Merchant services for political campaigns tend to cost more than for retail merchants. Why? The main reasons are their lack of knowledge about the subject and then all the other reasons. Other reasons include how payment is collected, the types of cards presented, and the credit card processing price plans they are on. Below I’ll address each issue in brief.

First their lack of knowledge makes it easier for other companies to charge them more money. Think used car salesmen 25 years ago. Small campaign races will generally pay more than big races because there is little to process. This is simply an ROI issue just like with small businesses. But what about the bigger campaigns?

How do politicians collect money for campaign contributions? The most popular are checks in the mail, donor cards collected at speaking events (check or credit card which is key entered later), and online donations. The donor card exposes the politician to substantial risk. Where are the cards stored while traveling from one event to the next? Who opens the mail? Who keypunches the data? What kind of training have they had in protecting card data? Do you perform background checks on volunteers who see donor cards?

• Reduce risk by keypunching data into a virtual terminal on site.
• Reduce risk and cost by attaching a card reader to a computer. You’ll save about 0.5% by swiping vs key entering.
• Always securely shred card data upon completion of transaction. With a well-developed donor form, you can detach or cut off the credit card data while still keeping critical information on the form such as payment amount. Record the authorization number and date processed on the form for your records.

Costs are affected by the type of card presented for payment. You can’t control this. But you also need to know the merchant services game because this is a big gotcha. In my experience, the card type can relate to the type of race; the bigger dollar donors use rewards or corporate cards. Campaigns targeting smaller donations attract a high amount of debit cards, up to 50%. Here’s the big catch on merchant agreements- QUALIFIED RATE. Chances are 80% of cards presented will never hit the qualified rate. So what’s your non-qualified rate? What’s your best rate for corporate cards for a MOTO merchant account? (Interchange is 2.2% plus $.10 per transaction. )

Common Visa interchange rates for reference: RETAIL= swiped card. MOTO = mail order or phone order. Ecommerce rates are the same, but account set up and rules are different. Below is a very small list of the 500 or so possible rates. We see every day on merchant accounts.

• debit/check card, swipe .95% plus $.20 per transaction
• debit/check card, MOTO 1.53% plus $.10 per transaction
• credit card, swipe 1.79% plus $.10 per transaction
• rewards card, MOTO 1.95% plus $.10 per transaction
• Commercial card MOTO 2.2% plus $.10 per transaction
  Downgrade costs can be nearly 1%, and remember, these are interchange costs. Your fees will be higher.

Credit card processing price plans vary widely for this industry, but in general, are much higher than others. That’s not because the raw costs are higher, its because the payment processors take bigger profits. Remember what I said about the used car salesman. Credit card processing is not the core skill of the average politician and it may not be for the finance manager either. One of the most valuable assets of a politician is their time. Therefore they tend to copy what others in their party are doing, or simply look for the easiest solution that solves many of their time issues.

Ecommerce solutions for politicians are plentiful as they are for non-profits. I have no problem with payment processing costs being higher than average if you get a robust software package at no cost. Companies have to recoup their investment somewhere. But what if you pay for the software and the payment processing?

Let’s look a little deeper into an example such as Click & Pledge. It has lots of cool features to manage donors and build an online community. They also have an integrated payment processing solution option. I had to read several sections a few times, and based on what I read,  I’m still not sure. Can you use their other features but not the payment processing/ They have API section which looks like a yes, but the non-existent comments in the forum make me wonder.

Their rates are among the highest I’ve seen at 4.5% and $.35 per transaction. But wait- that’s not for all cards. “Visa & MasterCard may add additional fees for affinity and cards which earn points. These cards are referred to as non-qualified cards and typically have 1% surcharge associated with them. The fees are not being charged by Click & Pledge and we have no control over which cards will be charged as a non-qualified card.”  So merchants can expect to pay up to 5.5%. Basically they’ve locked in at least 2% profit (also known as 200 basis points) by my estimation, and that’s very high in todays marketplace.

