Credit card surcharge rules and laws 2020

Posted on March 21, 2018 by Christine Speedy

Credit card surcharging is very complex, as the rules cross multiple card brands and terms of acceptance. Here’s an updated review of who can surcharge, what card types, and checklist of how to roll out credit card surcharge at your company. The answers are targeted for business to business merchants, my area of expertise.

What is a credit card surcharge?

Surcharge is any fee charged by a merchant for the use of a card.

Card brands agree on this for surcharging:

Brand level – Surcharge must be the same fixed or variable for all Brands (example, Visa, MasterCard) credit card transactions;
Product level – Surcharge must be the same for all specific Product, for example, signature rewards cards or commercial cards, regardless of issuer or card brand.
Merchant Discount Rate is the fee, expressed as a percentage of the total transaction amount that a Merchant pays to its Acquirer or Service Provider for transacting on a Credit Card brand. In short, it’s typically all the fees on your merchant statement EXCEPT PCI compliance, terminal rental fees or any other special fee that is not paid via the mechanism of the per-transaction merchant
discount fee.
The Surcharge amount must be submitted separately (in the defined surcharge field) from the Transaction amount in the authorization and clearing message.
The receipt must list the surcharge amount separately.
If the original transaction has a partial or full refund, the surcharge amount must all be refunded proportionally.
Surcharge on debit or prepaid cards is prohibited for all merchants.To ensure compliance use a payment gateway that can identify the card brand and type of card to allow surcharges only on eligible cards.
The fee must be relative to their average cost of card acceptance.

How much can a merchant surcharge?

In short, surcharging is allowed to cover costs, not to make a profit. Let’s face it, based on the rules above, to simplify implementation, merchants will surcharge at the brand level because they lack the technology to discern between product types on a per transaction basis. Taking all that into account what can you surcharge?

By rule, must calculate average discount rate for the preceding one month or 12 months. Unless the last month was unusual for your business, you’re better off using the one month method because of rising and or new fees that occur during any rolling 12 month period. Calculate https://3dmerchant.com/blog/credit-card-processing-rates/effective-rate-calculator
Cannot exceed Maximum Surcharge Cap, which is currently 4%. (My B2B readers would unlikely ever be able to charge 4%. If your effective rate is over 3%, pick up the phone and call 954-942-0483 now.)

Just because somebody offers it doesn’t make it right. Some companies are offering “free merchant accounts” by offsetting fees with 3.5% surcharge. The average B2B company has much lower than 3.5% effective rate so that is a violation of card acceptance rules, subject to penalty. See this article with free tool for calculating your average merchant discount or effective rate.

Surcharge checklist:

Notify card brands (Visa etc) in writing at least 30 calendar days before assessing a US Credit Card Surcharge; must state whether will surcharge at the brand level or product level.
1. https://www.visa.com/merchantsurcharging
2. http://www.mastercard.us/merchants/support/surcharge-disclosure.html
3. https://www.discoversurcharge.com
4. Amex- none required
For card not present orders, disclose verbally if telephone; for online orders minimum 10-point Arial font, but in any case no smaller or less prominent than surrounding text.
Receipt must be delivered with the surcharge as a separate line item.

Where are merchants prohibited from surcharging?

Ten states—California, Colorado, Connecticut, Florida, Kansas, Maine, Massachusetts, New York, Oklahoma and Texas—and Puerto Rico have laws on the books that prohibit merchants from charging consumers with surcharges on credit card transactions. However, due to federal and other court rulings, multiple states have backed away from the bans. New York agreed to allow them in January 2019, as long as certain requirements are met, which already exist in the card network rules. Only Kansas, Colorado, Connecticut, and Massachusetts have bans. The legislative intent in many of these states was to protect consumers, and not to restrict B2B surcharging.

