This plugin extends the functionality of WooCommerce to accept payments from credit/debit cards using Fast Charge Payment Gateway. This plugin enables you to use the Fast Charge Payment Gateway to accept credit cards directly on your website without redirecting customers.
Like all Pledged Plugins products, this plugin installs with one click. After installing, you will have only a few fields to fill out before you are ready to accept credit cards on your store.
WooCommerce is the most popular WordPress eCommerce plugin. And it’s available for free. Packed full of features, perfectly integrated into your self-hosted WordPress website.
Customized Success/Failure messages
You are able to customize the credit card success/failure messages in addition to your WooCommerce transaction pages without any programming skills required.
This payment gateway allows you to accept credit cards directly on your website and therefor to remain PCI Compliant you must protect the checkout page with SSL. However, the plugin will function with or without SSL on.
WordPress is web software you can use to create a beautiful website or blog. We like to say that WordPress is both free and priceless at the same time.
The core software is built by hundreds of community volunteers, and when you’re ready for more there are thousands of plugins and themes available to transform your site into almost anything you can imagine. Over 60 million people have chosen WordPress to power the place on the web they call “home” — we’d love you to join the family.
WooCommerce is designed for the small to large-sized online merchants using WordPress. The plugin became famous soon for its simplicity to install and customization and being free in nature.
Established in 2003, The Fast Charge Payment Gateway™ is a payment gateway and e-commerce application service provider that authorizes payments for online businesses, retail retailers, mobile merchants or traditional brick and mortar merchants. Fast Charge is the equivalent of a physical point of sale terminal located in most retail outlets.
Payment gateways protect credit card details by encrypting sensitive information, such as credit card numbers, to ensure that information is passed securely between the customer and the merchant and also between merchant and the payment processor.
Liberty Ammunition filed suit against the Department of Defense in 2011, claiming that the Department of the Army used Liberty’s trade secrets to produce “enhanced performance rounds” for military rifles that were nearly identical to a bullet Liberty patented. The Army has been using lead-free bullets for several years produced by other manufacturers working under military contract.
U.S. Federal Court of Claims Judge Charles F. Lettow filed a decision Dec. 19 in which he found the federal government had infringed on Liberty’s patent for its copper-core, steel-tipped ammunition. Lettow ordered the government to pay two levels of damages, the first being a $15.6 million lump payment. The government
was also ordered to pay a 1.4-cent royalty on every bullet it purchases and receives for use. It will make those payments until Liberty’s patent expires in 2027.
Founded by Manatee County resident and inventor P.J. Marx, Liberty Ammunition produces ammunition for the U.S. military and foreign militaries allies and markets personal defense and hunting rounds through a small number of distributors and dealers. It also sells law enforcement ammunition.
Liberty CEO George Phillips welcomed the judge’s decision.
“We feel we’re totally vindicated that PJ Marx is the inventor of the enhanced performance round and that the court was absolutely clear in its decision,” he told the Bradenton Herald.
The government has until Feb. 19 to appeal Lettow’s decision.
According to the narrative in court documents, the Army had been working to develop lead-free ammunition since 1995 in an effort to cut down on lead pollution where the Army’s bullets are used. Traditional bullets are constructed with lead cores.
The Army and its ammunition developers made several unsuccessful attempts. Lead-free bullets taken into combat in the 1990s failed in many instances to incapacitate opposing combatants, passing through their bodies without fragmenting into shrapnel as designed. Post-combat reports cited in court documents said those combatants were often able to return fire after being shot.
Product Description (PAX 90) Credit Card Terminal
The PAX S90 mobile POS terminal has been designed to offer superior wireless performance, embedded in a ruggedized yet stylish form factor. With options for single PAX S90 Mobile Payment Terminal – with CDMA, GPRS and EMV SIM or dual SIM functionality, and with a high capacity Li-lon rechargeable battery, the S90 is one of the most popular mobile terminals for merchants today. The S90 is PCI certified and delivers secure transactions with a state of the art 32-bit processor to support DUKPT, Master Session, DES, and 3DES. The ARM9 microprocessor assures faster, reliable transactions anywhere and every time.
The Pax S90 Mobile Payment Terminal is the perfect solution for your business and your charge card transactions. Built to withstand the outdoor elements and with a long lasting Li-Ion battery you never have to worry about credit card transactions failing on you.
Pax S90 is a powerful mobile payment terminal, with ARM9 CPU, large memory, compact design, and supports wireless communication methods and multi-application download.
