Credit card authorization form 2020

Posted on November 23, 2020 by Christine Speedy

Looking for a PCI Compliant Credit card authorization form template? Downloadable PDF or Word forms all over the internet are never PCI compliant nor compliant with card network rules, plus the form might introduce malicious code into your network, leading to a future data breach. In this article learn about compliant credit card authorization form problems and solutions.

Merchants must replace traditional paper credit card authorization forms. Per Visa rules, merchants are never allowed to ask for the security code in any written form. I know companies that are skirting this rule by using a paper form and then calling the customer for the security code. They are stuck on the idea that a signature is going to make a difference if there is a dispute later, which was true in the past but not any more. Merchants also cannot store the form with full card numbers nor store the security code after authorization. Traditional credit card authorization forms increase risk of fraud and identity theft and nobody likes them!

pci security standards — PCI Security Standards Council guidelines for storage of cardholder data.

Is it OK to use a digital credit card authorization form? That depends. Cloud digital credit card authorization forms may not be PCI compliant.

The rise in digital credit card authorization forms is downright scary, because despite claims by sellers, merchant implementation of them is often not PCI Compliant. Here’s a few reasons why:

Neither merchants nor third parties can store the security code after authorization.
Neither merchants nor third parties can store the card number unmasked after authorization.
Merchants will be hard pressed to prove PCI Compliance in the event of a data breach. Who had access to the forms and when? How is the server wiped of the data? What about back up servers?
What’s the point of getting a signed form if you can’t save it?
If the service offers an authorization to verify cardholder, but the merchant then types card number into another system with no connection to the initial verification, all subsequent transactions are in violation of rules for storing and using stored cards thus are open to issuer chargeback risk.

What’s a better solution? Use a third party hosted solution to reduce PCI Compliance burden and empower customers to self-pay and self-store their cardholder data. Ensure that the solution supports 3-D Secure, which shifts friendly fraud (it wasn’t me, I didn’t authorize it) liability to the issuer. This could be a static pay page or secure link you push out via text or email. My CenPOS customers have had this solution for nearly a decade.

Benefits of compliant solution:

Reduced merchant fees for some cards (3-D Secure cardholder authentication such as Verified by Visa must be enabled.)
Increased approvals with cardholder authentication.
Mitigate chargeback risk – with 3-D Secure cardholder authentication, fraud liability shifts to issuer.
More convenient for buyers- 24/7 payments on their schedule, not yours.
Buyers are in control of choosing to store payment methods.

How can merchants get 3-D Secure? Contact us for the latest instructions or call your merchant services provider.

Call Christine Speedy, PCI Council QIR certified, for simple solutions to card not present payment transaction problems, 954-942-0483, 9-5 ET.

References: Search the blog for credential or form or click on the navigation for links for more resources on rules and compliance.

What Is Auth Code 05 decline?

Posted on January 3, 2019 by Christine Speedy

A credit card Authorization Response Code 05 decline transaction, or Do Not Honor, is card issuer response. What can the merchant do?

In the above example, we can see that the AVS, ZIP and CVV were not validated as OK in the transaction authorization request. As this is a card not present sale manually entered by the merchant, failure to validate the security code is reason enough for an issuer to decline to accept the risk of potential chargeback.

Merchants can avoid the scenario by using an even stronger cardholder authentication using 3-D secure protocols such as with Verified by Visa. For example, instead of key entering, require the cardholder self-enter their cardholder data. With the stronger authentication, merchants can expect more approvals, reduced fees, and chargeback risk shifted to the issuer.

Asking the cardholder to call the issuer and request they approve the transaction is not a best practice and won’t provide the highest level of fraud protection.

Call Christine Speedy, PCI Council QIR certified, for simple solutions to complex payment transaction problems, 954-942-0483, 9-5 ET.

Storing credit card for layaway plan prepayments rules

Posted on September 28, 2018 by Christine Speedy

What are guidelines for storing and using stored credit cards for layaway plans? What is solution for auto payment layaway plan? Credit card processing rules have changed.

The process for storing and using stored cards rules are largely set by the Payment Card Industry Data Security Standards (PCI DSS) and Card network acceptance rules. Huge changes went into effect in 2017, starting with the Visa Stored Credential Mandate, and more are coming.

For a layaway plan, you need a payment gateway that supports sending the correct transaction type indicator. That would be either installment or unscheduled credential on file, depending on the agreement with buyer. This is outlined in Visa Core Rules and Visa Product and Service Rules, section 5.9.9 Prepayments, Repeated Payments, and Deferred Payments. If accepting prepayments merchants must comply with Table 5-20, Requirements for Prepayments and Transactions Using Stored Credentials.

