Credit Card Processing
Open Dental has integrated with two credit card processing companies. Each service must be enabled and set up before payments can be processed.
Both support EMV transactions (credit cards with computer chips). See each page for terminal options.
PCI Compliance: Your credit card processor may offer to enroll you in Payment Card Industry (PCI) compliance tools/assistance or charge you non-compliance fees if you do not complete the annual PCI DSS Self-Assessment Questionnaire (SAQ). PCI Compliance is required by the credit card industry for all merchants. Compliance is very difficult and time consuming to achieve. Many merchants may determine that the cost of the non-compliance fees are less than the cost of compliance. The non-compliance fees are essentially a slush fund that the industry uses to pay out fraud claims. For more information: https://www.pcisecuritystandards.org/merchants/.
If you are a payment processing company interested in direct integration with Open Dental, please see Direct Credit Card Integration with Open Dental.
Both XCharge and PayConnect use tokens to safely encrypt and store credit card numbers and expiration dates. Storing tokens is optional.
When a token is saved, the credit card will be listed as a masked number on the Credit Card Manage Window.
If you require the card to be present for all transactions, you may prefer to not store tokens.
To set the default storage option, see Account Module Preferences, Automatically store credit card tokens. You can also choose to save/not save a token when processing a single transaction (Save Token checkbox).
Warning: In Account Module Preferences always uncheck Allow storing credit card numbers (this is a security risk). When enabled, this preference will store credit cards in Open Dental without tokens. Card numbers will not be masked and are not encrypted in the database. This is a security risk, violates credit card security guidelines, and is not recommended.