Which Payment Gateways Support Stored Credential Requirements?

Rules for storing and using stored cards changed for merchants in 2017, yet many payment gateways in 2019 still don’t support the transaction requirements, opening risk of issuer chargeback, fines, and assessments to merchants. Since the card networks are now notifying acquirers of non-complaint merchants, it’s time to get serious about making updates.

The fours types of stored credential transactions are recurring billing, installment billing and Unscheduled Credential On File, where buyer agrees to store the card and future transactions will be initiated either by merchant or buyer. Read more about the stored credential rules either by searching the blog for ‘credential’ or click here for card network rules. The payment gateway manages most of the compliance after merchants make the appropriate changes for standalone or integrated solutions, but merchants also have responsibility for getting the proper wording and opt-in record keeping for agreements to store cards.

Which payment gateways support authorization requirements for stored credentials? Ask gateways if they support your specific card not present transaction type. Even if they do, merchant compliance is not automatic and merchants cannot rely on web developers to automatically get them updated either. This list is valid as of today. Please comment below if you have new information about updates or more payment gateways to add to the list.

  • Authorize.net- No, see developer forum for updates.
  • Bluepay- Unable to determine.
  • Braintree- Yes, added MasterCard 1/18/19, Visa 2018.
  • CenPOS– Yes, since 2017, all transaction types. CenPOS does not publish developer information online. See contact info below for sales, integrations and developer assistance.
  • Cybersource- No, not if this article is still valid.
  • Ingenico- Maybe. Yes, with Ingenico ePayments DirectLink on the international web site, but I was unable to find the related developer code for updating US ePayments needs.
  • Orbital (Chase)- Unable to determine.
  • Payeezy (First Data)- Yes, developer instructions.
  • PayFlow Pro- Unable to determine, doesn’t look like it.
  • Shift4 – No.
  • Vantiv/WorldPay- Maybe. With the merger of these companies, merchants might or might not be using a payment gateway that supports it. Developer info for Worldpay.

Call Christine Speedy, CenPOS Global Sales. 954-942-0483, 9-5 ET for a payment gateway compliant with stored credential rules that can be quickly implemented. CenPOS is an integrated commerce technology platform driving innovative, omnichannel solutions tailored to meet a merchant’s market needs. Providing a single point of integration, the CenPOS platform combines payment, commerce and value-added functionality enabling merchants to transform their commerce experience, eliminate the need to manage complex integrations, reduce the burden of accepting payments and create deeper customer relationships.

D365 payment gateway

What’s an economical payment gateway for D365? One that enables business to qualify for the lowest rates possible for any given card type, mitigates chargeback risk, and creates efficiencies. Many businesses using AX 2012 and D365 need to store a card and charge on demand. To qualify for the lowest rates and mitigate risk of penalties and fines, compliance with the card network rules is required.Minimum requirements to potentially qualify for the best rates are:

  • For card not present payments, including invoice portal, support 3-D secure; some issuers offer a lower rate averaging 20 BPS (.20%) less.
  • Compliance with 2017 Visa stored credential mandate (which will also get you compliant with MasterCard etc). Many payment gateways do not support this yet.   Ask, ” Do you support “Unscheduled Credential On File” rules?; store the card, charge on demand. Currently authorize.net, Red Maple and Payflow Pro do not.
  • If doing preauthorizations, a method to reauthorize expired auths, and a method to make initial and final auth the same amount if it changes after the preauth. Failure to do so increases the qualified credit card rate an average of 30% for businesses on pass-through interchange pricing.
  • Reversing unused authorizations; Mastercard penalty is now a hefty .25% for misuse of authorization.

Call Christine Speedy, CenPOS Global Sales. 954-942-0483, 9-5 ET for a D365 payment gateway that can be quickly implemented. CenPOS is an integrated commerce technology platform driving innovative, omnichannel solutions tailored to meet a merchant’s market needs. Providing a single point of integration, the CenPOS platform combines payment, commerce and value-added functionality enabling merchants to transform their commerce experience, eliminate the need to manage complex integrations, reduce the burden of accepting payments and create deeper customer relationships.

authorize.net alternative for Visa stored credential

Need an alternative to Authorize.net to comply with stored credential rules, including for both recurring and Unscheduled Credential On File? Authorize.net does not yet offer a solution for Visa stored credential or Mastercard. This includes both merchant initiated transaction and customer initiated transaction in addition to the other items in the Visa Stored Credential Transaction framework and mandates effective October 14, 2017.

