Legal
In the event of legal action, who will be responsible for the fees and where will the proceedings be filed?
In the event of legal action, the account holder hereby agrees to all legal fees incurred. The proceedings will be filed in Hancock County, Greenfield, IN.
In the event of legal action, the account holder hereby agrees to all legal fees incurred. The proceedings will be filed in Hancock County, Greenfield, IN.
Web Payment Portal
What is a Web Payment Portal?
Our famous WPP provides your customer with the option of paying on line. Save your employees time from collecting the information over the phone, and lessen your liability for potential fraud.
Are transactions processed in real time?
Yes. Transactions are processed immediately through a secure Gateway account.
How will I know that I have received a payment?
Both the merchant ans the customer receive a receipt email within seconds of the transaction being approved.
Our famous WPP provides your customer with the option of paying on line. Save your employees time from collecting the information over the phone, and lessen your liability for potential fraud.
Are transactions processed in real time?
Yes. Transactions are processed immediately through a secure Gateway account.
How will I know that I have received a payment?
Both the merchant ans the customer receive a receipt email within seconds of the transaction being approved.
Equipment
In the event of equipment failure, how soon can we be up and running?
Indyhost.net will work to have you up and running the same day. Same day depends on how late in the day we are notified, shipping companies schedules, and if it is on Friday afternoon. As soon as you realize there is a problem or potential problem with your equipment, do not delay, contact us as soon as possible. If you are enrolled in our warranty program, there might be no additional costs to you.
Indyhost.net will work to have you up and running the same day. Same day depends on how late in the day we are notified, shipping companies schedules, and if it is on Friday afternoon. As soon as you realize there is a problem or potential problem with your equipment, do not delay, contact us as soon as possible. If you are enrolled in our warranty program, there might be no additional costs to you.
Understanding Your Bill
Why should I examine my statement within 30 days of receipt?
On a daily basis, you should balance each day’s sales tickets against daily debit and credits to your bank account, and specifically verify all deposits, adjustments, chargeback’s and fees. Per your merchant processing agreement, it is the merchant’s responsibility to report any error or discrepancies in writing within 30 days following the reporting period. After this time, the statement information and fees are deemed to be accepted by the merchant. Requests for analysis beyond this time frame may result in additional research fees.
It is especially important to confirm deposits against daily sales tickets after certain situations such as (I) equipment failures, (II) adding new or additional equipment, (III) adding new products to your terminal or other changes resulting in a download, (IV) power outages or (V) any changes to your bank account information.
What is a surcharge?
A surcharge, also known as a payment card checkout fee, is an added fee that a merchant charges a consumer when they use a credit card. (Visa merchants are not permitted to charge consumers a fee when they use a Visa card.) Can a merchant offer a discount for cash and check purchases? Yes.
What is a cash discount?
A cash discount is a price reduction on goods or services from the standard price if a consumer pays with cash or check. Merchants may offer a discount for cash provided that the offer is made to all prospective buyers. The states of Colorado, Maine, Massachusetts and Oklahoma additionally require that the cash discount be clearly and conspicuously disclosed to customers.
On a daily basis, you should balance each day’s sales tickets against daily debit and credits to your bank account, and specifically verify all deposits, adjustments, chargeback’s and fees. Per your merchant processing agreement, it is the merchant’s responsibility to report any error or discrepancies in writing within 30 days following the reporting period. After this time, the statement information and fees are deemed to be accepted by the merchant. Requests for analysis beyond this time frame may result in additional research fees.
It is especially important to confirm deposits against daily sales tickets after certain situations such as (I) equipment failures, (II) adding new or additional equipment, (III) adding new products to your terminal or other changes resulting in a download, (IV) power outages or (V) any changes to your bank account information.
What is a surcharge?
A surcharge, also known as a payment card checkout fee, is an added fee that a merchant charges a consumer when they use a credit card. (Visa merchants are not permitted to charge consumers a fee when they use a Visa card.) Can a merchant offer a discount for cash and check purchases? Yes.
What is a cash discount?
A cash discount is a price reduction on goods or services from the standard price if a consumer pays with cash or check. Merchants may offer a discount for cash provided that the offer is made to all prospective buyers. The states of Colorado, Maine, Massachusetts and Oklahoma additionally require that the cash discount be clearly and conspicuously disclosed to customers.
PCI Compliance
What is PCI?
The Payment Card Industry (PCI) Data Security Standard details security requirements for members, merchants and service providers that store, process or transmit cardholder data. To demonstrate compliance with the PCI Data Security Standard, merchants and service providers may be required to validate and conduct a network security scan on a regular basis as defined by the PCI Security Standards Council.
The PCI Data Security Standard (PCI DSS) originally began as
five different programs from the five credit card schemes. Each company’s intentions were roughly similar: to create an additional level of protection for consumers by ensuring that merchants meet minimum levels of security when they store, process and transmit cardholder data.
The Payment Card Industry Security Standards Council (PCI SSC) was formed as a neutral body to address conflicts among the credit card schemes in developing a standard. On Dec. 15 2004 the credit card schemes aligned their individual policies and released the Payment Card Industry Data Security Standard (PCI DSS).
First, a Self-Assessment Questionnaire must be completed on an annual basis. During the Spring of 2008 a new SAQ was launched and was re-designed to make the questions more relevant to what merchants actually do. There are now four parts, and depending on which part best matches what a company does, will determine the number of questions that will need to be answered – and whether or not quarterly vulnerability scanning is required. Companies will also need to make sure they attest to the truthfulness and accuracy of their responses on the SAQ.
