Credit Card Scrapers Continue to Target Magento

A great article I found by Chris Brook regarding a malicious function snuck into SF9Realex, a module that helps sites store customer card data for one-click checkout.

Click here for full article.

https://threatpost.com/credit-card-scrapers-continue-to-target-magento/124267/

“Attackers continue to take aim at the e-commerce platform Magento. Researchers said last week they came across a malicious function snuck into one of the platform’s modules in order to steal credit card information.  Code for the function was injected into a .php file for SF9 Realex, a module that helps sites store customer credit card data for the one-click checkout functionality commonly used by repeat customers. The module interacts with the Realex RealAuth Remote and Redirect systems, “very popular solutions in the Magento community,” according to Bruno Zanelato, a researcher with the firm Sucuri, who found the malicious function.”

“According to researchers, the attacker uses binlist.net, a public web service for searching issuer identification numbers (IIN), to help identify which bank each card is associated with.”

 

“Magento credit card stealers are indeed on the rise,” Zanelato wrote Friday, “While the information here is specific to Magento, realize that this can affect any platform that is used for ecommerce. As the industry grows, so will the specific attacks targeting it.”

Magento Community Edition 1.8 Release – Notable Mention USPS Update

Magento Community Edition (CE) 1.8.0.0 Release Notes

See the following sections for information about changes in this release:

Highlights

  • Major overhaul of tax calculation formulas, correction of rounding errors, and additional assistance with configuration.
  • Optimized cache adapters for single-server systems
  • Upgraded Redis cache adapters for multi-server systems.
    To set up and use Redis with Magento, see Using Redis with Magento Community Edition (CE) and Enterprise Edition (EE).
  • Eliminated many types of database deadlocks.

Security Enhancements

  • Errors are not displayed in a new Magento installation.
  • Fixed a session fixation vulnerability in the new user registration process. Attackers can no longer abuse this flaw to take over new user accounts during registeration.
  • Prevent a user with limited privileges to delete the Magento installation.
  • Prevent attacks that use OAuth to leak sensitive information to an attacker that knows the consumer key and user token.
  • Resolved an issue that enabled attackers to gain access to billing information.
    We thank Darryl Adia (from Ampersand Commerce) for contributing to this fix.
  • Resolved issues with the security of OAuth tokens and keys.
  • A remote code execution vulnerability was fixed.
    We thank Bastian Ike for contributing to this fix.
  • The Magento Admin Panel and web stores no longer allow web browsers to store user names or passwords.
  • The Magento web store has additional Cross Site Request Forgery (CSRF) protections, meaning an imposter can no longer impersonate a newly registered customer and perform actions on the customer’s behalf.
  • The cryptographic methods used to store passwords were improved to enhance security.

United States Postal Service (USPS) Update

The USPS changed the names of their Priority and Express shipping options in their API in July 2013. To enable you to continue utilizing USPS Priority and Express mail methods, CE 1.8 includes a patch that addresses the issue.

Important: The USPS API patch has an impact on upgrading to CE 1.8 from earlier versions. If you’re doing a new CE 1.8 installation, however, you don’t need to do anything.

Following are details about the upgrade impact:

  • Print all USPS shipping labels before upgrading; after upgrading, you will not be able to print them.
  • Any shopping cart price rules that use the USPS shipping method that created before you upgrade must be re created after you upgrade. Pre-existing USPS shipping methods do not work with shopping cart price rules after the upgrade.

Performance Improvements

  • Limited the way Magento performs large database lookups.
  • Checkout performance improvements achieved by:
    • Eliminating unnecessary RSS cache cleanups when RSS functionality is disabled
    • The locale used to send a new order confirmation e-mail now first checks to see if the customer’s locale is the same as the store’s locale before attempting to localize the e-mail.
    • Improving the overall checkout process performance by loading the progress information for the current checkout step only
  • You can load a large number of tax codes (35,000 or so) without impacting performance.

