credit card payment in person

Payment Technologies & Data Security

As we upgrade platforms and adjust algorithms to suit the needs of our customers, we always keep in mind the role new payment technologies play in data security. Questions we always hear from our merchants include, “How can hackers access my customer’s information if I have the latest version of software installed in my devise?”

Easy. Take Wawa for example. Just recently, Wawa had a massive data breach that went undetected for nine months during 2019. Due to a cyber hack, Wawa’s computer system exposed customer names, numbers, and expiration dates on credit and debit cards. The thieves achieved the breach by installing a malware software on Wawa servers which meant that gas pump and in-store transactions were compromised throughout all 850 locations along the East Coast. Turns out, the Wawa hack was discovered about a month after VISA sent out a public warning that gas pumps using magnetic-stripe card readers are more vulnerable to hacking.

So how can you be sure your customer’s information is safe?

At FPN, we are diligently working to protect to your customer’s data whether the customer makes an online payment, or you swipe a card at your Point of Sale (POS). One way you can ensure data is protected is by validating your PCI Security every year. PCI stands for Payment Card Industry and covers every major brand such as VISA, Mastercard, Discover, American Express, etc. Ideally, if you’re accepting payments online, you should be scanning your network a minimum of once per quarter to ensure data is safe and secure.

Is your POS using the most up-to-date software available?

Our team witnesses many franchisees running their POS on older versions of Microsoft that are no longer supported by the POS providers. Typically, if you are on Windows XP or older, your POS provider cannot install the necessary security patches which makes you non-compliant with PCI Security. We also see many franchisees who are still running on older versions of their POS software. Many feel the old version still works so why spend money on an upgrade? Truth is, if you don’t upgrade and you get hacked, your POS partner is not going to accept any responsibly and you will likely be on your own.

Smile for the camera!

Picture this scenario, you need to have an IT specialist control your devise to figure out an issue. If you use a remote access and screen-sharing software such as Logmein, it doesn’t matter if your POS is 100% upgraded and your hardware is on the latest version, you are virtually opening a channel into your POS. While it is certainly acceptable to run this software for short periods of time, you must uninstall remote access and screen sharing once the service has been completed as that channel may serve as a risk for hackers who will find it. If you use screen-sharing on a regular basis to see what’s going on in your store when you’re not there, you should stop immediately. Same goes for franchisees that like to set-up security cameras to watch employees while they are out of the store.

Most people don’t realize that the same video feed that you see on your phone is the same feed that exports from an open port on your router. Open ports are vulnerable to hackers snooping through your POS or implementing a dangerous malware or virus. Let’s say you already figured that out, so you put the security camera on either a separate router or you have a very secure firewall preventing data from moving between ports. Where are you most likely going to be pointing a camera? Right at the register. The only place in your store where card numbers could be viewed. Even if your camera is on a separate router, it could be compromised, and a hacker could see card numbers as they are accepted behind the counter. The best way to prevent a breach is to be aware of the many channels hackers can use to access data.

Franchise Payments Network is committed to the best support and on-going training to keep you informed on payment security. Contact us today at for more details.


If you’re a current FPN client and want to update your PCI SAQ now, click here.

Mobile NFC payment

NFC: why it just might be the safest way to pay

Tech giants and big businesses are moving towards incorporating NFC-based technologies to simplify the life of the consumer. Just recently, Apple launched a new digital credit card “designed to work with any other credit or debit card stored in the Wallet app for use with ‌Apple Pay‌.” For users, it’s as simple as holding your smartphone next to an NFC devise at the time of payment. Before we get into why this might be the safest way to transfer funds, let’s talk more about NFC in general.


What is NFC?

Near Field Communication (NFC) is the ability for two different devices to communicate data by either touching or coming within 4 centimeters of each other. NFC creates a magnetic field that then allows encrypted information to be passed from one user to the next.


Is NFC secure?

In many cases, NFC is more secure than any other way to make purchases. Because your data is encrypted, it increases the level of difficulty for a thief to steal information. Think about how close a thief would have to be in order to gain access to your personal data. Realistically, the thief would need their device within 4 centimeters of yours when the transaction is conducted. Unless you’re the type of person who likes to hug strangers at the register or point of sale (POS), it’s highly unlikely that a thief could interfere.


What if someone steals your phone?