Terminal PAX S90 c can be connected to a cellular GSM / GPRS network is designed to receive and bank credit\debit cards, payment acceptance, and loyalty and gift programs support. Mobile communication interface GSM / GPRS allows you to instantly use the terminal in the area of mobile network coverage without the need of purchase expensive telephone lines and LAN. Having built-in battery allows to use the terminal in taxis or on the street or in a restaurant.
PCI PTS 3.x approved
High speed ARM 11 processor and large memory capacity
Optional built-in contactless – PayPass, payWave
Optional 1D barcode scanner
USB & 3G connectivity
Large capacity battery
Dual SIM functionality
192MB (128MB Flash, 64MB DDR)
128 x 64 pixel LCD,
10 numeric / letter & 8 function keys
4 ATM keys, 1 Power ON / OFF key
Thermal graphic printer, Speed: 18 lps
Standard paper roll: 58mm (2.25 in.)
Magnetic Card Reader
Track 1 / 2 / 3, bi-directional, ISO7812
Smart Card Reader
1 user card, EMV
Contactless card Reader (built-in)
ISO / IEC14443,Type A / B, Mifare®, Felica Compliant
Maximum effective distance up to 4cm
4 RF Indicators: Red Yellow, Blue, Green
Barcode Reader (optional)
1D barcode scanner
2 SAMs, ISO7816
2 SIMs (optional)
Wireless: GPRS or 3G (WCDMA)
Sync. (HDLC, up to 9600bps)
Async. (V.92, up to 56Kbps)
1 x RS232, 1 x Line, 1x mini USB (OTG),
1 x power charge
PCI PTS 3.x approved
DUKPT, Master / Session, DES, 3DES
ANSI / ISO9564 format 0, 1, 3
PIN ciphered key algorithm
ANSI X9.9 / X9.19 MAC algorithm
Li-ion battery, 1800mAh, 7.4V
0°C to 50°C (32°F to 122°F) operating temperature
-20°C to 70° C (-4°F to 158°F) storage temperature
10% to 93% relative humidity, non-condensing
Input: 100~240VAC, 50Hz / 60Hz, 1.0A
Output: 9.5VDC, 4A
Leather Casing, Charging Dock,
Car Jack Charger
The busiest shopping day of the year also saw a major boom for gun sales, with the federal background check system setting a record of more than 175,000 background checks Friday, according to the FBI.
The staggering number of checks — an average of almost three per second, nearly three times the daily average — falls on the shoulders of 600 FBI and contract call center employees who will endure 17-hour workdays in an attempt to complete the background reviews in three business days, as required by law, FBI spokesman Stephen Fischer said.
“Traditionally, Black Friday is one of our busiest days for transaction volume,” Fischer said.
Indeed, Friday saw the highest number of background checks ever for a Black Friday, and second in history. The highest day on record was December 21, 2012, with more than 177,000 background checks.
On average, more than 500 gun background checks a day fail because of incomplete information required for a decision, according to the FBI’s National Instant Criminal Background Check System, which is responsible for checks on firearm purchases from federally licensed shops.
Employees of the background check agency, who work every day but Christmas, worked through the weekend to vet Friday’s purchases.
“We are averaging three checks per second,” Fischer said Friday afternoon, before the final numbers were in. “The challenge is to have staff keep up with this volume. We do that by limiting personal leave, asking employees to work extra shifts and reutilizing former … employees to serve in NICS during this busy period.”
The agency brings in 100 extra employees to deal with the increase.
“This means saving lives and protecting people from harm — by not letting guns fall into the wrong hands,” FBI Manager Kimberly Del Greco said in a statement. “It also ensures the timely transfer of firearms to eligible gun buyers.”
Overall, about 186,000 background checks a year cannot be completed, according to the FBI. It’s difficult to know exactly how many gun sales are authorized from that number because whether to make the sale is ultimately in the hands of the shop owner.
Last year, the agency completed 21 million background checks, and about 1.1% of those purchases were denied, the agency said.
Firearm background checks have doubled from the more than 9 million conducted when the system was implemented in 1999.
Ten factors can disqualify a purchase: felony conviction, arrest warrant, documented drug problem, mental illness, undocumented immigration status, dishonorable military discharge, renunciation of U.S. citizenship, restraining order, history of domestic violence or indictment for any crime punishable by longer than one year of prison.
Gun purchasers are required to fill out a form from the Bureau of Alcohol, Tobacco, Firearms and Explosives with basic identification information and questions about the 10 disqualifying factors.
