AllBusiness posted a very interesting article about how poor customer service can be very costly to a company. At the time I read it I had no idea we’d be highlighted as a company that not only has a great product, but excellent customer support.
Click the link below to view the article
http://www.allbusiness.com/company-activities-management/operations-customer/13391341-1.html
PayPal has issued a security update to their PayFlow Pro payment gateway and requesting all clients using the gateway update to the new API’s by September 1st. These important updates have been included in Pinnacle Cart versions 3.6.3 and 3.6.4. To continue processing payments, please make plans to update your Pinnacle Cart application as soon as possible. Please contact customer support if you have any questions.
More information about this update can be found at https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/gateway_update
PA-DSS and the shopping cart industry
The goal of PA-DSS is to help software vendors and others develop secure payment applications that do not store prohibited data, such as full magnetic stripe, CVV2 or PIN data, and ensure their payment applications support compliance with the PCI DSS. Payment applications that are sold, distributed or licensed to third parties are subject to the PA-DSS requirements. In July of 2010 standards will no longer be option, but required by any payment application dealing with card holder data. Simply put, if a merchant is not running a PA DSS-validated application after the deadline, they will automatically fail their PCI assessment.
In July of next year, new merchants that apply to get a merchant account will have to show the bank, as one of the steps to getting the account, that they are using a PA DSS certified shopping cart. Currently the only place that will have the verified list is the Visa website. If the cart they are using isn’t certified, the store owner will not be able to get a merchant account. Increasingly, merchants are getting letters about compliance and it will ultimately lead much higher fees for those on an uncertified platform and, we believe, ultimately to the cancellation of services if an approved platform isn’t adopted.
We are in the final stages of being certified and our 3.7 release will be our first PA DSS certified release. We are trying to be on the leading edge of the education process for our industry and it is very clear there are a lack of understanding and a ton of misinformation out there. I have personally been sending in requests to cart companies asking about PA DSS certification. My question is simply – are you currently, or in the process of becoming PA DSS certified for your shopping cart? Here are a couple responses.
“It does not need to be. The server is the portion that needs the certification as the cart does not handle the CC information but hands it off to a payment gateway.”
Here’s another – “PA DSS software vendor – I am 99% sure this is for your quarterly network scans which need to take place. We use MacAfee which are qualified.
I have more but all of them are patently false answers. Unless you are only using a payment product like PayPal standard where the card holder data isn’t touched by the application, you should be using a PA-DSS certified application. We are seeing an increase in this type of offering from the gateway companies but these pages aren’t on the client’s website and that simple change guarantees a decrease in sale conversions. I will write a separate post on this topic in the coming weeks.
It’s important to understand that at the time of this posting, no open source or “free” application has announced any intent of certifying their applications PA-DSS. In fact, Magento has clearly stated on their site they WILL NOT be certifying their community application and are encouraging customer to move up to their $10,000 enterprise level application to reach certification. This, of course puts many merchants in a bad situation. We are in the process of working with a number of vendors who will assist clients in moving from these non-compliant applications into Pinnacle Cart.
Undoubtedly, the changes in our industry will create considerable consolidation. By and large the shopping cart industry has been considered a cottage industry made up of hundreds of companies with just 2-3 people. The tens of thousands of dollars that must be invested and the changes to the software product will be too much for many to withstand.
As part of our effort to educate the industry, we will have a booth at the Hosting Con Tradeshow in Washington D.C., next month and I will be part of a panel speaking on this topic. Hope to see some of you at the convention or at our booth #343.
Feel free to give me a call or drop me an email to discuss further.
Mike Auger
At last year’s Hosting Con our VP of Product Development sat down with myhostnews.com to talk about Pinnacle Cart, click here to view the interview. Hope everyone has a great weekend!
Craig Fox, our Founder and VP of Product Development was recently invited to provide some insight into PA-DSS / PCI compliance and it’s effects in the ecommerce industry 
for The Web Host Industry Review, better known as The WHIR . Here are some snippets from the article:
“We’ve completed that compliance ring – what we call the remediation process – with our QSA,” says Craig Fox, VP of product development at e-commerce software firm Pinnacle Cart. “Everything seems to be coming clean.” According to Fox, the total initial cost associated with certification for Pinnacle Cart is likely to be in the range of $20,000 to $30,000 – a manageable cost of doing business, and not something the company intends to pass on to its customers in the form of a price increase, but by no means an insignificant sum of money.
Check out the full article on pages 12-13 here as mentioned on our @pinnaclecart Twitter account!
We know the survey may have been a surprise to many of you who have been waiting on a new beta version on a new platform. I would like to take a few minutes to explain where we are and the direction of the company.
Many of you have recently completed a survey we sent you relating to feature sets for a new version of our shopping cart software.