In 2015, the 11^th U.S. Circuit Court of Appeals, a federal court, overturned Florida state law as being unconstitutional, allowing surcharges to legally continue in Florida and nine other states that had enacted bans against them. The case was a highly contentious 2-1 decision in which the court’s chief judge said the state surcharge bans (like Florida’s) were “being struck down by a federal court for no good reason.”
In December 2019, Oklahoma attorney general official opinion declaring the state’s no-surcharging law unconstitutionally restricts free speech.

Surcharge Laws Stories:

Texas Updated 2020 – https://faq.sll.texas.gov/questions/9631Senate Bill 560, which went into effect on September 1st, 2017, changed the laws relating to credit card surcharges. Previously, the Office of Consumer Credit Commissioner (OCCC) enforced the law on credit card surcharges, but that is no longer the case.
Florida update https://www.epgdlaw.com/are-credit-card-surcharges-legal-in-florida/
California update
https://oag.ca.gov/consumers/general/credit-card-surcharges
January 10, 2019 NY Update
https://www.natlawreview.com/article/parties-case-challenging-constitutionality-ny-no-credit-card-surcharge-law-jointly
NY Court of Appeals issues interpretation of no surcharge law https://www.consumerfinancemonitor.com/2018/10/26/ny-court-of-appeals-issues-interpretation-of-ny-no-credit-card-surcharge-law/
2018 Florida https://www.nbc-2.com/story/40273084/you-can-legally-be-charged-extra-for-using-a-credit-card
2018 case in California http://delfinomadden.com/credit-card-surcharge-ban/
2017 US Supreme Court & NY https://www.usatoday.com/story/news/politics/2017/01/10/supreme-court-new-york-credit-card-surcharge-price-speech/96391718/
http://fortune.com/2017/03/29/credit-card-charges-supreme-court-freedom-speech/
http://www.orlandosentinel.com/business/consumer/os-nsf-florida-credit-card-surcharges-20160706-story.html
https://www.ncsl.org/research/financial-services-and-commerce/credit-or-debit-card-surcharges-statutes.aspx

State statutes on surcharge laws

https://portal.ct.gov/DCP/Legal/Credit-Card-Surcharge
https://malegislature.gov/Laws/GeneralLaws/PartI/TitleXX/Chapter140d/Section28a

For more information, see Surcharge law resources under Merchant Alerts & Rules Links or contact your acquirer for accurate and current information specific to your situation. Neither Christine Speedy nor this web site provide legal advice. Consult an attorney for all your legal questions.

Does your company want to surcharge? Call Christine Speedy right now at 954-942-0483, 9-5 ET for a compliant solution. Please share your surcharge insights for others and ask any questions below. The information herein is based upon public information available at the time written and may change.

ICverify replacement

Posted on March 19, 2018 by Christine Speedy

The best ICVerify replacement for business to business, including manufacturers and distributors, is CenPOS. If yours just stopped working, you need to replace it now to comply with mandatory Payment Card Industry Data Security Standards (PCI compliance). This article outlines the steps to get started with a new web-based solution.

Don’t be afraid of changing credit card technology. It’s going to be easy. Both you and your customers will benefit.

Merchant fees will be lower. ICVerify is incapable of sending the data needed to qualify for the best rates.
If fraud is a concern, you’ll have greater protection with newer cardholder authentication tools.
Process transactions from all platforms, including laptops, PCs, smartphones and tablets with an internet connection.
Communicate the way your customers want – text or email. Text messages are sent from a regular landline, never individual mobile devices.

To get started:

Contact for consultation on the best way capture the cardholder data from your customers. Because we deal with this over and over again, in less than 5 minutes we can assess the situation and make the best recommendation.
Keep your merchant account or change? If you’re using ICVerify, you’ve probably had your merchant account for a long time. The credit card processing world has gotten more competitive over the years so expect lower merchant discount rates. If you’d like a review to see if alternative might be better and or cheaper, provide three consecutive merchant statements. Three are needed for underwriting, so it saves time later if you decide to change.