Visa specifies that when Cardholder gives their consent to items in table 5-20, it must be displayed separately from the general purchase terms and conditions. The Merchant must provide, and the Cardholder must consent to all of the following in writing at the time of the first or only partial prepayment:

Description of promised merchandise or services
Terms of service
Timing of delivery to Cardholder
Transaction amount
Total purchase price
Terms of final payment, including the amount and currency
Cancellation and refund policies
Date and time that any cancellation privileges expire without prepayment forfeiture
Any associated charges

In addition, for Installment Transactions, both:

Total purchase price
Terms of future payments, including the dates, amounts, and currency

Plus

How the cardholder will be notified of any changes to the agreement
How the Stored Credential will be used
The expiration date of the agreement, if applicable

In summary, merchants documents for compliance:

Sales agreement
Cardholder Agreement for Prepayment
Cardholder Agreement for Storing & Using Stored Cards

Traditional old credit card authorization forms are dead. Merchants cannot get them on paper, and most digital forms are also not compliant. Requirements are specified in Visa Table 5-20.

Merchants payment technology to comply with rules:

Inform the issuer via a transaction that payment credentials are now stored on file.
Identify transactions with appropriate indicators when using stored credentials. (Recurring, installment, or unscheduled credential on file.)

Not all payment gateways are capable of meeting current compliance rules for all transaction types. How much the payment gateway solution helps automate compliance varies widely. If you need a solution for automotive layaway plan, you need an expert in rules compliance to avoid penalty fees, issuer chargebacks, and other costly problems. For help choosing the best solution for your company, contact us.

Resources and documentation /blog/merchant-bulletins-downloads – bookmark it!. Join Christine Speedy’s email list.

DISCLAIMER: condensed and incomplete information! Information may be quickly outdated. Contact a lawyer for legal advice.

Need a solution? Call Christine Speedy, 954-942-0483, 9-5 ET, CenPOS authorized global reseller. CenPOS is an integrated commerce technology platform driving innovative, omnichannel solutions tailored to meet a merchant’s market needs. Providing a single point of integration, the CenPOS platform combines payment, commerce and value-added functionality enabling merchants to transform their commerce experience, eliminate the need to manage complex integrations, reduce the burden of accepting payments and create deeper customer relationships.

Credit card surcharge rules and laws 2020

Posted on March 21, 2018 by Christine Speedy

Credit card surcharging is very complex, as the rules cross multiple card brands and terms of acceptance. Here’s an updated review of who can surcharge, what card types, and checklist of how to roll out credit card surcharge at your company. The answers are targeted for business to business merchants, my area of expertise.

What is a credit card surcharge?

Surcharge is any fee charged by a merchant for the use of a card.

Card brands agree on this for surcharging:

Brand level – Surcharge must be the same fixed or variable for all Brands (example, Visa, MasterCard) credit card transactions;
Product level – Surcharge must be the same for all specific Product, for example, signature rewards cards or commercial cards, regardless of issuer or card brand.
Merchant Discount Rate is the fee, expressed as a percentage of the total transaction amount that a Merchant pays to its Acquirer or Service Provider for transacting on a Credit Card brand. In short, it’s typically all the fees on your merchant statement EXCEPT PCI compliance, terminal rental fees or any other special fee that is not paid via the mechanism of the per-transaction merchant
discount fee.
The Surcharge amount must be submitted separately (in the defined surcharge field) from the Transaction amount in the authorization and clearing message.
The receipt must list the surcharge amount separately.
If the original transaction has a partial or full refund, the surcharge amount must all be refunded proportionally.
Surcharge on debit or prepaid cards is prohibited for all merchants.To ensure compliance use a payment gateway that can identify the card brand and type of card to allow surcharges only on eligible cards.
The fee must be relative to their average cost of card acceptance.

How much can a merchant surcharge?

In short, surcharging is allowed to cover costs, not to make a profit. Let’s face it, based on the rules above, to simplify implementation, merchants will surcharge at the brand level because they lack the technology to discern between product types on a per transaction basis. Taking all that into account what can you surcharge?

By rule, must calculate average discount rate for the preceding one month or 12 months. Unless the last month was unusual for your business, you’re better off using the one month method because of rising and or new fees that occur during any rolling 12 month period. Calculate https://3dmerchant.com/blog/credit-card-processing-rates/effective-rate-calculator
Cannot exceed Maximum Surcharge Cap, which is currently 4%. (My B2B readers would unlikely ever be able to charge 4%. If your effective rate is over 3%, pick up the phone and call 954-942-0483 now.)

Just because somebody offers it doesn’t make it right. Some companies are offering “free merchant accounts” by offsetting fees with 3.5% surcharge. The average B2B company has much lower than 3.5% effective rate so that is a violation of card acceptance rules, subject to penalty. See this article with free tool for calculating your average merchant discount or effective rate.

