Credit Card Processing from AX to D365 F&O

Upgrading from Dynamics AX to D365 Finance & Operations?

Consultants help with planning and migration, however, when it comes to choosing a payment connector to capture revenues, engaging a payment processing professional can save boatloads of time and money. Why?

  1. The payment connector, including payment gateway, influences credit card processing fees. Compliance with authorization and settlement rules is complicated and connectors manage processes differently because of where they are in technology development. It’s the single largest influencer of fees and penalties you’ll pay. Look at this MasterCard Integrity Fee on a Chase Paymentech merchant statement:
mastercard PROCESSING INTEGRITY FINAL ATH

$536,042.54 multiplied by a .25% penalty fee for a total of $1,340.10 in avoidable costs. This is due to not properly authorizing and settling transactions, including reversals for unused authorizations. There are many ways to get authorization penalty fees and I’ve written multiple articles about them, including this on the Visa Stored Credential Mandate.

2. The payment connector makes a huge difference in internal automation for related processes, such as updating journals, as well as external customer automation including self-service access to invoices, payment history, managing payment methods and more.

3. The ISV payment connector package may include other items in your development road map. An independent payment processing professional will assess needs and provide insights on multiple connectors to help guide your business to the best choice. Which support the stored credential mandate for unscheduled credential on file? How will it help meet current and future Covid-19 side effect needs? How will it protect the business from a data breach as a result of workers at home?

In my experience, consultants don’t consider the payment connector until the project is defined and well under way, a contributing factor why more than 50% of ERP implementations fail to meet time, budget, or benefit objectives. Specification decisions are based on ‘securing payments’, without knowing how the connector might already have built-in solutions for other areas including customer service, sales, accounting, call center and more. If brought in sooner, the payments professional can eliminate some customization, reduce implementation time and costs, while improving immediate benefits.

To summarize, a flip phone and a smart phone are both capable of making phone calls, but the experience is completely different. Which would you prefer?

Christine Speedy, 3D Merchant blogger and CenPOS Global Sales, 954-942-0483 is an Independent Payments Professional and is independently Qualified Integrator Reseller (QIR) certified by the PCI Council.

D365 Finance & Operations Questions To Ask Before Choosing Credit Card Processing Solution

Upgrading to D365 from Microsoft AX? Engaging a payment processing professional can save boatloads of development time while opening up new ways to engage with customers. Additionally, payment gateway selection directly impacts EBITDA project objectives. What three key questions must be asked when choosing a credit card processing solution for your business to business operation?

I’ll save merchants and consultants reading this a lot of time. Ask the 3 questions and then pretty much disregard the answers. You’re unlikely to find anyone who will be able to answer all three questions adequately so on that basis alone, it’s best to contact a subject matter expert like Christine Speedy, here at 3Dmerchant.com.

  1. Does the payment gateway support Unschedule Credential On File? Virtually every business to business operation stores at least a few credit cards for the occasional customer on file need, which is a good thing because if you’re one of those that require customers to call in each time, that’s negative friction impacting cash flow, profits, and satisfaction. What most businesses don’t know is that the rules and technical specifications for storing cards and processing transactions with stored cards changed tremendously in October 2017. Virtually no payment gateway has upgraded to get compliant, leaving businesses exposed to multiple financial penalty risks. Note, this is not just ‘tokenization’, which most gateways support, but rather a specific set of new card acceptance rules. Everyone in the payment ecosystem has some responsibility to make changes for compliance- issuer, acquirer, merchant and payment gateway. No one can ‘automatically’ get merchants compliant with new UCOF rules; if any vendor says they have, call 3Dmerchant to review why it’s not.
  2. If the initial authorization and final settlement amount are not the same, what happens? This is a common scenario for distributors, manufacturing and ecommerce, but if there’s a mismatch, an or an open authorization is not reversed, merchants pay an expensive processing penalty fees. For example, MasterCard Data Rate 1 might appear on merchant statements for interchange rate qualification, which is nearly 100 basis points higher than if settled optimally.
  3. Is there any difference between the type transaction transmitted to the acquirer when a customer self-pays an invoice such as through a payment portal vs when an employee key enters the cardholder data? The answer must be yes. One is submitted as a phone order (MOTO) and one is submitted as an ecommerce order.
  4. BONUS: What’s the process for renewing an expired authorization? Preauthorizations are common in manufacturing and ecommerce. While an expired authorization is usually approved for final settlement within 30 days, there are financial penalties and risk associated with using expired authorizations. Merchants should automate this process as much as possible, removing decisions from employees, which is always fraught with risk.
  5. BONUS 2: Can I process EMV chip transactions with level 3 processing in F&O? Due to October 2019 licensing changes, some merchants may find it more profitable to skip the retail license add-on.

