Installment Prepayments Credit Card Processing Rules Change 2017

Installment prepayment credit card processing rules change effective October 2017 will impact business profits and chargeback risk. Everyone in the payment ecosystem has or will need to make changes to comply, including acquirer, issuer, payment gateway, merchant, and sometimes software solution.

payment gateway SaaS recurringInstallment prepayment credit card processing best practices:

  • When capturing card data to create a random token replacing sensitive data for the first time, perform an Account Number Verification Transaction via a Zero Dollar Authorization. There’s a payment gateway procedure, including using specific transaction indicator, for this. If the solution you’re using performs a $1 authorization, often with a void or reversal after, that’s because the payment gateway, and or the implementation, are out of date and don’t support current requirements. Ask how yours works and contact us for help now if you cannot do a zero dollar authorization!
  • Payment gateway to identify all future transactions after storing:

With an indicator that shows that the Transaction is using a Stored Credential
– With the Transaction Identifier of the initial Transaction.

  • The sales receipt must include phrase “recurring transaction”
  • A convenience fee cannot be charged on an Installment Transaction.
  • Transactions cannot be key entered into desktop terminals; a cloud based payment gateway is required

Guidelines and rules vary by card brand, business type and many other factors. Additionally, the rules are complicated. This article may oversimplify such complexities. Merchants are advised to use tools, including intelligent payment gateways, to help comply automatically to maximize profits and mitigate risk.

Reference: For example, read Visa Stored Credential Transaction Mandates and also Visa Core RulesTable 5-21: Requirements for Prepayments and Transactions Using Stored Credentials.

Before selecting a payment gateway for installments, ask these questions:

  • How will it help with new Visa Stored Credential Mandates compliance?
  • Does it support 3-D Secure cardholder authentication, for customer initiated payment?
  • What type of digital record is created at the time of customer opt-in to terms, how is it retrieved, and how long is it retained?
  • Does it support Zero Dollar Authorization?
  • Does the receipt dynamically change based on type of transaction, i.e. cash, credit card single payment, installment payment etc.
  • Does it level 3 processing for commercial cards (if applicable to business type)?
  • If I change banks or payment processors, how will it affect my customers? My business?

TIP: An easy starting point to reduce the list of options is to ask any payment gateway what type of digital record is created at the time of creating an installment agreement, and how will you access it? Need help to get compliant? Contact Christine Speedy to learn more about solutions for your business that are quick and easy to adopt, increasing efficiency and growing profits virtually overnight.

Dealership Post-Acquisition Standardization Cash Flow & Profits

Car, truck, and ag equipment dealership acquisitions by mega dealers are on a torrid pace. Cash-flow and profits are directly linked to standardization among locales. The right payment processing technology creates instant receivables financial transparency at headquarters regardless of varying dealer management software. heavy duty equipment credit card processingCloud-based payment processing is critical to financial transparency. For example, credit card processing terminals batched out individually means management has to wait for reports. A cloud solution, including payment gateway, can provide real-time insights by dealer location or any other number of data points.

Key payment gateway differences for dealership evaluation:

  • Real-time dashboard with drill down vs export reports to view (additional payment types not shown)dashboard net sales payment gateway report
  • Compliance with complex rules for rentals, preauthorizations, retail and card not present. How many merchant accounts needed to comply?
  • Compliance with October 2017 stored credentials mandates
  • Level 3 processing capabilities for commercial cards
  • EMV chip or EMV chip and pin
  • Push payment requests (collect remote payments before delivery) via text or email
  • Cardholder authentication (3-D Secure) for remote payments
  • Payment methods supported: cash, check, wire, credit card and other methods vs just credit cards provides significantly tighter controls and data insights

Dealers hesitant to replace desktop EMV chip terminals due to prior investments should bite the bullet. Better solutions to improve customer experience and back office efficiency will reduce ROI time for acquisitions.

ABOUT: Christine Speedy is a payment processing expert with deep experience in the multi-department needs of dealerships. Solutions empower CFO’s to achieve common customer satisfaction goals with tight financial controls, risk mitigation, and reduced PCI Compliance burden. Need standardization help? Call 954-942-0483 to learn more about solutions for your business that are quick and easy to adopt, increasing efficiency and growing profits virtually overnight.

 

SaaS Startups: Credit Card Customer Onboarding 2017

Critical rules changes for credit card processing, especially recurring billing, will impact business profits and chargeback risk effective October 2017. Simply copying what other big SaaS businesses are doing successfully is not good enough. Everyone needs to make opt-in updates to comply, and EMV chip card acceptance is a good example of how even big companies can takes months or years to change.

payment gateway SaaS recurring

Critical SaaS recurring billing credit card processing rules past, present and future:

    • To validate a card and create a token for future purchases, perform a Zero Dollar Authorization. There’s a procedure, including using recurring indicator, and a transaction fee for this. If the solution you’re looking at suggests a $1 authorization, that’s because the payment gateway, and or the implementation, are out of date and don’t support current requirements. Run!
    • The sales receipt must include phrase “recurring transaction”, frequency of the charges, and the period of time agreed to.
    • Cardholder opt-in record. Rules may vary by each card brand; following Visa requirements is a good practice. For example, read Visa Stored Credential Transaction Mandates and also Visa Core Rules. One of the new requirements is specifying how the Cardholder will be notified of any changes to the agreement. The significance of new mandates is huge, and non-compliance will result in higher fees, penalties, reduced sale approvals and chargebacks.