The gun shop can read the information to the background check agency over the phone or run the information through a secure Internet connection. The check sometimes involves calling courthouses to get records and dispositions.
“We won’t make a determination unless we are absolutely sure,” Fischer said.
However, the agency cannot deny a transaction based on an arrest without knowing the disposition of a case.
After the three business days have passed, completion of the sale becomes the prerogative of the licensed gun shop owner, according to the Brady Handgun Violence Prevention Act of 1998
Fischer said major retailers such as Walmart, Dick’s Sporting Goods, Cabela’s and Gander Mountain usually won’t go through with the sale without complete information.
The Bureau of Alcohol, Tobacco, Firearms and Explosives issued a 14-point clarification on what does and what does not make an 80 percent lower receiver, and reminds people that they’re legal to buy.
ATF routinely collaborates with the firearms industry and law enforcement to monitor new technologies and current manufacturing trends that could potentially impact the safety of the public.
“80% receiver,” “80% finished,” “80% complete,” “unfinished receiver” are all terms referring to an item that some may believe has not yet reached a stage of manufacture that meets the definition of firearm frame or receiver found in the Gun Control Act of 1968 (GCA). These are not statutory terms or terms ATF employs or endorses.
Receiver blanks that do not meet the definition of a “firearm” are not subject to regulation under the GCA. The ATF has long held that items such as receiver blanks, “castings” or “machined bodies” in which the fire-control cavity area is completely solid and un-machined have not reached the “stage of manufacture” which would result in the classification of a firearm per the GCA.
See comparison examples:
The GCA does not impose restrictions on receiver blanks that do not meet the definition of a “firearm.”
Receivers that meet the definition of a “firearm” must have markings, including a serial number. See 27 CFR § 478.92 (Firearm manufacturers marking requirements).
ATF successfully traces crime guns to the first retail purchaser in most instances. ATF starts with the manufacturer and goes through the entire chain of distribution to find who first bought the firearm from a licensed dealer. Because receiver blanks do not have markings or serial numbers, when firearms made from such receiver blanks are found at a crime scene, it is usually not possible to trace the firearm or determine its history, which hinders crime gun investigations jeopardizing public safety.
Manufacturing & Licensing
There are no federal restrictions on an individual making a firearm for personal use, as long as it does not violate the GCA or National Firearms Act (NFA).
10. What is the National Firearms Act (NFA)?
The NFA imposes a tax on the making, transfer or import of certain firearms recognized to present a greater risk to public safety. The law also requires the registration of all NFA firearms as defined in title 26 USC 5845(a):
(2) a weapon made from a shotgun if such weapon as modified has an overall length of less than 26 inches or a barrel or barrels of less than 18 inches in length;
(3) a rifle having a barrel or barrels of less than 16 inches in length;
(4) a weapon made from a rifle if such weapon as modified has an overall length of less than 26 inches or a barrel or barrels of less than 16 inches in length;
(5) any other weapon, as defined in subsection (e);
(6) a machinegun;
(7) any silencer (as defined in section 921 of title 18, United States Code); and
(8) a destructive device.
If an individual is “engaged in the business” (defined below) as a manufacturer or seller of firearms then that person must obtain a federal firearms license. In addition, manufacturers have a variety of specific responsibilities under the Gun Control Act, such as including a serial number and other markings on all firearms.
With certain exceptions, and subject to any state law that might apply, as long as an individual is not prohibited from possessing a firearm, he or she can make a firearm for personal use. If an individual wants to manufacture and sell firearms, he or she is required to obtain a license, and mark each firearm manufactured in accordance with 27 CFR 478.92. [18 U.S.C. 923(i), 26 U.S.C. 5822]
ATF will approve a properly executed application if the applicant:
- Submits fingerprint cards;
- Submits a frontal view photograph;
- Is 21 years of age or older;
- Is not prohibited from shipping, transporting, receiving or possessing firearms or ammunition in interstate or foreign commerce;
- Has not willfully violated the GCA or its regulations;
- Has not willfully failed to disclose material information or willfully made false statements concerning material facts in connection with his application;
- Has premises for conducting the business
- The applicant certifies that:
- the business to be conducted under the license is not prohibited by State or local law in the place where the licensed premises is located;
- within 30 days after the application is approved the business will comply with the requirements of State and local law applicable to the conduct of the business;
- the business will not be conducted under the license until the requirements of State and local law applicable to the business have been met;
- the applicant has sent or delivered a form to the chief law enforcement officer where the premises is located notifying the officer that the applicant intends to apply for a license; and
- secure gun storage or safety devices will be available at any place in which firearms are sold under the license to persons who are not licensees (“secure gun storage or safety device” is defined in 18 U.S.C. 921(a)(34)).