Two percent is about double the norm for a small business from what I’ve seen, although that market is not my specialty. Maybe solutions like this are still a good fit for your campaign. But before  you buy, ask if you’re allowed to use your own merchant account. In most cases you’ll do better far on price and there are other benefits as well. For example, if I were managing your account, I’d make sure you had the right type of merchant accounts for different situations to meet Visa and MasterCard regulations. You’ll get advice and handouts for volunteers on proper data security. We can assist with your check processing, including remote deposit capture. We can assist with payment type and provide risk management advice to help protect you against embarassing data security breaches.

Keep more money from your online donations. Get a merchant account separate from your software or web host.

Why check for address instead of CVV for mail orders to protect against fraud? Shouldn’t CVV or CVV2 be checked before anything else? The difference really lies in the way your firm processes orders and the need to be PCI Compliant.

MO/TO or MOTO stands for Mail orders/telephone orders. The same rules apply for fax orders.

Mail orders or fax orders generally involve a pre-printed form returned with the buyers selection and pricing. The card is then scanned with an OCR device or the order is keypunched. BEWARE IF YOUR form asks for the CVV or CID code, this presents a security risk from the moment it leaves the senders hands. Therefore, when the order is received, the merchant MUST PROTECT THIS DATA AND MUST NOT STORE IT. You can also choose to find a way to process the order that does not require a CVV code, but still protects the merchant from fraud. The AVS or address verification then becomes essential to prevent fraud. If using a virtual terminal, the terminal should require an AVS check.

If you complete Phone orders by keypunching the cardholders data while on the phone with the customer, you can ask for the CVV or CVV2 code. The assumption is that you are using a PCI Compliant solution whether it be software or a virtual terminal, that does not store the CVV data. A secure method such as a virtual terminal can prompt for the CVV code and also perform an address check. There is still some risk by taking CVV over the phone because the data is exposed to whoever handles the order. If the merchant writes down transaction information to be keypunched later, merchants should be avoid writing down CVV whenever possible; if they are written down, follow special PCI Compliance standards to protect the data temporarily until it is securely shredded.

The AVS response can be a full match, partial match, no match, unavailable, or retry.

Full match – both the zip code and address match.

partial match- only the zip code or address match, but not both. You may wish to determine what risk you are willing to assume based on the order value.

no match- zip and address don’t match. This is a sign of fraud and further steps should be taken to verify it’s a valid transaction. If you’re on the phone ask questions and get the CVV. If you’re not on the phone, you might want to invest time for a little research depending on the value of the order. For example, I’ve used whitepages.com to research name, phone and address. If the person moved, there could be a legitimate reason, but the person should be able to recite their old address.

Unavailable- The system is unavailable or the card issuer does not support it. US card issuers must support AVS, but this is not true worldwide. For merchants that have a lot of transactions from foreigners, requiring AVS can be a problem because they can’t pass. However, all cards should be able to pass CVV. Merchants lose all chargeback prevention rights for card not present transactions if the CVV or AVS response is U.

Retry – The card issuers system is anavailble- try again later.

For more details, please see the Visa Card Acceptance Guide.

If the merchant performs an address check and gets a full match, plus has a CVV match, they’ll be in a better position to win chargeback disputes. However, your customer types, order processing methods, employees and industry all are factors in assessing risk and determining what steps are best for you to mitigate risk. Whatever methods you choose, be sure to communicate policies with employees and always review PCI Data Security Standards.

CenPOS is a technology solution with numerous controls to help management set criteria globally and down to the cashier level. Settings include AVS (full and partial) and CVV plus dollar thresholds.

In conclusion,  whether you require CVV or not is a business decision for MOTO transactions. You must factor in the risk of not taking the CVV and of having data exposed until you’ve used it and then shredded it vs possible credit card fraud. For small ticket orders, you might wish to skip it to reduce risk. For large value orders, you may not want to risk your product going out the door. In that case, be sure to have a PCI Compliance program in place, and train employees. AVS should be required to pass without exception.