Recurring Billing Rules Update

Posted on March 7, 2019 by Christine Speedy

Do you hate it when you want to cancel a recurring billing service, but the business doesn’t let you cancel online and instead provided a phone number? Merchants offering SaaS or any recurring billing sign-up online, must allow customers to cancel online to comply with the Visa Stored Credential mandate.

Visa Product and Service Rules Table 5-20: Requirements for Prepayments and Transactions Using Stored Credentials, October 2018, pg 444.

What if a business does not allow you to cancel online? Report Visa violations here https://usa.visa.com/Forms/visa-rules.html. It says for in store only, but there is a check box for recurring transactions. The web site also says to contact your financial institution via the phone number on the back of the card.

The basis for the change is to enable customers more control over their purchasing, and stored card management. It makes sense if you can buy online 24/7, then you should be able to cancel online 24/7.

Rules for merchants to store cards and use stored cards changed dramatically in 2017, with enforcement beginning last year. Compliance is not automatic. Payment gateways manage most of the technical details, however, not all payment gateways are capable yet. Compliance is not optional and merchants are getting notices of violations subject to assessments and fines if not resolved. If your payment gateway or integrated solution does not support the needs to comply with the stored credential mandate, contact your acquirer, or credit card processor, to request a temporary waiver.

Call Christine Speedy, CenPOS Global Sales. 954-942-0483, 9-5 ET for all your recurring billing and stored credential payment gateway and virtual terminal needs. CenPOS is an integrated commerce technology platform driving innovative, omnichannel solutions tailored to meet a merchant’s market needs. Providing a single point of integration, the CenPOS platform combines payment, commerce and value-added functionality enabling merchants to transform their commerce experience, eliminate the need to manage complex integrations, reduce the burden of accepting payments and create deeper customer relationships.

What is MasterCard Data Integrity reporting?

Posted on February 28, 2019 by Christine Speedy

MasterCard monitors the transaction data detail submitted by the acquirers, or merchant processors, to ensure the accuracy and integrity of the data. Data integrity reporting is accessible by acquirers and when problems are found, merchants are notified, typically with a short timeframe to correct the problem before non-compliance assessments and fines will be allocated.

Merchants often experience an increase in Data Integrity failures when not compliant with changing rules. For example, a MasterCard Data Integrity reporting as failing Edit 21, Recurring CoF Monitoring, refers to using a stored Credential On File for recurring billing. These are merchant initiated transactions on a fixed schedule for a fixed amount. Per MasterCard, all recurring payments are considered credential-on-file transactions.

“MasterCard requires POS entry mode= 10 (credential-on-file) to be sent for transactions identified as recurring. Please work with the POS vendor and these locations to correct the POS entry mode. If corrections are not completed, merchants are subject to non-compliance assessments and fines will be allocated.”

POS is an abbreviation for Point of Sale, even though recurring billing is not run via a traditional point of sale device. The payment gateway is critical to compliance and most likely is not sending the correct data, though it’s possible problems exist in other areas of the payment ecosystem, for example, with the acquirer. All US merchants are required to be compliant with stored credential rules that rolled out over 2017 to 2018. Some gateways now support the correct data set for recurring billing, but still lack support for Installment and Unscheduled. Payment gateways and solutions providers rarely advise merchants when they don’t have a solution, just when they have something new. Thus businesses may be in for a surprise with an urgent notice to correct a compliance violation.

U.S. District Court approves multi-billion settlement between merchants and credit card companies

Posted on February 28, 2019 by Christine Speedy

The U.S. District Court for the Eastern District of New York has given preliminary approval to a settlement reached in a lawsuit between merchants and credit card companies. Merchants alleged Visa and Mastercard, separately, and together with certain banks, violated antitrust laws and caused merchants to pay excessive fees for accepting Visa and Mastercard credit and debit cards. Both groups agreed to the settlement.

The original settlement, worth up to $7.25 billion for merchants who accepted payments from 2004 to 2012, was vacated by the Second Circuit. The new settlement includes all merchants who accepted Visa or MasterCard branded debit or credit cards from January 2004 to January 25, 2019, the date the agreement was reached.

Unless merchants want to opt-out by the July 25, 2019 deadline, there’s nothing to do right now. It’s too early to file a claim and merchants will automatically be notified later.

visa mastercard settlement — Paymentcardsettlement.com is the official site for merchant information and future claim registration.

What is Recurring CoF Monitoring?

Posted on February 27, 2019 by Christine Speedy

Recurring CoF monitoring is related to merchants using stored cards on file for recurring billing. Merchants are getting notices from acquirers about failing MasterCard Data Integrity reporting and, from what I’ve seen, only have two weeks to correct the issues.