Surcharge checklist:

Notify card brands (Visa etc) in writing at least 30 calendar days before assessing a US Credit Card Surcharge; must state whether will surcharge at the brand level or product level.
1. https://www.visa.com/merchantsurcharging
2. http://www.mastercard.us/merchants/support/surcharge-disclosure.html
3. https://www.discoversurcharge.com
4. Amex- none required
For card not present orders, disclose verbally if telephone; for online orders minimum 10-point Arial font, but in any case no smaller or less prominent than surrounding text.
Receipt must be delivered with the surcharge as a separate line item.

Where are merchants prohibited from surcharging?

Ten states—California, Colorado, Connecticut, Florida, Kansas, Maine, Massachusetts, New York, Oklahoma and Texas—and Puerto Rico have laws on the books that prohibit merchants from charging consumers with surcharges on credit card transactions. However, due to federal and other court rulings, multiple states have backed away from the bans. New York agreed to allow them in January 2019, as long as certain requirements are met, which already exist in the card network rules. Only Kansas, Colorado, Connecticut, and Massachusetts have bans. The legislative intent in many of these states was to protect consumers, and not to restrict B2B surcharging.

In 2015, the 11^th U.S. Circuit Court of Appeals, a federal court, overturned Florida state law as being unconstitutional, allowing surcharges to legally continue in Florida and nine other states that had enacted bans against them. The case was a highly contentious 2-1 decision in which the court’s chief judge said the state surcharge bans (like Florida’s) were “being struck down by a federal court for no good reason.”
In December 2019, Oklahoma attorney general official opinion declaring the state’s no-surcharging law unconstitutionally restricts free speech.

Surcharge Laws Stories:

Texas Updated 2020 – https://faq.sll.texas.gov/questions/9631Senate Bill 560, which went into effect on September 1st, 2017, changed the laws relating to credit card surcharges. Previously, the Office of Consumer Credit Commissioner (OCCC) enforced the law on credit card surcharges, but that is no longer the case.
Florida update https://www.epgdlaw.com/are-credit-card-surcharges-legal-in-florida/
California update
https://oag.ca.gov/consumers/general/credit-card-surcharges
January 10, 2019 NY Update
https://www.natlawreview.com/article/parties-case-challenging-constitutionality-ny-no-credit-card-surcharge-law-jointly
NY Court of Appeals issues interpretation of no surcharge law https://www.consumerfinancemonitor.com/2018/10/26/ny-court-of-appeals-issues-interpretation-of-ny-no-credit-card-surcharge-law/
2018 Florida https://www.nbc-2.com/story/40273084/you-can-legally-be-charged-extra-for-using-a-credit-card
2018 case in California http://delfinomadden.com/credit-card-surcharge-ban/
2017 US Supreme Court & NY https://www.usatoday.com/story/news/politics/2017/01/10/supreme-court-new-york-credit-card-surcharge-price-speech/96391718/
http://fortune.com/2017/03/29/credit-card-charges-supreme-court-freedom-speech/
http://www.orlandosentinel.com/business/consumer/os-nsf-florida-credit-card-surcharges-20160706-story.html
https://www.ncsl.org/research/financial-services-and-commerce/credit-or-debit-card-surcharges-statutes.aspx

State statutes on surcharge laws

https://portal.ct.gov/DCP/Legal/Credit-Card-Surcharge
https://malegislature.gov/Laws/GeneralLaws/PartI/TitleXX/Chapter140d/Section28a

For more information, see Surcharge law resources under Merchant Alerts & Rules Links or contact your acquirer for accurate and current information specific to your situation. Neither Christine Speedy nor this web site provide legal advice. Consult an attorney for all your legal questions.

Does your company want to surcharge? Call Christine Speedy right now at 954-942-0483, 9-5 ET for a compliant solution. Please share your surcharge insights for others and ask any questions below. The information herein is based upon public information available at the time written and may change.

What is Commercial Card Interchange Service? Is it good or bad?

Posted on July 11, 2017 by Christine Speedy

First Data Commercial Card Interchange Service to reduce fees for some merchants automatically.

The Commercial Card Interchange Service June 2017 merchant statement message to First Data Merchant Services, and Independent merchant service provider customers using the First Data credit card processing platform, is bound to raise questions. Essentially, the service automates sending additional data required to qualify some card types for lower rates. Skip to the bottom to see the impact if you already have the message details.

“Merchants using cloud-based payment processing solutions with interchange optimization, including level 3 processing, will continue to retain 100% of interchange savings”, says Christine Speedy, business to business payments expert.

