Customers Dispute Chargebacks

Chargebacks are one of the most important issues that small business merchant account users have to deal with. Not only are they costly and time consuming but, if left unchecked, they can potentially cause the suspension of the credit card processing account. Certain industries are more prone to chargebacks than others and, as a result, the payment card processing rate for merchants operating in these industries is higher. Customer disputes are one of the most common reasons for chargebacks. There are a number of possible reasons but a customer will most often dispute a transaction because:

• A credit has not been processed when the customer expected it would be.


• Product or service ordered was never received.


• A service was not performed as expected.


• The customer did not make the purchase; it was fraudulent.

Because chargebacks, resulting from customer disputes, may indicate customer dissatisfaction - and the potential for lost sales in the future - addressing their underlying causes should be an integral part of your customer service policies. Your credit card processing practices can be optimized to minimize or avoid the possibility of misunderstanding. For example you should deposit your transactions on the date the merchandise is shipped, not on the date the order was taken.

If a cardholder with a valid dispute contacts you directly, act promptly to resolve the situation. Issue a credit, as appropriate, and send a note or e-mail message to let the cardholder know he or she will be receiving a credit.

What Is Member Service Provider (MSP)?

Member Service Provider (MSP) is a company that is authorized by MasterCard to provide merchants with merchant services. Companies authorized by Visa to provide the same service are called Independent Sales Organizations (ISOs). Typically, companies are licensed as both ISOs and MSPs.

In order to get authorized, a merchant card processing applicant has to go through a rigorous process. It starts with finding a sponsor bank to serve as an acquirer. Acquirers do the authorization, clearance and settlement of merchant credit card payment processing transactions. They are members of both Visa and MasterCard and guide the applicant through the process. The application requirements include a detailed business plan and marketing plan, a check of the applicant business financial statements and its principals' tax returns, personal financial statements and credit files. If the results are satisfactory, the applicant must pay registration fees of $5,000 to both Association. The registration to provide credit card transaction processing services is up for review once a year and, upon approval, a fee of $2,500 per Association is charged.

Merchant account service providers, sponsored by US-based acquiring banks, are authorized to provide credit card processing accounts to US-based businesses only and settlement is done in US dollars. Both MSPs and ISOs are required to display the name on their acquiring bank on each page of their websites and on every form of advertisement or a marketing material.

Downgraded Transactions

Interchange is actually a general term describing dozens of credit card transaction processing rates legislated by the Credit Card Networks. They depend on a variety of factors related to the sale and the way the charge is processed. There are three general classifications. When a transaction is processed in accordance with the rules and standards established in the Payment Processing Agreement, signed by the merchant and his or her merchant account processor, and complies with all applicable security requirements, it is charged the most favorable credit card payment processing rate. That rate is called a qualified rate and is set in the Payment Processing Agreement. Should a transaction meet some but not all of the above mentioned criteria, it will be classified as either mid-qualified or non-qualified and it will be billed at a higher rate. This is known as a downgrade. Most likely, your credit card merchant processor will report downgrades as non-qualified transactions. But many small business merchant accounts providers simply lump all of the downgrades together and report them as a miscellaneous fee.

Generally, if your downgrade levels exceed 10%, you have a problem.

To protect the integrity of their system, Visa and MasterCard do not publish their rules and regulations or the payment processing standards required to get the lowest interchange rate. It’s up to credit card processing companies to know and implement them to their merchants' benefit. A high downgrade rate may indicate that your processor does not know the standards, or may be reluctant to implement best practices or new rules changes.

Please be advised that such problems may arise from the way you process your orders, and may have little to do with your merchant services provider. Yet, even if the cause originates with your business practices, your credit card processing service partner should be reviewing your merchant account and suggesting ways to reduce these downgrades.

Retail Merchant Account vs. E-Commerce Website

This is a question that merchants ask us at UniBul with an ever increasing frequency. It is perfectly understandable why they would like to use the retail merchant accounts that they already have and not have to go through the hassle of establishing a separate PC based credit card processing service. Yet, per Visa and MasterCard regulations, merchants need to set up separate accounts for each one of their businesses. The reasoning behind this requirement is that different industries present different levels of processing risk. In case of a problem with a rolled-up solution, both businesses will suffer if the account is suspended, whereas, with separate credit card payment processing services, only the problematic account will be affected. The risk is especially high with eCommerce merchant accounts, because internet transactions generate the vast majority of credit card fraud.

Your web-based processing solution will need to be compliant with the latest Payment Card Industry Data Security Standards that were developed in a collaborative effort by all major Credit Card Companies and Associations. We have explained the main points of the compliance process elsewhere in this blog. All major processors offer eCommerce gateways that are fully compliant.

With that in mind, your best course of action would be to contact your current manual credit card processing provider and request a quote for an internet merchant account. A good idea would be to also request quotes from several other processors and compare the terms. You may end up getting a better pricing for your brick-and-mortar store in the process.

Suspending Merchant Accounts

Before setting up a credit card payment processing account, processors closely scrutinize the financial situation of every business that is applying and its principals' credit worthiness (yes, we do that too). The check-up process includes evaluation of the business financial statements and the owners' tax returns and credit files. The goal is to make certain that the merchant account will be used responsibly and that consumers will be treated fairly. Yet, there are still possibilities that, even after the stringent application procedures have led to a favorable decision, at some point the relationship between a credit card merchant processor and a merchant will deteriorate to a point where the only alternative will be suspension of the account. There are several reasons why credit card processing companies suspend small business merchant accounts.

The first, and most obvious reason that will automatically lead to a suspension is fraud committed by the merchant. Fraudulent activities can take many shapes and forms. Misusing personal information like credit card numbers and details, overcharging, not delivering products and services as advertised are just a few examples.

Secondly, non-compliance with the Payment Card Industry (PCI) Data Security Standards (DSS) can also lead to a suspension. PCI DSS is a joint effort by Visa and MasterCard and lays down the groundwork for data management in the credit card processing industry. We have developed our Payment Card Acceptance Best Practices Guide to help merchants reach compliance and have made it available to everyone.

Another reason your processor will shut down your merchant account processing service is a consistently high level of chargebacks. The importance of keeping them under control cannot be overestimated. As previously described, chargebacks result from customer disputes, often ones that have not been addressed in a timely manner. If your chargebacks stay at or above 1% of your total credit card processing volume, your credit card processing account will be suspended. There are a number of best practices that should be employed in order to avoid customer disputes and we have addressed the issue elsewhere. The most important thing that you need to keep in mind is to make information easily accessible to your customers. Contact phone numbers, return policies, terms and conditions should all be easily located on your website or printed receipt and, for eCommerce merchant account users, emailed to your customers.

Keep in mind that your merchant services provider does not want to suspend your account. The only way they can make money is to have you as a customer. Work with them whenever there is an issue and provide all information that is required.

