staff, especially your supervisors

• Conducting a background check on all employees with administrative access to your system is a must

• Have a ‘Confidentiality Agreement’ contract with your staff

• When it comes to your PCI Self Assessment Questionnaire (SAQ), carefully and accurately complete the form and when you’re not sure with your answers, just ask

• If you notice gaps in the PCI compliance, develop a realistic plan to straighten it out

• Be matured in sustaining compliance

• Accessing controls

• Dual factor for system and device management

• Strong passwords and secure password storage

• Regularly monitor system activities for potential attacks as well as record evidences

• Control wireless access points

• Maintain secure configuration

• Section each network

• Maintain an Incident Response Plan and Test It

• Test and audit the cardholder environment like your business depended on it

It can be a daunting task the first time but when everything else is in place, ongoing PCI compliance is not an expensive undertaking. Besides, it’s good for you business to practice protecting the sensitive information that your customers trust upon you.

Questions?

For more information and advice on this topic you can quickly contact a Restaurant POS professional serving your area at www.POS-For-Restaurants.com

The author of this article writes for POS-For-Restaurants.com - a VP for Customer Relations with over 20 years experience in the restaurant point of sale industry.

Knowing Your Restaurant POS System

How Many Restaurant POS Terminal Will I Be Needing?

• Considering peak customer volume
  When handling peak customer volume, you need to have a plan to be able to efficiently serve them all.
• Number of staff taking the orders
  For serving tables, I suggest assigning 1 station for every 3-5 servers. You may want to have additional stations for handling high volume areas such as the bar and cashie stations. When switching to a POS system from a cash register many people unintentionally forget that their POS system is not only used to to cash out customers but can also be used for order entry as well.
• The layout of your restaurant
  A proper restaurant layout affects your employees service. So if you have a bar, assigning a separate station for your bar tender would be easier since he can serve customers from there quickly.
• Having proper location where your customers pay for their meals
  If you plan to have customers pay at the front you should have 1 or 2 dedicated cashier stations to fast track transactions. If the servers are going to carry their own banks, we suggest fewer servers per station.

What type of POS computer should I use for my restaurant?

• Desktop: the standard desktop type.
  • Least expensive computer option
  • Has onsite warranty for 3 years
  • Can easily be kept hidden under a counter, so it will not cause delay for any transactions
  • Has greater flexibility for addition of extra ports
  • Latest CPU speeds and memory
  • Screen and computer are separate; if ever technical difficulties accur, it’ll be isolated.
• Small form factor (SFF): also known as shuttle form factor, a smaller type of computer.
  • More stylish than the desktop
  • 3 Year Onsite Warranty Standard for this component
  • Saves more space
  • Fewer options for expandability
  • Latest CPU speeds and memory
  • Screen and computer are separate; in case of technical difficulties problems are isolated.
• All-in-one terminals: combining touchscreen and computer.
  • Most stylish option with fewer wires and least space required
  • Manufacturers warranty: 1-2 years (Not onsite)
  • Comes standard with sufficient ports for almost any operation
  • CPU speed is generally slower than the other two options but sufficient for the Point of Sale needs.
  • Combined screen and computer

How many cash drawers should I use?

• Unless you want your servers to carry their own cash banks, placing cash drawer at every station you want to use to end transactions is advisable.

Integrated credit cards?

• Your POS systems can be used to process and keep records of all credit card transactions and allows you to store them in one convenient location.
• Can reduce seconds of transaction time with a high speed internet.
• A standalone terminal can be used in place if you do not have high speed internet connection.

How many kitchen/bar printers?

• Having one kitchen printer would be sufficient for your restaurant, not unless you have different sections serving different dishes inside your kitchen then it would be better if you place printers on all sections.
• Think about this, you can print all appetizer orders on one printer and all your entrée dish on another printer.
• For kitchens and bars, it is highly recommended that you use impact (dot-matrix) printers instead of thermal printers. Because their loud printing alerts cooks and bartenders that an order is coming through, and since tickets printed on thermal printers becomes unreadable when exposed to heat.

