{"id":4683,"date":"2017-10-11T10:40:29","date_gmt":"2017-10-11T15:40:29","guid":{"rendered":"http:\/\/3dmerchant.com\/blog\/?p=4683"},"modified":"2021-12-03T03:24:25","modified_gmt":"2021-12-03T08:24:25","slug":"magento-developer-payment-gateways","status":"publish","type":"post","link":"https:\/\/3dmerchant.com\/blog\/ecommerce\/magento-developer-payment-gateways","title":{"rendered":"Magento Developer Alert: Visa Mandate and Payment Gateways"},"content":{"rendered":"

How can Magento developers help merchants get compliant with the Visa Stored Credential Transaction framework and mandates effective October 14, 2017?
\n<\/strong><\/h1>\n

Drive your profits while helping clients keep compliant with fast changing credit card processing rules.<\/p>\n

Step by step guide:<\/strong><\/p>\n

How will clients manage consent record requirements?<\/strong> See Improving Authorization Management for Transactions with Stored Credentials<\/strong> https:\/\/usa.visa.com\/dam\/VCOM\/global\/support-legal\/documents\/stored-credential-transaction-framework-vbs-10-may-17.pdf<\/a> . Will gateway provide a checkbox for consent records and ability to retrieve records on demand? (I called authorize.net on October 2 and they advised they will not offer this service, and will leave up to merchants.) Will you develop a custom application to include opt-in date, time and other requirements, plus storage and retrieval capability? Will you advise merchants to choose a technology solution, including payment gateway, that will manage automatically?\u00a0 CenPOS, a merchant-centric, end-to-end payments engine that drives enterprise-class solutions for businesses, saving them time and money, while improving their customer engagement will provide an automated solution for clients. Contact me for the plugin.<\/p>\n

Update terms and conditions.<\/strong> Ensure online order terms include sale, refund and cancellation policies. Add a checkbox for customer opt-in to terms, including online payments. CenPOS has an opt-in box and you can customize the text.<\/p>\n

Verify if there’s a system to manage authorization validity.<\/strong> What the heck does that mean? Many businesses, especially B2B companies, have complex needs including pre-authorizations, incremental authorizations, delayed shipping etc. While merchants may get issuer approvals, that doesn\u2019t mean the authorization is valid. The two most common rules businesses struggle with are “Settlement within 72 hours” for card not present sales, and “Authorization amount and settlement amount must be equal”. (I asked authorize.net support about both items on October 2 and was told they do not offer automated solution.) CenPOS automates compliance. Other payment gateways are incapable or may leave it up to developers to create a solution. How can a developer verify if merchant has an issue? Ask clients to look at their merchant statement \u2018pending interchange<\/a> fees. If you see EIRF or STD, that\u2019s a red flag there\u2019s a problem.<\/p>\n

Create a hosted pay page. <\/strong>B2B Businesses almost always have more than one sales channel and use of paper credit card authorization forms<\/strong> is common. They need help to eliminate. You already have the SSL certificate, so it’s a natural add on to provide clients a secure web page with an iframe a solution to collect payments. With CenPOS, end customers can use the same stored credential in Magento and the pay page, both credit card and ACH. \"hosted<\/a>Prevent brute force attacks. System hardening is a PCI compliance requirement. <\/strong>See Visa best practices to prevent brute force attacks. https:\/\/usa.visa.com\/support\/merchant\/library\/visa-merchant-business-news-digest.html. CenPOS includes recaptcha and client managed velocity and other rules as part of a layered security approach.<\/p>\n

Payment Gateway checklist: <\/strong><\/p>\n