Are You Compliant? B2B Credit Card Processing Fact Check

Merchant compliance with various credit card processing rules maximizes profits while mitigating risk. This is especially true for business to business companies. But that task is getting harder and harder with the onslaught of new rules, and virtually impossible if not using a sophisticated cloud solution to help manage compliance.

b2b visa stored credentialIf your B2B company stores credit cards, there’s a pretty good chance you’re not compliant. For example, Visa’s 2017 Stored Credential Transaction framework (PDF download from Visa) outlines merchant responsibilities to obtain customer consent as well as storing credit cards, using stored credentials (token), and managing stored tokens. Failure to comply with Authorization rules, for example preauthorization and final settlement do not match, has far-reaching consequences including higher interchange rates (the bulk of credit card processing fees), penalty fees and new chargeback risks. With so many new rules across multiple card brands that vary based on business and transaction type how can a business quickly ascertain if they’re compliant?

Quick tips to validate compliance:

  1. Is cardholder authentication performed when a new card is stored? When the cardholder data is entered and submitted, the issuer responds with an approval or declined message. A small charge is not an acceptable practice to submit transaction for approval; instead a zero dollar authorization request for authentication is submitted. If authentication is via 3-D Secure -Verified by Visa, MasterCard Secure Code, whereby the customer self-authenticates vs merchant initiating, reduced rates may apply. Under the new rules, two transactions occur at the time a card is stored. Compliant answer is yes.
  2. Is a transaction receipt delivered to customer when you store a credit card? This will be either for an amount or a zero dollar authorization. When stored credit card credential (token) is created, a transaction receipt is generated with the approval or decline and other mandatory fields. Compliant answer is yes.
  3. Does the receipt include “RECURRING” or “REPEAT SALE” for token transactions? Compliant answer is yes.
  4. Review merchant statements, usually the last 1-2 pages with the heading “pending interchange” or “fees” section. Do you see EIRF, STANDARD (STD), or DATA RATE I? Compliant answer is no.
  5. Can you produce documentation of customer consent to store their card (including with 3rd party service) and how it will be used?

If you’re not in compliance, your payment gateway is the most likely culprit, followed by ERP or other software integration limitation. I can fix that.

Reference: Links for all Card brands.

Christine Speedy, CenPOS Sales 954-942-0483, 9-5 ET. Need help getting compliant? Ask me!

3dcart and CenPOS Payment Gateway Partner To Grow B2B Vertical

Miami, FL April 23, 2018. The business-to-business (B2B) e-commerce sales channel presents new opportunities and challenges, particularly with increasingly complex credit card processing requirements. 3dcart, a leading e-commerce platform, has partnered with CenPOS, an integrated technology commerce platform. The CenPOS ‘Super Payment Gateway’ maximizes profits while mitigating the higher dollar value transaction risk in the B2B vertical.

Payment gateways directly impact the cost of credit card acceptance, including interchange fees, the bulk of merchant fees. The CenPOS 3dcart integration offers all the required elements to qualify B2B transactions for the lowest rates possible, including:

  •  Level 3 data for purchasing, corporate and business cards
  • Resolve authorization and settlement amount mismatch
  • Visa unscheduled, recurring, and installment stored credential mandate compliance
  • 3-D Secure – Verified by Visa, MasterCard SecureCode, American Express Safekey and Discover ProtectBuy

“Our first mutual customer reduced fees over 30% just by changing their payment gateway,” commented Christine Speedy, CenPOS sales expert for 3dcart users. “Both our customers can expand into new markets while maximizing profits, security and compliance.”

“With the CenPOS integration, we expand the payment solutions offered by 3dcart to provide existing and prospective customers globally an additional alternative to how they process credit cards today, with any acquirer they choose,” stated Gonzalo Gil, 3dcart CEO.

The 3dcart CenPOS integration currently supports credit card, EFT/echeck with and without guarantee, Paypal and alternative payment methods. CenPOS POS and mobile and are available standalone now and will be integrated in the future to provide 3-D Cart customers a validated point to point encryption (P2PE) option. A validated P2PE solution significantly reduces merchant scope for PCI Compliance. CenPOS also includes to all 3dcart customers their electronic bill presentment and payment (EBPP) solution, supporting wire payments, text messaging, and other key B2B items of interest.

cenpos logoAbout CenPOS

CenPOS (https://www.CenPOS.com is a merchant-centric, end-to-end payments engine that drives enterprise-classsolutions for businesses, saving them time and money, while enabling merchants to create deeper lasting relationships with their customers. CenPOS’ secure, cloud-based solution optimizes acceptance for all payment types across multiple channels without disrupting the merchant’s banking relationships.  PCI Level 1 Service provider, QIR Certified, P2PE Validated, HIPAA compliant. https://www.cenpos.com/ CenPOS 877-630-7960, Christine Speedy direct 954-942-0483.

logo 3dcartAbout 3dcart

3dcart (https://www.3dcart.com) is the most SEO-friendly eCommerce platform for retailers and internet marketers to grow their online stores’ traffic and sales. 3dcart includes 24×7 Technical Support, 100+ Mobile-Ready Themes, order management software, built-in blog, email marketing tools and more. Since 1997, the company has been a leader in the eCommerce market, building online stores for businesses of all sizes. Today, 3dcart is Visa PCI Certified and a Google Partner. Sales 800-828-6650

Which states ban credit card surcharging?

