Will Your Payment Processing Break Due To Mandatory Security Update? – 2017 Deadline Approaching for TLS 1.2 Requirement
The PCI Security Council has mandated that online merchants who accept credit cards must upgrade from the older SSL and early TLS security protocols, to the newer TLS 1.2 protocol. The required implementation dates to remain in compliance have changed multiple times, causing merchant confusion. To further this confusion, individual gateways and processors have their own implementation timelines for TLS 1.2 support.
Due to recent high profile attacks, some vendors have decided to expedite the transition to TLS 1.2 and completely end support of the older, less secure protocols. This was primarily done because of the known risks of the older security protocols and the PCI Security Council’s assessment of the risk to merchants. The PCI Security Council has stated, “The vulnerabilities within SSL and early TLS are serious and left unaddressed put organizations at risk of being breached.” Because of these known risks, payment technology vendors have become more aggressive in their implementation timeframes and are in the process of deprecating the older protocols beginning in 2017.
One such company is PayPal. PayPal just recently turned off support of the older protocol for test environments and will completely stop supporting the older protocols by June 30, 2017. FOR MERCHANTS USING A PAYPAL PAYMENT GATEWAY WHO HAVE NOT UPGRADED THEIR SYSTEMS TO SUPPORT TLS 1.2, CREDIT CARD PROCESSING SERVICES WILL NO LONGER WORK AFTER THAT DATE.
Dates to know:
- PCI Security Council original date of TLS 1.2 compliance was 2016
- PCI Security Council new date of TLS 1.2 compliance is June, 2018
- PayPal testing environment ended support of older protocols on February 15, 2017
- PayPal production environment ends support of older protocols on June 30, 2017
How do you ensure you will be able to accept credit card payments after the June 30, 2017 deadline? The first thing merchants should do is contact their systems providers to determine all of the payment gateway connections their solution employs. Merchants should then verify that their solution has been upgraded to support the TLS 1.2 protocol. This often times reveals a spider web of connections. Many solution providers support a variety of gateways to reach a particular processing platform.
In the example of PayPal, merchants may be unaware that their payment acceptance solution could utilize technology from PayPal even if they do not accept PayPal as a form of payment. PayPal Holdings, Inc. has acquired various payment technologies and companies (i.e. PayFlow Pro, BrainTree, Venmo, etc.) that many payment solutions employ in the background. If a merchant’s solution utilizes a PayPal gateway and hasn’t been upgraded to support TLS 1.2, it will stop functioning after the June 30, 2017 date.
To avoid credit card acceptance interruption and protect yourself against malicious attacks, you should:
- Upgrade your systems to support the latest security protocol TLS 1.2
- Start your upgrade process today. System upgrades take time and a backlog is already forming with many vendors. This will result in many merchants unable to accept credit card payments after June 30, 2017
- Nodus customers should contact Nodus Support to discuss their upgrade options and ensure that the software versions they are using support TLS 1.2
- Migrating from SSL & Early TLS webinar by PCI Security Standards Council
- Date Change for Migrating from SSL and Early TLS
- PayPal TLS 1.2 and HTTP/1.1 Upgrade Microsite
- Nodus TLS 1.2 Security Update
Chester Ritchie is the President of Nodus Technologies (http://www.nodus.com). Nodus is a certified Microsoft Gold Level Partner for payment software within the Microsoft Dynamics family of accounting systems. Nodus products allow users of Great Plains (GP), Solomon (SL), and AX to accept electronic payments inside of the accounting system. Accounting entries related to payments are automated and cash flow is increased.
January 6, 2017 by Chester Ritchie
Microsoft recently announced the discontinuation of the Dynamics Online Payment Services. Effective January 1, 2018, users of this service will no longer be able to process credit card payments within Microsoft Dynamics AX, Microsoft Dynamics NAV, Microsoft Dynamics GP, Microsoft Dynamics RMS, Microsoft Dynamics POS 2009, and Microsoft Office Accounting.
To mitigate any potential business impact due to the discontinuation of this product, Microsoft is recommending existing customers search for alternative payment products from Dynamics Independent Solution Providers (ISVs) such as Nodus.