Under federal law, an application shall be approved if an applicant for a federal firearms license or a manufacturing license meets all of the licensing requirements and criteria.
Submit ATF Form 7 (5310.12), Application for License, with the appropriate fee in accordance with the instructions on the form to ATF.
Scattered reports of double payments and failed transactions have begun to bubble to the surface after what initially looked like a relatively smooth introduction of Apple Pay.
Some Bank of America customers reported Tuesday that they were charged twice for purchases made through Apple’s new payment system. One was a CNN Money reporter who described his experiences being double charged and the difficulties he had in getting the issue resolved.
Bank of America acknowledged the problem, but said it was limited.
“We apologize for the inconvenience and we’re correcting the issue. All duplicates will be refunded,” said Tara Burke, a spokesperson for the bank. She said that roughly 1,000 of the bank’s customers had been affected.
The issue was likely a coding problem on Bank of America’s end, according to Cornerstone, a Cambridge, Mass.-based consulting firm. Burke declined to comment.
Some of Cornerstone’s clients who were part of the first wave of financial institutions adopting Apple Pay experienced a different problem on Monday, the day the program debuted. They reported feedback from customers saying their phones rejected the Apple Pay transaction because their institution wasn’t supported.
“There are more problems than just this Bank of America issue,” said Bob Roth, Cornerstone’s payment practices manager. Roth said that Cornerstone had not canvassed its clients but he did not believe issues were widespread.
“New technology’s always going to have issues three days in,” Roth said, adding that he thought Apple Pay’s overall debut had been “pretty impressive.” A representative for Apple did not return a call by deadline.
Two of the vendors transitioning merchants and financial institutions onto Apple Pay agreed.
Pete Donat, head of new ventures for payment security and infrastructure provider First Data, said Tuesday that the company’s clients, including several of the first banks to adopt Apple’s new one-touch payment system, had seen few problems with the mobile payment rollout.
Like First Data, Chase’s mobile payment division also helps clients with the infrastructure necessary to use Apple Pay. Chase mobile’s general manager, Tom O’Brien, said that though the company “found a lot of things that we fixed along the way” to Apple Pay’s debut, so far it’s provided a, “really smooth, really secure customer experience.” According to O’Brien, Apple Pay signups by customers on Tuesday were seven times higher than traditional card enrollment—a one day snapshot but an indication of momentum and adoption of a new product on the consumer side.
That momentum seems to extend to the financial side as well. “The banks we’re talking to are generally excited about the opportunity to participate in Apple Pay,” Donat said, saying that he predicts thousands will soon follow the more than 500 that have already agreed to support Apple Pay.
Roth, of Cornerstone, said the big question surrounding Apple Pay will be how the experience goes for that first wave of adopters.
Chase and First Data both provide physical platforms that support near-field communication transactions, which mobile payment systems like Apple Pay and Google Wallet use, but both are also among the that provide application program interfaces (APIs), allowing developers to integrate Apple Pay as a payment option for their applications.
“We think in-app payments are going to be one of the higher growth areas,” Donat said. “Apple’s done a good job, as have the networks and others involved, of riding on an existing standard,” of protocols for tokenization.
One early complication that customers have seen is double payment. Tokenization, part of Apple Pay’s security, made troubleshooting the issue problematic: in the Apple Pay transaction personal customer information is not transmitted, which makes it hard for Apple to track the double payment issue until customers began calling.
Systems that support only SSL 3.0 are being abandoned as systems operators cease server-side support for the outdated standard following the disclosure of a critical bug.
The latest in 2014’s saga of server-side issues is POODLE, an acronym of Padding Oracle On Downgraded Legacy Encryption (otherwise designated as CVE-2014-3556) that was named by the publishers of the disclosure, Google researchers Bodo Möller, Thai Duong, and Krzysztof Kotowicz.
POODLE is a flaw in how browsers handle encryption; by negotiating down to SSL 3.0, attackers can alter padding data at the end of a block cipher in a way that forces a slow leak of data. Many of the cipher suites in SSL 3.0 have already been abandoned as insecure, due to small key sizes, biases, and simply having support already removed from browsers.
The POODLE vulnerability allows attackers to exploit the design of SSL 3.0 to decrypt sensitive information, including secret session cookies (and, therefore hijack sessions for users’ accounts). Because the exploit is not being a patchable flaw, it is necessarily hastening the death of SSL 3.0 as a viable standard.
