Is BNPL an option for your business?

One of the merchant service trends you may have seen popping up all over the place lately is the process of spreading payments for products and services over a longer period of time. Though it’s not for everyone, “buy now, pay later,” or BNPL, is an idea whose time has come of age for many merchants and your customers.

According to the industry news website, “BNPL is now a growth industry worth more than $125 billion, with projections to grow to $3.3 trillion by 2030,” fueled by consumer awareness of the payment option, economic pressures, and aversion to high-interest rates associated with other credit products.

Many BNPL users see it as a budgeting tool with an opportunity to avoid interest payments. Under this system, the BNPL provider places a hold against an existing credit card for the full amount, but only charges the installment payments, reducing the hold as the payments are made. This approach removes the need for credit checks and can shorten the BNPL application process while permitting consumers to benefit from the high credit limits they have earned without the downside of interest payments and high APR.

If you’re a merchant in a service industry – e.g., auto repair, HVAC, IT, CPA firms, legal services, medical or dental services – you could be losing out on customers who delay using your services because of high cost. BNPL might just be the ideal solution to bring those customers back to the table.

Pay-over-time financing allows service professionals to get paid upfront and in full while helping your clients manage their expenses. You’ll spend less on collections and close faster with prospects.

Commonwealth Consulting Group has the resources right now to help service industry clients get set up right away to easily accept BNPL, along with ACH/eChecks, credit cards, and financing plans all through a simple, secure, and easy-to-use payment portal. Talk to your sales rep for more details or call us at 800-866-3944.

It's Time for Your Credit Card Terminal to Spring Ahead!

Daylight saving time begins at 2 a.m. on Sunday, March 13, 2022. That means it’s almost time for you to change the time on your credit card terminal, unless your terminal is in the PAX-A series and automatically updates the time.
You need to be sure the time is correct for a couple of very good reasons. First, the time stamp matters for authorization codes. If the time that is being sent to the processor is different than the actual time you may get chargebacks.
Second, the auto-settle feature determines how quickly your account gets its funding. If your terminal is off by an hour, you could miss the cutoff time for funding which would delay your deposit by a business day.
To help you change the time on your terminal, we have recorded video instructions for the three most popular credit card terminals in use by CCG business partners. If you have additional questions after watching the video for your terminal, please be sure to call us for additional assistance at 800-866-3944.
Here’s a Tip: Daylight Saving Time is also a great time to change the batteries in any smoke detectors and carbon dioxide detectors that aren’t hard-wired!

How to reset the time of day on the Dejavoo Z8 credit card processing terminal.
  • Press the green “Enter” button
  • Use the arrow to scroll down to “Utility”
  • Press the green “Enter” button
  • Enter the password: 1-2-3-4
  • Press the green “Enter” button
  • Choose “Settings” using the green “Enter” button
  • Choose “Date/Time” using the green “Enter” button
  • If the current date is correct, press the green “Enter” button
  • Use the keypad to adjust the time
  • Press red “X” button until you return to regular sales screen

How to reset the time of day on the PAX-S80 credit card processing terminal.
  • Press the “Menu” button
  • Choose Option 5 for “System Settings”
  • Choose Option 1 for Date/Time
  • Enter the date
  • Press green “Enter” button
  • Enter the time
  • Press green “Enter” button
  • Press red “X” button until you return to regular sales screen

How to reset the time of day on the Verifone VX520 credit card processing terminal.
  • Press green “Enter” button
  • Select “Setup” (F2)
  • Enter password: 1-Alpha-Alpha-6-6-8-3-1
  • Green “Enter” button
  • Press “More” Key until you get to “Date/Time”
  • Select the Date and Time
  • As long as the date is correct, press the green “Enter” button to bypass it.
  • Put in the time
  • Press the green “Enter” button
  • Press the red “X” until you return to the regular sales screen.
NOTE: If you are making this update after 12 o’clock, it needs to be in military time (that is, 1 o’clock will be 1300, 2 o’clock will be 1400, etc.)

Help! My E-Commerce Site is Attracting Fraudsters!

Increasingly, we're being asked by our clients for help in protecting their e-commerce sites from hackers. One constant that repeats in these attacks is the use of bots to quickly rotate through a list of stolen credit card numbers until the bot finds one or more that are active and have not yet been reported as stolen. As a result, we've come up with a standard list of recommendations that clients can use to add one or more layers of protection to their sites.


You've no doubt come in contact with CAPTCHA before in your own online transactions. CAPTCHA is an acronym for Completely Automated Public Turing test to tell Computers and Humans Apart. Put another way, it's a simple challenge that bots can't solve but real humans can easily figure out. If you want to keep bots away from your login, registration, and other important pages while allowing your customers to proceed in confidence, adding CAPTCHA is a good idea.