Nodus is the leading provider of PCI certified electronic payment processing modules for Microsoft Dynamics. In addition to the core credit card processing functionality provided by Microsoft Dynamics Online Payment Services, merchants choose Nodus for security and additional accounting automation. The Nodus payment processing gateway can be used to replace Microsoft Dynamics Online Payment Services with minimal interruption to your business.
Nodus products are fully integrated into Microsoft Dynamics. Nodus has been the PCI certified payment solution for Microsoft Dynamics accounting systems for over 14 years. In addition to providing a secure credit card processing solution, Nodus payment solutions integrate with your accounting system to automate accounting entries, provide lowest rates for B2B transactions, and get you paid faster by automating A/R via our online bill pay module.
For more information on how to upgrade your Dynamics Online Payment Services to PCI compliant credit card processing software from Nodus, please visit http://www.nodus.com or call us at 909-482-4701.
For the third time, Nodus Credit Card Advantage, ePay Advantage and eStore Solution Stack have been validated against the Payment Application Data Security Standard (PA-DSS). This time, the Nodus solutions have been validated under the new PA-DSS version 3.2 which requires support for only secure encryption protocols such as TLS 1.2.
“Nodus is very dedicated to maintaining our PA-DSS certification for all of our solutions,” said Nikki Nguyen, Director of Product Management, “Providing secure applications for processing electronic payments helps us maintain trust with our loyal customers and partners.”
Due to the new industry requirement, Nodus is highly recommending that all current customers upgrade to the newest versions of their Nodus software to utilize the TLS 1.2 encryption protocol. This upgrade should be scheduled as soon as possible to avoid any disruption when Payment Gateways begin to turn off the previous insecure encryption protocols. More information on the TLS 1.2 Security update can be found at: http://www.nodus.com/nodus_TLS_Security_Update.html
Customers interested in upgrading can contact Nodus Technologies Support at (909) 482-4701 option 2 or by e-mailing email@example.com.
What is PA-DSS?
The PCI’s Payment Application Data Security Standards (PA-DSS) defines security requirements & procedures for software vendors of payment applications to securely manage and protect card data. A validated PA-DSS application means that the payment application has been assessed to ensure it meets all of the security requirements of the Payment Card Industry Security Standards Council (PCI-SSC).
How does the PA-DSS impact customers?
Secure payment applications help to facilitate a customer’s PCI DSS compliance. When implemented in a DSS-compliant environment, PA-DSS validated payment applications will minimize the potential for security breaches leading to compromises of full magnetic stripe data, card validation codes and values (CAV2, CID, CVC2, and CVV2), PINs and PIN blocks.
Day 3 presented User Group attendees with another sunny and clear day in Tampa, Fl.
After a stream of 8am breakfast sessions, the convention center rooms filled with ISVs for the 9am Partner Showcases. Fauwaz Hussain, the Director of Sales and Marketing, educated GP users on PCI Compliance and secure payment processing. The attendees joined to learn about securing their payment data and automating their collection processes. Some of their biggest concerns included the entry point of credit card data and how to properly store the information. Some of Nodus’ integration partners, such as SalesPad, also presented topics revolving around their solutions. Users can download the presentation slide decks on the GPUG website for any of the sessions, even the ones that they did not attend.
The expo opened for the third day at 2pm for another round of networking and solution research.
GPUG recognized many members for their participation in the community. They awarded Frank Heslin from ExamWorks, Inc., Amber Bell from Training Dynamo, LLC, and Brian Lambertz from Connexus Energy with the 2016 All Star Award. Throughout the event, GPUG also presented attendees the chance to play a version of Pokemon Go by scanning QR codes throughout the event. Congratulations to the GPUG User Group Go winner, Irene Chan.
The night ended with an 80’s inspired dance party at the Florida Aquarium and a Halloween-themed party from FastPath.
The Nodus team would like to thank everyone at Dynamics Communities, and within the channel who helped create another successful User Group event. Safe travels to everyone going home this weekend.
For more information on Nodus Technologies, our solutions, and our next events, please go to www.nodus.com.