FULL STATEMENT TEXT: Note- The live date and other language may vary, but the overall terms are the same for all merchants getting the message. “We are pleased to introduce the Commercial Card Interchange Service, designed to save you money by reducing the interchange cost for certain Commercial Card transactions. The card networks require that you include the sales tax amount with each transaction to get the best interchange for Commercial Card transactions. Your POS terminal should prompt for that information but often that prompt is bypassed so no tax information is sent causing a downgrade. With the CCIS service,when transactions do not include any tax information we will compute the sales tax based on the applicable rate at your location to allow you to obtain the best interchange. When we compute the sales tax on your behalf, we will retain 50% of the interchange savings. You will see this reflected on your monthly statements as Commercial Card Savings Adjustment. This adjustment is only applied when CCIS has improved your interchange qualification. You can save even more by entering the tax with each transaction at the point-of-sale, but if your employees do not do so, CCIS will help you qualify for Commercial Card interchange. If a transaction is fully or partially exempt, you should enter the tax amount (even if that amount is $0.00) as
CCIS applies your local tax rate to the full amount of transactions when the prompt is bypassed.

This service will begin on August 1, 2017. You may see savings beginning with your August statement. More detail about this new benefit can be found on the last page of this statement. Please call the customer service number on the statement if you do not want us to perform this service. Otherwise, continuing your merchant account with us or use of your merchant account after 30 days will represent your acceptance of these terms. If you have any questions, please contact customer service at the number on your statement.

Frequently Asked Questions- Commercial Card Interchange Service

Why am I eligible for a lower interchange on some Commercial Card Transactions? Some card networks require additional information beyond the total sales amount to qualify the Commercial Card transaction for a lower interchange rate. This information includes sales tax amount, which if provided reduces your interchange cost.

How does the service work? First Data will compute and submit the required sales tax to the Card networks on your behalf for applicable Commercial Card Transactions when not supplied in your submission. This additional data allows these transactions to qualify for a lower interchange rate that reduces your interchange cost.

Why is First Data offering this service? At First Data we are always working to bring you the broadest and most innovative range of payment options to grow your business and maximize your revenue. This is a new service that was developed to help merchant minimize interchange costs.

What is the cost of this service? There is no incremental cost for this service. Ignite payments shares in the savings it helps your company to achieve on qualifying transactions.

How can I see how much I have saved? The savings will be shown on each month’s statement. The adjustment to your account for this service wills appear in the Service Charge section of your processing statement. It will appear as “MC COMMERCIAL CARD IC SAVINGS ADJ” for applicable MasterCard Transactions and “VISA COMMERCIAL CRD IC SAVINGS ADJ” for applicable Visa transactions. The detail as in the example shown below will include: the total interchange savings; the portion of the interchange savings that will be retained by you; and the portion that we will retain.

Date Type Description Total
05/01/2017 SC MC COMMERCIAL CARD IC SAVINGS ADJ .50 DISC RATE TIMES $140.93 -70.47
05/01/2017 SC VISA COMMERCIAL CARD IC SAVINGS ADJ .50 DISC RATE TIMES $359.76 -179.88

In the example above:

Total savings of $140.93 was achieved on the eligible MasterCard Commercial Card transactions.
You will recieve 50% of this savings, which is $70.47 and we will retain 50% (noted as the .50 DISC RATE).
Shown as -$70.47

Are there any setup fees that will be billed to my account to activate this service? No setup fees will be billed to your account upon activation of this service.

Will my business need to make any changes to utilize this service? No, First Data will perform this service completely during the interchange qualification and submission process to the card networks.

Will this service be performed on all Commercial Card transactions? This service will only be performed when a lower cost interchange qualification can be achieved on applicable Commercial Card transaction for which your business did not submit the required sales tax amount and did not identify as tax exempt.

Can my business request this interchange savings service be cancelled? Yes. This service can be cancelled upon request by the individual within your organization authorized to make accounts changes. If you prefer to opt out of this savings opportunity, please contact customer service at the number on your statement.

Who can I contact with additional questions? Please contact customer service at the number on your statements.” End statement message.

From Christine Speedy, business to business payments expert:

Is CCIS good or bad for merchants? Saving 50% automatically is good. Giving away 50% of the savings is bad, but might be the only option for some merchants due to business size, technology or other circumstance. CCIS does not ensure the lowest commercial card rates, only another possible level of savings. For B2B merchants especially, there are multiple ways to reduce fees with technology, including for card not present transactions.

How can I qualify for the lowest commercial card rates and keep 100% of the related savings?

A cloud-based payment gateway is required. Desktop terminals are incapable of sending all the data required.
Use a payment gateway that supports level 3 processing and will automate interchange optimization. More than just submitting sales tax, there are other rules that must be met to qualify for the best rates.
Contact Christine Speedy for the best payment gateway analysis for your business needs, compatible with your existing merchant account and other software needs.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Card Not Present, CenPOS, credit card processing

B2B Cloud payment processing technology blog about increasing profits, efficiency and security.

Category Archives: merchant account Q&A