If you’ve been following this blog, the last two posts have discussed yet another potential consequence of not having your small business PCI compliant. This threat comes from a source you wouldn’t suspect- from within the payment card industry itself. Unethical, immoral merchant processing services prey upon small business owners by utilizing the pervading ignorance out there with regard to PCI compliance. These merchant services make it a practice to dupe business owners into unwittingly signing with a different service, with different rates and poor track records for providing service. By the time the merchant realizes what has happened, usually after they get the first new statement with increased rates, it is too late.
By too late I mean that these companies have a prohibitively expensive ETF or early termination fee, often around $500 or more. When the fraudulent rep was having the merchant sign this and sign that they had the merchant sign something that said they agreed to the ETF amount. Many service providers are telling me that more often than not, even though the merchant had their service changed under false pretense to a company that had to lie and misrepresent themselves from the start, the merchant stays with the fraudulent company. This begs the question: who in their right mind would stay with a lying company that has to trick new customers into signing with them? Well, the fraudulent company’s ETF is the first deterrent.
Even though your signature on the page that includes the fraudulent company’s ETF was obtained dishonestly, it’s hard to prove that the rep lied to you without a recording of the conversation, not to mention, your signature is on the form stating the termination fee. Of course, you could report them to the police stating that you have been the victim of fraud and file a report. Then talk to your bank rep about blocking this service from pulling funds out of your account since they deceived you into taking the service. The police and your bank rep may or may not be able to protect you. No matter what, proving your case and preventing this predatory company from succeeding in their underhanded methods, will be a long, time consuming, possibly expensive and undoubtedly frustrating. For these reasons, merchants take it on the nose and allow these types of companies to continue their nefarious ways. Until everyone takes a stand and actively seeks retribution from these immoral service providers, they will have no reason to discontinue their fraudulent operation.
In the vast majority of situations like the one described above, it was the merchant’s ignorance of PCI compliance requirements that gave the carpetbagger an in. Becoming PCI compliant and, more importantly, knowing whether you are or not, not only protects your business from both cyber criminals, but also closes down a favorite avenue predatory businesses use to generate new accounts.