Settlement in Multiple Currencies

US-based credit card processing companies can provide small business merchant accounts solely to domestic business entities, with an address and bank account within the United States. They will settle your funds in US dollars.

In order to get your credit card processing transactions settled in a foreign currency, you will need to get an offshore credit card merchant processor. The bigger companies among them have relationships with multiple processing banks, located around the world and can settle your funds in a number of foreign currencies.

Before selecting the offshore option, however, it will be a good idea to look at the numbers and see if it is worth it. Also, it should be mentioned that this option is available only to PC based credit card processing operations.

First of all, you should be advised that offshore credit card payment processing services are expensive. They offer processing rates that are substantially higher than domestic eCommerce merchant account rates. They also have substantial set up and maintenance costs. The cost differential can be so great that you might be better off establishing a US based merchant services credit card processing account and settling in dollars which you can then convert into the currency of your choice.

Merchant Account Considerations for Multiple Websites

There are many businesses that use different websites to sell different products or services. In an effort to cut costs and simplify operations, they may be interested in using a single credit card processing account for all websites. Unfortunately, that is not possible, nor is it advisable.

There are several reasons why credit card processing companies will not set up such an account. They all have to do with risk. To begin with, the potential for chargebacks grows substantially when one account is used for multiple sites. The reason is that many cardholders will not recognize the billing descriptor on their statement, if the name is different from the name of the merchant they made the purchase from. Remember that eCommerce merchant accounts have high chargeback levels even at the best of circumstances. If you try to resolve the issue by placing a note on the checkout page to say that "Your statement will say XYZ Company", that is unlikely to have a significant impact, as customers are proven to associate their purchases with the name of the business that actually sold the product.

Equally important is that a merchant account processing bank will not be willing to underwrite a credit card processing account that will serve more than one websites. Again, it comes down to chargeback management. With separate accounts, if one of the websites generates high levels of chargebacks, it will be penalized and, possibly closed (if chargebacks exceed 1 percent), but the other one will not be affected. In the case of a single credit card payment processing service, both websites will be affected. If the account is closed, they will both lose their merchant services credit card processing capabilities.

Another factor to consider is that each website is evaluated separately and, in a single account scenario, if one was not approved, the whole processing account would not be approved.

Here is what we offer to e-commerce businesses.

Merchant Account Volume Limitations

When you apply for a merchant services credit card processing account, one of the questions that you answer is about your credit card payment processing volumes (you'll see it on our application, too). You are asked to give your estimate on the average sales amount, as well as your expected monthly volume. It is important that you answer these questions to the best of your ability, even though it can be hard to give precise figures, especially if you have a new business. Credit card processing companies use this information in their evaluation process, in order to place your business in the correct processing category. It all has to do with estimating the probability of generating customer disputes and chargebacks. Please refer to our "Chargeback Methodology" article for details on that issue. The higher the probability of generating disputes, the higher the premium that you will pay for your credit card processing service. Some industries are typically prone to higher levels of chargebacks. Prime examples are adult-oriented websites, third party collection agencies, used car dealerships, etc.

Certain factors go across industry lines and the average sales amount is among the bigger ones. The reason is that the bigger the average sales ticket becomes, the bigger the potential chargeback amount. Even if sales take place in a face-to-face environment and the potential for fraud is minimal, consumers are much more likely to have a change of heart on a $1,500 purchase than on a $10 one. Even though small business merchant accounts will not place a cap on your credit card processing volume or your average ticket, your rates will very much depend on them.

With that in mind, merchants will be well advised to implement a set of best practices into their business' sales cycle. Make your shipping and return policies clearly visible in your marketing materials and on your website. Include these policies on the sales receipts and in the confirmation emails that you send out after an online purchase. Make available and easily accessible a phone number that your customers can dial when they have questions on a purchase they have made. Make sure that there is someone to pick up the phone and address the issues in a competent and professional manner. Simple things can make a huge difference and your bottom line will improve significantly as a result. A good credit card merchant processor will help you with this process.

Acquirer Noncompliance with Common Point of Purchase (CPP) Investigations

MasterCard may assess an acquiring banks for failure to comply with CPP responsibilities. Each failure may be considered a separate violation for assessment purposes. Multiple violations can result from a single CPP investigation request. For example, if an acquiring bank fails to acknowledge receipt of an investigation request and also fails to initiate an investigation, then MasterCard may fine the acquiring bank for two noncompliance violations.

MasterCard also may request additional information from the acquiring bank after the completed investigation date. A due date will be established at the time of the request, based on the content of the requested information. If the acquiring bank fails to acknowledge or respond to the information request, MasterCard may assess a noncompliance fee. Each CPP will be reviewed on an individual basis.

With each incident of noncompliance, a certified or registered letter, fax, or email with confirmation will be sent to the acquiring bank's Security Contact, Principal Contact, and Merchant Acquirer Contact.

In cases of acquirer noncompliance, the following assessments apply:

• First violation - no assessment.
• Second violation. MasterCard may subject the acquiring bank to a Level 3 RAMP review ($10,000), and may impose an assessment of up to $15,000.
• Third violation. MasterCard may assess the acquiring bank up to $20,000, and may refer the incident to the Audit Committee of the MasterCard Global Board of Directors for review and recommendation.
• Fourth and all further violations. MasterCard may assess the acquiring bank up to $25,000, and refer the incident to the Audit Committee of the MasterCard Global Board of Directors for review and recommendation.

Everything You Need to Know About Interchange-Plus Credit Card Processing

OK, new month, new pricing model. This time it is an interchange-plus type of pricing model and I wanted to share the most essential things about it. The new pricing model is now available to all card acceptors, regardless of whether they accept credit cards in brick-and-mortar retail stores or in virtual e-commerce and direct marketing environment.

Most merchants place processing cost at the very top of their lists of factors used when examining and evaluating a merchant account proposal. It is of course totally understandable, as most of us do just the same when selecting vendors for whatever types of services we may need.

Yet, offering low acceptance cost is the only way a payment processor can be competitive in today's environment and it is also the biggest reason why our company has introduced an interchange-plus credit card processing model now.

The model is really incredibly simple. It works by adding the processor's cost to the interchange rate, set by the Credit Card Associations for each payment card transaction. By keeping the mark-up as low as possible, the processor guarantees that it remains competitive and that the merchant gets the lowest processing rate in the process.

So let's summarize. The merchant's processing cost is the sum of whatever the processing bank (e.g. UniBul Merchant Services) charges and whatever the issuer charges. With the interchange-plus credit card processing model, the rate the processor assesses remains exactly across all transaction types, guaranteeing that the business does not overpay for any special types of transactions. The final cost will still vary by transaction, though, as the fees charged by the issuer will vary by card type.