Once the initial decision above has been made, you’ll be provided the appropriate month to month payment gateway agreement. Depending on the recommended solution, you’ll be ready to go within 1 to 5 business days. Whatever you need, we can probably do it in the time required.

Do not wait. Acquirers are actively identifying the systems merchants are using to submit transactions, and when they find out you’re still using ICVerify, it will be shut down immediately and you will not be able to process transactions. It’s not PCI Compliant and they will not risk their compliance for you.

Ready to get started with CenPOS? Call Christine Speedy right now at 954-942-0483, 9-5 ET for a consultation. Sometimes available other hours and Saturdays so if you’re west coast, no worries, call any time!

CenPOS is a merchant-centric, end-to-end payments engine that drives enterprise-class solutions for businesses, saving them time and money, while improving their customer engagement. CenPOS secure, cloud-based solution optimizes acceptance for all payment types across multiple channels without disrupting the merchant’s banking relationships.

Which states ban credit card surcharging?

Posted on March 5, 2018 by Christine Speedy

Ten states, including California, Colorado, Connecticut, Florida, Kansas, Maine, Massachusetts, New York, Oklahoma, and Texas, plus Puerto Rico have laws that prohibit merchants from charging consumers with surcharges on credit card transactions. Minnesota prohibits a seller of goods or services that establishes and is responsible for its own customer credit card from imposing a surcharge on a purchaser who elects to use that credit card in lieu of payment by cash, check, or similar means. The language varies by state- B2B transactions may be excluded. Tread carefully, you may want to consult an attorney. Merchants are not allowed to surcharge debit cards in any state.

The EU banned consumer surcharging effective January 2018.

NOTE: Always check the latest post about surcharging for the most accurate information.

Surcharge rules are complex and require special technology to automate compliance management. Contact Christine Speedy, CenPOS authorized reseller, 954-942-0483 for assistance. CenPOS is a merchant-centric, end-to-end payments engine that drives enterprise-class solutions for businesses, saving them time and money, while improving their customer engagement. CenPOS secure, cloud-based solution optimizes acceptance for all payment types across multiple channels without disrupting the merchant’s banking relationships.

3 Things CPA’s Must Advise B2B Clients in 2018

Posted on February 21, 2018 by Christine Speedy

Accountants offer professional advice regarding cash flow, accounts receivable, tax preparation and all sorts of other consulting. Credit card processing and all the compliance it encompasses introduced immense new compliance challenges in 2017, and it’s fair to say, most businesses have no idea what they are, or what the repercussions are. A big problem is people think it’s someone else’s responsibility to keep their business compliant. Every single merchant must make internal changes to comply.

Three things every B2B company needs to know about credit card processing right now:

If you store credit cards, you must be compliant with Visa Stored Credential Framework. This is arguably as huge as the retail shift to EMV chip card acceptance. There are significant financial and risk consequences for non-compliance. Some solutions companies reduce the compliance burden more than others, while maximizing profits and cash flow.
PCI Compliance mandate for TLS disablement will disrupt business, mostly starting right now, February 2018. Businesses need to ensure they’re servers, software (if applicable) and browsers are compliant, and also have an plan to help internal and external customers overcome issues trying to login to portals, make online payments etc.
It’s a Visa rules violation to request the card security code on a paper credit card authorization form, or any digital form where the business can decrypt and view it. It can’t be stored, period. Not by the merchant nor service provider, including payment gateway.

Why these 3 things? Because 100% of B2B companies I talk to will fail on at least one, and usually two or three. That includes CPA firms also. 86% of all data breaches in 2016 were from level 4 merchants, defined as “Any merchant processing fewer than 20,000 Visa e-commerce transactions per year, and all other merchants — regardless of acceptance channel — processing up to 1M Visa transactions per year.” By complying with the three items on my list, B2B companies will harden their systems and increase profits. The latter occurs because compliance with rules reduces fees.