For those required to complete quarterly vulnerability scanning – it is an indispensable tool to be used in conjunction with a vulnerability management program. Scans help identify vulnerabilities and misconfigurations of Websites and IT infrastructures containing externally facing IP addresses. Scan results provide valuable information that support efficient patch management and other security measures that improve protection against Internet hacking.
How do I stay Compliant?
Protect Cardholder Data:
*Make sure all receipts truncate the cardholder’s account number.
*Protect stored data, including electronic data, your customers’ sales slips and your receipts.
*Store copies of all sales receipts in a secure manner.
*If you destroy sales receipts, make sure they are unreadable.
*Give the carbon copy of the sales receipt to your customer.
*Encrypt transmission of cardholder data and sensitive information across public networks.
Build and Maintain a Secure Network:
*Install and maintain a firewall configuration to protect data.
*Do not use vendor-supplied defaults for system passwords and other security parameters—create your own unique password(s) and never give it to anyone.
Maintain a Vulnerability Management Program:
*Use and regularly update anti-virus software.
*Develop and maintain secure systems and applications.
Implement Strong Access Control Measures:
*Restrict access to data to only those that need to know it for a business purpose.
*Assign a unique ID to each person with computer access.
*Restrict physical access to cardholder data.
Regularly Monitor and Test Networks:
*Track and monitor all access to any network resources and cardholder data.
*Regularly test security systems and processes.
Maintain an Information Security Policy:
*Maintain a policy that addresses information security.
I am a small merchant who has limited payment card transaction volume. Do I need to be compliant with PCI DSS?
All merchants, whether small or large, need to be PCI compliant. The payment brands have collectively adopted PCI DSS as the requirement for organizations that process, store or transmit payment cardholder data. PCI SSC is responsible for managing the security standards while each individual payment brand is responsible for managing and enforcing compliance to these standards.
What is the deadline for complying with PCI DSS?
Compliance is mandated by the payment card brands and not by the PCI Security Standards Council. They require compliance forms be submitted yearly on the anniversary of your first compliance submission. Contact Indyhost.net if you are unsure of this date.
Why is there a fee associated?
The amount of work that is involved and the cost associated with verifying the SAQ allows the processor to charge a small fee. Many processors are charging up to $150.00 annually. See links below for examples.
Example 1
Example 2
The Payment Card Industry (PCI) Data Security Standard details security requirements for members, merchants and service providers that store, process or transmit cardholder data. To demonstrate compliance with the PCI Data Security Standard, merchants and service providers may be required to validate and conduct a network security scan on a regular basis as defined by the PCI Security Standards Council.
The PCI Data Security Standard (PCI DSS) originally began as
five different programs from the five credit card schemes. Each company’s intentions were roughly similar: to create an additional level of protection for consumers by ensuring that merchants meet minimum levels of security when they store, process and transmit cardholder data.
The Payment Card Industry Security Standards Council (PCI SSC) was formed as a neutral body to address conflicts among the credit card schemes in developing a standard. On Dec. 15 2004 the credit card schemes aligned their individual policies and released the Payment Card Industry Data Security Standard (PCI DSS).
First, a Self-Assessment Questionnaire must be completed on an annual basis. During the Spring of 2008 a new SAQ was launched and was re-designed to make the questions more relevant to what merchants actually do. There are now four parts, and depending on which part best matches what a company does, will determine the number of questions that will need to be answered – and whether or not quarterly vulnerability scanning is required. Companies will also need to make sure they attest to the truthfulness and accuracy of their responses on the SAQ.
For those required to complete quarterly vulnerability scanning – it is an indispensable tool to be used in conjunction with a vulnerability management program. Scans help identify vulnerabilities and misconfigurations of Websites and IT infrastructures containing externally facing IP addresses. Scan results provide valuable information that support efficient patch management and other security measures that improve protection against Internet hacking.
How do I stay Compliant?
Protect Cardholder Data:
*Make sure all receipts truncate the cardholder’s account number.
*Protect stored data, including electronic data, your customers’ sales slips and your receipts.
*Store copies of all sales receipts in a secure manner.
*If you destroy sales receipts, make sure they are unreadable.
*Give the carbon copy of the sales receipt to your customer.
*Encrypt transmission of cardholder data and sensitive information across public networks.
Build and Maintain a Secure Network:
*Install and maintain a firewall configuration to protect data.
*Do not use vendor-supplied defaults for system passwords and other security parameters—create your own unique password(s) and never give it to anyone.
Maintain a Vulnerability Management Program:
*Use and regularly update anti-virus software.
*Develop and maintain secure systems and applications.
Implement Strong Access Control Measures:
*Restrict access to data to only those that need to know it for a business purpose.
*Assign a unique ID to each person with computer access.
*Restrict physical access to cardholder data.
Regularly Monitor and Test Networks:
*Track and monitor all access to any network resources and cardholder data.
*Regularly test security systems and processes.
Maintain an Information Security Policy:
*Maintain a policy that addresses information security.
I am a small merchant who has limited payment card transaction volume. Do I need to be compliant with PCI DSS?
All merchants, whether small or large, need to be PCI compliant. The payment brands have collectively adopted PCI DSS as the requirement for organizations that process, store or transmit payment cardholder data. PCI SSC is responsible for managing the security standards while each individual payment brand is responsible for managing and enforcing compliance to these standards.
What is the deadline for complying with PCI DSS?
Compliance is mandated by the payment card brands and not by the PCI Security Standards Council. They require compliance forms be submitted yearly on the anniversary of your first compliance submission. Contact Indyhost.net if you are unsure of this date.
Why is there a fee associated?
The amount of work that is involved and the cost associated with verifying the SAQ allows the processor to charge a small fee. Many processors are charging up to $150.00 annually. See links below for examples.
Example 1
Example 2