Call Christine Speedy, PCI Council QIR certified, for all your Microsoft Dynamics AX and D365 payment processing needs from ACH to credit cards and more. Get a new or keep existing merchant account at 954-942-0483, 9-5 ET.

Event sales credit card authorization form template 2019

Accepting credit card deposits for events requires compliance with both card not present and stored card rules. Not PCI Compliance rules for data security, but rather authorization rules set by Visa, MasterCard etc. Comply with the rules and get rewarded with more authorization approvals, qualify for lower rates and mitigate risk of chargebacks.

Professionalism starts on the phone and continues throughout the buying experience. By replacing traditional credit card authorization forms with technology that puts buyers in control of their cardholder data, merchants create a better buying experience. Traditional credit card authorization forms were created to establish a record to use in the event of a future dispute. They’re useless today.

Merchants must replace credit card authorization forms with technology compliant with new rules for storing and using stored cards.

  • The initial authorization authenticates the cardholder.
  • The initial authorization informs that the cardholder has agreed to merchant storing card.
  • The transaction type will indicate it’s an estimate.
  • Future authorizations will reference any required above items and be submitted as Incremental or Final.

Compliance with the above is not possible with desktop terminals and even most virtual terminals and payment gateways. Merchants need a virtual terminal and or payment gateway that supports Unscheduled Credential On File, Incremental and Final Authorization rules. This is new terminology and new fields in the transaction process.

“Don’t be surprised if vendors don’t know about or support these rules. Just like EMV chip rollout, it’s a huge change and few providers are keeping up. We’re an exception. I had solutions for my clients prior to the EMV shift in October 2015 and again for the 2017 stored card mandate.”

Christine Speedy

Our solutions reduce buyer friction to pay and enables event sales and back office staff to collect deposits and capture cardholder data via text or email. These include push out payment requests via text or email, capture cardholder data for later use, and upload an invoice to collect payment.

text payment
Click here to see one of multiple options available.

Benefits of compliant solution:

  • Reduced merchant fees even with the same merchant account.
  • Increased approvals with cardholder authentication.
  • Mitigate chargeback risk including fraud liability shifting to issuer.
  • More convenient for buyers- 24/7 payments on their schedule, not yours.
  • Buyers are in control of choosing to store payment methods

Call Christine Speedy, PCI Council QIR certified, for simple solutions to card not present payment transaction problems, 954-942-0483, 9-5 ET. The cloud technology you need today to accept all payment types, with optional merchant, check processing and other services. 

#hotel #creditcardauthorization

3 Ecommerce Checkout Payment Problems

Use of a PCI compliant payment gateway does not make a company PCI compliant, compliant with card network acceptance rules, or compliant with best practices to maximize profits. In other words, if you follow best practices and comply with all the rules, you’ll have a more secure and profitable company. A key ingredient to compliance is the payment gateway, however, the payment gateway has no specific requirement to ensure your compliance with all the card network rules and best practices, just those that pertain to Payment Card Industry Data Security Standards.Here’s a few costly merchant problems:

  1. Lack of brute force attack tools. These help prevent bots from testing thousands or millions of cards on your checkout form. The merchant is liable for all of the attempted transaction fees on the payment gateway and on the acquiring. A simple first line of defense is adding recaptcha. See Visa best practices to prevent brute force attacks. https://usa.visa.com/support/merchant/library/visa-merchant-business-news-digest.html.
  2. Non-compliance with Visa Stored Credential Mandate, effective October 14, 2017? I’ve written extensively on this, for example here’s a B2B steps to compliance article. There are multiple elements, and many payment gateways do not yet have solutions, especially for ‘Unscheduled credential on file’. Do you have a checkbox in the sequence of checkout opting in to terms? https://usa.visa.com/dam/VCOM/global/support-legal/documents/stored-credential-transaction-framework-vbs-10-may-17.pdf.
  3. Invalid authorizations. This is the most costly as it can lead to consumer generated chargeback, issuer chargeback, non-qualified interchange rates and penalty fees. Here’s a story about the new .25% MasterCard integrity fee. Do you have Standard/STD, EIRF, or Data Rate I on your merchant statement under interchange fees? Then you have an authorization problem.
  4. Cardholder authentication limitations. The security code has historically not been enough evidence to win customer disputes about unauthorized charges. With 3-D secure, fraud liability shifts to the issuer. Effective April 2019 based on region and industry, Visa mandates many merchants use Visa 3D Secure 2.0. Reference Table 5-18: Acquirer Support of Verified by Visa, Visa Public Rules.