Unless the thief is willing to spend time figuring out every one of your passwords and unlocks the smartphone itself, you should be safe. All of the major digital wallet services such as Apple Pay, Google Pay, Samsung Pay, etc. require an additional level of security before payments are made which basically gives these major companies permission to withdraw funds from your banking account. Most companies also require you to enter a PIN or ask for your facial recognition and/or a fingerprint scan to authorize payments. As technology continues to grow and new scams are revealed to the public every day, we feel pretty confident in the security of NFC payments.


Find out how your franchise brand can implement NFC readers at each location and contact FPN sales at 866-420-4613 opt. 3 for pricing and availability.


Be Persistent

Entrepreneur Magazine Q & A

Tom Epstein knows a thing or two about franchising success. After all, he’s a franchisee himself and owns a company that works with hundreds of franchise brands to help them manage payments. Epstein founded Franchise Payments Network in 2006. Headquartered in Orlando, Fla., the 30-person team at FPN handles payment processing as well as gift and loyalty programs exclusively for franchise systems.

Named 2018 and 2019 Top Franchise Supplier by Entrepreneur Magazine FPN works with close to 180 franchise brands and thousands of their franchisees, Epstein says. Some of FPN’s biggest clients include brands like Nathan’s, OxiFresh, Mac Tools, and Menchie’s Frozen Yogurt. Epstein shares talks about payments and loyalty programs, and shares his best insights on what it takes to succeed in franchising.

What’s your best advice for franchise owners in regard to payment systems?

[Epstein] You want to be sure your pricing is consistent across your brand just as you would any other line item in your P and L and as a company you understand the service needs of your franchisees.

One thing to be careful of is more POS companies have a payment processor that they prefer you work with. They can process with just about anyone but push you to their partner as they will get a revenue share back from them that they rarely disclose to you. FPN does not do that—we work with all POS companies, but the franchisor is our customer not the POS company so we don’t pay the POS company giving us the ability to pass the best rates possible through to your franchisees.

Payments systems are evolving. What’s ahead?

[Epstein] Technology is moving very quickly in POS. Equipment is getting less expensive and software is now housed in the cloud for easier updates and enhancements. At this point, I wouldn’t be considering any non-tablet POS. The POS at the check-out station will likely be a thing of the past in fi ve to 10 years. You will be able to pay for things in the isles or from a simple tap on your phone as you walk out the door after your items are scanned via your mobile device.

What’s the biggest mistake you’ve seen owners make with their loyalty programs?

[Epstein] I always tell people to look at loyalty as a way to get your customers to do something that they wouldn’t ordinarily do. Don’t reward them for what they are already doing. Incentivize them to do something more; to come back more often or buy more/ different items. Otherwise you are just giving away margin.

If you could tell franchisees one thing about success, what would it be?

[Epstein] Persistence! When I started FPN I had no “plan B.” It was do or die and there were times early on when other people would have just quit but we always found a way to get through it. Same with franchises and franchisors. I have been on the board with a franchisor and I own two fitness franchises. There is no issue that cannot be resolved. You cannot lose if you don’t quit


Contact for more information on payment processing or reach out to to learn about our loyalty solutions for franchise brands.


Special thank you to Entrepreneur Magazine for making this interview possible.



Results Speak More Than Size


FPN ranked TOP FRANCHISE SUPPLIER in Entrepreneur Magazine two years in a row!

Why we’re grateful for our ranking…

Think about this for a moment… FPN out-ranked companies like World Pay, Square, First Data, Bank of America, Wells Fargo, and Paypal.

  • World Pay is a $2.7 Billion company with 10,000 employees
  • First Data is a $6 Billion company with 25,000 employees
  • Square was founded by Jack Dorsey, who started Twitter and has taken in over $600 Million in investment money
  • PayPay was founded by Peter Theil, who is also on the board of Facebook and has Elon Musk (Space X and Tesla) as a board member and investor

FPN, on the other hand, was founded in 2006 and has about 30 employees. Our fearless CEO, Tom Epstein, started FPN from a severance package and stock option funds. Since then, FPN has never taken on an outside investor, but instead grows steadily over the years.

How did FPN rank amongst these giants? 

Simple — FPN doesn’t have 30,000 employees with a bunch of shareholders to answer to. As a company, we are nimble and can make decisions on product and procedures very quickly as our clients need them. We have a vision to service each franchisor and franchisee to extreme satisfaction — often at the detriment of our P and L — just to keep them happy.