Ten states, including California, Colorado, Connecticut, Florida, Kansas, Maine, Massachusetts, New York, Oklahoma, and Texas, plus Puerto Rico have laws that prohibit merchants from charging consumers with surcharges on credit card transactions. Minnesota prohibits a seller of goods or services that establishes and is responsible for its own customer credit card from imposing a surcharge on a purchaser who elects to use that credit card in lieu of payment by cash, check, or similar means. The language varies by state- B2B transactions may be excluded. Tread carefully, you may want to consult an attorney.  Merchants are not allowed to surcharge debit cards in any state.

The EU banned consumer surcharging effective January 2018.

Surcharge rules are complex and require special technology to automate compliance management. Contact Christine Speedy, CenPOS authorized reseller, 954-942-0483 for assistance. CenPOS is a merchant-centric, end-to-end payments engine that drives enterprise-class solutions for businesses, saving them time and money, while improving their customer engagement. CenPOS secure, cloud-based solution optimizes acceptance for all payment types across multiple channels without disrupting the merchant’s banking relationships.

A B2B supplier’s guide to optimizing commercial card payments review

Mastercard and The Strawhecker Group released A B2B supplier’s guide
to optimizing commercial card payments. Selecting the right merchant acquirer and payment gateway, and optimizing interchange, can help reduce suppliers’ collection efforts and costs associated with commercial card payments. By Marie Elizabeth Aloisi and Peter Michaud. Christine Speedy, blog author, reviews the guide. In my opinion some elements, present an incomplete picture for merchants, especially the business suppliers accepting commercial payments that is the target of the paper.

The executive summary cites research that suppliers can reduce the cost of collecting funds from customers by 31% if they accept credit cards. I googled to find that commercial credit card research data, and though this is not the referenced Mastercard and Kaiser Associates, Commercial Card Acceptance Cost-Benefit Study, of November 2016, it has similar data:

  • This study estimated card acceptance at the point-of-sale to be 37% less costly than using other payment collections methods – yielding savings of $12 on a $500 transaction
  • Card acceptance provides a similar sized net benefit regardless of the funds transfer tool it replaces – e.g. check vs. ACH vs. wire
  • The bulk of value from commercial card acceptance lies in its use as a pre-payment tool – providing revenue assurance against bad debts

 

I have a problem with the next line in the report, “That’s because getting paid by check—or even ACH or wire—involves many manual steps, onerous costs, and potential errors that are a burden to a supplier’s accounting, finance, and treasury functions.”  Checks are still the most onerous even with a scanner, but with electronic bill presentment and payment, any other payment method can be automated for increased efficiency. Our cloud payment processing solutions, including integrated with ERP, automate all types of payment processing, including check/ACH, wire, credit card, and can update journals etc.

The paper goes on to explain why working with your acquirer is critical. While it mentions suppliers can benefit from advanced gateways, most acquirers offer a limited number of payment gateways to merchants. In fact, they may offer suppliers only one solution – they’re own- and it may not be the best for the supplier, it’s just the only one they offer. Independent payment gateways, like CenPOS that I offer, can provide significant advantages to maximize profits, efficiency and flexibility. For example, fulfilling the need to simplify wire transactions and match to invoices.

The three best practices cited to work with acquirers are to automate payments, optimize interchange and negotiate pricing. 

The devil is in the details not cited. For example, “suppliers can only take advantage of lower interchange rates if the payment gateway is set up to pass Data Rate 3 information along with the transaction.” This is true. But the bigger problem is compliance with all the other rules required to qualify the transaction for Data Rate 3. For example, suppliers often do a preauthorization, which expires before settlement (but can still settle) or is not the same as the final settlement amount. These common transaction types will nullify qualifying for the best interchange rates, including MasterCard Data Rate 3. There are many more rules that make it tough to qualify and if the payment gateway does not automatically manage for suppliers, passing Data Rate 3 info doesn’t matter. The reality is most payment gateways do not have a solution to help suppliers comply.

Again, if the acquirer doesn’t have the best solution, should suppliers rely on their advice? A supplier client of mine went to their acquirer (top 5 in USA) and told them what I was offering. They would keep their acquirer but switch to my payment gateway; they’d use our electronic bill presentment and payment solution to eliminate paper credit card authorization forms and employees getting cardholder data over the phone. Customers would self-manage their payment methods, including storing & tokenizing if they chose to. Their acquirer did not want them to use any solution other than their own.  They offered them a substantially worse solution- the silliest I’ve ever heard. The acquirer would give them a new merchant account with virtual terminal exclusively for one large client that they knew was using a commercial card. What about all the other clients? What about eliminating employee access to cardholder data and storing data on paper? Advising to use substandard solutions happens all the time.

In summary, Mastercard and The Strawhecker Group put out some great research data for suppliers. I’m a huge fan of the people at The Strawhecker Group and their work. Suppliers should look to cloud payment processing solution providers like myself at CenPOS for advice. Suppliers need the best payment gateway because without it, the rest doesn’t matter. Combining a robust payment gateway, business solutions, and the flexibility to change acquirers without business disruption can provide significant advantages.

All comments and statements herein are strictly my personal opinion and do not represent that of any company.

Christine Speedy, CenPOS sales 954-942-0483. CenPOS is a cloud business solutions provider with end-to-end payments engine that drives enterprise-class solutions for businesses, saving them time and money, while improving their customer engagement.