Tax Calculation Fixes

Tax calculation issues can be divided into the following sections:

General Tax Notes

The following general fixes were made to Magento tax configuration and calculations:

  • Based on Magento testing and merchant experience, certain tax configuration settings have been determined to be susceptible to rounding issues and can be confusing to buyers. To help you avoid issues with those settings, warning messages display in the Admin Panel if you attempt to save such a configuration.
    Administrative users can choose to dismiss the messages and can still save the configuration; however, Magento strongly recommends you change the configuration in a way recommended by the details displayed in the message.
    For details, see Magento CE 1.8 and EE 1.13: Recommended Tax Configurations and Best Practices.
  • Bundle pricing is more consistent as follows:
    • The calculation formula is: Sub item price = Sub item base price * Applicable tiered price adjustment or discount, then rounded Bundle price = Sum (round(sub item price * qty))
    • When non-integer quantities are multiplied by a product price, Magento rounds the resulting subtotal is as follows: round(unit price * non-integer quantity)
  • All product price information on which taxation is based are rounded to two digits of precision regardless of how many digits of precision have been loaded into the database (for example, $10.24 instead of $10.2385). This situation can occur when certain integrations enable third-party applications to send four-digit precision prices to Magento.
    Starting with this release those additional digits will have no impact on customer facing prices. Forcing two digits of precision enables more exact calculations involving Fixed Product Tax (FPT), discounts, and taxes—among other concerns.
  • For certain Canadian provinces and localities, calculations and methods were updated to support changing legal requirements in Canada:
    • Provincial Sales Tax (PST)
    • Goods and Services Tax (GST)
    • Taxe de vente du Québec (TVQ)—also referred to as Quebec Sales Tax (QST)

For details, see Magento CE 1.8 and EE 1.13: Recommended Tax Configurations and Best Practices.

Rounding Error Fixes

The following issues relate to one-cent rounding errors in the web store or shopping cart:

  • Calculating taxes for bundled products with tiered pricing.
  • Calculating the price before customization for bundled products.
  • Calculating the grand total of items added to a cart in a different order.
  • Viewing an order when taxes are calculated after a discount using either row-based or unit price.
  • Applying a discount to an order with a shipping address different than the billing address.
  • Calculating the grand total based on the order in which products are added to the shopping cart.
  • Specifying that prices display in the web store excluding tax and setting a 20% tax rate (or discount rate) now calculates the grand total correctly. It is now possible to have grand totals in amounts like 6.99, 9.99, or 99.99—regardless of the currency units used in the web store.
  • Adding multiple items to a cart does not affect the accuracy with which taxation is calculated.
  • Subtotal (Incl. Tax) is now correct when catalog and shipping prices include tax. Both tax and discounts are applied after tax.
  • Prices displayed in the cart and on the catalog page are consistent and correct when catalog prices include tax, and when items in the catalog are set to display both including and excluding tax.
    (In the Admin Panel, click System > Configuration > SALES > Tax. In the right pane, expand Calculation Settings.)
  • Error in calculating the Grand Total Excl. Tax was resolved. This error occurred in a specific configuration: tax is applied to FPT, FPT is included in the subtotal, and the customer selects non-taxable flat rate shipping.

Fixed Product Tax (FPT) Fixes

The following issues relate to errors in calculating taxes that include FPT in the web store or shopping cart:

  • Price in the cart displays the correct before-tax price and grand total.
  • Subtotals displayed in the cart—both Including Tax and Excluding Tax—are now correctly calculated when FPT is applied.
  • Free shipping offers are now processed correctly when FPT is applied.
  • FPT taxes are calculated correctly when a discount is applied.

Discount Calculation Fixes

The following issues relate to price calculations when coupon codes or other discounts are applied in the web store or shopping cart:

  • The Row Subtotal displayed in the cart is calculated correctly (that is, both Excl. Tax and Incl. Tax are correct).
  • The price for bundled items now displays with tax included if the bundle is configured to do so.
  • Taxation is now correctly calculated on a product with a discounted price.
  • Taxation on discounts is now calculated correctly when the ship-to country is different from the web store’s default country.