How many receipt printers do I need?

• Having a receipt printer at every station would be better than just having one.

Is a back office computer needed?

• A back office computer helps managers to run reports and access POS systems to change, remove or add important data without disturbing servers.
• A back office computer is not necessariliy required unless you have 4 or more stations. It is however a good idea to host the database on a back office computer if you do have 4 or more stations so none of the stations has the extra load of running the database.

More information is available at POS-For-Restaurants.com

The author of this article is the Vice-President of Customer Relations at POS-For-Restaurants with over 20 years of experience serving restaurants of all types and sizes throughout the U.S.

Is an Efficient Restaurant POS System In Your Future?

There are a lot more things a Point of Sale system can do for your business other than automating sales transactions. Let our POS professionals teach you how you can take control of your business and increase your profits.

Having A Control Over Your Business

A right POS system will lift you up to a new level of control over your operations, it helps fine-tune your business model, boost your profits, as well as your efficiency. The wrong choice of system, however, can be a waste of money and a source of ongoing frustration.

In a sense, your POS system is a glorified cash register! The most basic POS system that consists of a computer, a cash drawer, receipt printer, a monitor, and an input device such as a keyboard or scanner. However, in addition to being more efficient than cash registers, POS systems are able to create detailed reports which can help you in making decisions.

A POS system saves money, provide productivity gains, and can cut down the amount of time you spend away from the primary focus of your business.

Saving more money, gain more control over your business, and being more productive; sounds like a great combination, right? Well here are some of the best ways a modern point of sale (POS) system can help your business.

Getting rid of shrinkage

A computerized POS system can drastically cut down on shrinkage, the inventory missing from your store or restaurant due to theft, waste and employee misuse. Because employees will know inventory is being carefully tracked, internal shrinkage will dwindle.

Accuracy

Whether you use barcode scanning or not, using a POS system can ensure that every item in your store or on your menu is sold for the right price. Your staff will no longer have to guess the price of an item, and you can change prices with just one click of the mouse.

Get better margins

You can get better magins by having a detailed sales report, focusing on higher-margin items would be cinch. By moving items within a retail location, or promoting poor-performing items in a restaurant, you can help boost sales of well performing items.

Knowing your stats

You can easily know which of your items have been sold today, yesterday, last week or months ago, with the help of a POS systems. It can even tell how much money is in the cash drawer as well as how much of that money is profit.

Manage inventory better

Knowing what stocks you need to keep on hand can easily be tracked using a detailed sales report. Track your remaining inventory, spot sales trends, and use historical data to better forecast your needs. Your POS software can be set to alert you when when stocks run low so you can reorder for them. There are many store owners who are caught by surprises when they have this data, because they think that they know exactly what trends affect them.

Build a customer list

Collect the names and addresses of your regular customers as part of standard transactions. Then use the list for targeted advertising or incentive programs.

Reduce paperwork

Reducing the time you spend on doing inventory, sales figures, and other repetitive but important paperworks can be lessen if you use a POS system to help you out. It doesn’t only reduce the time but save more for you as well as give you a peace of mind.

Efficiency in transactions

In retail settings, you can make checkouts quicker by using a barcode scanner and other POS features. Restaurants will find their order process greatly streamlined as orders are relayed automatically to the kitchen from the dining room. In both cases, your customers can get a much faster and more accurate service.

You have to keep in mind that these benefits requires a commitment to utilizing the POS system capabilities to their fullest. Without proper training and analysis, even the most sophisticated POS system will be nothing more than a simple cash register.

Retail needs vs. Hospitality needs

The POS market is divided into two segments with very different needs: restaurants, bars, and hotels and other retail operations and hospitality businesses.