Example of solutions to solve these problems:

An intelligent payment gateway can automate compliance with many elements of the Visa Stored Credential Framework. Simply passing data as most payment gateways do is not enough.
Engage internal or external IT team to test all systems for TLS compliance, and verify at SSLlabs.com.
Empower customers to self pay via push (text or email), or pull (online hosted pay page) technology so that employees never have access to cardholder data again. Whatever the old justification for using paper forms with full card data, there is a technology solution that has negated the need.

Christine Speedy, CenPOS authorized reseller, 954-942-0483. CenPOS is a merchant-centric, end-to-end payments engine that drives enterprise-class solutions for businesses, saving them time and money, while improving their customer engagement. CenPOS secure, cloud-based solution optimizes acceptance for all payment types across multiple channels without disrupting the merchant’s banking relationships.

Validated P2PE Solution

Posted on February 12, 2018 by Christine Speedy

Looking for a Validated P2PE Solution? CenPOS launched their PCI-Validated P2P Encryption 3.2 solution in 2017.

Florida-Based Payment Solutions Company, CenPOS, Strives to Make Customer Experience More Secure with Launch of PCI-Validated P2P Encryption.

Data breaches are on the rise and they are costing both consumers and merchants money.

Miami, Florida (PRWEB) July 29, 2017

The 2017 Identity Fraud Study, released by Javelin Strategy & Research, found that $16 billion was stolen from 15.4 million U.S. consumers in 2016.

When the consumer data that makes such fraudulent activity possible comes from the merchant’s database, then the merchant can also incur some major damages. In fact, the 2017 Cost of Data Breach Study: United States, found that the total average organizational cost of a data breach has reached a new high at $7.35 million.

CenPOS aims to reduce the vulnerability of sensitive consumer data — that could be used to drain debit card-linked bank accounts, make “clone” credit cards, or buy items on certain less-secure online sites — to hackers with the release of its Validated P2PE solution.

Officially released on July 7th of this year, CenPOS Validated P2PE encrypts cardholder data so businesses can simplify compliance with Payment Card Industry Data Security Standards (PCI DSS) and consumers can stop worrying about data being stolen between “the store” and the bank.

Surprisingly, Validated P2PE is not new technology. It’s the strongest level of data encryption in the market right now and is offered by other merchant payment services companies. However, CenPOS is the first and only company with the Qualified Integrator & Reseller (QIR) designation to offer a Validated P2PE solution.

The QIR designation is awarded by the Payment Card Industry Security Standards Council, a global open body formed to develop, enhance, disseminate and assist with the understanding of security standards for payment account security.

According to their standards, “the quality, reliability, and consistency of a QIR Company’s work” should provide confidence that the merchant’s payment application has been implemented in a manner that supports PCI DSS compliance.

Chris Justice, CEO of CenPOS, is quoted saying: “We believe that loyalty is built on trust and that trust is built by delivering great customer experience over and over again. So, when consumers can have greater peace of mind because they know that the merchant has the proper data security in place to reduce exposure to painful events, like data breaches, we believe customer experience is enhanced and that consumer will choose that merchant over others who are less diligent.”

About CenPOS
CenPOS is a merchant-centric, end-to-end payments engine that drives enterprise-class solutions for businesses, saving them time and money, while improving their customer engagement. CenPOS’ secure, cloud-based solution optimizes acceptance for all payment types across multiple channels without disrupting the merchant’s banking relationships. | CenPOS | @CenPOS

Christine Speedy, CenPOS Sales 954-942-0483, 9-5 ET is based out of South Florida and NY, selling globally. When you call Christine, there is no middle man; all agreements are direct with CenPOS. As one of the very first to sell for CenPOS, I have deep experience to help merchants understand benefits and get live fast.

See also this article for important certifications.

VP2PE and Payment Card Industry Acronyms Revealed

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Card Not Present, CenPOS, credit card processing

B2B Cloud payment processing technology blog about increasing profits, efficiency and security.