In October 2016, Visa quietly announced sweeping changes to rules for card not present transactions. By updating online payment technology, businesses can increase profits by complying with the new rules. Failure to comply will significantly increase financial risk and reduce profits.
A core concept is valid “authorization”, which impacts merchant rights and credit card processing rate qualification. An invalid authorization equates to a no authorization. Card issuers may initiate Chargeback Reason Code 72, no authorization, for 120 days and ACH funds from merchant bank account on the next settlement day, for failure to comply with authorization rules. This is a significant change; in the past, businesses have responded to cardholder initiated disputes, a completely different scenario.
STORED CARDS ON FILE, NOW “STORED CREDENTIAL ON FILE”
If your business stores credit cards for recurring or unscheduled billing, paper credit card authorization forms and desktop terminals are dead. For example, storage records have lots of new conditions, and all subsequent transactions must be submitted with the same initial transaction reference field. A digital wallet, digital authorization form and payment gateway are needed.
- Stored credential– rules for storing and what associated data is required on file and what is submitted with transaction- same transaction ID required for all after initial approval
- Estimated Authorization– indicator as to whether the authorization is an estimate or is final is sent with transaction. Authorization is valid for 14 days in the rental, manufacturing, distribution industries.
- Incremental authorization– must use same transaction ID as estimate, and submit with incremental authorization indicator.
- Visa now groups transaction types into ‘customer initiated’ and ‘merchant initiated’. For card not present, a transaction is only considered customer initiated, if Verified by Visa is used. Verified by Visa (VbyV) is their brand name for the global 3-D Secure cardholder authentication protocol for card not present transactions; merchants immediately protected from “it wasn’t me” card not present fraud.
- See Special Authorization Request Allowances and Requirements in Visa Public Rules.
- Effective through 13 October 2017: Written cardholder consent.
- Effective through 13 October 2017: Merchant must use the Incremental Authorization Request indicator and the same Transaction Identifier for all Authorization Requests.
- Effective 14 October 2017 Transaction initiated with an Estimated Authorization
RISK AND REWARD
- Customer satisfaction increases with more efficient interaction, fewer issues with authorization holds, and more control over their digital wallet (stored payment methods).
- Profits increase with improved interchange rate qualification; heavy penalties for failing to comply, as much as 1.50% extra!
- Significant financial exposure from the card issuer if not complying with stored card on file rules; it’s not up to the customer.
CARD NOT PRESENT SOLUTIONS
The changes are arguably as big as US EMV chip card acceptance; don’t your expect your current payment processing ecosystem to be instantly compliant. It’s not. There’s not a single US acquirer ready to support all the data that needs to be transmitted with transactions under the new rules. Expect other card brands to follow with similar changes. Businesses need a payment technology partner to facilitate compliance automation, including with new January 2017 rules.
Key elements likely to impact readiness and profits:
- Does the payment gateway/ digital wallet provider have any type of authorization form automation now?
- Does the payment gateway/ digital wallet provider support level 3 processing with partial authorization reversal now?
- Does the payment gateway/ digital wallet provider support estimated authorization and final authorization transaction type indicators now?
- Does the merchant services or payment gateway/ digital wallet provider have any clue what you’re talking if you ask questions?
Christine Speedy, authorized CenPOS reseller, provides universal payment processing solutions to maximize profits and mitigate risk across multiple sales channels. To get a CenPOS account compatible with your merchant account, and plugin for ecommerce, accounting and ERP software, contact Christine at 954-942-0483.