Retail

Of the two groups, retailers have simpler POS needs. They process transaction all at once and often use less variation in the items they sell. Because there are some POS features retailers that specifically want to include the ability to support kits (3 for deals), support for digital scales and returns/exchanges. Your POS system will have to support matrixes if you sell items that come in a variety of styles, like clothing or shoes. For example, matrixes let you create one inventory and price entry for a particular sweater, but still track sales according to size and color.

Hospitality

Restaurants and other hospitality businesses differ in requirements.

Efficiency is the key focus for casual restaurants. For retail-style restaurants like sub shops, a POS system can greatly increase accuracy and cut down on time-per-transaction unlike with hastily-scrawled order tabs sent to the kitchen. And for quick-service style restaurants, POS systems are practically a requirement for living up to their name: a customers’ order is entered on the terminal at the front which sends the order and displays them on a monitor at the food preparation area where the order is assembled and delivered to the appropriate customer.

For fine dining restaurants, point of sale requires a bit different. They need a POS system that gives them the ability to create and store open checks, as parties order more over time, as well as track which waiter is responsible for which table. The efficiency gains from better management can be impressive. If your restaurant has 20 tables and has an average check of , it can increase turnover by one party per table, that would be an extra 0 on one busy night.

Return of Investment (ROI)

Migrating from your old system to a computers POS system isn’t that easy. There are several factors that needs to be considered and pitfalls to avoid. But the return of investment (ROI) can really make it worth all the effort you put into it.

Need more information or an online resource?

Go to POS-For-Restaurants.com

The author of this article is the Vice-President of Customer Relations at POS-For-Restaurants with over 20 years of experience serving restaurants of all types throughout the U.S.

How to find the right Restaurant POS software

Tips for selecting the right Restaurant POS Software

There has been a rapid increase in the restaurant and hospitality sector that are turning towards business management software in order to run their businesses more efficiently.

It’s crucial for any restaurant to select a restaurant POS software suite that’s flexible enough to meet their needs and be able to grown alongside their business.

While not all business owners are comfortable with restaurant pos technology it can be a usefull and vital to any hotel or restaurant wanting to trade immediately after installation, therefore bringing in more customers. Always remember that a good POS software can and will save you money, time for training your staff, stock control, payroll and even on wages.

is very competative and streamlining your business operations can mean the difference between failure or success. In the world of hospitality if you can’t keep up with your competitors you’ll loose your customers through smoothly run establishments that has POS systems.

Even restaurants aren’t exempted from this, that’s why having a good hospitality software suite is very important for any restaurant’s success.

There are times that you will notice that your restaurant’s external factors can a make a difference to your success, better think again. With the right hospitality software, it can significantly increase your chances of success and can even boost you up on top of your competitors.

If you are still searching for that right software suit that will meet your needs, you have to find a restaurant POS software that is sturdy, can be upgraded, easy to use and worth the money you pay for.

You also have to make sure that the hospitality software you purchase is adaptable to your needs. If the software is is rigid and allows for no flexibility it will be unable to adapt it to your needs as your business grows causing problems for the future.

A retail POS business software should be easy to install and use, intuitive and not require days of training; it has to be fully modular, as well as flexible and upgradeable so it can grow with your business. Additionally, you need to look for restaurant software that will run on your computer systems.

If you’re planning to operate with multiple tills you need a good backup system for safety, a reliable system that will make copies of your master data file so you would never have to loose any important data in case of system crashes. You need to ensure that the restaurant POS you select will allow multiple hardware configuration, as well as payroll integration and data export to sage or quick-books. Most users will have at one time or another used a computer running on a windows operating system, thinking it’ll be used for Windows].

A final consideration is the requirement that the software will fast and user-friendly.

Mostly, restaurants are extremely busy especially during peak hours, so a POS system that workd quickly and doesn’t crashes easily would be the best choice!Since most good restaurants are always busy, especially during peak times, a POS system that will work quickly and not freeze or crash during constant use should be the one you purchase. A good stable piece of software may not be cheap, but it will certainly help your business run smoothly which gives you more time to concentrate on other areas of your business.

