3 Ecommerce Checkout Payment Problems

Use of a PCI compliant payment gateway does not make a company PCI compliant, compliant with card network acceptance rules, or compliant with best practices to maximize profits. In other words, if you follow best practices and comply with all the rules, you’ll have a more secure and profitable company. A key ingredient to compliance is the payment gateway, however, the payment gateway has no specific requirement to ensure your compliance with all the card network rules and best practices, just those that pertain to Payment Card Industry Data Security Standards.Here’s a few costly merchant problems:

  1. Lack of brute force attack tools. These help prevent bots from testing thousands or millions of cards on your checkout form. The merchant is liable for all of the attempted transaction fees on the payment gateway and on the acquiring. A simple first line of defense is adding recaptcha. See Visa best practices to prevent brute force attacks. https://usa.visa.com/support/merchant/library/visa-merchant-business-news-digest.html.
  2. Non-compliance with Visa Stored Credential Mandate, effective October 14, 2017? I’ve written extensively on this, for example here’s a B2B steps to compliance article. There are multiple elements, and many payment gateways do not yet have solutions, especially for ‘Unscheduled credential on file’. Do you have a checkbox in the sequence of checkout opting in to terms? https://usa.visa.com/dam/VCOM/global/support-legal/documents/stored-credential-transaction-framework-vbs-10-may-17.pdf.
  3. Invalid authorizations. This is the most costly as it can lead to consumer generated chargeback, issuer chargeback, non-qualified interchange rates and penalty fees. Here’s a story about the new .25% MasterCard integrity fee. Do you have Standard/STD, EIRF, or Data Rate I on your merchant statement under interchange fees? Then you have an authorization problem.
  4. Cardholder authentication limitations. The security code has historically not been enough evidence to win customer disputes about unauthorized charges. With 3-D secure, fraud liability shifts to the issuer. Effective April 2019 based on region and industry, Visa mandates many merchants use Visa 3D Secure 2.0. Reference Table 5-18: Acquirer Support of Verified by Visa, Visa Public Rules.

The solution to all of the above is replacing outdated payment gateway technology with new technology that will help automate compliance with card network rules, while reducing PCI Compliance burden.

Why comply? Here’s an example of the cost difference between valid and invalid authorization.

interchange rate qualification

Resources and documentation /blog/merchant-bulletins-downloads – bookmark it!.  Join Christine Speedy’s email list.

DISCLAIMER: condensed and incomplete information! Information may be quickly outdated.

Need a solution? Call Christine Speedy, 954-942-0483, 9-5 ET, CenPOS authorized global reseller based out of South Florida and New York. CenPOS is an integrated commerce technology platform driving innovative, omnichannel solutions tailored to meet a merchant’s market needs. Providing a single point of integration, the CenPOS platform combines payment, commerce and value-added functionality enabling merchants to transform their commerce experience, eliminate the need to manage complex integrations, reduce the burden of accepting payments and create deeper customer relationships.

Are You Compliant? B2B Credit Card Processing Fact Check

Merchant compliance with various credit card processing rules maximizes profits while mitigating risk. This is especially true for business to business companies. But that task is getting harder and harder with the onslaught of new rules, and virtually impossible if not using a sophisticated cloud solution to help manage compliance.

b2b visa stored credentialIf your B2B company stores credit cards, there’s a pretty good chance you’re not compliant. For example, Visa’s 2017 Stored Credential Transaction framework (PDF download from Visa) outlines merchant responsibilities to obtain customer consent as well as storing credit cards, using stored credentials (token), and managing stored tokens. Failure to comply with Authorization rules, for example preauthorization and final settlement do not match, has far-reaching consequences including higher interchange rates (the bulk of credit card processing fees), penalty fees and new chargeback risks. With so many new rules across multiple card brands that vary based on business and transaction type how can a business quickly ascertain if they’re compliant?

