Fifty years ago credit card usage was a luxury limited to only a small, exclusive segment of the population. These days, however, cards have all but replaced cash in the U.S. marketplace and nearly everybody carries at least one.
While some restaurateurs complain about the high costs and complexities associated with the acceptance of credit cards, most agree that their benefits outweigh the negatives.
“People prefer the ease of cards,” says the National Restaurant Association’s director of legislative affairs Mike Shutley, who anticipates even broader credit card usage in the future. “They’re easier for customers. Fewer people today are carrying cash.”
Industry experts, in fact, tend to agree that our culture is rapidly evolving into a cashless society. Darren Tristano, vice president at Chicago-based consulting firm Technomic Inc., views accepting cards as “a dominant way of doing business.”
“With a card you have fewer restrictions,” he says, “and you’re not limited by the cash in your pocket.”
Noting that operators today must accept credit cards, he says, “I see them as an opportunity you’d miss if you didn’t have them.”
Of course, while fewer operators refuse credit cards these days, there still are a few holdouts. The venerable Peter Luger Steak House in Brooklyn, N.Y., for example, does not accept standard credit cards. In their place, however, the restaurant has been offering its own proprietary card to diners since 1960, says president Marilyn Spiera.
“It saves us a lot of money,” she says. “Our food costs are tremendous because we buy the top of the grade. If you accept credit cards, you pay 3 percent or more on each transaction. That’s a big bite on something that has a food cost of more than 70 percent. We’re containing our costs because it’s the only way to survive.”
Quick-service operators also have been slow to embrace credit cards, although that dynamic has been changing too. Card usage speeds transactions since charges under $25 don’t require receipts, many operators have discovered. For example, Oak Brook, Ill.-based McDonald’s began accepting cards years ago and now is exploring installing terminals at the drive-thru windows where servers now swipe cards inside.
But despite the added convenience, some operators nevertheless accuse providers not only of charging excessive fees but also of imposing unnecessarily complex and vague regulations to protect the privacy of user data. Some say the interchange fee imposed by card companies on each transaction is a hard pill to swallow. This fee varies by the type of card and has caused concern throughout the industry, rising to 2.5 percent to 3 percent per transaction, the NRA’s Shutley says.
“Operators are often not told what the rate is,” he says. “There’s no government oversight.”
As the industry’s dependence on cashless payments has grown, so have the complications. The rules of credit card acceptance are 1,200 to 1,600 pages long and not always clear, Shutley says.
“[The NRA is] working with the card companies and Congress to have more transparency,” he says. “But 80 percent of our members are small businesses, and it’s really difficult.”
During last year’s holiday season, restaurants of all sizes found themselves scrambling to comply with the complex regulations known as Payment Card Industry Data Security Standards, or PCI DSS. These standards were developed by the five major card companies to help protect against identity theft and credit card fraud.
Now compliance, which already was complicated, may become even more difficult as states line up behind Texas, which last spring passed a measure making PCI standards state law.
The stakes are high, not only for mom-and-pop operators, but also for large franchisors as well. The topic took center stage last fall at the International Foodservice Technology Exposition, or FS/TEC, in Atlanta. Tracy Libertino, managing director of consulting for Accuvia—the firm that co-sponsors FS/TEC with Nation’s Restaurant News—estimates that “one out of every two operators has control deficiencies with PCI standards.”
“The biggest concern is that they will lose customers or revenue if they have a data breach,” she says.
Libertino points to the negative publicity generated by breaches at such major retailers as T.J. Maxx last year, noting that the “heavy costs” can be damaging. Those costs can include not only fines from credit card companies but also possible legal action related to privacy violations of cardholder data or identity theft.
Another problem associated with the new standards, Libertino says, is that franchisors “can only recommend compliance” to franchisees and could face harm to their brand if those operators became involved in breaches.
“Being PCI-compliant,” she adds, “is no guarantee you won’t have a data breach.”
Restaurants are said to comprise more than 40 percent of cases in which criminals gained access to cardholder information.
“Unfortunately,” says one restaurateur who prefers to remain anonymous, “until all is safe, there will be further breaches. The PCI standard is a good one, but complex. For this reason, I bet many smaller merchants aren’t compliant.”
John Doyle, IT director of restaurant systems for Maryville, Tenn.-based Ruby Tuesday, is “a huge believer” in the PCI standards. Like others, he is frustrated because of the extra work involved but welcomes the challenge. The chain “shifted the paradigm” to minimize what data it holds and keeps no tracking information.
“In the past, the industry liked to have that to report trends on return visits or for charge-backs,” Doyle says. “We pushed that responsibility on to our processor to retrieve one full account number at a time if, say, a guest has a problem with a curbside order. We can then provide the card company with the last four digits and get the full card number. It’s highly secure and only a handful of employees have access.”
Doyle anticipates that wireless devices will become more prevalent in the next five to 10 years because fewer merchants have employees handle cards out of sight from customers.
“The biggest challenge is how the server presents it to the customer,” he says. “It’s a tool that sets us apart. No data is stored on it. We made a decision to replace our POS system, and we looked at a number of vendors and decided if we were going to make a major investment, to take it to the next level.”
He expects that in the next few years, “credit card companies may increase the rates for those who don’t use these systems.”
“Our server tips are higher,” says co-owner Greg Davey. “The customer never loses possession of the card, and it speeds up the whole process so we can turn tables faster. It’s a win-win.”
Despite the complexities posed by the new PCI standards, credit card use in the foodservice industry is expected to grow. Today, says Bob Ezykowich, senior vice president of finance with Villa Enterprises, Inc., in Morristown, N.J., “everybody takes cards, even Dunkin’ Donuts.”
“You have to take them to maintain your competitive edge,” he says. “If you don’t, you’re not going to get the sale.”
In addition, he says, the customer using a card has a higher check average.
Two years ago, Waffle House, Inc. in Norcross, Ga., decided to accept cards at its 700-plus company-owned units after 50 years as a cash-only business.
“It was the No. 1 thing our customers were asking us to do,” a spokesman says. “So we decided to start offering them. It’s a huge convenience that gives people another option.”