Display Fixes

The following issues relate to the incorrect display of tax information in the Admin Panel or in your Magento web store:

  • Row Subtotal displays correctly in the shopping cart when:
    • FPT is applied.
    • A discount is applied to a situation where the tax the customer pays is different from the tax specified for the web store’s locale (for example, when the shipping origin is different than the shipping address).
  • Subtotal including tax on a credit memo is correct when one or more items in the memo includes FPT.
  • Item subtotal displays correctly when a discount is applied to a purchase that includes FPT.
  • If the administrator sets catalog prices to exclude tax and to display product prices in catalog as including tax, the price of the product in your web store includes applicable taxes.
    (In the Admin Panel, click System > Configuration > SALES > Tax. In the right pane, expand Calculation Settings.)
  • The amount of tax displayed in the Order Totals section of the shopping cart is now correct when free shipping and a shopping cart rule discount are applied.

API Fixes

The following are fixed in the Magento SOAP v2.0 APIs (with exceptions noted):

  • Requesting a product using a call like the following returns the product with the specified numeric SKU value (8888 in the following example): $result = $client->call($sessionId, 'catalog_product.info', '8888', null, null, 'sku');
  • Order status is changed correctly using salesOrderAddComment.
  • The shoppingCartProductMoveToCustomerQuote method works properly.
  • You can now use fromto complex filters to perform “window” filtration on a single field. For example, you can use from and to on the created_at return a list of sales orders using the salesOrderList.
  • When you use the SOAP API v.2.0 with WS-I Compliance enabled to retrieve sales orders information, the server responds with the correct Content-Length header.
  • The productGetSpecialPrice method returns special price information for a product, whether or not WS-I Compliance is enabled.
  • The shoppingCartPaymentList method returns the list of the available payment methods for the shopping cart appropriately. The following error is no longer returned: SOAP-ERROR: Encoding: object has no 'code' property in name
  • The following issues with WSDL and WS-I Compliance are resolved:
  • XML-RPC API: Using the product_custom_option.add operation with multicall no longer results in redundant options.

Fixes

Fixes in this release can be divided into the following categories:

Web Store and Shopping Cart Fixes

  • A customer’s account created date is correct.
  • When a product price is set with website scope and an administrative user has access to only one website, the default price is taken from that website scope. Also, when saving the product on the website scope, the price is updated only in that scope and not in the default scope.
  • An error no longer displays on your web store after a customer places an order. (The error message was There has been an error processing your request. Please contact us or try again later).
  • Restricted coupon codes work properly, even if the customer has selected the Remember me check box.
  • Using the Table Rates shipping option, free shipping options work properly. (In the Admin Panel, click System > Configuration > SALES > Shipping Methods. In the right pane, expand Table Rates.)
  • Issues with shipping table rates have been resolved.
  • Entering a value such as 10,50 (using a comma character and not a period) for Adjustment Fee now results in the correct amount of credit being applied to the transaction.
  • Unit price for bundled products is now calculated correctly.
  • The tiered price of bundled items now displays properly on the web store.
  • Composite products can be successfully reordered.
  • You can now use special characters in a product URL key.
  • After a customer visits the sitemap, web stores URLs are no longer prepended by /sitemap/catalog/string.
  • Welcome messages now display properly in the web store after a customer’s profile information is changed.
  • Recently viewed products now display updates properly.
  • Armed Forces Middle East is now available for State when checking out.
  • Searching for a customer’s orders and returns works properly.
  • Shipping is calculated correctly if you select Using origin weight (few requests) for Packages Request Type. (In the Admin Panel, click System > Configuration > SALES > Shipping Methods > DHL (Deprecated)).
  • Free shipping is no longer available to a customer during checkout if the option was disabled by an administrator. (In the Admin Panel, click System > Configuration > Sales > Shipping Method > DHL(Deprecated), click one or more options from the Allowed Methods list, and, from the Free Shipping with Minimum Order Amount list, click No.)
  • A user can navigate your web store while downloading a downloadable product.
  • You can now specify weight units in kilograms (kg) using the FedEx shipping method.
  • FedEx shipping rates are now consistent with Magento discounted rates.
  • Fixed issues with United Parcel Service (UPS) shipping rates.
  • UPS shipping labels have the word SAMPLE printed on them only when you request a sample label.
  • Changes made to United States Post Office (USPS) APIs and rates have been incorporated in Magento.
  • The products in a customer’s wish list no longer disappear after one or more products are edited by an administrator.
  • Administrators can view the contents of a customer’s shopping cart.
  • When a customer selects a product on your web store, the assigned category is selected in the navigation menu.