Quick tips to validate compliance:

  1. Is cardholder authentication performed when a new card is stored? When the cardholder data is entered and submitted, the issuer responds with an approval or declined message. A small charge is not an acceptable practice to submit transaction for approval; instead a zero dollar authorization request for authentication is submitted. If authentication is via 3-D Secure -Verified by Visa, MasterCard Secure Code, whereby the customer self-authenticates vs merchant initiating, reduced rates may apply. Under the new rules, two transactions occur at the time a card is stored. Compliant answer is yes.
  2. Is a transaction receipt delivered to customer when you store a credit card? This will be either for an amount or a zero dollar authorization. When stored credit card credential (token) is created, a transaction receipt is generated with the approval or decline and other mandatory fields. Compliant answer is yes.
  3. Does the receipt include “RECURRING” or “REPEAT SALE” for token transactions? Compliant answer is yes.
  4. Review merchant statements, usually the last 1-2 pages with the heading “pending interchange” or “fees” section. Do you see EIRF, STANDARD (STD), or DATA RATE I? Compliant answer is no.
  5. Can you produce documentation of customer consent to store their card (including with 3rd party service) and how it will be used?

If you’re not in compliance, your payment gateway is the most likely culprit, followed by ERP or other software integration limitation. I can fix that.

Reference: Links for all Card brands.

Need help getting compliant?

Call Christine Speedy, , for simple solutions to complex payment transaction problems, 954-942-0483, 9-5 ET. CenPOS authorized reseller based out of South Florida and NY. CenPOS is an integrated commerce technology platform driving innovative, omnichannel solutions tailored to meet a merchant’s market needs. Providing a single point of integration, the CenPOS platform combines payment, commerce and value-added functionality enabling merchants to transform their commerce experience, eliminate the need to manage complex integrations, reduce the burden of accepting payments and create deeper customer relationships.

3dcart and CenPOS Payment Gateway Partner To Grow B2B Vertical

Miami, FL April 23, 2018. The business-to-business (B2B) e-commerce sales channel presents new opportunities and challenges, particularly with increasingly complex credit card processing requirements. 3dcart, a leading e-commerce platform, has partnered with CenPOS, an integrated technology commerce platform. The CenPOS ‘Super Payment Gateway’ maximizes profits while mitigating the higher dollar value transaction risk in the B2B vertical.

Payment gateways directly impact the cost of credit card acceptance, including interchange fees, the bulk of merchant fees. The CenPOS 3dcart integration offers all the required elements to qualify B2B transactions for the lowest rates possible, including:

  •  Level 3 data for purchasing, corporate and business cards
  • Resolve authorization and settlement amount mismatch
  • Visa unscheduled, recurring, and installment stored credential mandate compliance
  • 3-D Secure – Verified by Visa, MasterCard SecureCode, American Express Safekey and Discover ProtectBuy

“Our first mutual customer reduced fees over 30% just by changing their payment gateway,” commented Christine Speedy, CenPOS sales expert for 3dcart users. “Both our customers can expand into new markets while maximizing profits, security and compliance.”

“With the CenPOS integration, we expand the payment solutions offered by 3dcart to provide existing and prospective customers globally an additional alternative to how they process credit cards today, with any acquirer they choose,” stated Gonzalo Gil, 3dcart CEO.

The 3dcart CenPOS integration currently supports credit card, EFT/echeck with and without guarantee, Paypal and alternative payment methods. CenPOS POS and mobile and are available standalone now and will be integrated in the future to provide 3-D Cart customers a validated point to point encryption (P2PE) option. A validated P2PE solution significantly reduces merchant scope for PCI Compliance. CenPOS also includes to all 3dcart customers their electronic bill presentment and payment (EBPP) solution, supporting wire payments, text messaging, and other key B2B items of interest.

cenpos logoAbout CenPOS

CenPOS (https://www.CenPOS.com is a merchant-centric, end-to-end payments engine that drives enterprise-classsolutions for businesses, saving them time and money, while enabling merchants to create deeper lasting relationships with their customers. CenPOS’ secure, cloud-based solution optimizes acceptance for all payment types across multiple channels without disrupting the merchant’s banking relationships.  PCI Level 1 Service provider, QIR Certified, P2PE Validated, HIPAA compliant. https://www.cenpos.com/ CenPOS 877-630-7960, Christine Speedy direct 954-942-0483.

logo 3dcartAbout 3dcart

3dcart (https://www.3dcart.com) is the most SEO-friendly eCommerce platform for retailers and internet marketers to grow their online stores’ traffic and sales. 3dcart includes 24×7 Technical Support, 100+ Mobile-Ready Themes, order management software, built-in blog, email marketing tools and more. Since 1997, the company has been a leader in the eCommerce market, building online stores for businesses of all sizes. Today, 3dcart is Visa PCI Certified and a Google Partner. Sales 800-828-6650