Jeremy Julian

PCI Compiance

3 Tips To Modernize Your Restaurant POS

December 5, 2018

If you’ve been in the restaurant business for a while, you may think you’re too accustomed to your legacy POS system to make the switch to a new one. You’ve seen your colleagues and competitors upgrade their systems and you’re coming to terms with the truth: a modern POS system can lead to new business, less hassle and greater efficiency for your restaurant. And while the transition may seem daunting, the benefits are likely too good to pass up, especially in such a competitive market.

 

Through the process, keep in mind these keys to making your POS transition as painless as possible:

 

  • Ask associates about their experiences
  • Let your staff in on the process
  • Determine your priorities and make a choice
  • Implement strategically

 

By incorporating these best practices into your plan, you can ease your transition to a modern POS platform and take your restaurant into the 21st century.

 

Step #1 – Ask associates about their experience
Fortunately, there are thousands of restaurants and other businesses that been in the exact same situation. If you’ve been in the industry a while, you likely know other restaurateurs and small business owners who have made the transition to a modern POS system. Ask them about their experiences to get a picture of the challenges you will face throughout the process.

 

What kind of questions should you ask to get the information you need? Below are a few that should be helpful:

 

  • What brand of POS did you choose and why did you go with them instead of other competitors?
  • What issues/inconveniences have you faced with the system thus far?
  • What challenges occurred during or after the transition?
  • How long did you plan for the transition to take, and did you meet that goal?
  • How difficult was the actual installation of the new system?
  • What complaints have your employees had about the new system and/or the transition process?
  • What do you wish you had done differently?
  • How does your system handle payment processing?

 

Online reviews are helpful as well, but it is definitely worth taking the time to talk to someone you know so you can ask any specific questions that the internet may not address.

 

Remember that you are not necessarily trying to find the best POS system money can buy—just the one that will work best for your restaurant.

 

Step #2 – Involve your staff
Only you can decide what system to implement, but it’s also important that you ask your staff their thoughts.

 

Your staff is on the frontline and will be using the restaurant POS system as much, if not more than you.  So, it makes sense to take into account their needs as well as yours when making your decision.

 

This process can also serve as a sort of “pre-training” by introducing your staff to some of the important concepts and possible changes they will encounter. If you are considering a major switch, like one from a legacy to a mobile POS, ask them if they have any anxieties or concerns regarding the change.

 

Then, keep them involved as you weigh the options and begin installing your new system. Continue to brief them on your decisions and ask them for feedback so they never feel left out of the process. The more engaged your employees are throughout the installation of your new POS system, the more comfortable they will be with it when it goes live.

 

Step #3 – Make a choice
Now that you’ve learned how to research and engage your employees, it is time to determine what features your restaurant needs and, ultimately, what POS system you want to go with.

 

One of the first questions you need to ask about your next restaurant POS is whether or not you want a mobile system. Mobile point-of-sale systems offer a range of features that can revitalize your restaurant’s preparation and service processes. Consider this option if you are ready for significant changes in the way your restaurant operates.

 

A mobile POS system enable your servers to take and send orders, charge customers, handle electronic signatures, and show suggested tip options, all from the table. These types of features generate extra efficiency which can lead to improved table turn and better revenue.

 

However, many restaurants prefer not to implement such a significant change and choose to stick with a stationary POS option. For these businesses, a more modern system can still offer a slew of time-saving features while taking up less space than legacy systems.

 

While the choice between a mobile and stationary system will be one of the most influential decisions you make, there are some questions that are important to ask:

 

#1. Does the system track and compile data to help you manage your business?
Most modern POS systems offer much more sophisticated data tracking and business analytics features than legacy systems. Weigh these against your management practices to make a decision that works for you.

 

#2. Does the interface work with your methods/does it offer significant customization?
Only you and your staff know what works best for your restaurant. You may want to customize your new interface so it resembles your current one to minimize the need for training, or you may want to overhaul your interface to improve efficiency.

 

#3. Is the system secure?
A digital POS has to be secure, so make sure that your new system is PCI compliant and meets other cybersecurity guidelines so you never experience a hack or other emergency. With plenty of high-profile examples in the past year, you want to keep yourself and your customer’s data safe.

 

#4. Does the new POS work well with online ordering?
If your restaurant receives a lot of business through online orders, you’ll want to make sure your new system supports that. Some systems can send orders straight to the kitchen from the web, saving a step for your restaurant’s host or cashier. This is an especially useful POS feature for business such as burger joints or pizza parlors.