One of the main priorities of any business establishment is support, so you better make sure you have the option of phone or online chat support like yahoo and msn messenger this will be an optional extra with any good POS software provider and worth its weight in gold if your systems go down and you are unable to trade.

Remember, software developers know far more about the system than anyone. An overlooked point that many clients have regretted from my experience, make sure that whoever you purchase the software from can offer after- hours support should you need it, also a company in the same time zone is a very useful commodity.

With over 20 years working in the restaurant POS industry, the author of this article is the Customer Relations VP at POS-For-Restaurants.com, an online information service to help restaurants receive competitive bids for hardware, software or a complete restaurant point of sale system.

Check them out at POS-For-Restaurants.com

POS Systems: Restaurant POS Software Overview

POS Software Overview

Looking for the best Point of Sale Systems for your restaurant? Find them out here, compare and get ready to learn about online restaurant management softwares: for order tracking, payment processing, monitoring staff and more

Using a good restaurant POS system is better than a fancy system that doesn’t have the right feature a restaurant owner needs, but between the confusion of hardware and software, monthly contracts,programming setup, leasing equipment as well at the peripherals, that simple old cash register sure is a relief.

But don’t expect that much yet; that relief can even cause restaurant owners hundreds or thousands or even more than the cost of a POS system every month. Just imagine having one central computer system that can track staff schedule, inventory, the orders, creates reservations and can even accept online orders.

Restaurant POS hardware and Point of Sale Software

A POS software, either an Aldelo, Aloha, FuturePOS or Micros, it is the program that you use to run your system and not your computer monitor, keyboard, mouse, printer, hand held PDA and other devices. As with any other expensive purchase, better think twice before closing a deal on the spot. There are some vendors who will sell you their POS software at a very low price, while neglecting to tell you that it’ll only run on their very expensive computers.

Note that a company that really works hard to provide good quality programs does not need to make a business of vending computer components. Or worse, leasing them at extremely high rates. When closing a deal, you need to figure out how much it’ll cost you for each components. You may find it easier to pay for a monthly fee of for a computer but after a year, it’s likely paid off at $600 and the whose part is that the client will still continue to pay after another year since it’s a lease, so while technology changes the outdated equipment is still being charged as if it were new.

Online Restaurant Management

If you can remotely access your system from another computer, wouldn’t that be a nice feature? Just imaging, sun bathing on a beautiful beach resort with your laptop sitting next to you, watching your restaurant via a security camera. Click a few keys and check that labor percentage, easily send an email to your restaurant manager reminding him of the big party tonight.

You might want to do a few check ups on your server, staff log and see their performance for today. This feature is such a relief, now you can sit back and enjoy the sun.

Programming a Restaurant POS System

Some point of sales systems are designed to be programmed by the end user, which can be intimidating. Check to see if their company has a list of consultants or other help for programming to help you out. A lot of companies that develops POS software work with the restaurant owner to make sure each menu item is entered carefully, tax rates are imported and that the staff is trained to use the system.

It would be a great decision to look specifically for companies who are willing to provide these services for free while getting started. Charging for a refresher course after a year later really isn’t out of line but charging for initial training isn’t required for every company.

The Best Point of Sale System for your Restaurant

Always remember, every restaurant or bar has their own needs. A burger drive through shop will be needing less options compared to a steak house or pizza shops. A restaurant bar and grill requires different features than of a sandwich shop. Every restaurant has unique needs and requirements. It’s best to ask away for every information packet. Does it include a warranty or guarantee? How about a trial period? Will the POS system work with your current credit card processor, or it or it needs a different one? Can you export sales data to your Quickbooks or other accounting software?

Weighing all of the hardware and software options before making a decision can can save any restaurant owner from the stress and headache of ending up with a point of sale system that doesn’t fit the bill. Listen well to every salesman’s 15 minute sales talk and review every bit of information you can get. Finally, consider the perspectives of other restaurant owners before deciding which one you’re going to use.

For more info about point of sale systems, visit: www.POS-For-Restaurants.com