At the end of last year we were in the process of developing a new platform for Pinnacle Cart that would take us into the next decade. As we began developing the product we also began to understand the challenges and opportunities associated with PA DSS (Payment Applicant Data Security Standard). Visa and MasterCard will begin to enforce this new standard on all shopping carts and any payment application that accepts credit cards in July of 2010. In a nutshell, as a small business owner, this is another requirement for you to be PCI compliant.
Certification is an expensive and time consuming process as we work with a 3rd party QSA recommended by Visa/MC. In addition, our company will have to absorb this expense every time we come out with a significant change to our software. We are making every effort to not pass this expense along to our customers and have been able to keep that goal to date by not increasing the cost of the software. But as you can probably imagine it has forced us to change the way we look at development and releases. The great news for you is Pinnacle Cart will be a leader in PA DSS certification and education.
We have made a major decision to delay the release 4.0 and certify “Pinnacle Cart 3.7 PA DSS.” Of course, by default, it will also mean that 4.0 will also be certified when it is released. The survey you received some time back will go a long way to defining the some of the features associated with 3.7. Many of the features are in the process of being built or already have been built and Craig will have a post about the feature set and the timeline to release. This was a difficult decision as we are very excited about getting to the new platform. The funny thing about the new platform is that it actually IS the reason we decided to come out with an interim release. A new platform undoubtedly creates challenges for upgrades. Though we will provide documentation, a path to upgrade and continue to offer services to assist in the upgrade there will still be work to do. On the other hand, if you are on a 3.4, 3.5 or 3.6 series cart, upgrading to a 3.7 cart is quite easy. Combined, it was obvious we needed to certify a new release for older clients who now must upgrade to 3.7 to have a PA DSS certified shopping cart. Providing choices for our customers has been a cornerstone of our business and this is a great example of changing our direction to better server our entire customer base.
We are excited and look forward to a summer release of 3.7 and a substantial new feature set.
Mike Auger
While checking our Twitter updates, I came across this interesting article posted by @AvalaraSalesTax . It is a great and indepth article about the potential increase in taxation of goods purchased online. Click here to check it out. Likewise, if you come across more great ecommerce based articles, feel free to shoot them our way via our @pinnaclecart Twitter account or email them to iwantthisblogged@pinnaclecart.com .
Pinnacle Cart 3.6.3 has been launched!
If you have account in our new account area at https://account.pinnaclecart.com then you can get the new packages from there.
If you do not yet have an account in the new area, please proceed to http://www.pinnaclecart.com/upgrade.php to get the version of the cart as well as your own account in our new account area.
We will also be releasing this as a hotfix to 3.6.2 version carts as soon as it is available.
Below are the changes and fixes in 3.6.3
Changes from version 3.6.2 R.704 to 3.6.3 R.905
Added – Password update notification and failed admin lockout.
Reason – Necessary to meet PA-DSS compliance.
Added – Password Strength Meter for administrator accounts.
Reason – Necessary to meet PA-DSS compliance.
Added – Intuit QuickBooks Merchant Service.
Reason – Requested by clients
Added – Tracking features for both Google Analytics and Google AdWords.
Reason – Allows customer to track visitor / sales data using Google Analytics and Google Adwords.
Added – Time limit for storage of credit card data.
Reason – Necessary to meeting PA-DSS compliance
Issue – Address field 1 & 2 maybe too short for some international addresses.
Fixed – Increased the max length to 48.
Added – HTTPS interface to PayPal Payflow Pro.
Reason – PayPal Payflow Pro was using library in the cart, now using HTTP interface to communicate.
Issues – Wrong default URL in NTP Now payment gateway.
Fixed – Database is updated with new URL.
Added – Shipping area restriction in the Google post XML.
Fixed – Per Google Checkout documentation.
Issue – Taxes are not recalculated when you update order quantity in admin area.
Fixed – Fixed the query to pull tax rate for updated order subtotal.
Issue – Unable to bulk update a tax class when a high number of products is present in the database.
Fixed – Redesigned the tax class update function.
Issue – Per PA-DSS compliance documentation, CVV2 data cannot be stored under any condition.
Fixed – Removed CVV2 data field from credit card storage.
Issue- Promo code does not get rechecked after deleting a product from cart.
Fixed – Added additional check for promo discount calculations.
Issue – Newsletter unsubscribe does not work for registered users.
Fixed – Updated unsubscribe function for registered users.
Issue – On IPN payment methods OPC drops shipping and makes order free of charge.
Fixed – Added additional checks for shipping rate after few unsuccessful transaction.
Issue – In some instances, attribute inventory was not updating on purchase.
Fixed – Modify the stock control function to check the list of ordered items.