Here are some of the benefits of our new pricing model:

• 98% merchant approval rate for qualified applicants.
• Application decision as soon as within hours of submission.
• Processing of all American and the major European and Asian credit, check and debit card brands.
• PayPal, Google Checkout, Amazon Payments, eChecks and eBillme third party payment options.
• Funds deposited directly into your checking account in as little as 24 hours.
• Chargeback and risk management programs to help minimize your fraud exposure.
• Robust chargeback management capabilities.
• Risk management services to minimize your fraud exposure.
• Unlimited batch capacity.
• Comprehensive web-based reporting and statements.
• No downtime during the switch from your current processor.
• Online client center to put all of your account information at your finger tips for a more efficient account management.
• Fast transaction authorizations.

Payment Processing Procedures to Be Followed When the Terminal Is Not Working

Most of us have attempted a credit card payment at a grocery store and our card has been rejected. If you are on the other side of the transaction, you will need to know how to handle such situations quickly and without creating any further complications, so that the customer can complete the transaction without wasting too much time. In this post I will go over the issues that may prevent cards from being read and will suggest a list of payment processing procedures to be followed to complete the transactions in a way that is compliant with industry regulations.

What Prevents the Card from Being Read?

There are several major reasons why the card account information cannot be read, including:

• The merchant's equipment is not functioning properly.
• The customer is not swiping the card correctly.
• The card itself is somehow damaged, typically there is an issue with the magnetic stripe. It is important to realize that such issues may be caused inadvertently, but they may also be the result of a fraudulent tampering with the card.

How to Process Payments When the Magnetic Stripe Cannot Be Read?

Following is a list of procedures that you should follow when your terminal cannot read the card:

• Before taking any further action, inspect the terminal to see if it is working properly and also you may have to help your consumer with the swiping the card.
• If the terminal is functioning properly and the card is swiped as it should be, inspect the card itself to ensure that it is not altered or tampered with.
• If the problem is caused by the card itself, you have several options to handle the situation and you will be well advised to create a policy to be followed every time such a situation exists. For example you may consider asking the customer for an alternative method of payment (e.g. cash, another card, etc.). Or you can override the swipe and key-enter the transaction information. Yet another alternative is to request a voice authorization approval from your merchant services provider.
• If your policy is to manually enter the payment data or to obtain a voice authorization, industry regulations require you to take an imprint of the front of your customer's card. The image of the imprint should be placed on the main receipt of the transaction or you can create a separate one and have it signed by your consumer. This is crucial, because it gives you protection in cases of chargebacks.

Be prepared to pay higher processing fees, if you key-enter transaction information.

Essential Virtual Terminal Credit Card Processing Information

We often speak to business owners who seem to confuse virtual terminals with payment gateways. We also still get information requests mostly from very small merchants that take payments by telephone or in the mail and still ask for a merchant account solution based on a physical processing terminal. They would manually enter payment information into the terminal, they tell us.

Our history clearly shows that we haven’t explained well enough what virtual terminals are and what exactly they do. This post is my attempt to make amends.

Virtual Terminal Basics

Virtual terminal is an online service that allows users to process credit and debit card payments by manually entering the payment information directly into their processor’s payment back end.

Once the credit card processing service is set up, the user receives a direct access to the processor’s back end. She can access it from anywhere web connection is present and use the service to not only accept bank card payments, but also to issue refunds, as well as simply request authorization approvals, without actually sending payments for settlement.

Virtual Terminal vs. Payment Gateways

Payment gateways link e-commerce websites with acquiring banks, allowing the two systems to talk to each other, communicating transaction data, authorization requests and any other information that needs to be exchanged. Gateways gather data that are already submitted by the customer and is organized within the website’s shopping cart. This is where the difference between the two services is to be found. While payment gateways solely facilitate the exchange of already provided transaction information, virtual terminals allow users to manually enter it into the acquirer’s system.

Web-based businesses usually get these two services as a package when setting up a credit card processing service. The reason is that each gateway includes a virtual terminal. The most prominent one is the Authorize.Net suite of payment gateway and virtual terminal.

Should You Be Using a Virtual Terminal?

Yes, you should and the reason is convenience. If you accept payments by telephone or in the mail, there just isn’t an easier way to process them. All you have to do is manually input the information into a payment form within a browser and hit submit.

Before virtual terminal first appeared as a viable merchant account option, card acceptors had two main options for processing payment information received by telephone or in the mail. They could either call it into the processor’s payment system or manually enter it using a physical credit card machine. I guess the reason some businesses still use one of these these options is habit. There is nothing wrong with them, it's just that they are inconvenient.

How to Accept Online Payments at Lowest Fraud Risk

Managers of online businesses need to achieve a comprehensive understanding of the risks accompanying the processing of e-commerce transactions, so that when the business begins to accept online payments, it does that in a way that greatly limits risk exposure. Moreover, this should be achieved prior to the setting up of a credit card processing account for the business, even though the manager's education will never actually end.

Where to Start?

The e-commerce manager should start with the designing of a reliable plan for dealing with fraud risks. The single most important objective throughout this process should be to ensure that transactions are processed on the website not only quickly, but also at the highest possible level of security and reliability, and to do so every time a payment is accepted at the checkout. How well this objective is achieved will actually be known quite quickly, through the comments you receive from your customers.

If visitors to your website believe that their personal data is kept safe, they will respond in a quite short order and, among other things, you will notice that you get positive reviews on in the blogosphere. On the other hand, if these comments are negative and the issue is not properly addressed, this will lead to disputes and eventually to chargebacks, which will cost you a great deal of time and money, as well as the cost of the service or product itself. Not to mention that you can get your merchant account terminated.

How to Accept Online Payments at Lowest Fraud Risk

Now that we have reviewed the reasons why you should pay attention to data security, here is how your payment processing should be done to limit your risk exposure:

• The importance of education and training. The level of your organization's risk liability will be very much the result of your company's established process for managing sales orders, evaluating transactions for fraud, data security management and, finally, the type of merchandised offered on your website. Your entire staff will have to be well educated on the risks associated with the acceptance of payments over the internet and everyone within your organization must be well prepared to manage them.
• The importance of selecting a good payment processor. When evaluating the details of a merchant account proposal and putting it against others you have been sent by a host of other processing banks, an e-commerce manager will have to be able to cast his eye beyond the main rates. Although very important, these rates are usually only applicable under certain pre-defined conditions. One has to make sure the business' payment acceptance procedures are compliant with industry rules, which is the best way to ensure lowest processing cost.

Types of Credit Card Services for Payment Acceptance

Credit card services for payment acceptance are offered by Visa and MasterCard acquirers, usually through third parties, to commercial and non-profit organizations. These services are in fact a kind of credit line that the acquirer extends to the merchant to enable it to take for payment the card types and other payment forms that are mentioned in the merchant processing agreement.

