Third, the information systems implications also need to concentrate on how to manage pricing and discounting across product groups and also across payment methods. This is an area where small businesses can gain significant competitive advantage and one that is consistently ignored or not undertaken at all. For the payment card strategies in small businesses to be profitable, information systems, specifically applications, need to be created and managed to ensure optimal pricing is defined for each product, and that gross margins are maximized regardless of the payment card used.
Fourth, information systems in small businesses need to take into account the synchronizing of all available distribution channels, creating a multi-channel management strategy that is integrated to the payment card processing system as well (Goldstucker, Moschis, Stanley, Thomas, 1986). Tracking transactions and margins by channel is one of the main metrics that small businesses use to evaluate their overall selling and marketing performance. Multi-channel management was once a strategy that was available onto to the largest enterprises, yet in the small and medium businesses combining Web-based sales, direct, and indirect selling strategies need to have an accompanying payment card processing platform available for accepting, processing and transferring payments (Stone, Hobbs, Khaleeli, 2002). In one respect payment card processing systems are leveling the playing field of multichannel management, due partially to the development of payment card systems oriented to the small and medium business.
Fifth and most significant, the need for a consistent approach to the security of customer information is critical. This is the area of information systems that intersects the development of the payment card industry standards (Sussman, 2008). The development of database systems that can encode, protect yet create taxonomies of customer data that can be used as the basis of marketing campaigns is a critical component of how information systems can be designed to ensure a payment card system is successfully implemented in a small business. Not only is the security of transaction crit8ifcal, even more critical are the customer records and accumulated purchase activity of small businesses' customers. This type of data is the critical link the small business has with its most loyal and potentially profitable customers. Considerations with regard to the use of information systems for security aren't just relegated to the back office of a small business however; it also has to do with the approaches used for capturing customer data, completing and recording transactions, and the development of plans for ensure a high degree of security compliance across the entire order capture and transaction recording process (Swartz, 2007), There are significant implications in Business-to-Consumer (B2C) commerce for example when payment cards are used over the Internet and the need exists for authenticating the card user's identity and credit worthiness (Chen, Lee, Mayer, 2001). The process workflow that begins with payment and ends with the transaction being verified through the acquiring bank over a credit card network requires that the systems in the small business have secure integration points to the network first, and second, have a sufficiently high level of security at the business itself. On this latter point, the adoption and the Payment Card Industry Standard (Sussman, 2008) has specifically targeted the lack of information systems security in small businesses.
In summary, the information systems impact of implementing a payment card system in a small business is equally balanced between integration of accounting, transaction-based systems on the one hand and the security of the databases that are used for accumulating customer purchasing history and specifics of their purchases. The emergence of standards in these areas specific to security show that to date the value chain of when a transaction first occurs to when it is catalogued or recorded in a database is full of potential security breaches. Sassman (2008) points to these data and identity breaches as the catalyst for security standards becoming progressively more stringent and specific in their requirements.
Legislative and Regulatory Issues
As the card process industry has steadily matured and faced single-digit growth rates (Sun, Tse, 2007), there has been a corresponding consolidation of the overall market. There were mounting concerns of financial institutions not being able to overcome economic fluctuations in addition to a maturing financial services industry forcing a high level of mergers and acquisitions (M&a). Regulating these was the main focus of the Gramm-Leach Bliley Act, which sought to first make mergers and acquisitions in the financial services industry more efficient on the one hand, and more importantly, a transparency and compliance of M&a activity across financial services firms. Compliance is a major requirement of the Sarbanes-Oxley Act (SOX) for example, and within the Gramm-Leach Bliley Act, the requirements of the Financial Privacy Rule, the Safeguards Rule, Pretexting Protection, and definition of the Consumer/Client Privacy Rights. The Gramm-Leach Bliley Act most influences small businesses' use of payment cards has to do with the protecting of customer identities while adhering to credit reporting standards (Moye, 2006). For the small business, this aspect of accepting payment cards forces a high level of information systems expertise and integration to databases, in addition to securing data over time. The Gramm-Leach Bliley Act provided the foundation to stabilize the financial services industry, yet at the same time created a requirement on the part of small business owners to accurately adhere to the requirements of reporting transactions accurately and securely storing their own customer data.
Privacy and Security Concerns
If there is one aspect of any consumer purchasing from a small business, it is the anxiety over their credit card information either being used fraudulently or stolen. it's beyond just using a series of simple processes that card merchants provide; there needs to be an entire series of strategies laid out to protect consumers from having either their credit cards or their entire identities stolen (Wagner, 2007). Small businesses often lack the finances to hire a security expert to be on staff at their companies, so there is a reliance on consultants and card payment providers to address the need for authenticating customer identities to protect a small business from fraud on the one hand while also protecting the consumer's personal information on the other. For the small business owner, the liabilities of not providing a consistently high level of security can be severe, which in turn force a higher level of urgency on making sure the entire process of taking orders by payment card and fulfilling them are as secure as possible. Relying on social security numbers purely for validation of identity is, from the small business persons' perspective, a method by which they can prevent fraudulent ordering. Yet the development of security processes and systems in small business to ensure this information stays private and encrypted is critical for the long-term viability of any small business.
Kuo Lane Chen, Huei Lee, Bradley W. Mayer. (2001). The impact of security control on business-to-consumer electronic commerce. Human Systems Management, 20(2), 139-147. Retrieved April 4, 2008, from ABI/INFORM Global database. (Document ID: 81058919).
Goldstucker, Jac L., Moschis, George P., Stanley, Thomas J.. (1986). Possible Effects of Electronic Shopping on Restructuring of Distribution Channels. International Journal of Retailing, 1(1), 20. Retrieved April 4, 2008, from ABI/INFORM Global database. (Document ID: 7086604).
Mandell, L. (1990). The credit card industry: a history. Boston. Twayne Publishers.
Merlin Stone, Matt Hobbs, Mahnaz Khaleeli. (2002). Multichannel customer management: The benefits and challenges. Journal of Database Marketing, 10(1), 39-52. Retrieved April 11, 2008, from ABI/INFORM Global database. (Document ID: 214005721).
Stacey Moye (2006). Fair and Accurate Credit Transactions Act: More Protection for Consumers. Information Management Journal, 40(3), 62-66. Retrieved April 11, 2008, from ABI/INFORM Global database. (Document ID: 1044076941).
Jean-charles Rochet, Jean Tirole. (2002). Cooperation among competitors: Some economics of payment card associations. The Rand Journal of Economics, 33(4), 549-570. Retrieved April 4, 2008, from ABI/INFORM Global database. (Document ID: 276909591).
Marc Rysman (2007). An EMPIRICAL ANALYSIS of PAYMENT CARD USAGE*. The Journal of Industrial Economics, 55(1), 1. Retrieved April 4, 2008, from ABI/INFORM Global database. (Document ID: 1254189551).
Mingchun Sun, Edison Tse. (2007). SUSTAINABLE GROWTH of PAYMENT CARD NETWORKS: A TWO-SIDED MARKET APPROACH. Journal of Business Strategies, 24(2), 165-191. Retrieved April 10, 2008,…