Thank you for an extremely successful 2008. As we go full steam into 2009 we wanted to let all of our customers know what we’ve been working on and what you can expect from us for the New Year. Over the past couple of months the entire Pinnacle Cart team has been busy working on the planning and development of our next release, Pinnacle Cart 4.0. While we don’t have an official release date set at this time, my hope is to provide you with information regarding the release over the next couple of months in preparation for a BETA release sometime in the first quarter. As with any release suggestions from our customer base is very important. Almost every feature added to the application comes from you and we encourage all customers to use our discussion board or submit a “feature request” through our support area.
One of the primary goals of the 4.0 project is to expand our feature set and to migrate the application into a new development framework. Frameworks aim to alleviate the overhead associated with common activities used in application and plug-in development. To assist us with selecting a framework the development team created a list of requirements necessary for any framework we use.
I’ve outlined a couple below:
1) Size- While every framework will reduce development and QA time, some were quite heavy and required the application to come with many additional components we simply won’t use.
2) Speed – Some frameworks hadn’t yet been fully realized and suffered from latency issues. Actually some had been fully realized, but still had unacceptable latency issues. Also we wanted to make sure the selected framework used Web Caching to reduce bandwidth usage, server load, and perceived “lag”. A web cache stores copies of documents passing through it and subsequent requests may be satisfied from the cache if certain conditions are met.
3) Follows MVC (Model View Controller) model – The MVC architectural pattern is used to separate the data model with business rules from user interface.
4) Security – Must have an authentication and authorization frameworks that enable the web server to identify the users of the application, and restrict access to functions based on some defined criteria.
After an exhaustive research all of the existing frameworks in the market, we found none of them completely meet the needs of our application therefore we decided to create our own framework appropriately named “PinnacleGears”. Gears was designed specifically for the needs of eCommerce applications and is fully-documented, light-weight, secure and quite snappy I might add.
One of the other changes you’ll notice in PC 4.0 is we’re migrating into a 100% XHTML compliant template system. On top of making design changes very quick and easy, XHTML compliant systems have the added benefit of becoming excellent fodder for search engines and can assist in SEO. This system will allow third-party designers the ability to create front-end designs with much greater efficiently.
Over the next couple of months leading up to the release I’ll be doing my best to update you on some of the changes and new features you can expect in 4.0.
When the economy is in recession, the last thing you want to do is spend resources on sales pitches that lead nowhere. One great mantra preached by marketing gurus is to invest in developing strong customer relationships, which will build a large customer base to get you through rougher periods. If you haven’t done that, don’t panic. Here are some tips to keep you afloat in troubled times.
Sell to existing customers
When sales are slow, selling to existing customers is cheaper and easier. The reasons are simple – you’ve got their attention already and built a relationship based on trust and credibility and, most importantly, given them reason enough not to fall prey to your competitors’ advances. You know their buying history, so offering them products and services that complement their original purchase is vital. Using e-mail management software like Constant Contact in conjunction with Pinnacle Cart allows you to stay in contact with your existing customer.
“Free” is a very attractive word
Nothing grabs attention like the word “free” when you see it online. Send out free newsletters or offer a free trial period. Many websites offer a complimentary service and then charge for a detailed report. For example, astrology sites will give you a high-level reading of your birth chart free of charge and offer specific dates predicting events in your life for a fee.
Find lucrative advertising deals
Participate in pay-per-click advertising programs or even better, pay-per-sale. Using iDevAffilaite in conjunction with Pinnacle Cart allows you to create a commission based sales force where you only pay affiliates when they make a sale. In tough economic times pay-per-sale programs make much more sense for your business as there isn’t any upfront costs involved.
Publish yourself online
Generate free press for yourself by writing articles in ezines, blogs, forums, podcasts & RSS, mini-sites and social networking sites. You will build credibility for yourself and be seen as something of an expert in your field. If you don’t have the means to do it, hire freelance writers to do the job for you. Negotiate with the hosting information/content site to publish your name, a short byline and your website URL with the article. Or better still, start an ezine yourself.
Be visible all the time
Make sure you’re on your customers’ radar when they may need a product or service that you offer. Create mailing lists for this purpose by asking visitors to your website to complete a simple registration form. Then send them emails about discounts and news items like current trends in that area. For example, clothing stores send emails announcing sales that have children’s jackets for $14 with free shipping. The kids don’t need another jacket but such attractive information coming into your mailbox definitely warrants a peek at the product.
Don’t limit yourself to online advertising
Your business may be online but your advertising doesn’t have to be. Advertise judiciously in newspapers, or TV and radio, or send press releases that are fed into several online and offline PR channels.
There’s nothing we can do to stop the recession but we can make the best of it. Following these tips will help you increase sales as well as drive traffic to your website, which in turn, generates more sales.
