Today, mobile payments startup Square is rolling out what the company says is the most heavily-requested feature by its merchants to date: user permissions. What this means is that business owners will now be able to enable their staff to use Square devices to accept payments without having to provide those employees with access to the same sensitive information that a business owner may see on their end.
Until now, owners who wanted to set up their employees to also accept Square payments on the business’s behalf would actually have to hand over their username and password – yes, the same username and password that allows them to login and access the the details of their business’s account, and even banking information. Um, yikes.
As an admin, you can add and remove bank accounts, but the current account associated with the business would only display the last three digits of the account number. But generally, any service involving banking info is one people prefer to lock down.
While there have been no reported incidents of businesses’ employees using this admin-level access for ill, it’s the sort of preventative security feature that larger companies need in order to feel comfortable with adopting the system. It’s also likely a change reflective of Square’s growing customer base. The company is now processing $6 billion in annual payments it recently said, alongside the announcement of its new CFO Sarah Friar, formerly of Salesforce.com. Many businesses using Square are no longer seeing it as an experimental tool they’re “trying out,” but rather it’s becoming a part of their everyday workflow. And that requires more attention to big business type concerns. Like security.
It’s also interesting to compare Square’s moves with that of rival Intuit GoPayment in this case. When GoPayment debuted in May 2009, it had the ability for admins to add multiple users to their GoPayment accounts, permissions intact, right out of the box. The decision was made because the company’s initial target market was field employees – like electricians and contractors. Now Intuit is after the smaller businesses Square has been signing up, and, at the same time, Square is expanding beyond the smaller businesses who didn’t need the complexity of GoPayment in order to snag signups from larger operations now realizing the need for security.
The move comes only a week after Square announced the debut of its customer loyalty punchcard program – another move designed to turn Square from an occasional tool to an everyday one. The company couldn’t say whether or not the permissioning introduced today will become more granular in the future. That is to say, whether it would one day allow owners/admins to designate some employees with permission to manage the specials and offers in the loyalty program, for example, without giving the admin-level control. For now, Square users are either an admin or someone who can only accept payments. There’s no in between.
The company says it’s working on other things that will give business owners greater control over their Square experience, including improvements to the analytics on the back-end and reporting. Today’s update, however, will give the owners the ability to see who among their team sold what in their sales reports.
To enable the new feature today, managers can go into their account’s Business Settings and send invitations to their staff (up to 50 people), and employees can then set up their own Square login so they can accept payments on behalf of the business. All the payments will be deposited directly into the business’ bank account.
Correction: Square’s transaction reports are PIN-protected. Employees would not have had access to that. Reference removed.