Master PCI Data Security

Gary Kielich, owner of Systems Technology Group, says PCI / data security, software customization, and zero fear of complexity are keys to POS sales success.

Even today, as high-profile retail data security breaches dominate the airwaves and merchants of all sizes lose sleep over PCI and EMV requirements, many of the VARs Business Solutions speaks with are all too lax about — and in many cases, ignorant of — the business opportunities spawned by the payment security environment. That’s not STG.

In his direct, yet polite, manner, Kielich puts it plainly. “PCI has confused the hell out of the market and resellers alike,” he says. While that confusion has caused some to punt security concerns to their processing partners or simply avoid addressing them, STG took a wholly different approach. Five years ago, a contract opportunity opened the VAR’s eyes to the market’s need for payment security leadership. “We had an opportunity to install a 25-store system for a public sector account. The contract terms were draconian enough to send most solutions providers running,” he explains. At issue was payment security. The contract required the solutions provider to bring in a QSA (qualified security assessor) to document that STG’s system wasn’t storing or transferring any payment data. The requirement was telling, and Kielich had the foresight to know it was a sign of the times. “Instead of shying away, we wrapped our arms around it,” he says. “We started engaging with QSAs and absorbing everything we could. Then we wrote a software interface to a payment gateway to tokenize CHD (card holder data) between our application and the processor. We took on encryption. The more we learned, the better we got at proving the security of our solution.”

In the years since that project, payment security has become a leading POS systems sales driver. The fact that STG has been offering baked-in tokenization for the past five years and point-to-point encryption for the past two has brought a lot of business its way. “To merchants, payment security didn’t matter ten years ago. It started to matter a little five years ago. It matters a lot now,” says Kielich. “A lot of people are hung up on trying to secure data. You can’t do that, because the bad guys will get to it. You have to build a model where there is no data.” Because STG took that on early, it’s paying the company dividends today.

Today, when a customer approaches STG with payment security concerns, Kielich says his sales team is ready to pounce. “We go into those conversations with confidence because we’re experts. When prospects don’t lead with security, we make a point to bring it up early in the conversation because it’s important and because we’re experts.” PCI, he says, has caused a lot of pain and confusion, but STG has an obligation to understand it and attack it. “We’ve claimed it as an opportunity, not an obstacle. If you don’t understand security, you shouldn’t be in this business, period.”

Now, STG is keeping a close watch on the future of payments, notably mobile. In the current landscape, overpopulated as it is with digital wallet providers, Kielich admits that his crystal ball has yet to inform him what the end-all-be-all mobile payment solution will look like. But, he says the key for solutions providers is to align with vendors that have open systems. “No one knows who will win, but we do know that proprietary will lose. You need to partner with vendors who are open to all of them and to those that can commit the people, technology, and dollars to accommodate all of them, so that the merchant has choice.” And, above all else, of course, security.

Customize And Replicate

Another important driver of STG’s success is its willingness to modify off-the-shelf software to meet specific client needs. Kielich provides a hometown example to illustrate. Buffalo is home to Minor League Baseball’s Buffalo Bisons, who play home games in 18,000+ seat Coca-Cola Field. When Buffalo’s Rich Products — which owns both the Bisons and the Northwest Arkansas Naturals — sought a POS upgrade for the multiple concession areas at Coca-Cola Field and the Naturals’ 6,500-seat Arvest Ballpark, it turned to STG. “We installed Aloha there, but its off-the-shelf functions weren’t enough for stadium environments. The solution had to manage distinct sets of inventory among various concession stands,” explains Kielich. “We wrote an application called Stand Sheet Manager as a requirement of the contract, and that capability landed us the 145-terminal sale.”

Kielich says the decision to seize control of STG’s destiny by hiring in-house software developers helps the company distinguish itself from those married to off-the-shelf solutions, but he offers advice to those willing to follow suit. “Early on, we had some talented and technically proficient employees, and they were able to develop software extensions at a basic level by modifying SQL tables or writing a little C++,” he says. “We began with those simple enhancements, but as we monetized it, we hired additional programmers.”

Monetizing that development work is imperative, and Kielich says it requires discipline. “We’re very diligent about writing a thorough scope of work for each client engagement, which outlines in detail what they want, and which is priced in accordance with our development efforts,” he says. That careful management has afforded STG the current luxury of employing three full-time C# developers.