The public response
Akamai, a popular CDN, has accelerated its deprecation of SSL 3.0, which at present stands at 90% complete, and should be finalized for Secure CDN customers by late October to early November 2014. The firm is also working on a phased deployment for TLS_FALLBACK_SCSV for legacy systems, though they note that since few browsers support this patch, it does not help anyone for the short term. SSL 2.0 traffic is now blocked, and customers supporting only SSL 3.0 are urged to upgrade as soon as possible.
CloudFlare has disabled SSL 3.0 support by default for all customers. Business and enterprise customers have the option of enabling it manually, though CloudFlare strongly discourages users from doing so. The company’s research notes that for HTTPS traffic, only 0.65% of this traffic uses SSL 3.0, which they characterize as being mostly attack traffic and crawlers. They also note that Windows XP traffic constitutes only 3.12% of all “real visitor traffic,” and of those users, only 1.12% use SSL 3.0.
Twitter announced an immediate end to SSL 3.0 support for its services, forcing users to use a browser that supports TLS 1.0 or higher.
Mozilla rolled out an extension for users to immediately disable SSL 3.0. SSL 3.0 will be disabled by default in Firefox 34, which will be released on November 25, 2014. Plans are also in the works to include support for SCSV in Firefox 35.
Möller indicated in a Google blog post that Chrome has supported SCSV since February 2014, and that SSL 3.0 support will be removed completely from client products “in the coming months.”
Does this dog bite?
What, if any, precautions will you take to mitigate this issue? Do you still have production servers that support SSL 3.0? Let us know your thoughts in the comments.
What Is Apple Pay? –
In the Card-Present environment, Apple Pay uses a NFC transmitter in either the iPhone 6, 6 Plus or Apple Watch to transmit secure transaction data from the user’s iPhone to a compatible contactless receiver in a merchant’s store. No real credit card data is transmitted, only a one-time token that is useless if stolen. The customer simply picks a card, taps the phone next to the terminal, and the transaction is completed.
How Do Merchants Accept Apple Pay? –
Merchants need a NFC receiver that is certified for Apple Pay and will need to be on the MSL First Data platform for now – other platforms will undoubtedly be added. Most of the recently-deployed terminals are already compatible with EMV and contactless payment methods (mostly NFC and Apple Pay), which means they only need a receiver to accept Apple Pay. There are a number of receivers that will be made available soon, and they will allow both new merchants and existing merchants to accept PIN Debit, EMV cards, and NFC/Apple Pay. These devices are intended to be backwards compatible with many existing terminals. Apple Pay is also 100% compatible with the CLOVER station using an upgraded FD-40 PIN Pad (available soon).
When Can Your Merchants Accept Apple Pay? –
Apple is scheduled to release final specs on 18th October, 2014. These specs will then need to be certified on the PIN/EMV/NFC devices and then we can start shipping. No merchants anywhere will be able to accept Apple Pay transactions until at least after 18th October. We are unsure exactly when the rollout will occur, but will keep you posted as news develops.
UPS Store hacked, possibly compromising user data
The shipping store discovered malware in the computer systems of 51 US stores in 24 states. Customer credit and debit card information may have been leaked.
The UPS Store is the latest retail chain to be targeted in a data breach leading to the theft of customers’ credit card information.
The shipping and business services store announced Wednesday that 51 US stores in 24 states had been hacked via a malware intrusion on the store’s computer systems. The breach affected about 1 percent of all UPS Stores.
The company has determined that customers who used a credit or debit card at these stores between January 20, 2014, and August 11, 2014, could have been exposed to the breach. Private customer information that may have been leaked includes names, postal addresses, email addresses, and credit and debit card data.
The company became aware of the breach after the US government notified the chain it had discovered a “broad-based malware intrusion” in its system. The UPS Store hired an IT security firm to investigate further. This firm then located the malware in the 51 stores’ systems.
The hack into The UPS Store comes amid an apparent uptick in security breaches at retail locations. Retail giant Target revealed in December that hackers obtained credit card data for more than 110 million customers who shopped in its stores late last year. And, over the past few months, arts and crafts retail chain Michaels Stores, department store Neiman Marcus, and restaurant chain P.F. Chang’s revealed they were victims of security breaches aimed at stealing customer’s credit card information.
The UPS Store said it eliminated the malware as of August 11 and has notified potentially affected customers of the breach. The company is offering identity protection and credit monitoring services to those customers.