CAPTCHA is available in a number of different varieties, some more secure than others. The most common and widely used is the Image CAPTCHA where users have to choose the right image box(es), such as those that contain a traffic light.

Another that you've likely used is the Text CAPTCHA where you need to enter and submit the letters or word shown to continue. If the letters are entered incorrectly, the system will not advance and a new set of letters will be shown.

Audio CAPTCHA is a more secure, but less common variety that requires the user to listen to an audio file then enter and submit the words or numbers they hear. The most challenging and most secure form is the Math CAPTCHA where users need to solve a simple calculation in order to continue.

Add a Card Velocity Filter

Card velocity checking is a process that lets you recognize patterns of normal use and those that may indicate fraud. For example, if a single customers places multiple orders in a single day, it may not be unusual but a velocity checking filter would allow you to set the number of transactions allowed on any given day or alert you to call or email a customers to confirm that they actually placed multiple orders before processing payment.

Add Address Verification Service (AVS) and Card Verification Value (CVV)

AVS and CVV are systems that check the address and numerical code information provided by the customer against the information on file with the bank or credit card company that issued the card. AVS and CVV are additional obstacles for a fraudster to get past, but they're best when used in combination with other methods of fraud detection.

Add Transport Layer Security (TLS) Certificate

TLS is a security protocol for transmitting data online to facilitate end-to-end communications and online transactions. It ensures encrypting of data for communicating between web-based applications and servers. A TLS certificate is a kind of digital certificate (or public key certificate/ identity certificate) issued by the Certificate Authority. The certifying authority authenticates the certificate by signing it, certifying that it belongs to a particular domain name which is the subject of the certificate. A TLS certificate consists of a public key and a private key that interacts behind the scenes during the transactions. They ensure secure encryption when someone visits a website.

You can rely on your Commonwealth Consulting Group representative if you need help adding one or more of the above security features. Just give us a call and we'll be happy to assist you!

What is a non-cash adjustment and is it right for my business?

Right about now, you’re probably thinking, “Hey, wait a minute. Haven’t they already written to me about non-cash adjustments (cash discounting) before? Why are they writing about it again?” The reason is simple. The past two years have been brutal for many of our merchant partners, and a number of them have turned to cash discounting as a way of reducing their credit card processing costs with very favorable results. A number of other partners are starting to inquire about how to go about setting up a cash discounting program as we prepare to enter another new year, so let’s go over this one more time.

What is a cash discount program?
A cash discount is when a business offers a discount to customers who pay by cash or check, instead of with a credit or debit card. The business owner adds a customizable service fee to all credit and debit card transactions, and then rewards customers who pay by cash or check by giving them a discount. Cash discount programs are on the rise because they can offset payment processing costs for business owners, and because experience has demonstrated that those who have implemented these discounts have seen virtually no negative reactions from their customers.

Is a cash discount program the right choice for my business?
More and more of our merchant partners are opting to offer a cash discount, but is it the right choice for you? If you offer a cash discount, you are likely to see more purchases made with cash or check as opposed to credit or debit card, so you’ll see a sizable reduction in your credit card processing fees. That doesn’t mean cash is free, of course. It will cost you time or money to count the cash and take it to the bank. Small businesses can also be susceptible to theft of cash by employees. In addition, a number of studies have shown that customers who pay with credit cards spend more money, so you may not want to motivate customers to use cash rather than card or check.

Can I offer the cash discount program in my state?
Yes, the cash discount program is available in all fifty states.

Is cash discounting the same as a surcharge?
No. People sometimes confuse cash discounting with surcharging but they are not the same. A cash discount is a reduced price paid by customers who use cash or check rather than a credit or debit card. A surcharge is an extra charge that applies to customers who pay with a credit card rather than other forms of payment, including debit cards, cash and check. Many states – California, Colorado, Connecticut, Florida, Kansas, Maine Massachusetts, New York, Oklahoma, and Texas, plus the U.S. territory of Puerto Rich – do not permit a surcharge.

“A cash discount is a reduced price paid by customers who use cash or check rather than a credit or debit card. A surcharge is an extra charge that applies to customers who pay with a credit card  rather than other forms of payment, including debit cards, cash and check.”

How do I implement a cash discount program?
There are a number of guidelines that must be followed by merchants participating in a non-cash adjustment program, but that’s where we come in. Our technology allows this to happen and keeps you within the guidelines of Visa, Mastercard, and processor regulations. You’ll need a credit card terminal that is pre-programmed with cash discount processing. Next, you’ll need to notify your customers of the service fee as well as the cash discount. We can provide you with signage to help you provide notification at all entrances and points of sale.