Promotional Price Rule Fixes

The following fixes relate to administering and using shopping cart price rules and catalog price rules:

  • Shopping cart price rules applied to specific customer groups work properly.
  • Catalog price rules are applied properly to customer groups.
  • The scope of a product attribute is now honored by a catalog price rule.
  • Discounts specified by a shopping cart price rule are applied properly when a particular order is shipped to multiple addresses.
  • A discount specified by a shopping cart price rule that allows for more than one use per customer is applied the correct number of times if the customer has their orders shipped to more than one address.
  • When an administrative user whose role is restricted to only viewing catalog price rules, the user cannot add or edit catalog price rules.
  • Shopping cart price rules now work properly with bundled products.

Administrative Ordering and Credit Memo Fixes

  • When you create an order using the Admin Panel and you have multiple stores, the State/Province field updates appropriately for the country in which the order is placed.
  • When you create an order using the Admin Panel and you have specified a default billing address and a default shipping address, the addresses are used correctly.
  • Orders placed by an administrator display in a customer’s last order list.
  • Product comparisons now display properly when an administrator makes a change using the Admin Panel (for example, deleting a product from a customer’s comparison list).
  • You can now cancel an order using the Admin Panel.
  • Orders and invoices that include taxable shipping—when created in the Admin Panel—now calculate the shipping taxes properly.
  • Products added to a customer’s wish list by an administrator display properly.

Import Fixes

  • The quantity (QTY) of all products imports correctly.
  • The value of Maximum Qty Allowed in Shopping Cart (use_cfg_max_sale_qty) is correct.
  • The product displays correctly in layered navigation.
  • Importing customer lists with capitalization variations in the e-mail address now imports the customer only once (for example, user@example.com and User@example.com).
  • Issues with importing products with Append Complex Data selecting from a comma-separated value (.csv) file have been resolved.

Payment Method Fixes

  • Resolved issue sending customer e-mail when using Payflow Link.
  • Security issues with Google Checkout payments have been resolved.
  • Security issues with Authorize.net payments have been resolved.
  • Magento conforms to the latest version of the PayPal Instant Payment Notification (IPN) guidelines.
  • The contents of a shopping cart are unaffected by canceling a PayPal payment.
  • Issues with not being able to continue checkout after switching payment methods have been resolved.
  • You can now process partial refunds and invoices for orders that were placed using Payflow Pro.
  • Payflow Link and Payments Advance now capture IPN transactions properly.
  • Special characters (such as e-mail addresses) are now handled properly by the Magento Payflow API integration.
  • Resolved errors with orders placed using the Website Payments Pro payment method.
  • PayPal Express Checkout payments are handled properly when a shopping cart price rule is specified.
  • Any PayPal Name-Value Pair (NVP) payment method no longer automatically refunds an order when a chargeback is initiated. Magento now allows the dispute to be resolved before taking the appropriate action.
    PayPal NVP payment methods include: PayPal Payments Pro (including PayPal Payments Pro Hosted), Payments Standard, and all Payflow methods.
  • PayPal Pro now correctly processes the shipping address for an order.
  • PayPal Express Checkout and PayPal Pro now handle partial refunds properly.
  • Fixed rounding errors that were preventing PayPal Express Checkout transactions from completing. The error occurred with the following configuration:
    • tax calculation method based on the total
    • tax calculated based on the shipping address
    • catalog prices exclude tax
    • shipping prices exclude tax
    • customer discount applied after a discount
    • discount applied to prices excluding tax
    • tax applied to a custom price if available
      (In the Admin Panel, click System > Configuration > SALES > Tax. In the right pane, expand Calculation Settings.)
  • The order status Suspected Fraud is now supported by PayPal Payments Pro (hosted) when PayPal fraud protection is enabled. Using the Magento Admin Panel, the merchant can also accept or deny any Suspected Fraud orders and have that decision applied to the PayPal transaction.
  • When sending payments in the United Kingdom, PayPal Payments Pro (hosted) now sends the value for state correctly. (Before the fix, city was sent as the value for state.)
  • Using the Ogone payment method, transactions display in the Magento Admin Panel after you capture them.
  • When an administrator places an order and uses PSi Gate, then cancels the order, the PSi Gate gateway displays both the order and the void transactions.
  • The following fields related to PayPal’s Payflow Pro Gateway payment method are now implemented properly:
  • Fixed spurious Gateway error: Void error: V18A4B18E0F9 has been captured errors when canceling partially invoiced orders when the Payflow Pro processor was used to process the payment.
  • 3-D secure fixes that affect UK merchants only:
    • 3-D Secure for UK merchants implementing Direct Payment works properly.
    • SagePay Direct with 3-D secure payments are processed correctly.
  • The Braintree payment method can now be configured properly.
  • Partial captures are now supported for the following PayPal payment methods: Express Checkout, Payments Pro Payflow Edition, and PayPal Standard.
  • Using the PayPal Express Checkout method, a recently added customer can check out without the error This customer email already exists.

