“We see payment security as the single most pressing issue.”

MO.com is made possible by our friends at:

Guidant Financial: The leader in alternative startup, franchise and small business financing

Stephen Price is a self-taught entrepreneur with no formal education. He started as a debt collector at the age of 18 and moved up to Director and eventually owner of a third-party collection agency for major banks and credit card issuers. After a horrible experience with a former partner and the headaches of juggling more than 50 employees, Stephen Price started E-Complish with the one question of “how can I automate the acceptance and processing of payments without the hassles and investment of a call center.”

The first client was Verizon Avenue (a subsidiary of Verizon Corp.) to provide an IVR system to collect payments via automated phone. Unbeknownst to Stephen, this became its own product (Direct Pay IVR) and now E-Complish is a force to be reckoned with when it comes to any form of automated payment solutions for high payment acceptance and processing industries.

E-Complish specializes in payment solutions. It is their mission to deliver a wide selection of secure and dependable services, making it easy for its clients to process and report on all types of transactions.

MO: What problem is E-Complish solving?

Stephen: E-Complish focuses on payment acceptance and processing for large billers like Utilities, Insurance, and Finance. Payment processing of hundreds of thousands of transactions in a monthly period is a daunting task that comes with heavy regulation and security requirements. Our clients leverage E-Complish’s tested and secure payment platform for their payment acceptance, processing and storage instead of trying to become certified and scrutinized by government or payment card (PCI) security requirements.

MO: Can you elaborate on why mobile payments are truly the future?

Stephen: Payment acceptance and processing is moving toward “walletless” processing. The obvious replacement to a checkbook and a physical credit card is a mobile device that will become a “digital wallet” of sorts. To explain, we live in era of information data. The management of that data will require mobile or other devices to maintain a balance of physical versus digital. We have already seen digital slowly replace the physical. One example of this trend is the music industry where physical CD’s have/are being replaced by MP3 digital music format. Another example is the slow elimination of physical paper checks. Although not replaced yet, the paper check is slowly eroding and being replaced with the digital ACH transaction. I expect the same to happen to physical credit cards. The physical credit card will inevitably be replaced with a digital card that can be scanned, tapped or swiped. If we continue with that line of logic, it seems clear that the digital credit card must be housed in a secure mobile device of some sort.

MO: Can you expand on how you’re identifying problems with the way payments are being processed and developing tools to fix them? What are some issues that you’re currently looking at and working on solutions for?

Stephen: We see payment security as the single most pressing issue. It feels like daily we hear of yet another large corporation losing, accidentally disclosing or being hacked of credit card, banking or personal data. This subsequent breach turns into fraudulent charges or identity theft. When this happens, who is paying to clean up the mess? Well, as it stands today, if there is fraudulent activity on a consumer’s credit card or bank account the consumer will usually not be responsible to pay for the fraudulent charges. This means the banks are covering the cost of the fraud. The fraud is written off in most cases as a loss. That loss must be recouped in some way and that way is by increased fees and finance charges to you and I the consumer. Literally speaking, even if the fraud does not directly happen to you are I, the bank fraud is costing all of us in increase fees and charges.

We see an opportunity to further secure payment processing. Earlier this year we successfully rolled out our PaySecure platform. PaySecure uses the existing Personal Identification Number (PIN) for a consumer’s credit/debit card (if enabled) and prompts the consumer to enter their PIN on screen via the Internet. Each time the consumer enters a digit of their PIN the on-screen PIN Pad will constantly scramble to prevent key logger spyware. This product secures consumer Internet transactions by using two-factor authentication. Not only must the consumer give the CVV security code of the credit card, but they also must provide something they “know” which in this case is the PIN. Additionally, this is a benefit to the merchant because they are virtually guaranteed of no credit charge backs. E-Complish expects to include PaySecure for our Direct Pay automated IVR payment system in 2013.

MO: What are some marketing strategies that have worked well for you so far?

Stephen: Our marketing strategy is to outsource the need for PCI (credit cards) and NACHA (ACH) compliance for processing payments. More and more the regulations and security needed to accept and process payments outweighs the effort and cost of becoming PCI and NACHA compliant. Outsourcing this piece of the process is a logical step for our customers.

MO: What are some things that a business should be looking for when it comes to choosing a payment processor?

Stephen: We realize that E-Complish cannot be everything to everyone and we are always being asked what a merchant should look for in a payment processor. With that in mind we published “The 7 Steps to Picking A Payment Processor” a few years ago. We have heard comments that our article has grown to be a sort of “Payment Bible” that countless merchants have used in their decision process. We recently re-posted this article on our Blog site (http://www.e-complish.com/blog/7-steps-to-picking-a-payment-processor/). We hope it helps!

STEP ONE: Be sure of PCI Compliance.

If you are processing credit or debit cards, you should make sure that the payment processor is Level 1 PCI compliant. Level 1 means they are listed on the Visa/MasterCard list of approved Third Party Payment Processors (TPP) and are processing more than 6 Million transactions annually. Be warned, when asked, many payment processors will send you a scan report of their systems. This is a common ploy. Ask specifically for their Attestation of Compliance (AOC) certificate which proves their PCI Compliance and then verify that it is Level 1 (1 is the highest of 4 levels).

STEP TWO: Debit Cards Are Important, Too

Some merchants are required to process only debit cards or Health Savings Account Debit cards and not credit cards. Make sure the payment processor can distinguish between debit and credit cards and if required set your payment processing to processes debit cards only.

STEP THREE: Be Compliant.

If processing ACH transactions, make sure the payment processing software will ensure NACHA Rules compliance to protect you from unintentionally breaking a NACHA ACH rule.

STEP FOUR: Look for Industry Knowledge.

Make sure the payment processor understands your industry. It is recommended that the payment processor be an active member of NACHA at a minimum. It is also a good idea to look for a payment processor that is a member of your own trade organization and has a good rating with BBB.

STEP FIVE: Check for Server and Data Validity.

Verify that payment processor has load-balancing servers and redundant data centers in place to handle high load and provide data center redundancy.

STEP SIX: Ask about Technical Support.

Determine the level of support that is provided by the payment processor. We recommend you’re your work with a payment processor a secure case management portal and online chat system to communicate technical issues and answer general questions.

STEP SEVEN: Get Yourself Trained.

Finally, confirm what type of training (if any) the payment processor will provide on a regular basis? You should expect to have, at the very minimum, proper documentation, a FAQ knowledge base, and live online training with a professional payment trainer. Optimally, look for a payment processor that has ongoing/continuous online classes. This will help keep new employees trained and keep you out of a bind if a key person suddenly quits or is out for an extended period of time.

MO: Can you share some best practices tips when it comes to credit card payment processing?

Stephen: The best practice for credit card processing is “know your customer”. If you are not gathering pertinent information about the consumer before you process their payment, it is inevitable you will start getting charge backs. At a bare minimum you should be doing Address and Card Code Verification. Additionally, you should be using Fraud Filters that track IP, Velocity and Shipping versus Billing address filters. Taking these basic steps will dramatically reduce your daily risk.