Ready to take the next step?
Is a cash discount program right for your business? That depends on many factors, as discussed in this blog post. But if you’re ready to take the next step, we’d like to invite you to learn more about how we can help you get started. Just contact your Commonwealth representative or call us at 800-866-3944 and we'll be happy to answer any questions you may have.

If it's good enough for Gillette Stadium, it should be great for your business!

Think you can’t run your business end-to-end on a handheld device? Think again.

Our Flex system from Clover is a full-fledged point of service terminal and business management system, the ideal all-in-one device that offers built-in capabilities to accept payments, conduct business, and track sales all from the palm of your hand. We were at Gillette Stadium over the weekend and we were impressed to see this hand-held unit in use throughout the park.

With Flex, your customers can pay how they want to pay. Swipe, dip, or tap. Credit or debit. NFC payments including Apple Pay, Google Pay, WeChat Pay, Alipay, and more. Flex comes ready for Rapid Deposit so you get your money faster, and you pay the same low rates for all cards, including AMEX and rewards cards.

Concerned about security? Flex protects your business and customer information with end-to-end encryption and data tokenization, integrated EMV chip sensors, and fingerprint logins.

What’s more, Flex helps you keep your inventory up-to-date with categories, labels, modifiers, and variants so you stay organized.

It’s everything your business needs in one simple, smart, reliable device. You can start taking orders straight out of the box with minimal set-up and training. But not to worry, we’re here to help you with everything from setting up to troubleshooting.

It may be handheld, but Flex gives you the same raw power as larger devices to configure your business the way you need to run it. Wi-Fi and LTE connectivity and a lithium-ion battery give you no-fail redundancy, and since you’re in the cloud, your business travels with you everywhere. All your data, all your info, always at your fingertips.

Have we sparked your interest? Give us a call and we’ll be happy to get you started.

It's Time to Protect Your Business from Growing E-Commerce Fraud

The Covid-19 pandemic of the past year created an increase in the number of online customers as business owners closed, or limited access to their brick and mortar locations and migrated online, sometimes just to survive.

To no one’s surprise, the surge in online activity was accompanied by a major increase in the amount of e-commerce fraud. A recent study from Juniper Research* predicts those losses will total $20 billion in 2021, an 18% increase over fraud-related losses in 2020.

Cyber attackers acquire credit card information along with credentials and go on a shopping spree that costs merchants thousands in lost merchandise and chargeback fees when the order is later marked as fraud.

Here at Commonwealth Consulting Group, we’ve seen local reports of businesses experiencing as many as 150,000 - 300,000 transactions an hour in fraudulent sales resulting from automated threat actors using batches of stolen credit cards.

It's Time for Increased Security Measures

We’d like to urge our clients to work with your website developer to re-evaluate your e-commerce security, determine where you might be most vulnerable, and consider adding one or more extra layers of security checks to your payment platform.

One such security measure would be a CAPTCHA test (see below) that helps your e-commerce platform distinguish between real customers and computer BOTS, such as Google reCAPTCHA, or a WordPress CAPTCHA plugin.

What is Captcha?

A CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is a type of challenge–response test used on a variety of websites that want to verify that the user is not a robot. The most common type of CAPTCHA requires someone to correctly evaluate and enter a sequence of letters or numbers perceptible in a distorted image displayed on their screen. The CAPTCHA test helps identify which users are real human beings and which ones are computer programs or BOTS. CAPTCHA works because computers can create a distorted image and process a response, but they can't read or solve the problem the way a human must to pass the test.

Fraud Filters Can Help Protect Your Business

There are many other types of fraud filters you can set up, but some of the more common ones include:

• A daily or hourly velocity filter that controls how many sales may be submitted to your website over a certain period of time. This helps prevent fraudsters from testing credit card numbers after purchasing lists of stolen cards.
• An address verification system (AVS) where you set your fraud filters to decline or require review for orders where the billing and shipping addresses don’t match.
• A card verification value (CVV) filter that looks for discrepancies between a card’s CVV number and the one entered during checkout.
• A purchase amount filter that requires you to review all transactions that fall outside a certain range. Since most businesses know their typical transaction size, you can set the filter to alert you when a transaction is higher or lower than this amount.

Clear Messaging Reassures Your Customers

Remember, enhanced security measures are just as important for customer protection as they are for your business. Be sure to include clear messaging to let your customers know why you’ve increased security at checkout. That should go a long way toward preventing cart abandonment while lowering fraud risks.