 

If you don’t already have several specific requirements in mind for your new POS, these questions will help get you started with the research process. As you learn more about the options, you’ll develop an understanding of your needs so you can choose the right system for your restaurant— and then start the transition.

 

We hope these tips and questions have been helpful to you as you take the important step of updating your POS!

 

Serious about updating your POS? Check out the Northstar POS system to improve the power and effectiveness of your restaurant!

I just upgraded my POS, am I PCI compliant now?

July 10, 2014

So you just upgraded your system to a shiny new POS system. Your software is now at the forefront of technology. You shouldn’t have to worry about PCI compliance at this point, should you? Maybe, maybe not.

PCI compliance… What a fickle beast you are.  Even after 20+ years in the hospitality POS industry, consumer card protection is the one topic that never gets old. For those of you without direct experience with it, here’s a little education on the PCI.

Chart-480x408

Depending on your POS platform, you will either be considered an “on premise vendor” which requires you to fill out SAQ C or SAQ D.  Each of these have their own separate compliance, questions, regulations, etc. etc. If you have integrated credit cards in your POS system, you will either be a SAQ C or D.  Seems easy enough, right?

The Self-Assessment Questionnaire is a list of questions that the PCI council put together for each merchant to ensure their compliance.  Also, the council put together a prioritized approach to the PCI DSS which is outlined in the handy chart below.  Depending on where you are on the chart, there are specific things that must be done to stay PCI compliant.  Per the chart, your POS is involved with step 1.  Depending on the version of software you are running, there could be some card numbers lingering in the system from the pre-PCI days, but most POS providers have built in a scrubbing tool by now to get rid of these.

Step 2 is related to your network.  Ensuring you have a perimeter firewall, a log service, monitoring solution to test the compliance is also something that is part of the DSS.

Step 3 also involves your POS system. Ensuring the windows versions are up to date with the latest supplied vendor security patches as well as your POS being on a currently supported version are paramount.  The PCI DSS landscape continues to change and every 2 years the POS providers need to ensure compliance.  So if your POS version is more than 2 years old, you may not be in compliance; make sure you are on the latest vendor supported versions.

Steps 4-6 are unrelated to the POS section of your business, but are internal business processes that the restaurant needs to comply with.

So in answer to “Since I JUST upgraded my POS, am I automatically compliant?”…maybe. Compliance goes beyond just a safe POS network. You could be doing things like updating the patches to your windows environment, ensuring a properly maintained firewall, doing log management and any number of other things to make sure you are compliant.  There are several companies out there to partner with that will help you with compliance if you need further assistance, contact your account manager for clarification.

For more information, visit https://www.pcisecuritystandards.org/.

 

Subscribe-Button

 

https://www.pcisecuritystandards.org/security_standards/documents.php?category=saqs

SAQ A – Card-not-present Merchants, All Cardholder Data Functions Outsourced

SAQ B – Merchants with Only Imprint Machines or Only Standalone, Dial-Out Terminals. No Electronic Cardholder Data Storage.

SAQ C-VT – Merchants with Web-Based Virtual Terminals, No Electronic Cardholder Data Storage .

These SAQ levels, for the most part, are not applicable to restaurants with integrated credit systems. SAQ C and D are the only ones that are relevant and it depends on your version and method by which you process cards.  If you store only tokens, you would use the SAQ C and if you are a standard POS system, you would most likely be a SAQ D – the most intensive category.

SAQ C – Merchants with Payment Application Systems Connected to the Internet, No Electronic Cardholder Data Storage

SAQ D – All Other Merchants and All Service Providers Defined by a Payment Brand as Eligible to Complete an SAQ

Protecting Your Customers’ Data Webinar

July 8, 2014

If you couldn’t join us as we welcomed Patrick Purcell from Tekmark, click the link below to download the presentation!

ProtectionWebinar

You can also watch the video at this link!

Watch video here!

EMV and Chip and PIN: What is it and How Does It Affect My Business?

April 16, 2014

The world of credit card payment systems has been getting rocked lately. From the large-scale credit card breaches at Target and Neiman Marcus to the changing economic landscape, big questions have been left unanswered. None larger, though, than the questions raised about EMV. Because of the regulations regarding the adoption of EMV in the US, most people don’t really understand what the implementation means and what will need to be done in order to be compliant with the new regulation.

One of the first questions to answer is “What is EMV anyway and how does it work?” EMV is short for Europay, Mastercard, and Visa.  This system has been around since the 1990’s and has been in use in many parts of the world outside of the US. The cards are fitted with a microprocessor chip that transmits data to help deter credit card fraud.  The chip communicates with the acquiring bank while the transaction is taking place to ensure that the card is actually present and accounted for at the time of the transaction. The pin or signature is an added bit of protection to help lock the process down even tighter.