How Do Credit Card Services for Payment Acceptance Work?

When a business or a non-profit accepts a customer's credit or debit card for payment, the transaction data are sent to the processing bank, which then pays the card acceptor the payment amount, after first subtracting the amount of the interchange fees and its own processing costs. Then the acquirer makes a payment request to the card issuer. The issuer, for its part, then credits the processing bank's account for the transaction amount, after first deducting the interchange cost, and includes the transaction on its cardholder's monthly statement. The customer finally pays the issuer at the end of the month to close the payment cycle.

Types of Credit Card Services

There are multiple different types of credit card services, however the most commonly used are:

• Physical retailer type. This type of credit card processing account encompasses all payment services that are based on physical credit card machines that "read" the account information from the magnetic stripe of the credit or debit card that is swiped through the terminal. Due to the fact that the business or non-profit can physically validate the card's validity (hence, card-present) as the payment is being made, these credit card services are generally seen as much less likely to generate fraudulent transactions and so their users benefit from slightly lower processing fees.
• Internet types. Encompassed in this sub-group are all credit card services where the payment information is key-entered into the acquiring bank's system, through either a web browser or a phone keypad. The card itself is not present during the transaction (hence, card-not-present). As the card acceptor can never physically inspect the card and the data are instead given to him or her, card-not-present transactions have historically been proven to generate higher rates of fraud, chargebacks and processing errors and are consequently processed at slightly higher rates. There are two main sub-categories in this group:
  
  • E-commerce merchant type. These card acceptance services are used by internet-based businesses and allow cardholders to key-enter their credit or debit card data into a payment form displayed on the merchant's own website. Once provided, the payment information is automatically sent, via a payment gateway, to the acquiring bank.
  • MO / TO merchant type. MO / TO (mail order and telephone order) credit card services enable businesses and non-profits to key-enter the payment information, as given to them by the cardholders, into a form on the acquiring bank's server or, through a phone keypad, to call the transaction data into the processor's payment system.

Website Requirements for Online Credit Card Payment Processing Services

Merchants that run business operations over the internet and do their credit card processing on their very own websites are required by their payment processors to design their websites in such a fashion that ensures compliance with a all of the online credit card payment processing requirements. These requirements are designed to guarantee that the merchant does ensure that its customers' personal account information is sufficiently well protected and that any disputes and possible chargebacks are kept to the absolute possible minimum.

E-Commerce Website Requirements

At a bare minimum, commercial websites must give visitors the following details:

• A complete description of products and / or services. People must be given as accurate a description of the merchandise and / or services you are offering as possible. Bear in mind that if visitors find out the actual merchandise is different in any way from the description given on your website, she is very likely to send it back.
• Detailed email and phone contact information. Consumers must be provided a customer service phone number and an email address, not just one of them or the other. All telephone calls need to be answered by a live employee quickly and not answered by an automated service. Many problems can be very quickly resolved by a quite short conversation.
• Return, refund and cancellation policies. All of these policies must be clearly posted on your website and you must require all customers to agree to all of them by clicking on an "Agree" or "Accept" button before making a payment.
• Shipping and delivery policies. Businesses and non-profits need to offer with these policies details on all applicable shipping, handling and delivery fees and how long it takes for a delivery to be made. If your business procedures place any kind of restrictions on shipping merchandise to any given country or region, list all of them here.
• Payment currency disclosure. Bear in mind that the online commerce market is actually the whole world. Customers should not be expected to know what the business's home country is, which is where online credit card payment processing is done. This is why the home currency in which all payments will be processed must be plainly listed.
• Home country disclosure. For all the reasons I have just mentioned above, the business's country of origin must be plainly listed.
• Export country limitations. Any limitations on exports to any countries that are relevant to your products should be displayed here.
• Privacy disclosure statement. Every e-commerce website needs to provide a privacy disclosure statement. There is any number of resources all over the web that you can use for a model in designing yours.
• Disclosure on when credit card payments are applied. Customers must be told when the amount of the product they bought will appear on their account's monthly statement. Businesses must not deposit transactions amounts prior to shipping the item.

Merchant Processing Services for Recurring Payments

Recurring payments are set up in a way that is very different from single transactions and if your business model involves establishing payment plans, you need to find the right merchant processing services provider to enable you to do that in a fast, simple and straightforward way. In this article I will explain to you how this process is done.

What Makes Up Recurring Payment Plans?

Recurring payment plans are set up when consumers authorize merchants to charge their bank card at pre-determined intervals and for a pre-determined duration (for instance, monthly or yearly). The transaction amounts may also pre-determined or they may be different and the plan can last indefinitely or until it is stopped by the consumer.

So a very good example of a recurring payment plan is a health insurance policy that is set up in such a way that the insured consumer's payment card is charged on a monthly (typically) basis and the insurance is provided either ad infinitum, or, which is altogether more likely, until the policy is terminated by the consumer. All merchant account providers offer this option.

Why Merchants Offer Recurring Payment Plans

There are quite a few benefits for the merchants, including:

• Providing additional payment choices. Consumers appreciate the extra payment options at your checkout.
• Larger participation in web-based merchant processing services. It is an incredible time-saving solution.
• Limiting customer service communications. By pre-determining the payment process schedule, businesses ensure a lower number of payment-related issues.
• Maximized cash flow. Recurring payment plans promote fewer errors at the checkout and a lower number of rejected payments.
• Limiting delinquent payments. Setting up the payment schedule beforehand leads to a lower number of delinquencies.
• Better collection results. As the transactions are processed automatically on a pre-defined schedule, they are much simpler to collect.
• Increasing customer retention. Consumers, too, enjoy the convenience of establishing recurring payment plans.

What Is in Recurring Payment Plans for Consumers

There are quite a few benefits for consumers, including:

• Convenience in setting up all transactions beforehand. It's fast, easy and simple. They won't need to do it over and over again each month.
• Time savings. Once you've set up the recurring plan, you don't need to do anything else. Transactions are then processed automatically.
• Less stress. Customers don't need to remember or keep checking on the date the payment is due and worry about completing a late payment.
• Cost effectiveness. In short, no more buying post stamps.
• Getting cash-back, travel or other card reward points programs. Many businesses qualify for a big number of card reward programs.

Various merchant processing services companies set up recurring payment plans in different ways. Contact your own service provider and request assistance if you don't know how to do it.

Data Protection Rules for Credit Card Services

In order to safeguard the privacy of all companies processing cards and accepting payments, consumers, and the soundness of the credit card services system as a whole, all organizations that provide merchant services have joined forces to develop a set of rules designed to keep sensitive consumer account data safe from unauthorized use.