* Morrow, Susan, and Nick Maynard. “Online Payment Fraud: Emerging Threats, Segment Analysis & Market Forecasts 2021-2025.” Research Report | Fintech & Payments, Juniper Research, 26 Apr. 2021,


Introducing CCGConnect

Commonwealth Consulting Group (CCG) is branching out. We have rolled out a new turnkey solution for software developers called CCGConnect that allows business applications, such as point-of-sale (POS) systems or electronic cash registers ECRs) to integrate in-store (card present) payments.

According to CCG principal, Keith Reardon, “most software companies have to spend a lot of time and resources to implement EMV chip-card transactions into their system. This type of semi-integration and PCI certification can sometimes take months, but with CCGConnect, a software company can copy and paste our coding into their system, pair a terminal, and run a test transaction in under three minutes.”

CCGConnect is delivered in the form of a software development kit (SDK) that bundles everything developers need for the software application to integrate with both current and next-generation payment terminals while remaining outside of PCI-DSS scope. The system also offers cross-border coverage; a single integration can serve merchants in both the United States and Canada.

“By integrating CCGConnect into an application,” says Reardon, “developers can eliminate the lengthy certification processes and get to market faster.” The system offers out-of-the-box connectivity with pre-certified payment terminals and no coding is required when new terminals are added.

Once copied into an application, CCGConnect automates the discovery of semi-integrated payment terminals on a merchant’s local network and establishes any required pairing. After a pairing is established, the SDK is responsible for orchestrating the flow of payment operations between the application and payment terminals. All merchant and cardholder-facing screens are provided.

For more information, click on the Developers tab.

Your Business and PCI Compliance

All businesses that store, process or transmit payment cardholder data must be PCI Compliant. If you accept credit or debit cards as a form of payment, then PCI compliance applies to you.

What is PCI compliance and how does your business comply? The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure environment.

The Payment Card Industry Security Standards Council (PCI SSC) was launched on September 7, 2006 to manage the ongoing evolution of the Payment Card Industry (PCI) security standards with a focus on improving payment account security throughout the transaction process. The PCI DSS is administered and managed by the PCI SSC (, an independent body that was created by the major payment card brands (Visa, MasterCard, American Express, Discover and JCB.). It is important to note that the payment brands and acquirers are responsible for enforcing compliance, not the PCI council.

The PCI Data Security Standard applies to ANY organization, regardless of size or number of transactions, that accepts, transmits or stores any cardholder data.

So what if your business doesn't store your customers' credit card information? You must still be compliant because you process and transmit cardholder data. The storage of card data is risky, so if you don’t store card data, then becoming secure and compliant may be easier.

You might ask whether your website's security certificate satisfies the PCI compliance requirement. SSL certificates do not secure a web server from malicious attacks or intrusions. High assurance SSL certificates provide the first tier of customer security and reassurance such as the below, but there are other steps to achieve PCI compliance.

Commonwealth Consulting Group can provide additional information about PCI compliance and we can help assure that you meet the data security standard.


Don't leave money on the table in the Visa Mastercard Settlement

One thing is certain in the $6.24 billion settlement to provide payments to merchants who accepted Visa and Mastercard at any time from January 1, 2004 to January 25, 2019: if you do not file a claim, you will get no money.

This class action lawsuit is principally about the interchange fees attributable to merchants that accepted Visa or Mastercard credit or debit cards between January 1, 2004 and January 25, 2019, and Visa’s and Mastercard’s rules for merchants that have accepted those cards.

When a cardholder makes a purchase with a credit or debit card, there is an interchange fee attributable to those transactions, which is usually around 1% to 2% of the purchase price.

Interchange fees typically account for the greatest part of the fees paid by merchants for accepting Visa and Mastercard cards. Visa and Mastercard set interchange fee rates for different kinds of transactions and publish them on their websites, usually twice a year.

In a class action, people or businesses sue not only for themselves, but also on behalf of other people or businesses with similar legal claims and interests. Together all of these people or businesses with similar claims and interests form a class, and are class members.

In the Visa and Mastercard class action suit, the Court has not decided which side was right or wrong or if any laws were violated. Instead, both sides agreed to settle the case and avoid the cost and risk of trial and appeals that would follow a trial. In this case, the settlement is the product of extensive negotiations, including mediation before two experienced mediators, chosen by the parties.

Settling this case allows class members to receive payments. You are a member of the class action and entitled to receive payment that is proportionate to the volume of interchange fees you paid between January 1, 2004 and January 25, 2019, but only if you file a claim.