Day 2 of Summit 2016 began with the GPUG opening at the Amalie Arena. The event opening was hosted by Bob McAdam, Vice President of Finance at Dynamics Communities, and Aaron Back, Chairman of the GPUG Board. The keynote highlighted the organization’s success in providing the largest GPUG gathering of all time. To follow, a quick presentation from each of the GPUG Summit 2016’s platinum sponsors, Fastpath, Rockton Software, and Metaviewer. Keynote attendees were also shown the plans for the recent and future versions of GP including the redesigned web client, the all-in-one sales document viewer and the simplicity of using PowerApps to quickly create applications that integrate with Dynamics GP. The audience seemed to enjoy the new features of their chosen Dynamics ERP.
The attendees then made their way to the convention center and surrounding hotels for Dynamics-related sessions. The topics ranged from sales, marketing and reporting. GP users could also be found within the convention center hallways and at the Mekorma hub, discussing challenges with other GP users and ways to improve upon them.
The expo hall filled with excitement again in the afternoon as end users were given the chance to explore solutions to fit their business needs. Nodus promoted their partnerships with fellow ISVs, including Professional Advantage, SalesPad, SK Global and Peak Engagement. Nodus’ newest solution, PayLink, was a big hit, providing Dynamics GP users the chance to expedite their collections by providing one-click payment hyperlinks within email and text messages. (More about PayLink here).
The night ended with the Summit attendees heading downtown for Rock-n-Rave and the Buccaneer Bash.
There is still a chance to win a GoPro HERO 4 at the Nodus booth. Stop by #837 and drop off your business card before the end of the expo hall hours on Friday, October 14th.
Tampa has been very welcoming to the User Group Summit this week. The city grew over night as customers and partners alike began to arrive for an exciting week of Dynamics user content.
Summit kicked off on Tuesday with a cheerful keynote hosted by Andy Hafer, the CEO of Dynamics Communities. The keynote started off by highlighting some of the great accomplishments of the User Groups including celebrating their 10th anniversary and the largest attendance of Summit to date.
The keynote also shared some great examples of community by inviting the Portico Chorus on stage to bring the energy of the stadium alive with a few songs. Andy Hafer stressed the importance of community with an inspiring quote from Cesar Chavez: “We cannot seek achievement for ourselves and forget about progress and prosperity of our community…Our ambitions must be broad enough to include the aspirations and needs of others, for their sakes and for our own.”
The Summit then invited Scott Guthrie from Microsoft on stage to discuss the plans for Microsoft Dynamics 365. Microsoft’s vision statement is to “Empower every person and every organization on the planet to achieve more.” With the newest solutions introduced by Microsoft, they hope to continue to do so. Lastly, the audience was left with a short speech of encouragement related to the world of digital transformation from Ray Wong, the Chairman of Constellation Research.
After the keynote, the expo hall was opened to customers for the first time for the reception. The Nodus team was excited to debut our brand new booth which focuses on our strength of connecting electronic payments with ERP and CRM systems. Of the Nodus members to attend GPUG, one of them is Nodus’ new President, Chester Ritchie. He is experienced in the payment technology world, but is excited to participate in the Dynamics Channel.
The day ended with a parade throughout the expo hall leading outside to enjoy the fireworks show.
The Nodus team welcomes everyone to GPUG Summit and wishes you a great show. Please stop by booth 837 this week to learn more about our solutions and services. Drop off your business card for a chance to win a GoPro HERO 4! We will also be presenting a Solution Showcase on Thursday at 9:15am in TCC12 titled “PCI Compliance – Receivables and Secure Payment Processing.”
The Nodus team will be heading to Tampa, Florida, this month for GPUG Summit 2016! We are proud to be a returning sponsor of this ever growing event. GPUG Summit is a great way for GP Users to extend their product knowledge, interact with other GP users, and learn about ways to maximize their ERP solution.
