Our customers are family, which represent an array of businesses in various industries. We tailor fit the best payment solutions for each business type.
ClearPay is a robust solution which allows us to meet the unique payment processing needs for businesses across a wide range of industries.
As a member of the ClearPay family, you’ll receive Breach Protection Insurance, which helps safeguard against the significant effects of a data breach. If your business were to undergo a breach, you could be liable for the following expenses:
It also includes protection from data breaches due to network hacking, card skimming, key logging devices, and physical losses resulting from employee dishonesty or third-party theft of digital or paper records.
We started in this industry, as Sales Reps with one of the Global Processors that treated their merchants as a number, which to us were always family. We live a life of integrity and realized that’s what the e-Payments industry was missing.
We’ve always been open and honest to the core and wanted to make things as clear as possible. Hence why we came up with the name ClearPay.
ClearPay is passionate about finding solutions that satisfy customers with payment products that are supported by industry-leading, personalized and local support. We tailor the needs of each individual to help navigate the rapid changes in the world of e-Payments.
If you’ve taken the time to read this we want to say Thank You and “Welcome to the Family.”
Matt, Jonathan and Justin
Always do what’s right,
Even when it's hard.
No contracts.
No price increases.
No sales rep.
We answer the phone.
‘Dual Pricing’ is not just for Gas Stations Anymore.
True ‘Dual Pricing’ is Now Available for most Brick-and-Mortar Retailers and Restaurants.
Digital payment where transactions are made via a mobile device, such as a smartphone, smartwatch or tablet.
Typically using credit or debit cards, digital wallets, or bank transfers, on platforms such as eCommerce websites or digital services.
Location and system payment type where a customer completes a transaction, such as a physical store checkout or an online shopping cart.
Stationary devices, typically located on a merchant's counter, that accepts card or digital payments, often including capabilities like contactless payment, chip reading, and swiping.
Using the latest payment technology makes your
transactions quicker, easier, and more secure.
Chips embedded in cards contain encrypted data, which is accessed by the reader in the terminal. The terminal sends a code, or “crytogram,” to the processor during the transaction, validating the card and the cardholder. EMV cards can be either “contact” requiring insertion into the terminals, “contactless” where is card is held near the terminal, or hybrid.
Today’s smartphones come equipped with a Near Field Communication (NFC) antenna to enable consumers to make secure purchases via mobile wallets instead of spending time searching their purses or wallets for the correct credit cards to use. To make a purchase, the customer simply holds their smartphone near the NFC-enabled credit card machine to complete the transaction with their default credit card stored within their mobile wallet.
For both you and your customers, the security features of mobile wallets are enhanced by replacing the actual card number with a device account number so the cardholder’s name, credit card number, and card security code are not seen, which adds an extra layer of privacy.
The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure all companies that process, store, or transmit credit card information maintain a secure environment and prevent credit card fraud. Essentially any merchant that has a merchant ID (MID) is required to meet PCI compliance requirements.
PCI applies to all organizations or merchants, regardless of size or number of transactions, that accept, transmit, or store any cardholder data.
Merchants that don’t comply with PCI DSS may be subject to fines, card replacement costs, pricey forensic audits, brand damage, etc., should a breach event occur. Many acquiring banks issue fines for merchants who don’t comply with PCI. The small upfront effort and cost to comply with PCI significantly reduce your risk from facing costly consequences.
The individual card brands are requiring that the Merchant Banks/Processors implement individual compliance programs to educate merchants on compliance and ensure that they meet PCI compliance requirements. They’ve required that all Merchant Banks/Processors have a plan in place to ensure that all of their merchants obtain and maintain compliance with the standard.
The payment brands may fine an acquiring bank anywhere from $5,000 to $100,000 per month, at their discretion, for PCI compliance violations. The card brands will most likely pass this fine on to the Merchant Acquirer until it eventually hits the market.
All Acquirers are responsible for ensuring that all of their merchants comply with the PCI Data Security Standard (DSS) requirements, therefore, all processors are required by the card brands to implement a PCI compliance program.
The Standard can be found on the PCI SSC’s Website:
https://www.pcisecuritystandards.org/security_standards/index.php
Next Day Funding with a cut off time of 7pm EST or 9pm EST based on your POS/Equipment and program.
(Ex. Batch/settle by 7pm or 9pm on Monday, your funds will be deposited into your bank at 12:00am Tuesday)
Standard Funding gives you a cutoff of 4am which will deposit the next business day.
(Ex. All Monday’s sales batch/settle at 2:00am on Tuesday, your funds will be deposited into your bank at 12:00am Wednesday)
The time it takes to achieve compliance is dependent upon how you process credit card data. If a vulnerability scan is not required, achieving compliance can be completed in a short amount of time.
Merely using a third-party company does not exclude a company from PCI compliance. It may cut down on your risk exposure and consequently reduce the effort to validate compliance. However, it does not mean you are exempt from PCI. All merchants are required to complete the SAQ annually at a minimum.
It also addresses internal security practices and procedures behind handling credit card data. One of the leading causes of data breaches is due to employee error or carelessness when handling sensitive information – this is why proper policies should be in place and a formal Security Awareness Training should be conducted.
Your business must protect cardholder data when you receive it, and process charge backs and refunds. You must also ensure that providers’ applications and card payment terminals comply with respective PCI standards and do not store sensitive cardholder data.
You should request a certificate of compliance annually from providers.
Utilizing a compliant payment application is a best practice towards achieving compliance, but PCI compliance also covers data security, physical security and network security.
Utilizing a compliant payment application is a best practice towards achieving compliance, but PCI compliance also covers data security, physical seIt is extremely difficult to complete the standard PCI Self Assessment Questionnaire without assistance – it was written in a very technical language. We have partnered with Aperia to assist you in the compliance process and offer support as you are completing the SAQ.
Many of the questions in the SAQ require that you have a written Security Policy and a formal Security Awareness Training in place. Without a resource to assist in building the required Security Policy and conduct the formal training, this would be a very time consuming and costly task to complete.curity and network security.
Yes. All businesses that store, process or transmit payment cardholder data must be PCI Compliant.
A network security scan involves an automated tool that checks your systems for vulnerabilities. The tool will conduct a non-intrusive scan to remotely review networks and Web applications based on the external-facing Internet protocol (IP) addresses. The scan will identify vulnerabilities in operating systems, services, and devices that could be used by hackers to target the company’s private network.
As provided by an Approved Scanning Vendor (ASV’s) such as Aperia, the tool will not require you to install any software on your systems, and no denial-of-service attacks will be performed.
Note, typically only merchants with external facing IP address are required to have passing quarterly scans to validate PCI compliance.
If you electronically store cardholder data post authorization, or if your processing systems have any internet connectivity, a quarterly scan by a PCI SSC Approved Scanning Vendor (ASV) is required.
Every 90 days/once per quarter you’re required to submit a passing scan. Merchants and service providers should submit compliance documentation (successful scan reports) according to the timetable determined by their acquirer. Scans must be conducted by a PCI SSC Approved Scanning Vendor (ASV).
Yes, home users are arguably the most vulnerable simply because they’re usually not well protected.
Adopting a ‘path of least resistance’ model, intruders often zero-in on home users – exploiting their ‘always on’ broadband connections and typical home use programs such as chat, Internet games and P2P file-sharing programs.
The Standard can be found on the PCI SSC’s Website:
https://www.pcisecuritystandards.org/security_standards/index.php
Yes, ClearPay offers both daily and monthly discounts.