Other Fixes

  • Issues regarding the DHL shipping method for shippig orders on holidays have been resolved as follows:
    • If the current date is a weekend, Magento chooses next Monday as the shipping date.
    • If the current date is a holiday, Magento requests from DHL information about the next five consecutive days to find a workday on which to ship the order.
    • If there is workday in the five consecutive days following a holiday, the DHL shipping method is unavailable.
  • The .htaccess.sample provided with Magento now includes php_value memory_limit 512M to be consistent with the Magento system requirements.
  • You can now install or upgrade to EE 1.13.0.2 if your Magento database had a table prefix (for example, all tables start with mage_ because you specified a tables prefix during installation).
  • MySQL database deadlock issues were resolved.
  • CE 1.8 is now World Wide Web Consortium (W3C) compliant.
  • When an administrative user whose role is restricted to managing products attempts to edit Inventory settings (Catalog > Manage Products, Inventory), only the available options display.
  • Related product information updates appropriately in the Admin Panel.
  • Issues with editing product inventory settings and category attributes using the Google Chrome web browser have been resolved.
  • Rolling back after a backup now works properly. (The Magento backup and rollback options are available in the Admin Panel in System > Tools > Backup.)
  • You can now fetch data for a PayPal Settlement Report using a custom Secure FTP (SFTP) server.
  • You can now save a category with the option Available Product Listing Sort By: Best value or Price enabled.

Google’s Attempt to obtain more Local Reviews = Recruiting “City Experts”

Google’s Attempt to obtain more Local Reviews = Recruiting “City Experts”

“Do you love to review places around your city and share your opinion with others? Our new Google City Experts program gives top reviewers (users with at least 50 high quality reviews, and at least 5 reviews in the current month) special perks like event invitations, custom swag, special access to contests and more.”

Users opt-in with their Google+ accounts.
To qualify as a City Expert you have to be among “the most active users on Google Maps who write reviews and upload photos of local places” (50 reviews, 5 reviews per month). Perks or rewards include the following:

  • Access to fun, exclusive events in their local area
  • Free custom swag
  • Special online recognition
  • Google City Expert Badge

For more info visit https://www.google.com/local/contest/cityexpert

I want my customers to be able to buy even if I do not have the product in stock. How do I do that? = Turn on Back Ordering Capabilities in Magento

I often get individuals asking – “I want my customers to be able to buy even if I do not have the product in stock. How can I allow them to buy still? And ship once I have it in stock.”

The answer = Turn on Magento’s Back Order capabilities.

Back Order – a business order yet to be fulfilled because stock is unavailable.