Partners, customers and prospects alike can find Nodus at Booth #837 during Summit. We will be there to answer any questions that you may have. We will be promoting our newest solutions and integrations, listed below:
- Nodus PayLink: One-click payment links for Dynamics GP
- PayFabric: Cloud-based electronic payment processing and storage
- New features of our current solutions
- Information on the newest PCI requirements
- Nodus and SalesPad integration
- Nodus and Professional Advantage Integration
Schedule a one-on-one with the Nodus team by emailing firstname.lastname@example.org or simply stop by our booth!”
Nodus will also be presenting at GPUG Summit:
PCI Compliance – Receivables and Secure Payment Processing
When: Thursday, October 13th, 9:15-10:15am EDT
While you’re at Summit, don’t forget to share your experiences and follow Nodus’ social profiles for the latest Summit updates.
So what are you waiting for? Register for GPUG Summit and don’t forget to come talk to us!
Nodus Technologies is a proud partner of Prophet Business Group. Below is a guest post by Prophet demonstrating a simple way to clean up your A/R.
Over and underpaid invoices are the kind of little problem that bother you, but finding a solution rarely makes it to the top of the to-do list. I mean, your options are typically a) making a collection call or issuing a credit for $.39 or b) leaving the invoice open to clutter up the Aged Trial Balance and Customer Statements.
Luckily, Dynamics GP offers an easy mechanism that will save you from chasing pennies and cleanup your A/R process. It’s called ‘Write-Off Documents’ and it’s not new, but it’s something a lot of GP users forget about.
How to manage over and underpayments with Write-Off Documents
Let’s say your customer receives an invoice for $450.27 and they send a payment for $450.00. If you can live with the $.27 underpayment, you can forgive the outstanding amount completely and apply the document by entering the amount in the write-off field of the Apply Sales Documents window.
The Amount Remaining is now $0.00 so this document can move off to HST when you complete the Paid Transaction Removal process, and will no longer appear on the Aged Trial Balance or Customer Statements.
However, if you’d rather manage over and underpaid invoices as part of your A/R month-end routine, you have that option as well.
Use the Write-Off Documents window to write off outstanding credit or debit balance amounts for one or more customers. You can specify a write off limit, cutoff date, and whether to create one credit or debit memo for either each customer or document. The debit or credit memos that you create will be posted and applied to the documents you’re writing off balances for.
Remember, this is intended to let you write off a few cents for imprecisely paid invoices, not to forgive bad debts.
If you want to get started with Write-Off documents, you can reach out to Prophet Business Group, a Microsoft Dynamics GP Partner in Winnipeg, MB. Or, if you’re interested in other ways to streamline your A/R, you can register for A/R Automation 101, a 60-minute joint webinar with Nodus Technologies on August 17th at 11am Central Time. Attendees of this webinar will learn about:
-Automating Accounts Receivables
-Providing customers the convenience of online bill pay
-Securing sensitive payment information and reducing the scope of PCI Compliance
When selecting an ecommerce solution you will find both integrated and non-integrated software products available in the market. The initial investment of an integrated solution may appear higher and cause you to wonder just how much is the business process automation and integration with back office or ERP systems really worth? To assist with this analysis, think of the labor required for each step throughout the order cycle.
With a non-integrated solution, you will need to hire workers to enter orders that come in from your website into your accounting or ERP system. Any customer information that is captured will need to be re-entered as well. This duplicative data-entry is manual and prone to keying errors, which can result in additional cost that is not necessary, and could virtually be eliminated with an integrated, automated solution.
Once an order has been placed on your website and entered into your accounting system, a non-integrated solution will require you to hire workers to manually check inventory and see if the product is available in your warehouse. If an item is backordered, you will need to have workers manually contact the customer to inform them of the delayed shipping date, and hope this bad news does not upset the customer and cause them to cancel or delay their order.
If there is a change in a product’s price or you would like to run a promotion, you will need to have workers manually update items online in your web store as well as in your accounting database for each product or stock keeping unit (SKU). Again, these operations are duplicative, labor intensive and more prone to human-error when using a non-integrated ecommerce system, and the associated cost of each step slowly eats away at your margins. Now imagine these issues with thousands of products and / or customers. The diminishing effects on your ROI can be staggering.