The below merchant has been identified by the latest MasterCard Data Integrity reporting as failing Edit 21 – Recurring CoF Monitoring. Per MasterCard, all recurring payments are considered credential-on-file transactions. MasterCard requires POS entry mode= 10 (credential-on-file) to be sent for transactions identified as recurring. Please work with the POS vendor and these locations to correct the POS entry mode. If corrections are not completed, merchants are subject to non-compliance assessments and fines will be allocated.

Basically, a merchant must comply with rules about how a transaction is presented to the acquirer and the issuer for authorization. The payment gateway is largely in control of sending the correct data with each transaction. In the example violation notice, the merchant is not compliant with recurring payment rules which requires specific steps when storing a card for the first time and then for ongoing payments.

The 3Dmerchant.com blog has many articles about the Visa Stored Credential Mandate. Visa’s are the most stringent and by following them, merchants will also be compliant with MasterCard’s. The rules went into effect in October 2017, with enforcement delayed to May 2018. Despite some claims to the contrary on payment gateway web sites, the mere fact that a payment gateway can support the correct data set does not make a merchant compliant automatically. Merchants should read the rules on this web site, which includes links to the card brand rules.

Card brand rules (Visa, MasterCard etc) are constantly changing and many payment gateways have not kept pace with been given a notice, then don’t call your existing provider. The rules were announced in 2016 and went into effect for most businesses (some were earlier) in October 2017. If your vendor let this happen to you, it’s time to get advice from another source. Here’s a list of payment gateways compatibility status.

Call Christine Speedy, CenPOS Global Sales. 954-942-0483, 9-5 ET for all your stored credential payment gateway and virtual terminal needs. CenPOS is an integrated commerce technology platform driving innovative, omnichannel solutions tailored to meet a merchant’s market needs. Providing a single point of integration, the CenPOS platform combines payment, commerce and value-added functionality enabling merchants to transform their commerce experience, eliminate the need to manage complex integrations, reduce the burden of accepting payments and create deeper customer relationships.

Event sales credit card authorization form template 2019

Posted on February 15, 2019 by Christine Speedy

Accepting credit card deposits for events requires compliance with both card not present and stored card rules. Not PCI Compliance rules for data security, but rather authorization rules set by Visa, MasterCard etc. Comply with the rules and get rewarded with more authorization approvals, qualify for lower rates and mitigate risk of chargebacks.

Professionalism starts on the phone and continues throughout the buying experience. By replacing traditional credit card authorization forms with technology that puts buyers in control of their cardholder data, merchants create a better buying experience. Traditional credit card authorization forms were created to establish a record to use in the event of a future dispute. They’re useless today.

Merchants must replace credit card authorization forms with technology compliant with new rules for storing and using stored cards.

The initial authorization authenticates the cardholder.
The initial authorization informs that the cardholder has agreed to merchant storing card.
The transaction type will indicate it’s an estimate.
Future authorizations will reference any required above items and be submitted as Incremental or Final.

Compliance with the above is not possible with desktop terminals and even most virtual terminals and payment gateways. Merchants need a virtual terminal and or payment gateway that supports Unscheduled Credential On File, Incremental and Final Authorization rules. This is new terminology and new fields in the transaction process.

“Don’t be surprised if vendors don’t know about or support these rules. Just like EMV chip rollout, it’s a huge change and few providers are keeping up. We’re an exception. I had solutions for my clients prior to the EMV shift in October 2015 and again for the 2017 stored card mandate.”
Christine Speedy

Our solutions reduce buyer friction to pay and enables event sales and back office staff to collect deposits and capture cardholder data via text or email. These include push out payment requests via text or email, capture cardholder data for later use, and upload an invoice to collect payment.

text payment — Click here to see one of multiple options available.

Benefits of compliant solution:

Reduced merchant fees even with the same merchant account.
Increased approvals with cardholder authentication.
Mitigate chargeback risk including fraud liability shifting to issuer.
More convenient for buyers- 24/7 payments on their schedule, not yours.
Buyers are in control of choosing to store payment methods

Call Christine Speedy, PCI Council QIR certified, for simple solutions to card not present payment transaction problems, 954-942-0483, 9-5 ET. The cloud technology you need today to accept all payment types, with optional merchant, check processing and other services.

#hotel #creditcardauthorization

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Card Not Present, CenPOS, credit card processing

B2B Cloud payment processing technology blog about increasing profits, efficiency and security.

Recurring Billing Rules Update

What is MasterCard Data Integrity reporting?

U.S. District Court approves multi-billion settlement between merchants and credit card companies

What is Recurring CoF Monitoring?

Event sales credit card authorization form template 2019