Visa Partial Authorization Service

Visa merchant library update on December 13, 2016. Visa provides a Partial Authorization service that provides an alternative to declining a transaction when the card’s available balance is not sufficient to approve a transaction in full. This flyer provides information about the benefits realized, how to use the service, and answers to frequently asked questions.

PDF 326 KB Visa Partial Authorization Service – Improve the Customer Experience and Increase Sales

“Partial authorization improves the customer experience by preventing embarrassment from a decline at the point of sale and enabling a seamless checkout with split tender transaction using multiple payment methods.” Christine Speedy

To accept partial authorizations for your business, a few items are needed:

  • Technology that supports it. Payment gateways certify partial authorization for each acquirer. Not all gateways certify.  The receipt must also show each payment amount.
  • The merchant must enable it. For example, this could be a checkbox in the ERP or shopping cart software payments module, or it might be turned on at the gateway administration level. It’s possible a gateway is certified, but the related software using the gateway does not support it.

If partial authorization is not supported, and there’s a decline due to insufficient funds, there’s still an open authorization for the funds that were in the account. An authorization reversal should be completed to remove hold on any cardholder funds. If you don’t want screaming customers, this is a must! Intelligent technology can automate this process.

Compliance with credit card processing rules can be extremely complicated. Relying upon employee training is futile. To improve your customer experience and automate rules compliance, contact Christine today at 954-942-0483.

 

Online Payment Form Security Alert

Is your online payment form out of date and a security risk? Securing online payment forms requires an annual review at a minimum. Just because a hosted paypage form still works, doesn’t mean it’s secure or PCI Compliant.

PCI Compliance requirements have steadily tightened since 2014 for pay pages and all ecommerce transactions.

Hosted paypage options:

  1. Merchant hosts the form and collects payment on their web site. Beginning with PCI 3.0, significant additional PCI burden applies. Highest risk.
  2. 3rd party payment gateway hosted pay page; Provide a link directly to customers to pay. The form is served by and submitted by the payment gateway. It significantly reduces the potential for malicious activity that could compromise cardholder data. Lowest risk.
  3. An iframe hosted paypage has the appearance of residing on the merchant web site, but the payment data is captured by the 3rd party directly on their web host. The implementation method using iframes for payments has changed over the years to meet current PCI Compliance requirements, including to combat malicious javascript and Cross-Site Scripting threats.

“If your iframe hosted paypage hasn’t been updated in the last year or so it’s likely not PCI Compliant,” Christine Speedy, Card Not Present Expert.

A payment gateway is a secure transaction engine that facilitates the transfer of sensitive information to the processor, and is required for all online payment forms. Some gateways provide online payment forms at no additional charge. Vendor selection has a significant impact on risk mitigation, payment processing fees, efficiency, and PCI Compliance burden.

A payment gateway can be proprietary to a specific processor, or agnostic and compatible with multiple processors. While one provider for both services may seem to be the best choice, there are significant reasons the opposite may also be true, including risk mitigation. Bots present a significant risk of exploitation of online payment forms and may result in profit loss if additional steps are not implemented to mitigate risk of ‘card testing’, where criminals use online forms to submit fake transactions to determine if cards are good or bad. Every attempted transaction has an associated cost with it, and adding in chargeback fees from resulting  disputes, the result could be tens of thousands in dollars in fees in a matter of hours.

If you don’t want to be the next law firm, CPA firm, hotel or distributor data breach headline, consult with a payments expert that understands the financial and risk ramifications of one payment gateway choice and implementation method over another vs ecommerce consultants or bankers that may have limited in-depth expertise to maximize your profits and mitigate risk exposure.

TIP FOR NON-TECHS: Does your online payment form look good on smart phones and other mobile devices? If not, there’s a pretty good chance your online payment page needs an update and is not PCI Compliant.

RESOURCES:

  • PCI – Payment Card Industry Data Security Standards
  • https://www.us-cert.gov/publications/securing-your-web-browser
  • http://pcisecuritystandards.org

For PCI compliant solutions to collect online payments from your customers, contact Christine Speedy today. Get paid via your preferred methods, including ACH, credit card, wire and Paypal, while increasing security and convenience.

Authorize.net Duplicate Transaction Settlement Error

Authorize.Net experienced an issue during a system update on October 17th that caused a subset of previously settled transactions from September to be sent for settlement again between October 17th and 18th. This issue is no longer occurring.