The payment gateway is the biggest piece of the puzzle for compliance. My clients were compliant back in 2017. Whether integrated or standalone, I can help you comply with this and many other rules that impact merchant fees and chargeback risk. Even B2B companies that never have chargebacks are at risk.

Call Christine Speedy, CenPOS Global Sales. 954-942-0483, 9-5 ET for all your recurring billing and stored credential payment gateway and virtual terminal needs. CenPOS is an integrated commerce technology platform driving innovative, omnichannel solutions tailored to meet a merchant’s market needs. Providing a single point of integration, the CenPOS platform combines payment, commerce and value-added functionality enabling merchants to transform their commerce experience, eliminate the need to manage complex integrations, reduce the burden of accepting payments and create deeper customer relationships.

Recurring Billing Rules Update

Do you hate it when you want to cancel a recurring billing service, but the business doesn’t let you cancel online and instead provided a phone number? Merchants offering SaaS or any recurring billing sign-up online, must allow customers to cancel online to comply with the Visa Stored Credential mandate.

Visa Product and Service Rules Table 5-20: Requirements for Prepayments and Transactions Using Stored Credentials, October 2018, pg 444.

What if a business does not allow you to cancel online? Report Visa violations here https://usa.visa.com/Forms/visa-rules.html. It says for in store only, but there is a check box for recurring transactions. The web site also says to contact your financial institution via the phone number on the back of the card.

The basis for the change is to enable customers more control over their purchasing, and stored card management. It makes sense if you can buy online 24/7, then you should be able to cancel online 24/7.

Rules for merchants to store cards and use stored cards changed dramatically in 2017, with enforcement beginning last year. Compliance is not automatic. Payment gateways manage most of the technical details, however, not all payment gateways are capable yet. Compliance is not optional and merchants are getting notices of violations subject to assessments and fines if not resolved. If your payment gateway or integrated solution does not support the needs to comply with the stored credential mandate, contact your acquirer, or credit card processor, to request a temporary waiver.

Call Christine Speedy, CenPOS Global Sales. 954-942-0483, 9-5 ET for all your recurring billing and stored credential payment gateway and virtual terminal needs. CenPOS is an integrated commerce technology platform driving innovative, omnichannel solutions tailored to meet a merchant’s market needs. Providing a single point of integration, the CenPOS platform combines payment, commerce and value-added functionality enabling merchants to transform their commerce experience, eliminate the need to manage complex integrations, reduce the burden of accepting payments and create deeper customer relationships.

What is MasterCard Data Integrity reporting?

MasterCard monitors the transaction data detail submitted by the acquirers, or merchant processors, to ensure the accuracy and integrity of the data. Data integrity reporting is accessible by acquirers and when problems are found, merchants are notified, typically with a short timeframe to correct the problem before non-compliance assessments and fines will be allocated.

Merchants often experience an increase in Data Integrity failures when not compliant with changing rules. For example, a MasterCard Data Integrity reporting as failing Edit 21, Recurring CoF Monitoring, refers to using a stored Credential On File for recurring billing. These are merchant initiated transactions on a fixed schedule for a fixed amount. Per MasterCard, all recurring payments are considered credential-on-file transactions. 

“MasterCard requires POS entry mode= 10 (credential-on-file) to be sent for transactions identified as recurring.  Please work with the POS vendor and these locations to correct the POS entry mode. If corrections are not completed, merchants are subject to non-compliance assessments and fines will be allocated.”

POS is an abbreviation for Point of Sale, even though recurring billing is not run via a traditional point of sale device. The payment gateway is critical to compliance and most likely is not sending the correct data, though it’s possible problems exist in other areas of the payment ecosystem, for example, with the acquirer. All US merchants are required to be compliant with stored credential rules that rolled out over 2017 to 2018. Some gateways now support the correct data set for recurring billing, but still lack support for Installment and Unscheduled. Payment gateways and solutions providers rarely advise merchants when they don’t have a solution, just when they have something new. Thus businesses may be in for a surprise with an urgent notice to correct a compliance violation.

Call Christine Speedy, CenPOS Global Sales. 954-942-0483, 9-5 ET for all your recurring billing and stored credential payment gateway and virtual terminal needs. CenPOS is an integrated commerce technology platform driving innovative, omnichannel solutions tailored to meet a merchant’s market needs. Providing a single point of integration, the CenPOS platform combines payment, commerce and value-added functionality enabling merchants to transform their commerce experience, eliminate the need to manage complex integrations, reduce the burden of accepting payments and create deeper customer relationships.