Payment gateway selection directly impacts profits, risk, and your customer buying experience. Lots of developers integrate one or two of the oldest payment gateways because they’re “reliable” and familiar. True, but, this could cost your company it’s path to profitability and even existence. Any WordPress developer knows technology and implementation of technology changes. It’s constant. Before selecting a payment gateway for a SaaS startup, ask these questions:

  • How will it help with new Visa Stored Credential Mandates?
  • Does it support 3-D Secure cardholder authentication?
  • How will it help with account updating for expiration and replacement cards?
  • What type of digital record is created at the time of customer opt-in to agreement, how is it retrieved, and how long is it retained?
  • Does it support authorization reversals?
  • Does it level 3 processing for commercial cards (if applicable to business type)?
  • If I change banks or payment processors, how will it affect my customers? My business?

TIP: Most payment gateways are reliable; level 3 processing, and 3-D Secure support are starting points to reduce the list of options. Need help to get compliant? Contact Christine Speedy to learn more about solutions for your business that are quick and easy to adopt, increasing efficiency and growing profits virtually overnight.

Credit Card Testing Explosion Hurts Merchants Profits

If you accept payments online, have you hardened security to protect from card testing? Card testing is a big criminal business. They’re sophisticated and use hardware and software that can send thousands of stolen credit card data in less than an hour to your payment portal or ecommerce shopping cart before you even know you’ve been hit.

Card testing can be very expensive for merchants. For every attempted authorization, merchants pay a payment gateway fee, plus a fee to the merchant services processor (acquirer).

Example:

  • $.30 per transaction gateway
  • $.10 per transaction processor
  • 20,000 cards tested @$.40= $8,000

There’s no getting back the $8,000. The gateway and processor passed the data you gave them. In the event orders are approved, there’s the additional cost of lost product shipped and the associated chargeback fee. Then there’s the cost of damaged brand reputation from cardholders who voice on social media, where it lives on forever, how their card was used unauthorized.

How can merchants protect online payments from card testers?  Google reCAPTCHA is a free service that protects your website from spam and abuse. reCAPTCHA can prevent bots from submitting a transaction that you’ll pay for.

Protecting against both bots and fraudulent transactions is tricky.

Fifteen percent of all cardholders have had at least one transaction unnecessarily declined in the previous 12 months, according to a 2015 study by Javelin.

Unnecessary declines are also called False Positives. Cardholder authentication is a layer of security to protect against fraudulent purchasing, increasing approvals and reducing False Positives. 3-D Secure is a global XML protocol for Cardholder Authentication; The card brands each has their own name- Verified by Visa, Amex Safekey, MasterCard SecureCode. Benefits of 3-D Secure include automation, shifting liability to card issuers without manual review of orders, increased approvals, and sometimes reduced Visa and MasterCard interchange fees.

Which payment gateways support recaptcha and Cardholder authentication?

reCAPTCHA is easy to implement, just check with your payment gateway provider or web developer. 3-D Secure is quick, easy and requires a few steps:

  • Confirm your payment gateway is 3-D Secure certified for your credit card processor (merchant services provider or acquirer). Ask which are certified: Verified by Visa, Amex Safekey, MasterCard SecureCode. Some have certifications, some don’t.
  • If there’s an application such as a shopping cart or e-invoicing, confirm the payment gateway integration will support 3-D Secure.
  • Contact your acquirer and ask them to register your merchant account for 3-D Secure. Some can, some can’t. It’s usually done in a day.
  • Turn on 3-D Secure in the payment gateway.

FAQ

Is there a cost for reCAPTCHA? No, it’s free from Google. If your payment gateway supports reCAPTCHA, it may just need to be activated on your account, no programming needed. Contact your payment gateway support or check their FAQ to find out.

Is there a cost to register for 3-D Secure? That’s up to the individual company doing the registration. Costs start at $0.

Is there an ongoing cost to use 3-D Secure? Yes, and it’s up to the individual company offering the service. Costs typically range from $.075 to $.30 per attempted authorization.

If hit by a card tester, can I negotiate to reduce fees? It’s unlikely because services were delivered as per your agreements.

Christine Speedy, authorized CenPOS reseller, provides universal payment processing solutions, including reCAPTCHA and 3-D Secure cardholder authentication, to maximize merchant profits and mitigate risk across multiple sales channels. Contact Christine at 954-942-0483.