The other beauty of STG’s custom development work is that often it can be replicated to the tune of more and bigger business opportunities. “Through these custom engagements, our developers have built a library of enhancements that are maintained, enhanced, and available for sale to the greater market,” he says. “They can be sold over and over again.” Five years ago, STG wrote a reporting application for a liquor store customer called the STG Buyer’s Tool. It was designed to help the merchant analyze what inventory was moving and what wasn’t, enabling better buying decisions. “It’s a tool that makes those merchants more efficient and more profitable. We continue to sell and enhance that application, and it’s allowed us to win several other accounts in the liquor and packaged retail goods industries,” says Kielich. In fact, STG has made the application available to other resellers, too.

“To merchants, payment security didn’t matter ten years ago. It started to matter a little five years ago. It matters a lot now.”

Gary Kielich, Owner, Systems Technology Group


In 2013, another custom development project brought some high-profile exposure to STG. Fellow Buffalo business Delaware North Companies outfitted Busch Stadium with 1,800 food service associates to work the World Series that year, many of whom were armed with Honeywell mobile POS units loaded with a solution delivered by STG. “That installation helped us make great strides into extending our experience to the mobile space. We’ve grown the stadium and arena segment of our business significantly, with installations in venues that host many professional teams around the country.”

By tiptoeing into software development, getting paid for customizations up front, and making the fruits of its development efforts available for sale to the greater market, STG has strengthened its foothold in some of the key segments it serves.

Embrace Complexity

Kielich says everyone at STG recognizes that the retail systems landscape has never been more complex than it is today, and he says everyone there embraces that fact. “We’ve committed to being specialists, and that means understanding every piece of the retail ecosystem,” he says. For example, while many VARs shy away from the merchant demand for omni-channel transaction complexity and opt instead to stay chained to traditional brick-and-mortar transaction enablement, STG relishes the opportunity to engage merchants’ omni-channel challenges. “You can’t do omni-channel on ten-year-old legacy applications without a lot of burdensome integration, because they weren’t designed for that,” he says. To capitalize on omni-channel demand, he says you have to offer a software package that accommodates transaction complexity, such as buy online, pick up in store and buy online, and return to store, as well as one that enables multistore and DC inventory visibility.

“VARs have to be willing to trace this demand back to its origin, which isn’t the merchant, it’s the consumer,” says Kielich. “Understanding and accommodating the demands of modern consumers is a very complex business. They expect to purchase anywhere, pay anywhere, and have merchandise fulfilled anywhere. They want access to loyalty programs, inventory, and transaction history. The retailer wants accurate and timely information on their consumers. All those demands equate to solutions opportunities for those of us willing to take on the complexity,” he says. For its part, STG resells LS Retail, which Kielich says offers virtually all of the omni-channel functionality his customers demand.

Beyond the complexity of modern customer-facing solutions such as omni-channel, Kielich says the VAR business itself has become significantly more complex since he launched STG. He points to the shift toward SaaS as an example. “We’ve been selling Aloha for 20 years now, and we’re fortunate in that Aloha started moving toward SaaS fifteen years ago with its above-store reporting engine,” he says. “That was followed by gift cards and loyalty, then online ordering, and now 15 different applications, including POS, are delivered in the SaaS model.” As such, STG has been charging monthly fees for services since long before it was cool. Today, some 30 percent to 35 percent of its customers’ transactions are conducted via SaaS applications.

Kielich equates the complexity of the current retail technology climate with opportunity. “This is a really exciting time for our business because of all the change, and I’m grateful for it. Complexity, and the ability to specialize in solving complex challenges, protects us from commoditization and the pricing and margin erosion that comes with it,” he says. His advice to you, his fellow channel pros, is to embrace complexity and become expert specialists. “No one asks for the cheapest brain surgeon.” Likewise, he says, when merchants face complexity, they seek the best, and they’re willing to pay for it.

Article Provided By: Business Solutions

Liquid Video Technologies Logo, Security, Video Surveillance, Greenville South Carolina

If you would like liquidvideotechnologies.com to discuss developing your Home Security System, Networking, Access Control, Fire, IT consultant or PCI Compliance, please do not hesitate to call us at 864-859-9848 or you can email us at deveren@liquidvideotechnologies.com