The information in the table below offers a cursory overview of the most critical aspects of the card account data protection management:

Storing Consumer Account Data	In a few words, don't ever store the information mentioned below, under any circumstances: The whole contents of or any portions of the payment card's magnetic stripe. Card security validation codes. These are of course the 3-digit numbers found in the right corner of the signature's field on the back of all legitimate MasterCard, Discover, JCB, Visa and Diners Club bank cards, and the 4-digit numbers found on the front of all valid American Express payment cards. Store only those information elements of the cardholder's account that are definitely necessary to your operations, such as consumer name, card account number and card's expiration date. Store all material storing the above mentioned information (e.g. sales authorization logs, transaction activity reports, sales receipts and copies, etc) in a well-protected area that is not accessible to any unauthorized staff.
Destruction of Account Information	You need to destroy or otherwise make unreadable in some way all of the media that displays old sales or return information containing any types of consumer data.
Use of Sales Agents and Other Third-Party Providers (such as Vendors, Transaction Processors, Software Providers, E-Commerce Payment Gateways and Any Other Types of Service Providers)	Ensure that all payment processors or other organizations that represent any one of your bank card brands or any agents that participate in, or want to participate in, the processing or saving of transaction information on your behalf, whatever the type or length of such activities may happen to be. Ensure that all of these credit card services agents first achieve and maintain compliance with all rules and requirements in regards to consumer information security. Any misstep by your third-party agent will inevitably lead to an increase in your own risk exposure and will then be the cause of undesirable inconvenience to your organization.
How to Report a Data Security Event	In the event that payment data is accessed or otherwise taken hold of by someone without proper authorization, you need to immediately contact your payment processing provider or credit card services contact for each one of your card brands . By filing this report you will not only minimize the risk for the transaction processing system in its entirety, but you will also help safeguard your customers' data in the best way possible. Systems and processes have been set up to immediately stop all of the unallowed use of compromised data, however these are only effective if you and your company (and all other credit card services providers) do your own part to report the security event in a timely manner.

If you implement these requirements into your company's information protection procedures you will be certain to be compliant with all applicable credit cards services data security rules.

11 Signs of Online Payment Processing Fraud

There are some online payment processing signs that can help you spot fraud. By itself, any one of them can have a perfectly legitimate explanation, but if more than one are of them are present in one transaction, it needs to be carefully evaluated before processing it.

11 Signs of Online Payment Processing Fraud

Following are 11 such signs, which should alert merchants accepting credit cards in a card-not-present setting of the probability that a fraudulent order may be taking place.

1. First-time customers. Fraudsters are constantly on a lookout for new victims. After they commit fraud on your website, they will simply move on to another and don't return.
2. Bigger-than-average sales amounts. Stolen payment cards have a very limited life span so fraudsters always try to make a quick work of them. Big sales are the most typical way of achieving that.
3. Sales for many items of the same sort. Much like with large sales amounts, buying several items of the same sort is a kind of maximizing profit from stolen cards as fast as possible.
4. Big-ticket sales. Big-ticket products have a high resale value, which helps criminals maximize their profits.
5. Orders with overnight delivery. As it should be expected, criminals are not all that concerned with delivery charges and far more likely than real shoppers to make orders with an overnight or another type of a rushed shipping.
6. Foreign delivery addresses. A huge number of fraudulent sales are ordered with foreign addresses. The Address Verification Service (AVS) only works for British addresses, other than the U.S.
7. Like credit card numbers. There is a huge number of software services for generating credit card numbers, like CreditMaster. These credit card account numbers are usually very similar.
8. Several orders shipped to the same address. These orders can indicate the usage of a stolen stack of cards or of fraudulently manufactured card account numbers.
9. Multiple sales placed with a single card in a short time period. Such sales may indicate that a criminal is trying to run up a stolen card account's credit line as quickly as possible, prior to the the card being closed.
10. Several delivery addresses. Similarly to the last item, a card account may be used multiple times in a very short period of time, with the sales orders placed with multiple shipping addresses.
11. Multiple sales placed from one IP address. Such sales may point to multiple orders placed from the same computer, even if multiple names and shipping addresses were used.

Credit Card Processing Rules for Advance Resort Deposits

Hotels, motels and similar businesses need to comply with the following credit card processing rules if they take part in the Advance Resort Deposit service for payment cards:

1. When a customer contacts a hotel or travel agent and wishes to make an advance deposit with her credit card, the hotel must plainly explain the terms of the reservation, as well as the cancellation and refund policies to the cardholder.
2. The hotel then needs to take the customer's card number, expiration date, name and address and verify the room rate and location.
3. The hotel is required to also confirm the status of the card. Here is how to do that:
• If the hotel is located within the U.S., the card acceptor is required to follow the regular authorization procedures for obtaining approval for the credit card transaction. If approval is not obtained, the card acceptor accepts liability for the transaction.
• For all regions outside of the U.S. the hotel must check the Warning Notice. (This may be done following the phone call.) If the card number is listed in the Warning Notice, the hotel needs to follow the regular procedures provided by the processor.

The hotel is mandated to obtain an authorization approval if the amount of the advance deposit is above $50. If the result of the authorization call is a rejection, the card acceptor must inform the cardholder.

4. The hotel needs to complete a sales ticket that includes the cardholder's name, the account number, expiration date, booking confirmation number, and to write the words "advance deposit" in the place of the cardholder's signature. It is strongly advised that the merchant notates on the sales ticket any applicable special terms and conditions about its refund policy.
5. The hotel needs to mail to the cardholder a letter of confirmation, a copy of the sales ticket that provides the booking confirmation number, and any information about its cancellation and refund policies at the address provided by the cardholder.
6. The hotel needs to then deposit the transaction for the advance deposit in the regular manner. There are no special deposit rules the merchant needs to comply with.
7. If a customer cancels her booking in accordance with the terms of the sale, the hotel is mandated to cancel the reservation and issue a refund to the cardholder. The following process needs to be followed:

1. The card acceptor needs to prepare a credit slip in the regular manner for the amount of the previously-submitted advance deposit and write the words "deposit cancellation" in place of the cardholder's signature on it.
2. The card acceptor needs to prepare a notice of cancellation and issue a cancellation number to the customer.
3. The card acceptor needs to mail a copy of the credit slip and notice of cancellation to the customer.
4. The card acceptor needs to record the cancellation number on the slip and deposit the credit slip in the usual manner. There are no special deposit rules imposed on the hotel.
7. If the sale results in a dispute and if the card number used to make the deposit cannot be unidentified as to a specific issuer or was false, the bearer of the liability will be the credit card processing bank.