Authorize.Net is currently working to address any duplicate transactions in order to resolve the duplicate funding to merchants and potential duplicate transactions to their customers. We have already contacted your affected merchants and will continue to do so as we have updates.

If your merchants contact you about this issue, please advise them to NOT take any action on these transactions while we work to address them.

We will follow up with you with any further information, including information on potential reimbursements, as it becomes available.

To locate these transactions, please have your merchants follow these steps:
Log into the Merchant Interface at https://account.authorize.net/.
Click Search from the main toolbar.
Click Search by Batch from the menu on the left.
Select October 18 and October 17 in the From and To drop-down boxes in the Settlement Date section.
Click Search.
Any impacted transactions will have a Submit Date from September 20-25.

We apologize for this error and any inconvenience it may have caused. If you have any questions regarding this email, please contact support.

Sincerely,
Authorize.Net

###

Blogger Note: While uncommon, duplicate transaction and duplicate settlement issues do happen. They can emanate from anywhere in the transaction chain, though the payment gateway, or payment processor are likely more common causes. Because of that, merchants are advised to do nothing and the party that caused the problem usually reverses all the errors on behalf of merchants, typically within a day or two.

Faster Processing and Settlement of ACH Credit Transactions begins Today, Reaching all U.S. Bank Accounts

NACHA Announces Implementation of New Rule for Phase 1 of Same Day ACH

HERNDON, Va.–(BUSINESS WIRE)–Today, NACHA —The Electronic Payments Association®, the trustee and rule maker of the ACH Network, announced the launch of Phase 1 of Same Day ACH. Same Day ACH is a new faster payments option that reaches all bank accounts and will enable businesses and consumers to send and receive payments and payment-related information on the same day through the ACH Network.

The launch of Same Day ACH marks a significant milestone in the journey towards faster payments in the U.S.

Phase 1 of Same Day ACH allows for the sending and receiving of virtually any ACH credit transaction, enabling a variety of transactions such as urgent claim payments from an insurance company to a consumer or same-day payroll payments from an employer to an hourly or contract employee.

“The launch of Same Day ACH marks a significant milestone in the journey towards faster payments in the U.S.,” said Janet O. Estep, president and CEO of NACHA. “While other payments initiatives have been developed to support the demand for faster payments in the U.S., Same Day ACH provides absolute certainty that your payment can get to absolutely anyone else with a bank account on the same day, regardless of which bank or credit union they use, bringing value to all users of the ACH Network.”

Beginning today, all financial institutions will be able to receive same-day transactions. Although sending same-day transactions by financial institutions and their customers is optional, it is expected that many will begin enabling the origination of same-day payments today. According to research conducted by NACHA, 95 percent of the nation’s top financial institutions intend to originate Same Day ACH in 2016. The top reasons cited for how Same Day ACH will be used by financial institutions beginning today include payroll and business-to-business payments.

“Same Day ACH is an innovative and immediate solution to support the demands of those consumers and businesses that want to move their money faster,” said Estep. “Not only does it support the industry’s near-term needs, but it also serves as a building block for the future of faster payments. Upon the Same Day ACH foundation, other products and services can be built to continue to meet the evolving needs of consumers and businesses into the future.”

Phase 2 of Same Day ACH will launch on Sept. 15, 2017. Phase 2 will introduce the faster processing and settlement of debit transactions, in addition to credit transactions. This Phase will support additional use cases such as consumer bill payment for utility, insurance, telecom, mortgage, loan and credit card payments.

For more information about Same Day ACH and how to implement and leverage this opportunity, visit NACHA’s Same Day ACH Resource Center at https://resourcecenter.nacha.org/.

About NACHA—The Electronic Payments Association

Since 1974, NACHA – The Electronic Payments Association has served as trustee of the ACH Network, managing the development, administration and rules for the payment network that universally connects all 12,000 financial institutions in the U.S. by moving money and information directly from one bank account to another. Financial institutions exchange 24 billion ACH payments valued at $41 trillion annually. Through its collaborative, self-governing model, education, and inclusive engagement of ACH Network participants, NACHA facilitates the expansion and diversification of electronic payments, supporting Direct Deposit and Direct Payment via ACH transactions, including ACH credit and debit payments, recurring and one-time payments; government, consumer and business transactions; international payments, and payments plus payment-related information. Through NACHA’s expertise and leadership, the ACH Network is now one of the largest, safest, and most reliable systems in the world, creating value and enabling innovation for all participants. Visit nacha.org for more information.