B2B Steps to Visa Stored Credential Mandate Compliance

How can merchants get compliant with the Visa Stored Credential Transaction framework and mandates effective October 14, 2017?

Step by step getting started guide for B2B merchants:

Plan how you’ll comply with consent record requirements. See Improving Authorization Management for Transactions with Stored Credentials https://usa.visa.com/dam/VCOM/global/support-legal/documents/stored-credential-transaction-framework-vbs-10-may-17.pdf . Are you going to manage documenting everything or are you going to use technology to help you manage it? Ask your gateway if they’re going to provide a checkbox for consent and if you’ll be able to pull the opt-in records on demand. CenPOS, a merchant-centric, end-to-end payments engine that drives enterprise-class solutions for businesses, saving them time and money, while improving their customer engagement will automates multiple elements for clients.

PCI Compliant credit card authorization form

Partial CenPOS PCI Compliant stored credential authorization form.

Update workflow and documents. Ensure your sales order or associated credit documents include sale, refund and cancellation policies. Add a checkbox for customer opt-in to terms, including online payments. CenPOS has an opt-in box and you can customize the text.hosted online pay pageVerify if you have a system to manage authorization validity. What the heck does that mean? Many B2B companies have complex needs including pre-authorizations, incremental authorizations, delayed shipping etc. While you may get issuer approvals, that doesn’t mean the authorization is valid. The two most common rules B2B businesses struggle with are Settlement within timeframe for card not present sales, and Authorization amount and settlement amount must be equal. Per Visa Core Rules October 2017, for typical distributor and manufacturer card not present transactions, the authorization must settle no later than 7 calendar days from the date of the initial Approval Response. CenPOS automates compliance. Other payment gateways are incapable or may leave it up to developers to create a solution. Are you compliant now? Look at your merchant statement ‘pending interchange fees. If you see  EIRF or STD, that’s a red flag there’s a problem.

Replace paper credit card authorization forms, and any digital form that you can decrypt and view sensitive card data. Offer your customers a way to self-manage their own wallet with either a hosted online pay page or Electronic Bill Presentment & Payment. CenPOS offers both options, including a lite ‘request a payment’ option, and lets your customers choose both text and email. For those not ready to give up paper, CenPOS creates a printable PCI Compliant credit card authorization form for every stored card.

New to online payments? See Visa best practices to prevent brute force attacks. https://usa.visa.com/support/merchant/library/visa-merchant-business-news-digest.html. CenPOS includes recaptcha and client managed velocity and other rules as part of a layered security approach.

Verify your gateway is ready or will be ready to send correct transaction data for the initial transaction and subsequent transactions for both customer initiated and merchant initiated use of the stored credential.  You’ll want the payment gateway to perform a zero dollar authorization and authenticate the cardholder with 3-D Secure. Ask your gateway if it will automatically flag a transaction as customer initiated stored credential or merchant initiated stored credential, or if they’ll require you to have multiple gateway accounts, one for each type. CenPOS does all this for you now in a single account.

Get an ecommerce merchant account. This is needed for online payments. Don’t run mail order telephone order (MOTO) transactions on the ecommerce account unless you know your payment gateway can alter the flag sent with transaction to change the transaction type. Many cannot. CenPOS manages all compliance seamlessly in the background; whether you need multiple merchant accounts varies by acquirer/processor.

Register for 3-D Secure, including Verified by Visa, with your acquirer. Don’t do this until you know which payment gateway will be used and get their instructions if applicable.

Communicate with customers. Advise any upcoming changes will increase efficiency and security for everyone.

Why comply? With full compliance, merchants can expect better qualified interchange rates, increased approvals (avoid declines based on issuer risk averse algorithms), reduced PCI Compliance burden, and increased efficiency for both buyer and seller. The cost of non-compliance is hefty, including higher interchange rates, penalty fees, and risk of both issuer and cardholder chargebacks.  

interchange rate qualification

The same transaction can process at different rates as shown above, depending on which rules you follow. CenPOS Smart Rate Selector automates compliance to qualify transactions at the lowest rate possible. Which rates are on your merchant statement now?

Why should developers choose CenPOS for their integrated payment gateway? CenPOS has native modules for ERP, shopping cart, accounting and other software.

  • Increase profits faster
  • More efficient, quicker reconciliation
  • More secure- from Encrypted Virtual Keypad to elimination of credit card auth forms
  • More robust- Wire, ACH, check, Paypal, credit card and more; text and email payments supported. No 3rd party Electronic Invoice solution needed such as BillTrust; CenPOS invoice portal and automated collections included.

Where can I buy CenPOS or learn more? You’ve already found one of the top salespeople, Christine Speedy. All agreements are direct with CenPOS, no middle man.

Resources and documentation https://3dmerchant.com/blog/merchant-bulletins-downloads – bookmark it!.  Join Christine Speedy’s email list.

DISCLAIMER: condensed and incomplete information! Information may be quickly outdated.

With the fast pace of changing rules, companies need a technology partner to automate compliance. Did you know?

  • CenPOS has a suite of solutions for companies just like yours, solving common problems and increasing profits virtually overnight.
  • For those not ready to give up paper, CenPOS creates a printable PCI Compliant credit card authorization form for every stored card.
  • CenPOS has ERP, ecommerce shopping cart, accounting and other plug-in modules available for quick and easy implementation.
  • I’ve been selling for CenPOS since day 1. Though I have other payment gateways available in my arsenal, nothing else compares for meeting business to business needs.

Christine Speedy, CenPOS authorized reseller, 954-942-0483 is based out of South Florida and NY. CenPOS is a merchant-centric, end-to-end payments engine that drives enterprise-class solutions for businesses, saving them time and money, while improving their customer engagement. CenPOS secure, cloud-based solution optimizes acceptance for all payment types across multiple channels without disrupting the merchant’s banking relationships.

Leave a Reply