Now that there’s a basic understanding of what EMV is, we need to understand what impact it will have on the way we do business.

In 2012, many of the US-based bank card brands adopted some rulings that would shift the liability of the charge-backs for merchants entirely onto the merchant if they don’t accept EMV. The ruling stated that by October 2015, every merchant needs to be able to accept EMV transaction. What’s that mean? By 2015, you either accept EMV, or you have to cover the payback of any credit mishap or disgruntled customer.  The cost there could be enormous. Reason enough to make the switch. If that alone wasn’t enough, there have been some added incentives to merchants to adopt EMV such as changing their scope of PCI and reducing some processing fees.

Is EMV going to be safer for all parties involved? Yes. Will it disrupt life in the restaurant environment? Definitely.

In retail situations where 99% all transactions are being handled at a check-out counter, EMV will not be too different. However, in the restaurant space, there are generally two types of transactions that take place, neither of which will bring welcome challenges:

  1. Counter-Transactions – Usually you see these transactions in fast food and fast causal environments. In these environments, speed is paramount. In an EMV transaction, there is more communicating between banks going on, slowing the transaction process down considerably. Slower service is detrimental for fast-service restaurants.
  2. At-Table Transactions – At full-service restaurants, generally transactions take place away from the table at server stations or at a bar station. Because the person will have to physically be with the card, mobile payment devices will become mandatory. These devices will need WiFi or some other mobile network to run. Look for some great innovations in the devices themselves. Also, look forward to incredibly user-intuitive interfaces, as restaurants will lose money as waiters and waitresses have to walk customers through the payment process.

In reality, when the rubber meets the road, there’s going to be a lot of hurdles to overcome. For example, last time I called each of the major US processors we work with, only one had a platform that was ready to support EMV. Even with this, support was only based on one hardware platform.  There’s already a delay on the processor side and that is creating a hindrance for the POS systems to meet their needs. It is a major bottleneck for the EMV movement.

Banks and other financial institutions have also been pushing back hard on EMV because of the enormous cost each will incur in reissuing chip-enabled cards. The new EMV cards cost almost 10 times as much as the traditional magnetic-strip credit cards. This deters banks from issuing these new cards, making it even harder to deploy this technology. Without everyone playing nicely, the switch to Chip-and-PIN, Chip-and-Sign, EMV, whatever you want to call it, is going to be a major PITA.

We receive a large number of calls from customers asking what we are doing about the impending switch to EMV. From our standpoint, we can’t do much until the processors begin accepting the chips. Once we have something to work with, the entire process will fall in line. Will it happen by October 2015? Some say yes, some say no, but the fact remains: EMV will come to the US whether we want it or not, so we might as well embrace it.

What are you doing to prepare for EMV in your business?

 

CBS Webinars: Don’t Become a Target! What You Need to Know About PCI Compliance

January 20, 2014

Join The Restaurant Technology Guys for a frank conversation with Patrick Purcell of Tekmark on the topic of Payment Card Security. They will discuss what it takes to become and stay PCI Compliant from the point of view of a restaurant operator. Join us for this important webinar that can save your business and reputation from big losses.
Click to Register for Don’t Become A Target.

 

Upcoming End-of-Life Dates for Windows OS

December 4, 2013

windows logoPCI Compliance requires merchants to run currently-supported Windows Operating Systems on the computers on their PCI network.  If their current Windows OS isn’t supported merchants must upgrade to a current supported version.
End-of-life dates for various Windows OS as published by Microsoft:

  • Windows XP  –  April 2014
  • Embedded XP – December 2016
  • Vista   – April 2017
  • Windows 7 – January 2020

Please reach out to your CBS Account Manager if you have any further questions about PCI Compliance and your current Windows OS.

CBS Account Managers:
Jason Perovich  949-609-6715  jason.perovich@cbsnorthstar.com
Anthony Gartung  800-551-7674 x254   anthony.gartung@cbsnorthstar.com
Cindy Milligan  832-452-7291  cindy.milligan@cbsnorthstar.com

The RTG Update

Once a month we send the latest RTG Podcasts, news and more right to your inbox.

  • ○ Trendsetting restaurant technology
  • ○ Tips on operations efficiency
  • ○ Real world advice for restaurateurs

Copyright

Copyright 2011-2021
Custom Business Solutions, Inc.
Privacy Policy Website managed by The Lorem Ipsum Co.