Credit Card Processing at Automated Dispensing Machines

Automated Dispensing Machines (ADM) are considered to be Level 1 Cardholder Activated Terminals (CAT). The following credit card processing requirements apply for merchants who use ADMs at their locations:

1. Each Automated Dispensing Machine must accept a personal identification number (PIN) as a proxy for a customer signature.
• If the PIN is not supported as a standard within the country or location or the card issuers have not provided one to their customers, this type of service is not available for the retailer.
• The PIN authorization process must be routed via a secured information transmission.
• ADM terminals need to be able to support numeric, alpha, or alphanumeric PINs with a minimum length of four digits.
2. The merchant's credit card processing bank may reject a transaction authorization after four attempts and four subsequent negative replies of "invalid PIN" or "invalid transaction" have been received from the Credit Card Association (Visa or MasterCard). Alternatively, the acquiring bank can allow for more than four subsequent PIN entry attempts to be used if each has received a negative response at an ADM.
3. All payments, regardless of the transaction amount, need to be authorized with a full, unaltered magnetic stripe read data transmitted through the payment processing system.
4. Card pick up at an ADM is not mandated. However, if the terminal has that capability installed, the retailer can do so only at the card issuer's expressed request.
• The retained credit card must be logged and secured using adequate audit controls.
• The retained credit card must be cut in half through its length and then returned to the retailer's acquiring bank.
5. For payments processed at ADMs where a PIN and a full, unaltered card data is transmitted, "No Cardholder Authorization" chargeback rights are not offered to the card issuers, as the PIN is a valid proxy for the cardholder's signature.
6. Each ADM that is also a hybrid terminal can also perform fallback procedures, provided it is not prohibited by the specific region or location. Credit card processing banks use the fallback process when a smart card is used at a hybrid terminal and the retailer processes the transaction by using the magnetic stripe or by physically key-entering the card number because the merchant cannot process the payment using smart card technology.

Retailers who do their credit card processing at ADMs must always request the customer's billing address ZIP code as an alternative fraud prevention measure. A fraudster may not know what the billing ZIP code of a stolen card is and keep on trying to guess it until she is locked out by the payment system.

Merchant Account Automatic Billing Updater

When cardholders sign up for automatic payment arrangements with their credit cards, they typically do not discontinue them. Rather, the primary reason cardholders ever switch cards is the odd service disruption that occurs due to a routine account change, such as with the card expiration date, account number or other changes in account information.

The Credit Card Networks of MasterCard and Visa offer automatic billing updaters that increase the card's usability and helps keep the service uninterrupted, which translates into higher customer satisfaction and loyalty (and, incidentally, lower customer service calls), as well as helping locking customers in and increasing revenue streams.

Additionally, the automatic billing updaters help merchant account users flip and sell portfolios seamlessly, while enabling card issuers to minimize their risk liability.

Transaction rejection and the processing of exception items add up to significant management and operating costs. Additionally, declines in recurring payment rates can be on average as high as 20 percent to 25 percent, a much higher rate than the 6 percent average for card-present transactions.

The Networks' automatic billing updater systems allow merchant account providers to offer another value-added service, and a very powerful one, thus helping payment processing services account users to minimize these costs and lower them down to levels that are more consistent with those of card-present transactions. The automatic management of accurate cardholder account data that the Networks provide helps merchant account providers increase payment volume and improve business with existing merchants using automatic payment arrangements, i.e. recurring and installment plans. These solutions can also assist processors in attracting new card acceptors as recurring payments plans are increasing in popularity and boast higher satisfaction levels among their existing users.

During each billing period, merchant account users with recurring or installment payment arrangements expect the same bad news: that a great number of card payments will be rejected by the card issuers. Such transaction rejections are not only frustrating for cardholders, but they also negatively affect the card acceptor's revenue flows. And as if that were not enough, they lead to higher rates of customer service inquiries through forcing card acceptors to contact consumers and request that they update their account information on file or provide an alternative form of payment.

The Networks' automatic billing updater leads to uninterrupted service for consumers and easy payments for merchant account users. It quickly and painlessly updates card account data, without actually impacting consumers in any way. What is more, these services can promote customer satisfaction, which increases customer loyalty and minimizes the likelihood of them switching to a competitor.

E-Commerce Merchant Account Recurring and Installment Payment Basic Facts

The Credit Card Networks define recurring transaction as a sequence of transactions that are processed at predefined intervals, not in excess of one year between each two payments, representing an agreement between a consumer and a card acceptor for the purchase of goods or services provided over a continuous period of time.

Recurring Transaction Components

Listed below are the key components of a recurring payment plan that all e-commerce merchant account holders should be familiar with:

• The consumer sets up a relationship with a card acceptor to receive continuous services or merchandise until the contractual agreement is cancelled.
• The consumer gives permission to the card acceptor to bill his card account on a recurring basis.
• The transaction amount may be a fixed amount or it may vary with each billing cycle.
• The payment relationship is made up of more than the initial one, with future payments being made on a consistent basis, not in excess of twelve months.

Installment Transaction Basics

Installment payments are not seldom confused with recurring ones. The Associations define an installment payment as a single purchase of products or services charged to a single card account in multiple segments, placed over a predetermined period of time that is agreed between a consumer and a card acceptor.

The difference between the recurring and installment payment plans is that, a recurring payment is one made for merchandise or services that are provided over a period time, while, an installment payment is a single purchase, where the payment occurs on a schedule that is agreed by the customer and card acceptor.

Recurring Payment Indicator Basics

Visa and MasterCard have provided e-commerce merchant account users with a way to identify recurring transactions with their authorization requests and settlement messages and facilitate a more accurate decision-making by card issuers and the recognition of consumers. The Associations do so by requiring the use of the Recurring Payment Indicator in all of their authorization and clearing records. Recurring payments tend to be lower risk than single transactions, ones that should be approved if the credit card account is otherwise in good standing.

Cardholder Benefits of Signing Up for Recurring Payments

Recurring payment plans benefit consumers by:

• Ensuring on-time payments, thus providing uninterrupted service and preventing any late payment fees.
• Doing away with the time and expense associated with processing payments manually.
• Increasing convenience by providing a quick access to payment details and options online.

E-Commerce Merchant Account Benefits

Recurring and installment payment plans benefit card acceptors by:

• Increasing consumer loyalty.
• Increasing customer service efficiency by improving payment convenience.
• Improving cash flow by facilitating timely and regular payments.
• Reducing handling of cash and managing checks.
• Improving efficiency.

Recurring Credit Card Payment Processing

There is a special type of transaction arrangement that enables consumers to make payments automatically on a pre-arranged schedule, without the need to initiate manually each individual installment. If a card acceptor offers consumers the recurring credit card payment processing option, which allows transactions to be made automatically, the merchant is required to:

• Obtain the authorized cardholder's agreement for the merchant to charge his or her bank card account prior to submitting the first recurring charge, and
• Inform cardholders that they can take back their consent at any given time.

The method the retailer uses to obtain the customer's agreement must provide a disclosure that the merchant may obtain updated card account data from the financial company or bank that has issued the consumers' cards.

The retailer is required to keep any evidence of such agreement for no less than twenty-four months after the date on which it submits the last recurring payment.

