The Green Sheet Online Edition
August 23, 2010 • Issue 10:08:02
iPhone terminal with gateways galore
Though the July 1, 2010, deadline for complying with the newest Payment Application (PA) Data Security Standard (DSS) has passed, many merchants continue to buy and use equipment that isn't up to par, according to Randy Palermo, President of Rapadev LLC. Among the applications that are certified on the PA DSS is Rapadev's iPay POS terminal for the Apple Inc. iPhone.
"You have to follow all the requirement guidelines about information on the device, masking information and having a security system, and we've had that since day one, but now it's officially been tested and gotten the stamp," Palermo said.
According to Palermo, some payment apps available through Apple's App Store are not PA DSS compliant. "It's become a really unregulated app store with all these credit card terminal programs," he said. "And these merchants need to understand if they're using an app that's not PA DSS-certified and there's fraud ... they could potentially be liable."
Also on the security front, iPay can be used with IDTech's iMag mobile card reader, which attaches to the iPhone for swipe transactions to enhance security and lower interchange. With or without the reader, iPay allows buyers to conduct signature transactions using their fingers to sign, Palermo noted.
Many gateway partners
The product connects to a long and growing list of gateways, including certain ones in Canada and Europe. Among them are Authorize.Net, Network Merchants Inc., Ogone, Affinity Payments (doing business as PayLeap), PayJunction, RedFin and Skipjack Financial Services Inc. Palermo said iPay is programmed to connect quickly and seamlessly with different gateways and that it will continue to add new partners.
"I just search gateways that have development APIs [application programming interfaces] and I get their API and I write code and integrate with it," Palermo said. "I kind of have a plug-in architecture to my software where it's easier for me to add gateways. Just give me your API, and I'll add you."
Palermo said iPay has three separate databases for entering information related to purchasing. One is designed for purchasing information related to customers, another is for shipping locations and a third is for inventory. Merchants can use those databases to call up existing purchasing data and auto-populate different fields, thus avoiding the hassle of manually entering the same data multiple times.
"Anytime you start your transactions you can go to your customer databases and say, 'I want this customer,' and it populates the field; or 'I'm selling this item,' and it populates the field; or 'I'm shipping to this location,' and it populates the field," Palermo said. "So it can populate all the fields you'd normally fill in manually before you transmit a transaction."
Palermo added that iPay authenticates transaction information while it's entered, rather than after it's transmitted for processing. With the first keystroke the program begins the authentication process, so the merchant knows if a card number is valid even before submitting the transaction.
Palermo said users of iPay have the option of buying the program outright or just buying individual transactions, like adding minutes to a cell phone. The initial download is free, and the user also gets unlimited test transactions and 10 free official transactions before any charges roll in. "That way, you can decide if you want to buy more [transactions] or just buy the program," Palermo said.
Palermo added that Rapadev is preparing to launch its own private-label gateway for use with iPay.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.