CategoryHelpful Tips and Suggestions

New & Improved Way to Manage Your OrangeCRM Account

We are pleased to announce the release of our new Client Portal, which enables you to efficiently manage your OrangeCRM account and quickly perform multiple account related tasks all in one place.

What is the OrangeCRM Client Portal?

The Client Portal is where authorized software users can go to manage their client account with us, the software provider. Within the Client Portal, actions such as the following can be performed:

  • submit and view service request tickets
  • make and view payments
  • add or remove software modules
  • access the OrangeCRM Help Guide, Blog and Live Chat.

Important Changes

  • Service request tickets will no longer be submitted at
  • You now have full control over who has access to our ticketing system rather than having to ask us to grant your users with ticket access.

How to Manage a User’s Level of Portal Access

The Client Portal offers tiered access levels, allowing you to control the level of access a user has based on their particular job function. By default, all OrangeCRM users will automatically have the minimum level of access to the Client Portal, which includes the Help Guide, Blog, and Live Chat. All other buttons will be grayed out and disabled unless a higher level of access is granted by a system admin.

To manage a user’s level of portal access, open the ACL User record in OrangeCRM and click the Client Portal Access button in the right panel.

A new window will pop-up where you can select the desired level of access. Select a Security Profile from the drop-down menu to view a description of
the level of access it will allow.

Once you have made your final Security Profile selection, click the Add Access button, which will auto-close the ACL User record.

To confirm Portal Access was successfully added, re-open the ACL User record and look at the big buttons in the right panel. You should now see the top button grayed out and the 2 middle buttons should now be orange.

Use the Update Portal Access button to edit the user’s level of access to the Client Portal.

Use the Remove Portal Access button to restore the minimum level of access, which includes the Help Guide, Blog, and Live Chat.

How Does a User Access the Client Portal?

To access the Client Portal from the classic user interface, go to the Home menu and click on Client Portal.

To access the Client Portal from the touch user interface, click on the red Client Portal button which can be found on the home page or in the Rubik’s Cube menu located in the upper left corner of any page.

For more information about how to use the Client Portal or manage user access, please click on the Help Guide button on the portal’s home page.

OrangeCRM Gets a New Look

We are pleased to announce an updated user interface for OrangeCRM version 6.0. This version comes with a number of interface changes, specifically targeted at touch devices. If you haven’t been upgraded to version 6 yet, you can expect it soon.

When you log into OrangeCRM, the classic interface that you’ve grown accustomed to will continue to appear by default. You will have the ability to toggle back and forth between the classic and touch interfaces as needed.

Each user is also able to set their own preferences by choosing which of the two interfaces they wish to set as their default.

How to Switch from Classic to Touch

In the classic interface, go to the Home menu and click on OrangeCRM Touch UI.

How to Switch from Touch to Classic

In the touch interface, click the Classic button located in the upper right corner of the home page.

How to Set Your Default Interface Preference

In the touch interface, click the Preferences button in the upper right corner of the home page.

Note: By default, all current users are set to the classic interface on login.

We will be updating and improving the touch interface as we move forward, so we encourage everyone to start using it.

Effectively Monitor Transaction Processing in OrangeCRM

Regularly monitoring transaction processing is critical to the success of your business. While OrangeCRM automates transaction processing with its batch jobs, it is still necessary to review the results, so that you can identify any areas that may need attention.

To get a bird’s-eye view of each bank batch’s results, simply go to the Bank menu and click on one of the three Deposit options: Deposits by Date, Deposits by Bank or Deposits by Group.


Each of the three deposit options provides a list of transaction batches, along with a breakdown of the following key details for each batch: the number of transactions in error status, decline percentages for both sales and retried transactions, as well as the sale, refund, decline and net deposit dollar amounts.


Frequently analyzing the results of your daily bank batches will allow you to quickly identify any processing errors or negative trends that require action.

From the view pictured above, each batch can be opened to access its individual transactions. Shortcut links to the customer record are also provided with each transaction. This enables you to conveniently take any necessary actions on the transaction and/or customer record.


For additional instructions, please refer to the OrangeCRM Help Guide at

Speed Up Transaction Processing Times in OrangeCRM

OrangeCRM Batch Jobs are operations that are scheduled to run behind the scenes to accomplish a multitude of functions in an automated fashion.

Among the various types of Batch Jobs are Merchant Bank jobs, which batch together all qualifying transactions and sends them to the selected Gateway for processing. Merchants with a high number of banks and/or transactions may find that their batch jobs are taking too long to process.

A simple way to minimize transaction processing times is to schedule Merchant Bank jobs to run at night, when other CRM activity is very low. Additionally, you can free up your job queues during that time frame by using the Blackout Time feature to temporarily suspend any Batch Jobs that run frequently throughout the day, such as every hour or more often.

Blackout Time settings can be configured within the Advanced Scheduling tab of a Batch Job.


For further assistance with managing batch processing times, feel free to contact our support team at (770) 227-0036 Ext 1.


Searching for Customers in OrangeCRM

To get the best result when searching for a customer in OrangeCRM, try to avoid searching by the customer’s name. Spelling errors during the order entry process are common. Although you may have everything spelled correctly in your search, you might not find a match due to a misspelling on the customer record.

To increase your chances of finding a match, try searching for any of the following values instead of the customer’s name:

  • Customer GUID
  • Phone Number
  • Email Address
  • Street Address
  • Zip Code

For more basic and advanced search tips, please visit > OrangeCRM Help Guide > Searching in OrangeCRM.