To enable backorders, go to:Admin Panel -> System -> Configuration -> Catalog Tab -> Inventory -> Product Stock Options -> Backorders = Allow Qty Below 0 and Notify Customer Edit Product to Qty = 0 and Stock Availability = In Stock

When you add the particular product to cart, the product is added to cart and you will see the following message:* This product is not available in the requested quantity. 1 of the items will be backordered.You can order the product even if it is out of stock. The product will be delivered to you when it is in stock.

GoDaddy go GOT HACKED

Go Daddy Hacked September 2012GoDaddy said it is working on resolving a problem that has caused many of the sites it hosts to go offline.

“Status Alert: Hey, all. We’re aware of the trouble people are having with our site. We’re working on it,” the company tweeted Monday morning.

Some GoDaddy sites began experiencing problems after 10:00 a.m. PDT, and a quick search of “GoDaddy” on Twitter indicated that the issues are likely extensive. Many users are sending tweets saying all of their websites are down.

“Awesome. My @GoDaddy hosted site is down….as is their site. #NoDaddy,” tweeted@MinorLeagueBlog, the Twitter account for TopProspectAlert.com, a site that was affected.

Some on Twitter say every site hosted by GoDaddy is down, but the company has not confirmed that. Its own site was running slowly after sites began going offline, although it appeared to be working fine later.

The hacker group Anonymous took responsibility for the problems, with one user sending the following tweet around the time sites started going offline: “Hello everyone who wanna me to put 99% of the global Internet in #tangodown?”

Not long after, another Anonymous-associated Twitter account tweeted “#TangoDown,” which members of the group tend to do when they claim to successfully attack a target.

The group may have hit GoDaddy with a denial-of-service attack, which bombards a site with more traffic than it can handle and crashes it.

ccording to many customers, sites hosted by major web host and domain registrar GoDaddy are down. According to the official GoDaddy Twitter account the company is aware of the issue and is working to resolve it. Update: customers are complaining that GoDaddy hosted e-mail accounts are down as well, along with GoDaddy phone service and all sites using GoDaddy’s DNS service.

Update 2: A member of Anonymous known as is claiming responsibility, and makes it clear this is not an Anonymous collective action.

London 2012 Olympic Ceremony Musical Performance List

London 2012 Olympic Ceremony Performer List

I’ve created a quick list of 2012 Olympic Performer List
Please let me know if I’ve missed any musical performers

Eric Idle
Muse
Annie Lennox
Jessie J
Russel Brand
Queen
The Beatles
Tinie tempeh
Kaiser Chiefs
Blur
Kinks
Pet Shop Boys
Emeli Sande
Fat Boy SLim
queen
David Bowie
One Direction
Taio Cruz
George Michael

Nina Sevilla

QuickBooks Online vs. QuickBooks Hosting

QuickBooks Online vs. QuickBooks Hosting

QuickBooks Online Edition

Bookkeepers and accountants with simple bookkeeping/accounting may consider using QuickBooks Online Basic or Online Plus. The internet-based accounting programs run on Intuit’s web server which is accessible from anywhere at any time. The requirements are only an internet connection and a web browser. However, QuickBooks Online Basic and Online Plus are not the same programs as the QuickBooks desktop edition software like QuickBooks Simple Start, Pro, Premier, Enterprise etc. The Online programs offer different features and capabilities for which it is sometimes found more appealing than others.

Advantages of QuickBooks Online

QuickBooks Online Basic and Online Plus offer several advantages over the traditional desktop editions. Some of the advantages are:

•    The software is easy to set up. Companies can subscribe to the service simply completing an online interview of approximate 10 minutes

•    While data cannot be imported from or exported to the desktop-based version of QuickBooks (or other formats) into QuickBooks Online Basic, users can convert the file switching from QuickBooks desktop to QuickBooks Online Plus

•    If the company decides to cancel QuickBooks Online Plus, they can export their data back to QuickBooks software easily

•    Users do not need any special internal information technology resource except an internet connection and a web browser as QuickBooks Online is hosted and managed by Intuit on its servers

•    Users can access the service anytime from anywhere. They can also allow access to public bookkeepers/accountants or trusted employees at remote locations