As of today, the Court has still set no deadline for filing, but one is surely on the horizon. If you have taken no action to guarantee your participation in this class action suit, Commonwealth Consulting Group cannot file a claim for you, but our partners at Financial Recovery Strategies (FRS) can. What CCG can do, especially if you’ve been our client for quite a while, is to help you assemble all of the information you need to provide to FRS in order to file your claim.

Meet our partner, Financial Recovery Strategies
Although CCG is not permitted to file your claim on your behalf, you may retain the services of our partner, Financial Recovery Strategies (FRS) to help manage your claim and assist in getting back the money you overpaid. FRS is a class action recovery and cost savings firm that specializes in, among other services, class action settlement claims recovery; they are not a court-appointed claims administrator or class counsel. As such, FRS is paid on an agreed-upon contingent-fee basis only upon and from the recoveries they obtain.

How do I retain FRS to help manage my claim?
If you would like to engage Financial Recovery Services, please visit their dedicated portal by CLICKING HERE FOR THE ONLINE AGREEMENT. On that web portal, you may retain FRS by first completing the required fields and submitting the form. This will generate an email with an agreement and an authorization to file your claim. Both of these documents may be signed electronically. FRS will then work with Commonwealth Consulting Group to submit the required documents and information to obtain your recovery.

Note: After you click “Submit” on your online form, you will receive an email from Harris Love, EVP at FRS within moments. If you do not receive the email, please check your SPAM or Junk Mail folder and it should be there to finalize the process.

Do I have to use FRS to file my claim?
No. Class members have the right to file on their own. You should have received an official claim notice in the mail with details about how to register for your settlement. If you didn’t receive your notice, or if you moved your business to a new location, you may request a new notice by submitting a form HERE.

This should pretty much sum it up for you, but if you’d like to go straight to the source for additional information, please use the links below.

Helpful Links:

Settlement Website
Official FAQ
Official Notice

Note: No claim forms are available at this time, and no claim filing deadline has been set. Class members have the right to file on their own. No-cost assistance will be available from the Class Administrator and Class Counsel during the claims-filing period. As set forth in FRS’s Class Action Summary, FRS believes that it provides services that could increase a class member’s potential recovery and that are unlikely to be provided by the Class Administrator or Class Counsel. For additional information, class members can visit the court-approved website at, or contact Class Counsel or the Class Administrator.

Safe Methods for Cleaning Your ATM and Credit Card Terminal

We’ve been hearing reports from some of our customers about the increased involvement of local boards of health and state health agencies in requiring cleaning of ATM and credit card terminal keypads between sales, so we wanted to offer some thoughts about the most effective way to go about meeting these requirements. If you haven’t already done so, we suggest that you visit the Center for Disease Control and Prevention (CDCP) for updated guidance for core disinfection/cleaning, disinfection of electronics, cleaning and disinfection of soft (porous) surfaces, and the timing of disinfection after a suspected/confirmed COVID-19 case.

Cleaning Best Practices

The recommended best practice to prevent COVID-19 and other viral illnesses in public areas and commonly used surfaces includes cleaning the area of any visible dirt followed by a thorough wipe down with a disinfectant.

But, remember that your ATM and credit card terminal don't take well to moisture. CCG can steer you to products, such as keypad covers, and sanitizers that take easily to repeated cleanings without damaging the inner workings of your machine.

Recommended ATM Cleaning Procedures - VIEW THIS VIDEO

ATM Cleaning DO's:

DO: wear protective gloves when cleaning ATMs.
DO: apply 70% isopropyl alcohol to a cotton or non-abrasive microfiber towel then wipe ATM screens. Follow up with a dry towel to remove streaks.
DO: clean the ATM fascia and keypad with disinfectant wipes or spray, or 70% isopropyl alcohol.
DO: apply disinfectant spray or 70% isopropyl alcohol on a microfiber towel or non-abrasive pad first, when using in place of disinfectant wipes, then wipe down the keypad and fascia.
DO: make sure cloth is damp with cleanser before cleaning.

ATM Cleaning DONT'S:

DON'T: apply 70% isopropyl alcohol directly onto the ATM screen - always apply to non-abrasive cloth or pad first.
DON'T: spray cleaners or 70% isopropyl alcohol directly onto any part of the ATM.
DON'T: power down ATMs first before cleaning, it is safe to leave them powered on during cleaning process.
DON'T: spray or apply 70% isopropyl alcohol directly on keypad - it will gradually weaken the plastic.
DON'T: soak cleaning cloths with cleanser before wiping down ATM.

Privacy Preference Center