Mercury Payment Systems... anyone else getting jacked these NEW "Fees"?

So I just recieved last months statment and I got hit with a “$169.00 Data Security Fee”…

Then when I logged into my account to take a look, theres a new message saying:
“Beginning May 2015, merchants will be assessed a Regulatory Compliance Fee of $79.50 on a semi-annual basis (i.e., twice per year).”

WHAT are these new fees, anyone else getting jacked with these? I Had MPS a couple of years ago and never had these pop up out of no where.

I have them too and saw this fee yesterday. Absolutely ridicules in my opinion! $169 just like that. I’m feeling ripped off as it is with all this other ambiguous charges but this takes it to another level! Got to start exploring other options!

This fee is charged to merchants that have not given their verification of PCI compliance to the processor. Part of a merchant’s responsibility for PCI compliance is completing a Self Assessment Questionnaire (SAQ) and having their network scanned externally for vulnerabilities like remote access software that will allow a hacker into their network and computers. This applies to every merchant, not just to those working with Mercury. This probably has not caught your attention because you haven’t been charged for not having it before now. It has been a requirement in the PCI security program for years. Unfortunately it’s left to the processors to enforce the requirement.

I believe that if you complete the SAQ and the required external network scans that you will not be charged the fee. Mercury works with Coalfire Systems to help you get this completed and you are free to work with any other security assessor if prefer to do so. You should verify this with Mercury before you decide what to do.

PCI compliance is a pain but if you’re doing something that could allow access to credit card data it’s better to know now and fix the problem. A credit card data breach could erase years of hard work and put you out of business instantly.

If you plan to change processors be sure to ask whether or not they will require completion of the SAQ and network scans.

You can get more information here: https://www.pcisecuritystandards.org/merchants/self_assessment_form.php

Okay, So how do we initially implement this with mercury to avoid these charges?

Go back in time with what you know now …

[INDENT]“Okay, So how do we initially implement this with mercury to avoid these charges?”[/INDENT]

The best way is to contact Mercury (or any other processor for that matter), ask what they require from you for PCI compliance and get it done. You can use the assessor recommended by the processor or any other “Qualified Security Assessor” you find on the pcisecuritystandards.org web site: https://www.pcisecuritystandards.org/approved_companies_providers/qualified_security_assessors.php

This industry infuriates me! Its full of hidden fees and shady characters. If your lucky enough to have a very trusted friend in the business that has transparency , then and only then do you have shot of being treated fairly

I’ve had my fair share of run ins with bad processing deals, first as an ecommerce administrator, later as a restaurant owner, and now I run into bad deals every day.
It’s the old ‘slight of hand’, ‘bait and hide’ trick we grew up hearing about, but now it’s showing its ugly face.
Anyone seen this: www.MerchantBillOfRights.org ?

Sent from my iPhone using Tapatalk

I’ve been using Square and Paypal readers at my other shop… attached the device to the tablet or smart phone and process it right there. No hidden fees or any other bull… they just take their 2.9% and deposit the rest into the account. Done.

My big thing was the Mercury has a Loyatly program… but as that entire program declines theres no real point in sticking around with them now.

Yeah, keep an eye open for what square may pull, I used them, but after several months they started pressuring me to add my personal SSN to the contract, (my Biz is an S-Corp, my personal SSN never gets used on corporate forms)
I quit them when I found an overcharge on a customers card by one of our cashiers, I tried to get a partial refund processed through them. A full week of canned responses to my inquiries before I got a response that addressed my issue, But by that time, I was told it was too late to do a refund, and if I would’ve contacted them earlier, they may have done it.
I did like their next day deposits though, but not worth the other hassles

If your processing with Mercury I encourage you to check out the following program:
Mercury Secure Assist
http://www.mercurypay.com/pci-compliance-breach-assistance

It is a joint venture between Mercury Payment Systems and Trustwave, there are small monthly payments, but you receive the following main benefits.

  1. Trustwave runs vulnerability scans of your system
    Perform external network vulnerability scans at least once per quarter to monitor internet facing IP addresses.
  2. You fill out a yearly SAQ (PCI compliance Self Assessment Question-air) that also helps you develop policies and change your current habits to get your site PCI compliant.
  3. Once you successfully pass the vulnerability scans and the SAQ, you are given 100,000 in Breech insurance.
    Rest easy with up to $100,000 in Breach Assistance for certain costs associated with a data breach.

When you join/participate the the Mercury Secure Assist program the 160.00 yearly fee goes away. On top of that you are given a huge set of tools to protect your establishment and breech insurance.

I want to point out that this “PCI Compliance Fee” is not something that “Just Mercury” does, this is pretty common to the industry. No matter where you go there are built in costs from some angle to keep the processor alive. There are many ways to look at it Mercury, but I look at it from these angles:

  1. get a quote from another processor, take it to Mercury at any time, and they will match it. I have never had an instance where Mercury could not match a processing quote.
  2. Mercury has (in my opinion) THE BEST customer support team in the industry, you call 24/7 and they are friendly, responsive and knowledgeable. In addition often (if your using a dealer for your POS software) you will be able to call your dealer directly for any credit card related issues instead of going through Mercury.
  3. Mercury has a long and strong history, I know many are square fans but I urge you to check out the following articles:
    http://www.forbes.com/sites/stevenbertoni/2014/04/21/why-square-needs-to-sell-itself-and-do-it-quickly/
    http://www.fastcompany.com/3033412/internet-of-things/back-to-square-one
  4. Mercury is (beyond any other processor I know of) integrated into hundreds of POS systems, saving you the hassle and cost of dealing with Middle-ware software.
  5. Mercury has amazing up time, since we have been working with them 5 years ago they have had less than 8 hours of downtime, that is pretty amazing for the industry.

**Disclaimer: I am a POS dealer, 75% of our customers use mercury, We use Merucry too and don’t blink an eye at the cost, we are very happy.

I’ve been getting the pci compliance email for a few months now, I think this thread will encourage me to stop ignoring it.