Recurring credit card payment processing rules require that card acceptors, prior to submitting each installment:

• Obtain an authorization approval.
• Complete a transaction record, only with the note "Signature on File," if requested, on the signature line of the payment form and the adequate electronic descriptor on the payment data.

If the recurring agreement plan is terminated for any reason whatever, then merchant account rules state that the retailer is required to notify all customers for whom it has set up recurring payment plans that it no longer will accept the card.

The termination of a particular card account is seen, for recurring credit card payment processing purposes, as an instant cancellation of that customer's agreement for recurring charges. In fact, the credit card issuer is not required notify the retailer of any such account cancellation, nor does it carry any liability to the retailer that arises from the cancellation.

The retailer's is mandated to fulfill its customers' requests for the discontinuation of the recurring agreement instantly and issue a cancellation number for each one of them. If an account is terminated, or if a customer takes back his or her agreement to the recurring plan, the merchant is responsible for the arrangement of another method of payment (as may be applicable) with the customer. The retailer will then authorize the issuer to place a hyperlink from the issuer's website to the retailer's own website (including the retailer's home page, check-out page or its automatic / recurring check-out page) and prominently display the retailer's customer support contact information.

Payment Processing Services Authorization Best Practices

Merchants that take credit cards both in face-to-face and non-face-to-face settings are required to follow a set of basic payment processing services authorization best practices.

Authorizations by Telephone

If the merchant must obtain authorization by telephone, it will have to call its processor's call center at the number given it by the service provider and be prepared to provide the following information:

• Account number.
• Payment processing services number.
• Expiration date.
• The whole sale's amount.

At the time an authorization approval is given, the retailer will be provided with an authorization number. It will need to supply this number in the appropriate field on the transaction receipt. If the retailer is not able to get an electronic approval to its authorization request and then obtain a response number by phone, the payment processing services user will have to make the payment (force it) by implementing the instructions of its POS device manufacturer. If the card is not legitimate and cannot be accepted, the merchant will receive a message declining the sale. No comments will have to be made. The customer must then be instructed to call its card's issuer for further information.

Payment Processing Services Authorization Procedures for Recurring Sales

If the merchant processes recurring or installment sales, it will need to obtain an entirely separate, legitimate authorization approval response for each single installment prior to finalizing it. If the payment processing company (American Express or Discover) or association (MasterCard or Visa) or the card's legitimate user has terminated the recurring payment plan, the retailer is not permitted to process any future installments beyond the date of termination. Keep in mind that the consumer is only requested to request the cancellation verbally, he does not have to make it in a written form.

Alternatively, if the consumer who enrolled in the recurring plan cancels his or her card account agreement or if the card issuer does it for them, the payment processing services account holder is not permitted to issue any future installments and is asked to secure an alternative method of collecting the due amount from the customer.

Keep in mind that an approval to the authorization request for one recurring payment is not an insurance that any future installments will too be authorized or recompensed. I repeat, another approval is required for each single installment. If at some time the customer initiates a dispute in regards to any single installment payment or the items or services the merchant agreed to offer, the acquirer may, at its sole discretion, charge back that one sale and any preceding ones the merchant may have submitted.

The topic of chargebacks is an enormously expansive one and I will offer an overview of it in other posts. For now, suffice it to that you will need to understand in detail your liability as outlined in the terms of your payment processing services contract and should work with your acquirer to comply with pertinent industry regulations.

Requirements to Accept Credit Cards Online

Every time they accept credit cards online, e-commerce merchant account holders must achieve and remain in compliance with all of the requirements listed below, in addition to the all usual rules for accepting payments.

Processing Protocol to Accept Credit Cards Online

Every card payment processed by a retailer over the web and submitted to the merchant account provider has to comply with the affected processing bank's standards that include, but are not limited to, all relevant standards mandating the formatting transmittal and encryption of data, known in the industry speak as a "designated protocol." Retailers are mandated to accept only those internet transactions that are safely encrypted in compliance with all of the respective acquirer's designated protocol. All acquirers have accepted that their designated protocols will be the Secure Socket Layer (SSL). However, the acquirer' designated protocol, together with any specific mandates regulating the information encryption procedures, may be changed at any time, upon a 30-day advance written notice. Merchants are not permitted to process payments via e-mail over the internet.

Browser Requirements for Designated Protocol

Retailers that accept credit cards online are not permitted to process any card payments over the internet unless they are sent over a browser that supports the acquirers' SSL designated protocol. If the merchant wishes to process a card payment from a customer whose browser does not support the accepted designated protocol, however, it can do so by means other than the internet, such as physical mail, fax or phone.

Information Security Requirements

Merchants must save all unencrypted data related to card payments, including, but not limited to, web card payment information, in a secure setting. Unencrypted payment data cannot be saved on the retailer's internet hosting server. Retailers that accept credit cards online are mandated to notify their processing bank immediately if there is a confirmed or suspected data breach in the merchant's systems and card data may have been compromised. Failure to be in compliance with this rule may result in the payment processing account holder being held liable for any financial losses resulting from the breach in the merchant's systems.

Non-Compliance Chargebacks

Any sale transaction over the internet that is not in compliance with the above-stated requirements is subject to immediate chargeback by the affected payment processing provider. Retailers may be charged back for any amounts that are owed in regard to any chargebacks for internet card transactions. The processor may, at its own discretion, cancel the merchant's processing agreement if such a merchant fails to achieve and maintain compliance with the stated terms. Retailers should always ask their acquirer for a complete disclosure of all chargeback-resulting liabilities and responsibilities and ensure they understand it.

High Risk Merchant Account Basics

Retailers selling online should train their employees in high risk merchant account basics. They can and should implement all of the measures they need to prevent fraud, limit customer disputes and protect their website from hacker attacks, however all that does not mean all that much without adequate employee training. To be really effective, the entire personnel should:

• Achieve a complete understanding of the e-commerce fraud risk and data security issues involved in an online transaction.
• Learn the chargeback rules and regulations for web-based transactions.
• Be proficient in their risk management practices and procedures.

Following are the main risk areas present in online transactions:

High Risk Merchant Account Fraud

Following are the main fraud risk possibilities:

• A consumer uses a stolen card or an account number to place a fraudulent order for products or services online.
• Family member uses a card to order products or services on the web, however has not been authorized to do that.
• A consumer fraudulently claims that she did not receive a delivery.

Hackers break into a high risk merchant account's payment processing platform and then issue refunds to the criminals' own card account numbers.

Account Data Theft Risks from a virtual Location

Following are the main account information theft risk possibilities for virtual locations:

• Criminals capture customer payment data during the transmission to or from the merchant.
• Criminals gain access to the high risk merchant account provider's unprotected credit card processing systems and steal the stored account data.