•    The monthly subscription fee to QuickBooks Online Plus varies to the number of users. Each time when a user logs into the company’s file, an entry is added to the Access Log which describes his identity and activities into the system

•    Online Basic allows access to one user and a public bookkeeper/accountant while Online Plus allows three users and a public bookkeeper/accountant. A maximum of 25 users can be added for an additional cost

•    Users can enter data directly into the accounting system that eliminates the delays and inaccuracies caused by sending data back to the public bookkeeper/accountant for review

•    Users need not concern to upgrades or system backups of the software as it always stays in the latest version automatically in the Intuit’s servers. Moreover, Intuit’s server files are backed up daily and the backups are moved to a remote location. Thus the data is safeguarded in the event of a fire or other disaster

•    Intuit tries to notify users in advance for scheduled maintenance downtime. Besides, Intuit’s servers are connected to backup generators to protect against power failures

•    Intuit maintains a range of procedures for the security of data. Such as: Passwords must be used to gain access to data, data transmit over the internet is encrypted with 128-bit encryption and Secure Socket Layer (SSL) technology. Besides, QuickBooks Online is a VeriSign Secured™ product which is the leading SSL Certificate Authority

•    Public bookkeepers/accountants are benefitted from a client’s use of QuickBooks Online Plus in the following ways:

I)    The service can help bookkeepers/accountants perform bookkeeping or write-up work “on demand” since the client’s information is accessible from anywhere any time
II)    The traditional process of transferring files back and forth, while making sure both the client and the bookkeeper or accountant are using the same software release, is replaced with “real time, anytime” involvement that can better suit the schedules of both the parties
III)    As the bookkeeper/accountant gets relieved of some of the manual operations required in performing traditional bookkeeping/write-up services, some bookkeepers/accountants believe the use of online bookkeeping/accounting services such as QuickBooks Online Plus will make them more efficient and better able to fulfill a more value-added advisory role to their clients
IV)    Bookkeepers/accountants can access their clients’ QuickBooks Online Plus files for free

Disadvantages of QuickBooks Online

Of course, QuickBooks Online is not for everybody. There are several drawbacks or risks to using the service, many of which are inherent to any online bookkeeping/accounting software program.

For example:

•    Many of the QuickBooks Desktop features are not available in QuickBooks Online

•    At the time of data conversion, all the data may not be converted or it may be converted into different format and not intact

•    QuickBooks Online currently does not support purchase orders or inventory tracking

•    Reports and graphs are available but not as many as in QuickBooks desktop

•    Report customization is somewhat limited in QuickBooks Online

•    Heavy internet traffic may slow down service response time and servers may be down, preventing access to company data though Intuit tries to notify users in advance for scheduled maintenance downtime

•    Company data cannot be accessed if the user’s internet connection is down or slow. Therefore, Intuit recommends a persistent, high-speed internet connection such as DSL, a cable modem, or T1 line

•    In spite of maintaining every reasonable precaution to protect the privacy of company data, there always remains the possibility that a malicious hacker could break through Intuit’s security configuration and access accounting data

Who Should Consider Using QuickBooks Online?

Because it lacks many of the features of QuickBooks, QuickBooks Online works best for service companies with relatively simple bookkeeping/accounting needs (i.e., those who do not need estimates, online bill payment, or inventory tracking). Even then, those companies may not see significant benefits from the software unless they wish to give bookkeepers/accountants or employees in remote locations access to their bookkeeping/accounting records (Online Plus only). Generally, users who want a more full-featured bookkeeping/accounting program to create estimates, perform job costing, track inventory and purchase orders, or integrate with Microsoft Word and Outlook should use QuickBooks rather than QuickBooks Online.

Those who are confused of using QuickBooks Online can try the software for free for 30 days trial. During the free-trial period, users can view a sample company; try various features, change and view reports. Alternatively, users can enter their own company information and begin using QuickBooks Online.

QuickBooks Online Basic and Online Plus are accessed through Intuit’s QuickBooks website at http://quickbooksonline.intuit.com.