Reduce the Risk of Fraudulent CSR Activity with OrangeCRM’s IP Address Whitelist

OrangeCRM provides many features that are designed to assist your business in risk management. An important area not to be overlooked is the need to protect against fraudulent activity from customer service reps.

One of the many ways OrangeCRM can help to significantly minimize such risk is by giving you the ability to control user access at the IP address level. This valuable feature allows you to block users from accessing OrangeCRM from unauthorized locations or devices, such as their home computer, cell phone or tablet.

Restricting user access to only approved work locations and devices is easy with OrangeCRM’s IP address whitelist. Simply open an ACL User record and go to the IP Address tab.

ACL User - IP Address Tab

Then enable the IP Whitelist and enter the public IP addresses the user is allowed to access from. Multiple IP addresses can be added to the whitelist individually and/or in a range.

ACL User - IP Whitelist

With the IP Whitelist enabled, user access will be denied when login attempts come from an IP address that is not on the whitelist.

For more useful suggestions and preventative measures that can help you reduce the risk of employee theft in OrangeCRM, see our previous post: Could Your Customer Service Reps be Placing Fraudulent Orders?

Does Your Online Business Need to Collect Sales Tax?

Collection of sales tax on internet sales has been a matter of ongoing debate both within individual states and at the federal level.

The current default rule throughout the United States is that you must collect sales tax on internet sales from customers in those states where your business has a physical presence. Generally speaking, a physical presence means having:

  • a warehouse in the state
  • a store in the state
  • an office in the state, or
  • a sales representative in the state.

Typically, if you do not have a physical presence in the state, you are not required to collect sales tax for an internet-based sale to someone in that state. However, many states have used the term “Nexus” rather than “Physical Presence” in their sales tax laws, regulations or other official documents. In the process, these states have sometimes defined nexus in ways that could go beyond physical presence.

For that reason, it’s important for online sellers to be aware of the internet sales tax laws in each of the states where their customers are located. Learn the current rules for all 50 states with this handy guide, provided by legal advisory company Nolo: Internet Sales Tax: A 50-State Guide to State Laws.

PCI Data Security Standard Version 3.1 Expires October 2016 – How to Implement Version 3.2

Version 3.2 of the Payment Card Industry Data Security Standard (PCI DSS) was released in April 2016, with a compliance date of October 31, 2016.

Although version 3.1 will not expire until then, companies have been encouraged to adopt the new standard as soon as possible to prevent, detect and respond to cyber attacks that can lead to payment data breaches.

Key changes in PCI DSS 3.2 include:

  • Revised Secure Sockets Layer (SSL) and early Transport Layer Security (TLS) sunset dates as outlined in the Bulletin on Migrating from SSL and Early TLS
  • Expansion of requirement 8.3 to include use of multi-factor authentication for administrators accessing the cardholder data environment
  • Additional security validation steps for service providers and others, including the “Designated Entities Supplemental Validation” (DESV) criteria, which was previously a separate document.

A full copy of the new PCI Data Security Standard version 3.2, including a Summary of Changes document, is available at:

PCI Perspectives blog post PCI DSS 3.2: What’s New? provides more information on changes to the standard and its supporting documents. The blog also outlines additional resources available for understanding and adopting PCI DSS version 3.2.

Non-Compliance with Canada’s Anti-Spam Law Could Cost a Business up to $10 Million per Violation

Is your business maintaining compliance with Canada’s Anti-Spam Legislation (CASL)? If not, the penalty could be as high as $10 million for the most serious violations!

Even businesses outside of Canada can be affected by this law. According to, if a foreign company is sending commercial electronic messages to Canada, CASL applies. Electronic messages include email, SMS, social media or instant messages containing commercial or promotional information about your organization, products or services.

How can businesses ensure they are in full compliance with CASL?

  1. Obtain a consumer’s consent prior to sending commercial electronic messages.
  2. Properly identify yourself in the message.
  3. Provide a functional way for the recipient to unsubscribe from receiving future commercial messages.

OrangeCRM’s internal Message Service Provider is US and Canada SPAM compliant. Your company name and address, along with an unsubscribe link, are automatically included in all outgoing emails. Recipients who click on the unsubscribe link are immediately added to an email blacklist.

Since OrangeCRM systematically takes care of steps 2 and 3, all you need to worry about is making sure you have the proper consent.

For more details, please visit the FAQ page for businesses and organizations at

MasterCard’s New 2 Series BIN Initiative – Why It’s Important to be Compliant

Back in March we alerted merchants accepting MasterCard of the changes that are necessary to support the new 2 series Bank Identification Numbers (BINs) being released on October 14, 2016.

(To read that post, click the following link: Important Change for Merchants Accepting MasterCard – Don’t Get Slapped with Fines up to $25,000 Per Month!)

As a MasterCard mandated initiative, the credit card company will be monitoring 2 BIN acceptance rates and may impose non-compliance assessments to businesses that are unable to accept 2 BIN cards by the October deadline.

This BIN series will help to support the expanding payment industry and growing number of cardholders globally. Which means non-compliance can also result in a disruption to your business, along with the dissatisfaction of cardholders with a 2 series BIN who wish to do business with you, whose payments you are unable to accept.

With only 3 months remaining, it’s important for all industry stakeholders to take the needed actions to ensure your payment solution is equipped to recognize and process MasterCard 2 series BIN cards, if you haven’t already done so.

If you’re using OrangeCRM, you’ll have one less thing to worry about. Our software is already programmed to support the new MasterCard BINs.

Other systems that should be tested for compliance include point-of-sale (POS) terminals and payment processors/gateways used in both card present and card-not-present environments, such as web applications and online stores.

© 2018 OrangeCRM Blog

Theme by Anders NorénUp ↑