PCI Compliance

Credit Card Security

For non-technical managers, the processing of credit cards can be a mysterious subject (lots of technical buzz words) and it is almost impossible to get a high level of satisfaction that electronic credit card processing is indeed fully secure. Hence, we feel that most managers will find it highly desirable to move to the out-of-scope solution for electronic credit card processing.

OUT-OF-SCOPE - Eliminate Complexity and Cost

Out-of-scope means that you do not store or transmit credit card data electronically. To be out-of-scope the software must not record the credit card number in the system. The credit card information must be entered on the secure payment gateway’s site and not in the database or in web pages managed by you or driven by MemberMax.

When the system gets to the point of credit card entry, your customer will be taken directly to the certified compliant payment gateway and enter the card number on that system. MemberMax will get back a transaction ID and authorization code and the card type. The transaction ID is used by MemberMax for further processing. The system can void unsettled transactions and reverse settled transactions using that ID number. The transaction ID is provided on the customer’s receipt so that all parties have a common reference for looking up any transaction.

More on Credit Card Processing...

All transactions submitted on the web will be out-of-scope and will be pre-authorized. If the transaction takes place immediately (slam dunk), then the capture of the money will occur immediately. If it is a ″pending review″ order then it will be preauthorized but the money will not be captured until the staff processes the transaction (MemberMax uses the transaction ID to process). If the card is declined, the system allows them to enter a different card. Unauthorized credit card transactions will be rejected so there is nothing for the staff to worry about.