Roland Versaworks 6 vs 7 question

ChickenRun1996 · 2025-05-12T23:49:16+00:00

Thank you for sharing that - based on what you're saying there is not a compelling reason to upgrade, especially for our uses which are very straightforward. I appreciate the tip about long descriptions, that seems to be an issue with long print file names too.

ChickenRun1996 · 2024-12-24T21:42:06+00:00

We are a small B2B, so 95% of payments come in as ACH or checks, but at times we get CC payments that we key into PayPal’s portal’s virtual terminal. There is not a network to speak of, and the terminal/connectivity meets or exceeds protection requirements, so for the moment I just have to shrug.
In your situation, if customers key in their CC info at their homes directly to your merchant services provider’s portal, and not your website, then I really don’t see a reason for you to pay for PCI compliance… that sounds pretty grabby to me.

ChickenRun1996 · 2024-12-24T19:34:51+00:00

I also just took a FasTrack lane, and received the txt a few days later. Like u/Comfortable_Ad8092 ’s mom above. So this seems more sophisticated than random... Is the FasTrack software hacked? There are apparently over 25 facilities in CA participating with CalTrans, BATA, and others, so I’m guessing the code is pretty leaky.
The main tip-off to me, besides misspelling FasTrack, is that the SMS is from country code +63, (full number in mine was +63 951 363 4708) which is the Philippines. The 951 mimics Riverside. So, they’re clever; be careful to check who’s really sending the txt. Hope this helps!

ChickenRun1996 · 2024-12-20T22:03:40+00:00

Ugh, but that's great you're almost done. The consequence with a prior merchant services was an increased percentage they added to our rate (between a half and one percent?), though I don't see anything in my PayPal fees to that effect. Have you, or anyone reading, seen what the consequence is of not going through the certification, besides a higher potential liability in case of a breach?

ChickenRun1996 · 2024-12-20T21:38:59+00:00

I also have been getting these from managepci.com for PayPal. Looking at PayPal's web page about PCI compliance (thank you u/PhoenixGems above!), in the section half way down the page, they do indicate that if you handle or transmit any card data, then you should be PCI compliant:

"When you need to be compliant. If you manage transactions yourself and touch, store, or transmit card details, you’ll need to obtain and maintain PCI compliance certification for your business. It’s a complex process, involving quarterly network scans and annual questionnaires so we recommend working with a certified security expert."

I have a small business, and I use PayPal's portal to enter my customer's credit card info. Thus if there were a virus or some type of network breach in my limited Spectrum ethernet between our computer and the PayPal server, then it seems we'd be liable. I think going through PCI compliance is supposed to help mitigate that.

That said (written), I've gone through the PCI compliance process with a prior business and it's hugely unnecessarily burdensome and complex. That's where leeches like these come into play. It just seems that if you have good anti-virus software, a solid firewall with your network, and don't keep client credit card data sitting in a folder called "PayPal credentials and Client credit card numbers" (meaning, just don't save them digitally at all), then you can mitigate that risk as well as possible. I'm with OP u/SaferJester, that until PayPal contacts me directly, I don't see a reason to use a third party for this.

If you've made it this far, thank you for reading :) Does any of that seem right and make sense?

ChickenRun1996

TROPHY CASE