Subscribe to our mailing list

Credit Today Q&A: Visa Stored Credential Framework & Mandate Webinar Wrap

There is no payment gateway that will automatically get you 100% compliant today. CenPOS is compliant with nearly all elements today and is working towards launching the remainder by October 14.


  • See Advance
    Copy of Rules for Stored Credential Transaction Framework REGIONS: US, AP, Canada, CEMEA, LAC,
    Europe 15 JUN 2017
  • Per Visa Core rule, a US merchant or its agent must not Request the Card
    Verification Value 2 data on any paper Order Form.
    (use small image of credit card form here)
  • Per mandatory PCI DSS 3.2.2 Do not store the card verification code or value (three-digit or four-digit number printed on the front or back of a payment card used to verify card-not-present transactions) after authorization

Compliance Matters

Most Credit Today members will instantly be more profitable if you adopt my recommendation to use CenPOS, a merchant-centric, end-to-end payments engine that drives enterprise-class solutions for businesses, saving them time and money, while improving their customer engagement. CenPOS secure, cloud-based solution optimizes acceptance for all payment types across multiple channels without disrupting the merchant’s banking relationships. CenPOS supports multiple payment types, including check/ACH, credit card, wire, Paypal and more

  • Increase transaction approvals with cardholder authentication
  • Improve interchange rate qualification, the bulk of credit card processing fees- 10-30% savings on existing merchant common
  • Avoid penalty fees for non-compliance
  • Increase efficiency by eliminating manual processes associated with credit card authorization forms
  • Mitigate risk of fraud chargebacks and issuer generated chargebacks (reason code 72, invalid authorization
  • Reduce PCI Compliance scope and burden by reducing systems and devices in scope
  • Reduce IT burden to comply with this and future rules changes

Who’s responsible for what?

The mandate does not require payment gateways to provide all the solutions for compliance. It specifically references “The merchant or it’s agent” (including payment gateway must meet the standards.

  • Stored credential disclosure opt-in and record keeping is a key element most Authorization validity (including not expired, preauthorization and settlement must match) is critical. Again, most payment gateways, including, do not have an automated solution for this. CenPOS will automatically manage this for you.
  • payment gateways have never done before. Some will leave it up to merchants and their developers. CenPOS has led the industry with a PCI compliant credit card authorization form for years and will manage all the new requirements for you.

Condensed and incomplete information! Review official Visa documents for more information.

Copyright 2017.