Account Information Theft from a Physical Location

Following are the main account data theft risk possibilities for physical locations:

• Unauthorized person accesses and steals account data stored at the retailer's or its high risk merchant account provider's physical site and then fraudulently uses or sells them for illegal use or identity theft purposes.
• A retailer's or service provider's employee steals account information and then fraudulently uses or sells it.
• Dumpster-truck drivers steal unshredded cardholder information from trash bins at the merchant's or high risk merchant account provider site.

Customer Disputes and Chargebacks

Following are the main customer dispute and chargeback risk possibilities:

• Products or services are not as described on the merchant's website.
• The cardholder is billed prior to the goods or services being shipped or delivered.
• Confusion and disagreement arises between the customer and retailer over return and credit policies.
• The consumer is charged twice for the same sale and / or charged for an incorrect amount.
• The cardholder doesn't recognize the retailer's name on his monthly statement because the merchant uses its high risk merchant account provider to handle the billing.

How to Accept Credit Card Transactions the Right Way

Merchants that accept credit card transactions know full well that they begin and ends with the cardholder. Between the time when the cardholder presents the a card for payment and obtains the products or services, however, a huge deal of information is exchanged, examined, analyzed and processed. A process that in all takes only seconds at the point of sale is in fact a highly complex one.

For all transactions, retailers need obtain an authorization approval. The authorization procedure starts when a retailer submits an authorization request to the issuer. Then the retailer receives an authorization response that they use, in some part at least, to decide whether or not to proceed with the sale.

The goal of an authorization is to provide the retailer that accepts credit card transactions with data that will help them to decide whether or not to proceed and complete the sale. When a cardholder offers a card for payment, the merchant account holder is mandated to obtain an approval from the issuer. A number of point-of-sale (POS) systems can be utilized to obtain an authorization approval (for example personal or host computers or terminals). Once the retailer obtains from the issuer a six-digit approval code, the sale can be submitted for payment.

It is important to understand that a transaction authorization approval is not in any way a guarantee that the sale will be accepted without a chargeback, nor does it offer an insurance that the consumer making the sale is the real cardholder, or that the merchant will at the end be paid or, for that matter, that the sale is valid.

Retailers can receive one of the following most typically received responses to a request for an authorization approval. Such responses are generated by the issuers and transmitted by the processor to the merchants that accept credit card transactions. The precise wording may vary, however the responses will be as follows:

• Approved.
• Declined or card not accepted.
• Please call or referral.
• Pick up.

Retailers that process payments electronically in a face-to-face environment are required to transmit the entire magnetic stripe information together with their authorization request via their POS terminal. Getting an electronic approval can at times be impossible due to POS terminal limitations, system outages and any other disruptions that may occur along the way. In such instances, the retailer needs to validate the card's physical presence, and get a voice authorization.

Accept Credit Cards Over the Phone Correctly

All retailers must perform each of the following actions each time they accept credit cards over the phone.

Collect the Transaction Data

Collect all of the following transaction information from the customer:

• The card account number.
• The customer's name.
• The card account's expiration date.
• The retailer's name.
• A description of the product or service purchased.
• The total amount of the card transaction (including any applicable sales tax and / or tip amount).
• The transaction's date.

Obtain an Authorization Approval

If merchants accept credit cards over the phone, they must transmit all of the above data with all of their authorization requests. For delayed delivery sales, the merchant needs to obtain the authorization approval before they submit the sales data to the credit card processing companies for the sale at issue. The authorization approval the merchant receives will be valid for ninety days. The retailer may obtain the authorization approval from the issuer by an electronic device or telephone. The issuer will issue an authorization code, which must be placed on the transaction receipt, unless the approval was obtained using an electronic machine or a cash register. If the retailer uses an electronic device, it must transmit to the issuer the complete contents of the magnetic stripe on the bank card presented for payment for each card transaction, together with each authorization request the merchant initiates. If it accepts a card for a sale without obtaining the issuer's prior authorization approval in the fashion described above, the processor is not required to pay the merchant for the sale, and if the processor has already paid out the amount, it will process a chargeback for it. Even if an authorization approval is issued for a given card sale, this should not be seen as a guarantee of payment. A card sale may also be subject to a chargeback to the retailer for a number of other reasons, as listed in the processing agreement.

If the issuer's electronic authorization system is not available, the floor limit for the duration of the system downtime will be $150.00 for all card sales for the sale of products for which a cardholder takes immediate possession. Merchants are not allowed to use this floor limit exception to authorize transactions requiring any delayed delivery for shipping: rather, they should get an approval whenever the electronic authorization system is again available. The precise date, time and duration of the system outage will be registered by the issuer. To avoid chargebacks for unauthorized transactions during a system downtime, the merchant should notate the precise time of the transaction in the approval box on the transaction slip.

AVS Use for Non Profit Credit Card Processing

The Address Verification Service (AVS) enables card-absent non profit credit card processing organization to check a cardholder's billing address as filed with the card issuer. An AVS request features the billing address and it can be communicated in one of two ways:

• Together with the authorization request, or
• By itself. The AVS service checks the address data and sends back a result code to the non profit credit card processing entity that shows whether the address provided by the customer matches the address on file with the issuer.

AVS is only available to merchant account users in the U.S. and Canada. In other locations, card issuer participation is not reliable.

AVS as Part of an Authorization Request

The AVS request of the non profit credit card processing organization can be facilitated either in real time or in a batch using an electronic POS terminal or personal computer. Real-time requests are usually used in transactions where the cardholder must wait online for the answer. The batch mode is better suited for lower cost orders where no immediate response is needed as is typically the case with mail and phone orders.

AVS as Part of an Account Verification Request

A non profit credit card processing entity can also send an AVS request separately from an authorization request by utilizing the so-called Zero Amount Account Number Verification Service. For example:

• The non profit wants to validate the donor's billing address prior to requesting an authorization, or
• The requester sends an authorization request together with AVS data and gets back an authorization approval, but also gets an AVS "try again later" response.

How Non Profit Credit Card Processing Entities Use AVS

Whether AVS is processed by itself or as part of an authorization request, the procedure is as follows:

• When a donor contacts the non profit to make a donation,
  • Confirm the typical payment information.
  • Ask the donor for the billing address for the card being used (that is, the billing address is where the donor's monthly statement is sent).
  • Enter the billing address and the payment data into the authorization system and process both requests together.
• The card issuer will reach an authorization decision quite separately from the AVS decision and compare the billing address sent with the billing address on file for that account. The issuer will then send back both the authorization decision and a single character alphabetic result code that shows whether the address given by the customer matches the address on file.

Non profit credit card processing entities should evaluate the AVS response code and take adequate action based on all payment characteristics and any other validation data received with the authorization (that is, expiration date, security code, etc.). An authorization decision always outweighs the AVS. Do not accept any payment that has been rejected, whatever the AVS response.