How Mobile Credit Card Readers Work

If you've always dreamed of starting your own business -- or if the stagnant economy has pushed you into that pursuing that dream sooner than you expected -- you can take comfort that one emerging technology could make it easier for you: mobile credit card readers.

These days, nothing turns customers away like a sign that reads "cash only." Fewer and fewer people seem to carry cash; instead, many pay for even the smallest items with a credit or debit card. This can pose a challenge for the individual or small business owner who doesn't always work out of a brick-and-mortar location. Consider mobile businesses like a food truck, as well as professionals who make house calls, like a masseuse or a dog-walker -- even the teenage babysitter or lawn mower. Their livelihood may depend on being able to accept payments easily. And today, that means accepting plastic.

Mobile credit card readers basically turn your smartphone into a credit card swiper. If you're serious about your business, chances are you already have a smartphone that you use for business purposes. If not, perhaps the ability to finally accept plastic payments on the go will make the investment in a smartphone worthwhile for you.

Several mobile credit card readers are on the market now, and they each work slightly differently. Although the basic technology is the same as the swipers you find at the ubiquitous point-of-sale terminals, each service uses its own swiping mechanism, and each comes with its own fee structure.

Over the next couple of pages, we'll explore this burgeoning technology and a few of the most popular machines and services available. The best one for you will depend on your needs. And, as security is always an issue when it comes to sensitive credit card information, we'll explore some of the accusations that competitors have made against other products.

Mobile Credit Card Machines and Services

The first mobile credit card reader to make waves came from Jack Dorsey, the founder of the immensely popular social media platform Twitter. His friend, Jim McKelvey, was a glass blower who was frustrated that he had to turn away customers with no cash, and pitched the idea of a smartphone card reader. The result was theSquare, a small box that plugs into the audio jack of a smartphone. It includes a slot for the physical swiping of a credit card. If you've downloaded the application, the smartphone will receive the swiped information transmitted via sound waves into the phone.

Another option is the Intuit GoPayment, from the same company that makes QuickBooks accounting software. Though you don't need QuickBooks to use the GoPayment, many businesses that already use the accounting software appreciate the compatibility for saving sales data. The GoPayment comes with it's own reader but is also compatible with other readers like the Mophie and the Bluetooth credit card reader.

VeriFone, which is a company that was already well-established in credit card processing with stationary terminals, has also come out swinging in the mobile game with the PAYware Mobile Reader. This comes with a stylus for customers to sign the touch screen (as opposed to other devices that require customers to sign with their finger). VeriFone especially prides itself on its service's security features.

Other popular readers are the RoamData RoamPay, known for its versatile compatibility, and the MagTek iDynamo, known for its security.

These popular readers are compatible with a variety of mobile devices as well as tablets, but check compatibility before you commit to one. As you process the transaction, the apps will give you the option of sending a receipt to the customer via e-mail. Of course, you don't need an attachable swiper to accept credit card payments. These and many other apps allow merchants to plug in the information manually. But swipers make for more efficient transactions.

Payment plans vary among the different services. Square, for instance, charges 2.75 percent of each transaction as of this writing. (In 2011, the company dropped its additional 15-cents-per-transaction fee.) Note that the cost is higher when you enter the numbers manually instead of swipe the card. Other services may also charge monthly fees. But the best option for you might depend on how many transactions you process and how large they are.

Mobile Credit Card Reader Security

All of the companies selling mobile credit card readers will say their product is perfectly secure, but are they really? While some hungry customers at a food truck will react with glee that it accepts credit cards, others react with dread when they see their card swiped into a stranger's personal phone. Identity theft and card fraud are major concerns, and some technology experts say certain readers are more secure than others.

First, let's examine the security features that mobile credit card readers claim. Companies say their devices don't store card information on the merchant's phone. Some like to point out that it's safer than other point-of-sale exchanges like sit-down restaurants, because the card never leaves the customer's sight, whereas card information could be copied by hand. Companies also like to note that their software or device complies with Payment Card Industry Data Security Standard (PCI-DSS) by meeting requirements like encryption of card data.

Despite such precautions, some say your card information is still at risk, and that mobile credit card readers open opportunities for hackers and criminals. For instance, in March 2011, VeriFone publicly attacked Square for a security flaw. VeriFone's CEO claimed that the Square reader didn't encrypt card information immediately, making it easy for hackers to develop an application that would store the unencrypted card information [source: Bergeron].

Square's CEO didn't dispute the claim outright, but he called it unfair, saying it overlooked "protections already built into your credit card." He also claimed anyone can easily steal card data and that card companies don't hold consumers responsible for fraudulent charges [source: Rao]. Some responded that this still entails hassles for the consumer. Notably, Square announced plans to add encryption to the reader a month after VeriFone's attack. Meanwhile, other competitors spoke up, like MagTek's CEO, who claimed neither Square nor VeriFone's readers are secure because they lack authentication mechanisms [source: Hart]. RoamData's CEO touted his device's security features and called on regulators to tighten standards [source: Graylin].

So, it seems that consumers could be taking risks by allowing their cards to be swiped into mobile credit card readers. But it's a matter of debate whether these risks are enough to be alarming or even significantly different from those risks associated with any other card transaction.

Lots More Information

Sources

Bergeron, Douglas G. "An Open Letter to the Industry and Consumers." VeriFone. (Oct. 7, 2011) http://sq-skim.com/
Graylin, Will Wang. "ROAM Data CEO REsponds to VeriFone's Open Letter about Square." PYMNTS.com. April 4, 2011. (Oct. 7, 2011) http://pymnts.com/roam-data-ceo-responds-to-verifone-s-open-letter-about-square/
Kincaid, Jason. "Square to Beef Up Card REader Security This Summer (And VeriFone Wasn't So Wrong, After All)." TechCrunch. April 28, 2011. (Oct. 7, 2011) http://techcrunch.com/2011/04/28/square-to-beef-up-card-reader-security-this-summer-and-verifone-wasnt-so-wrong-after-all/
Hart, Annmarie D. "An Open Letter to The Payment Industry." MagTek.com. (Oct. 7, 2011) http://www.magtek.com/V2/an-open-letter-to-the-payment-industry/
Honig, Zach. "Square to Add Encryption to Mobile Card Reader, Skimmers Put on Notice." Engaget. April 29, 2011. (Oct. 7, 2011) http://www.engadget.com/2011/04/29/square-to-add-encryption-to-mobile-card-reader-skimmers-put-on/
Langley, Monica. "Square Snags Big Value: $1 Billion." Wall Street Journal. June 29, 2011. (Oct. 7, 2011) http://online.wsj.com/article/SB10001424052702304665904576383813592144744.html
Moscaritolo, Angela. "VeriFone, Square at Odds Over Refuted Security Flaw." SC Magazine. March 10, 2011. (Oct. 7, 2011) http://www.scmagazineus.com/verifone-square-at-odds-over-refuted-security-flaw/article/198100/
Rao, Leena. "Security Hole Allegation "Is Not a Fair or Accurate Claim." TechCrunch. March 9, 2011. (Oct. 7, 2011) http://techcrunch.com/2011/03/09/squares-jack-dorsey-verifones-security-hole-allegation-is-not-a-fair-or-accurate-claim/
Stern, Zack. "Process Credit Cards Anwhere: 5 Smartphone Alternatives." PC World. Dec. 1, 2010. (Oct. 7, 2011) http://www.pcworld.com/businesscenter/article/211924/process_credit_cards_anywhere_5_smartphone_alternatives.html