The solution to all of the above is replacing outdated payment gateway technology with new technology that will help automate compliance with card network rules, while reducing PCI Compliance burden.

Why comply? Here’s an example of the cost difference between valid and invalid authorization.

interchange rate qualification

Resources and documentation /blog/merchant-bulletins-downloads – bookmark it!.  Join Christine Speedy’s email list.

DISCLAIMER: condensed and incomplete information! Information may be quickly outdated.

Need a solution? Call Christine Speedy, 954-942-0483, 9-5 ET, CenPOS authorized global reseller based out of South Florida and New York. CenPOS is an integrated commerce technology platform driving innovative, omnichannel solutions tailored to meet a merchant’s market needs. Providing a single point of integration, the CenPOS platform combines payment, commerce and value-added functionality enabling merchants to transform their commerce experience, eliminate the need to manage complex integrations, reduce the burden of accepting payments and create deeper customer relationships.

Are You Compliant? B2B Credit Card Processing Fact Check

Merchant compliance with various credit card processing rules maximizes profits while mitigating risk. This is especially true for business to business companies. But that task is getting harder and harder with the onslaught of new rules, and virtually impossible if not using a sophisticated cloud solution to help manage compliance.

b2b visa stored credentialIf your B2B company stores credit cards, there’s a pretty good chance you’re not compliant. For example, Visa’s 2017 Stored Credential Transaction framework (PDF download from Visa) outlines merchant responsibilities to obtain customer consent as well as storing credit cards, using stored credentials (token), and managing stored tokens. Failure to comply with Authorization rules, for example preauthorization and final settlement do not match, has far-reaching consequences including higher interchange rates (the bulk of credit card processing fees), penalty fees and new chargeback risks. With so many new rules across multiple card brands that vary based on business and transaction type how can a business quickly ascertain if they’re compliant?

Quick tips to validate compliance:

  1. Is cardholder authentication performed when a new card is stored? When the cardholder data is entered and submitted, the issuer responds with an approval or declined message. A small charge is not an acceptable practice to submit transaction for approval; instead a zero dollar authorization request for authentication is submitted. If authentication is via 3-D Secure -Verified by Visa, MasterCard Secure Code, whereby the customer self-authenticates vs merchant initiating, reduced rates may apply. Under the new rules, two transactions occur at the time a card is stored. Compliant answer is yes.
  2. Is a transaction receipt delivered to customer when you store a credit card? This will be either for an amount or a zero dollar authorization. When stored credit card credential (token) is created, a transaction receipt is generated with the approval or decline and other mandatory fields. Compliant answer is yes.
  3. Does the receipt include “RECURRING” or “REPEAT SALE” for token transactions? Compliant answer is yes.
  4. Review merchant statements, usually the last 1-2 pages with the heading “pending interchange” or “fees” section. Do you see EIRF, STANDARD (STD), or DATA RATE I? Compliant answer is no.
  5. Can you produce documentation of customer consent to store their card (including with 3rd party service) and how it will be used?

If you’re not in compliance, your payment gateway is the most likely culprit, followed by ERP or other software integration limitation. I can fix that.

Reference: Links for all Card brands.

Need help getting compliant?

Call Christine Speedy, , for simple solutions to complex payment transaction problems, 954-942-0483, 9-5 ET. CenPOS authorized reseller based out of South Florida and NY. CenPOS is an integrated commerce technology platform driving innovative, omnichannel solutions tailored to meet a merchant’s market needs. Providing a single point of integration, the CenPOS platform combines payment, commerce and value-added functionality enabling merchants to transform their commerce experience, eliminate the need to manage complex integrations, reduce the burden of accepting payments and create deeper customer relationships.