"I really like SOTpay, it’s an elegant solution that means that Personal Data and Payment Card Data need not enter the merchant’s environment. That reduces the need for complex controls and the risk of costly and embarrassing data breaches. It’s quick and easy to deploy, and provides a good level of assurance that payment transactions are valid."
In 2015, according to the UK Card Association there were 557 million Card Not Present (CNP) Mail Order/Telephone order (MOTO) transactions which totalled £58.4 billion in sales. Can your business really afford not to accept secure CNP MOTO transactions?
entities that store, process and or transmit payment card data irrespective of the volume of payments processed. SOTpay removes sensitive card information from the environment to support a planned PCI DSS scope reduction strategy to help negate the risk of compromise and associated penalties/costs of forensic investigations, fraudulent purchases and the cost of re-issuing cards. If you do not comply, you may also lose your card acceptance privileges.
Current solutions only enable delivery to the cardholders registered address which is a source of frustration the both business and consumers, especially when they are at work and have to rearrange delivery. LloydsBank Cardnet suggested that businesses turn away a BILLION pound of sales, fearing that the transaction could be fraudulent. SOTpay puts the customer in control of the transaction and allows the business to deliver to a third party address, whilst being covered by the merchant bank, increasing transaction acceptance.
A data breach is a PR and financial disaster as the negative publicity lead to consumers losing confidence in your brand. Industry research has shown that 86% of people would be hesitant to do business with a company that had suffered a security breach. This results in falling sales and share prices. With this in mind, can you afford both the reputational and monetary cost to your brand and business?
, irrespective of the quantity of payments processed. PCI DSS also applies to Third Party Service Providers, who support entities that may have outsourced the payment handling process. Outsourcing does not release an entity from their obligation to be certified as compliant. The requirements apply to all acceptance channels including retail (brick-and-mortar), mail/telephone order (MOTO), and e-commerce.
If you do not comply with the security requirements of the card associations, you put your business at risk of payment card compromise. You will also be liable for the cost of the required forensic investigations, fraudulent purchases and the cost of re-issuing cards.
Do I need to have a certain Payment Service Provider (PSP)?
Our system is suitable and more importantly affordable to any company, from a sole trader to a corporate contact centre.
What does SOTpay offer you and your business?
SOTpay offers an extensive list of benefits for any business.
Allows the business to deliver to a third party address without liability thus providing a better customer journey and increasing transaction acceptance.
Add payment links to invoices, email quotes, tickets and booking confirmations.
The cloud based product provides welcome payment solutions to aid your disaster recovery plan.
SOTpay works to eliminate the risk of fraud presented to businesses by processing MOTO (mail order/telephone order) and CNP (card not present) transactions. Without the help of SOTpay, businesses are liable to the banks if they accept a fraudulent transaction; potentially losing both product and receiving costly charge backs by the bank.
SOTpay allows businesses to securely take CNP payments over the telephone via the leading payment gateways, including Worldpay, Sage Pay and Paypal. It enables the consumer to securely input their details without disclosing sensitive card information to the telephone agent, thus providing a PCI DSS compliant solution which results in a higher transaction acceptance rate, and reduced charges from the bank for non-secure transactions. It even provides a solution for businesses to be able to deliver to third party delivery addresses, without the risk of chargebacks from the merchant bank.
, irrespective of the quantity of payments processed. PCI DSS also applies to Third Party Service Providers, who support entities that may have outsourced the payment handling process. Outsourcing does not release an entity from their obligation to be certified as compliant. The requirements apply to all acceptance channels including retail (brick-and-mortar), mail/telephone order (MOTO), and e-commerce.
If you do not comply with the security requirements of the card associations, you put your business at risk of payment card compromise. You will also be liable for the cost of the required forensic investigations, fraudulent purchases and the cost of re-issuing cards. You may also lose your credit card acceptance privileges.
Transaction volume is based on the aggregate number of Visa transactions (inclusive of credit, debit and prepaid) from a merchant Doing Business As (‘DBA’). In cases where a merchant corporation has more than one DBA, Visa acquirers must consider the aggregate volume of transactions stored, processed or transmitted by the corporate entity to determine the validation level.
What does a small-to-medium sized business (Level 4 merchant) have to do in order to satisfy the PCI DSS requirements?
The card issuer will then confirm that the card has not been reported lost or stolen, and that the cardholder has sufficient funds in their account.
Whereas with SOTpay, liability is immediately shifted away from the business.
Most businesses will ask for a card holder's address and a delivery address. The card holder's address will normally be sent to a payment processor and in general two main checks are carried out. Firstly, does the 3-digit security code match (CV2) and secondly, is the card holder's address correct or partially correct (AVS)? If the delivery address and card holder's address are the same, they have passed the security checks above and you have a signed-for delivery, then you are at very little risk. In the event that the card holder contacts their bank stating there was fraud you now have a paper trail which proves that they have the goods.