We have a small, but passionate team who understands we are working with people. People who are entrepreneurs. People who have invested everything they have into their business. People who have also bootstrapped their own franchise and are depending on vendors like us help them run their businesses and become profitable. In a weird way, the other companies we are listed with are the very reason FPN exists.

Not to take anything away from those other guys — they all have great business models — it’s just not who we are or honestly who we want to be. FPN will never be the biggest merchant processor company, nor do we want to be. Our goal is only to be the best and to never forget that our merchant partners/clients are the reason we are here.

In closing, a very big Thank You goes out to all of our merchant partners/clients, both big and small. Over the years, you have trusted FPN to move your money safely between your account and your customers!  We are here because of you and for you, always.


New Chip on the Old Card: October Deadline Looming for EMV Payment Readers

As you go about your day-to-day routine, you may have noticed some new ways to pay; and if you received a new debit or credit card recently, you also may have noticed the new chip embedded in it.

Grocery stores,  shops, pharmacies, and large national chains all seem to be installing new customer-facing devices to enter your credit and debit card information. For instance, you can now insert your card into a slot on the front of one of these new devices and enter a PIN. The device will read the encrypted information on your card’s chip and pass that information, along with your PIN, to the card processor for decryption and authentication.

In essence, you are getting a double dose of  unlike with a traditional swipe card, whose magnetic stripe data is easily read by any swiper in the event a physical card is stolen or lost. The chip in the new cards comes encrypted, making your data much harder to obtain for any would-be thief.

As the cards you currently have begin to expire, replacement cards all will have a chip in them, beginning this year. For a time, they still will have the magnetic stripe on the back, but in a few years that will stop completely. By the end of 2015, an estimated 29 percent of cards in the U.S. will have the chip, and the numbers will grow rapidly from there. All EBT and other government cards issued since the beginning of 2015 already have them.

Why should any of this matter to franchisees?

As of October 2015, all new cards issued and all installed terminals must have this capability (one exception is petroleum merchants with automated fuel pumps, who have until October 2017). To help prevent data breach and fraud, U.S. card issuers have adopted the EMV standard (Europay, MasterCard, and Visa) that has been in place in most of the rest of the world for years. For merchants who have not installed the proper  to read these cards by October, the liability for any potential breach will shift completely over to them. (Note: Installing the new hardware will replace the need to continue meeting all your current PCI requirements.)

One of the things I often see with franchise systems is that they tend to run on limited resources, and many do not have a chief technology officer to keep these issues top of mind. Many franchise systems either don’t require a specific type of payment terminal or they lean on a POS vendor to ensure everything is in place around payment technology and PCI compliance. Neither is a good approach, because there is so much more to the customer data  equation than what any single vendor looks at.

Most POS companies are scrambling to meet the October deadline. And even if you are on track to meet this deadline, questions remain. Do you have a plan in place to ensure you are installing the new hardware and/or software in time? Are there cost considerations preventing you from making the upgrades? Do you understand the reasons you need to do this? Maybe this is a good time to to review your POS system in general.

To succeed in this transition, you need a comprehensive strategy that includes not only your POS system, payment processing, and gift/loyalty vendors, but also your IT, operations, and maybe even finance. If you have not yet started this process you are already behind.

With all the new technology available today, perhaps now is a good time to move to one of the newer tablet-based systems. Most can be installed for about the same cost as upgrading your current POS.

If you have to upgrade your systems for EMV anyway, perhaps you should also look at adding NFC (near field communication). NFC is the technology that enables ApplePay, Google Wallet, and CurrentC. This technology is not really new, but Apple’s entry into the game has breathed new life and interest into these payment methods. Consumers are increasingly adopting these methods–and of course the younger your customer base, the more likely they are to want to use this option.

My bottom-line advice to you is that time is getting short and you need to move on this quickly. But don’t act rashly. Have a conversation with your department heads, trusted vendors, and FAC. Since you must make changes anyway, make the right changes–those that will carry you years into the future, not just a quick fix you will have to revisit in the not-too-distant future.

Tom Epstein is CEO and founder of Franchise Payments Network, an electronic payments processing company dedicated to helping franchisors and their franchisees improve system performance, increase revenue, and reduce expenses. Contact him at or 866-420-4613 x1103.