After an order has been fulfilled and shipped to the customer, not having real-time automated tracking numbers and shipping notifications readily available through your web store will prohibit customers from self-managing their orders, and often result in increased call center demands for your non-integrated ecommerce business. This means you will need to hire workers to manually service customers and look up information that could be provided automatically with an integrated ecommerce solution. When you consider this in light of a successful web store, it’s clear this type of inefficient business process could weaken profits if not optimized correctly.
The issues discussed above become exponentially more treacherous the more products and customers you serve with your ecommerce storefront. Managing suppliers, large inventories of items in your warehouse and large numbers of customer records in your CRM is difficult, compared to small scale operations, and often prone to waste and error. Even more challenging is constantly keeping accurate, detailed information available for all product SKU’s and customers in your internal accounting database. Updates using non-integrated solutions will require you to hire workers to make duplicative changes to both your online web store and your ERP system each time something changes with a particular item. Over time, and with large inventories of items, this process becomes costly and further undermines profits. Contact us for a free copy of our latest white paper, Planning for Success: Nodus eStore Solution Stack, An Integrated Ecommerce Solution For Microsoft Dynamics GP.
In business, cash is king. Various factors influence an organization’s ability to collect revenue, however proper cash flow management is essential to supporting and advancing business objectives. It is understood that getting a customer to purchase your product or service is only part of what most consider a successful transaction. Getting them to pay in a timely manner, and feel satisfied, changes everything. So what can you do to facilitate timely payments and enhance customer satisfaction? Consider the following suggestions:
- Take advantage of available technology. Paper bills are a dying breed. Not only are they more costly, less efficient and worse for the environment, but they often get lost, take longer to process, and don’t provide much convenience for businesses or customers.
In lieu of paper bills, consider offering customers the ability to view and pay their bills online. This technique is less costly, more efficient and eco-friendly. It allows for your customers to receive billing statements immediately, and with tracking options, you can actually verify a successful receipt – down to the exact day and time. Once customers receive an electronic bill, they can log on to your website or payment link and self-enter their payment details – which reduces the errors and risk often associated with manual data entry. In fact, with the right technology you can ensure no sensitive data ever hits your servers – which greatly reduces your liability and simplifies your scope of PCI compliance. Plus, with popular features like “Auto-Pay,” your customers can schedule timely payment submissions, and essentially forget about them. Reconciliation becomes easier and less labor intensive since electronic records can be drawn and filtered daily. In sum, online bill payment promotes better cash management, lower administrative overhead, reduced postage and printing, and fewer number of delinquent accounts.
- Use a CRM that can accept payments. In addition to offering online bill presentment, recording all interactions with customers is a must. When an account is past due, and a payment has not been received in a reasonable period, you should contact your customer to discuss payment using a CRM that can accept payments. While this is often done by mail or email, a phone call will engage your customer the most and allow them to specify details of their situation, and possibly, even make a payment right over the phone.
Regardless of which approach you take, you should be sure to log the details of each contact so you or other departments can make informed decisions in the future. Keep notes on when follow-up communications were sent and record your customers’ responses to these follow-ups. This will allow you or your employees to schedule subsequent follow-ups more effectively, and use prior information supplied by your customer to judge an appropriate course of action. For example, if the customer was not satisfied and is planning on returning a product or if a customer promised to pay a late invoice in 3 weeks and 5 weeks have passed – you or your team can reference their prior comments in any follow-up discussions, and subsequent resolution process. With the right technology, your customer service representatives or accounts receivable department can take payment from a customer over the phone without leaving the CRM environment. Those payments can be drawn from a customer’s e-wallet on file, automatically integrated with back office systems, and processed immediately in real-time, or later, in a delayed batch. This makes it easier and more efficient to receive payments, while logging or reviewing notes of a customer’s situation. It also will make your customer feel more satisfied when dealing with a representative that has detailed knowledge of prior interactions, and who can expedite payment processing in a fast, efficient manner. For additional assistance with streamlining accounts receivable or electronic payment processing please contact Nodus Technologies or sign up for our free webinar. Call 909 – 482-4701 or email email@example.com