Thursday, November 21, 2013

GoECart Receives 2013 Connecticut Excellence Award

GoECart is pleased to announce that we have been chosen for the 2013 Connecticut Excellence Award by the Small Business Institute for Excellence in Commerce (SBIEC).

Each year the SBIEC conducts business surveys and industry research to identify companies that have achieved demonstrable success in their local business environment and industry category. This year, GoECart has been recognized for having enhanced the commitment and contribution of small businesses through service to their customers and community.

The SBIEC released a statement saying, "GoECart has consistently demonstrated a high regard for upholding business ethics and company values. This recognition by SBIEC marks a significant achievement as an emerging leader within various competitors and is setting benchmarks that the industry should follow."

Friday, November 15, 2013

Canada Post Teams with GoECart, Improves Shopping Experience for Canadians Buying from U.S. Retailers

GoECart announced a new collaboration with Canada Post that will improve the online shopping experience when Canadians buy from U.S. retailers.

The integration of the Canada Post shipping platform with GoECart's multi-channel eCommerce platform will enable GoECart's U.S.-based retail partners to quickly retrieve shipping rates and times, print shipping labels and track shipments. As a result, Canadian customers will benefit from a transparent, hassle-free shipping and delivery experience when they're shopping online from U.S. retailers.

"Canadian shoppers want an efficient, convenient and seamless end-to-end shopping experience no matter where they shop. Canada Post is serving these customer expectations by simplifying and improving the cross-border online shopping process," says Rene Desmarais, Senior Vice-President, Parcels, at Canada Post.

"Our integration with Canada Post enables GoECart merchants to manage their order fulfillment, shipping and logistics operations in Canada with more confidence, as they are now seamlessly connected to the largest retail postal network in Canada. Shipping to Canada has become as simple as shipping to Texas," says Manish Chowdhary, CEO of GoECart.

Wednesday, November 13, 2013

New PCI Guidelines Go Live Jan. 1, 2014

The PCI Security Standards Council has published version 3.0 of the PCI Data Security Standard and the Payment Application Data Security Standard, both of which go into effect on Jan.1.

Note that version 2.0 will remain active until Dec. 31, 2014, to allow time for merchants to make the transition.

Version 3.0 offers more flexibility and an increased focus on education, awareness and security as a shared responsibility, according to a news release from the Security Standards Council, which stated that “Version 3.0 builds on ... feedback we’ve heard from our community... to help organizations make payment security good business practice — every day, all year round."

New requirements (as summarized by RetailCustomerExperience. com) include:

  • Req. 5.1.2 — evaluate evolving malware threats for any systems not considered to be commonly affected
  • Req. 8.2.3 — combined minimum password complexity and strength requirements into one, and increased flexibility for alternatives
  • Req. 8.5.1 — for service providers with remote access to customer premises, use unique authentication credentials for each customer*
  • Req. 8.6 — where other authentication mechanisms are used (for example, physical or logical security tokens, smart cards, certificates, etc.) these must be linked to an individual account and ensure only the intended user can gain access
  • Req. 9.3 — control physical access to sensitive areas for onsite personnel, including a process to authorize access, and revoke access immediately upon termination
  • Req. 9.9 — protect devices that capture payment card data via direct physical interaction with the card from tampering and substitution*
  • Req. 11.3 and 11.3.4 — implement a methodology for penetration testing; if segmentation is used to isolate the cardholder data environment from other networks, perform penetration tests to verify that the segmentation methods are operational and effective*
  • Req. 11.5.1 — implement a process to respond to any alerts generated by the change-detection mechanism
  • Req. 12.8.5 — maintain information about which PCI DSS requirements are managed by each service provider, and which are managed by the entity
  • Req. 12.9 — for service providers, provide the written, agreement/acknowledgment to their customers as specified at requirement 12.8.2*
*Indicates future dated requirements that are best practices until July 1, 2015.
  • Req. 5.1.5 — payment application developers to verify integrity of source code during the development process
  • Req. 5.1.6 — payment applications to be developed according to industry best practices for secure coding techniques
  • Req. 5.4 — payment application vendors to incorporate versioning methodology for each payment application
  • Req. 5.5 — payment application vendors to incorporate risk assessment techniques into their software development process
  • Req. 7.3 — application vendor to provide release notes for all application updates
  • Req. 10.2.2 — vendors with remote access to customer premises (for example, to provide support/maintenance services) use unique authentication credentials for each customer
  • Req. 14.1 — provide information security and PA-DSS training for vendor personnel with PA-DSS responsibility at least annually
Supporting documentation, including updated self-assessment questionnaires, attestations of compliance and reporting templates, will be available in early 2014 once version 3.0 is effective.

Thursday, November 07, 2013

Merchants struggle to meet multichannel payments needs

Multichannel selling is a reality for a majority of small-to-medium sized merchants, but payment processing capabilities lag far behind, according to a new research study commissioned by SecureNet Payment Systems. The study, conducted in partnership with First Annapolis Consulting, evaluated the degree to which small-to-medium sized merchants conducted business through multiple sales channels, in order to assess not only how the merchants currently process payments, but what needs weren't being met by their payment providers. The research study is available for download at:

More than 60% of merchants surveyed already accept payments in more than one channel, but these merchants are not well served by the payments industry today. A key finding is that in many cases, each new selling channel requires a different payment provider; in fact, 27% percent of merchants surveyed had three or more payment processing software solutions to facilitate payments by channel. Because of the ineffective implementation of a payments strategy through a single, omnichannel payment processing provider, merchants struggle with unnecessarily complicated reporting, complex reconciliation processes and ineffective transaction pricing structures. 
Small businesses identified the two most important issues regarding their multi-channel payments as:
  • Access to reporting that is easy to understand, and
  • The ability to easily understand how cash flows across channels. 
Additionally, nearly 50% of single channel merchants anticipate implementing multi-channel commerce in the next five years. Among single channel merchants contemplating a multi-channel strategy, the three issues ranked most highly (important or very important) were simple technology (49%), easy integration with existing technology (46%), and a single solution for all of the merchant’s payment needs (41%). Lower pricing came in fifth, with 39% of single channel merchants indicating it was important or very important in a multi-channel solution. 
Large multi-channel merchants naturally face different challenges than small merchants:
  • 64% of merchants with sales above $5 million report inventory control as a large or very large issue compared with 35% of small merchants.
  • 45% of large merchants indicated that facilitating a consumer purchase in one channel and a return in another channel was a large or very large issue.
Likewise, large, single-channel merchants have a different set of concerns than their smaller counterparts regarding the implementation of a multi-channel solution:
  • 71% indicated that strong technical support would have great impact on their desire to implement a multi-channel solution versus 38% of small merchants.
  • 57% identified reconciliation tools as being a key to multi-channel commerce versus 27% of small, single channel merchants.
  • Nearly half indicated that integration into the merchant’s other payment solutions would have a very substantial impact on their ability and desire to implement a multi-channel solution.
"This research study confirms that traditional, single channel payment partners are simply not fulfilling the needs of a large segment of American businesses,” said Brent Warrington, CEO, SecureNet Payment Systems. "The successful multichannel SMB will look for not just a payments processor, but a technology partner that can scale with a merchant as business needs change. A truly omnichannel payments solution offers multichannel merchants the most effective way to streamline payments across all channels with improved ease, speed and costs. As merchants demand better solutions, the payments industry will see more widespread change."

Web Analytics