Significant changes are coming to how credit cards are managed in Control.

On December 31st 2016, all versions of Control before 6.0 will STOP being able to process credit card payments.

To CONTINUE to use credit cards within Control, you must:

  1. Enroll with FreedomPay through Capital Q
  2. Upgrade to Control 6 before the end of the year

The credit card interface in Control 6.0 was completely re-done. The change was brought about by a change in the PCI requirements regarding the type of encryption that is allowed. Control's current connection to Elavon, written a few years back, used the then-current encryption standard. The PCI council has increased the requirements for encryption technology, requiring Cyrious to update our connection technology. Any interface still using the old encryption technology will be rejected at the start of 2017.

This was “why” we made the change. The good news is that, in addition to the above, we made several other improvements along the way.

A summary of the changes with credit card processing in Control 6.0 are shown below.

Less Risk

1. No Local Storage of Credit Cards!

2. Lower PCI Security Requirements for some

Enhanced Features

3. Online Payments for Customers

4. Simpler Payment Interface

5. Level 2 and Level 3 Support

6. Authorize and Capture Support

7. No Forced Password Changes

Pricing Changes

8. New Monthly Pricing

Other Changes

9. Automatic Daily Settlement

10. Credit Card Viewing Removed

As you can see, there are a lot of changes. In fact, the entire credit card engine in Control was gutted and completely recreated. The basic interface will be familiar, but we think you'll find the whole process even smoother than before.

Cyrious Control 5.x is PCI approved and sensitive credit card information is triply-encrypted. We have never had a Control user's database of card information compromised. Nevertheless, many business owners told us they were uneasy having the credit card information on their computers.

No Local Storage of Credit Cards

In Control 6.0, no sensitive credit card information is stored in your database. Instead, the card information is stored in FreedomPay's vault. FreedomPay gives Control a "token" (or key) that can be used to charge on that credit card. But here's the catch for potential thieves - that token can only be used to run the card for your account. It is useless for anyone else.

Lower PCI Security Requirements for most

And since your computer is no longer storing sensitive credit card information, some users will see the arduous PCI paperwork considerably reduced. Instead of having to comply with SAQ-D (or face monthly charges for non-compliance), most users should only need to complete and comply with SAQ-C.

Integration with Control Online Payments

The change in credit card processing ties into one of Control's popular, new features - [[cloud_payment_system_online_payments|Online Payments]]. When you are signed up for credit card processing with Control 6.0, you are automatically able to use the Online Payments feature, which allows your customers to easily pay their invoices through a secure website.

New Payment Interface means Simpler Screens!

All interfaces related to payments have been completely redesigned with a cleaner, more modern look that’s also easier to use. By changing the layout of your payment options, you’ll quickly notice when a customer has available customer credit and/or multiple credit cards on file.

Level 2 and Level 3 Support

The new integration with FreedomPay allows Control to transfer more data needed for credit card transactions to qualify for Level 2 or Level 3 processing rates. More data transferred means you are likely to pay lower credit card processing rates.

Support for Authorize-Only and Capture Later

In Control 6.0, you’ll be able to authorize a customer’s credit card [[https://en.wikipedia.org/wiki/Authorization_hold|(pre-auth)]] for the balance of an order prior to invoicing the customer. When you’re ready to run their credit card at a later time, the payment will be processed and the authorization hold will be removed.

No More Forced Password Changes!

Since credit cards won’t be stored in Control any longer, the strict password requirements put in place for Control to be PCI compliant are no longer needed. That means no more changing passwords every 90 days, no more complex passwords, and no more getting locked out of Control for 30 minutes.

The fees for using the credit card changes with Control 6.0. If you don't plan to use the Online Payments feature for your customers to pay their invoices online, then select the Basic package. Otherwise, think about how many online transactions you'll have and choose the best package for your use.

Basic Package.

The basic package provides the gateway connection for Control and for your customers to Pay Online for $19.95/month. There is a $0.64 charges each time a customer successfully pays online. (There are no charges when a customer attempt fails.) A $0.10 charge applies for each payment attempt, void, or validating a card within Control.

Plus Package.

The plus package is for users that want to rely more on Online Payments for their customers' to pay invoices. The Plus package includes the gateway and 75 successful Online Payments for $59.95/month. There is a $0.34 charges each time a customer successfully pays online after the 75th. An $0.08 charge applies for each payment attempt, void, or validating a card within Control.

Enterprise Package.

The Enterprise Package is for heavier volume users. The Enterprise Package includes the gateway and 200 successful Online Payments for $99.95/month. There is a $0.18 charges each time a customer successfully pays online after the 200th. A $0.06 charge applies for each payment attempt, void, or validating a card within Control.

Gateway and transaction charges are separate from the assessments levied by the credit card providers (Visa, Amex, etc.).

View Credit Cards

View the card information on file. Once tokenized, there is no way to view the unencrypted information.

Payments to Credit

Control 6.0 does not support running customer’s credit cards except for existing orders. Payments may not be made directly to a customer credit account.

Voice Auth/Force

Control 6.0 no longer allows you to force a transaction using an authorization supplied by a merchant processor.

Store Cards without Merchant Account

The only mechanism to store credit cards in the system is to use the integrated credit card processing. Since a credit card cannot be viewed after it is entered, it is also not possible to store/use a card except through the integrated processing.

If you are using integrated credit card processing within Control, please fill out the form on this website: capitalq.com/cyrious

Edwin Moore at Capital Q will contact you shortly after filling out the form.

If you have any questions, please email mailto:creditcardchanges@cyrious.com or mailto:ermoore@capitalq.com.

Contributor: Cyrious Software

Date: 09/26/2016

Version: Control 6.0

You could leave a comment if you were logged in.