How to Accept Online Payments In a Way that Limits Fraud

If you are reading this blog, you probably already know very well that fraud prevention is a much bigger concern when processing non-face-to-face payments as the process is quite different from the one for payments involving merchants operating in a non-face-to-face environment. Because online payment processing is by default performed over the web, the card acceptor never really sees and examines either the card or its cardholder.

On the bright side, however, there are quite a few solutions and best practices which, if performed for each transactions and implemented consistently, will help mail order and telephone order (MO / TO) and web-based card acceptors limit fraud and maximize their bottom lines.

How to Accept Online Payments In a Way that Limits Fraud

Card acceptors doing their online payment processing in a card-not-present environment, incorporate the following suggestions into your payment processing cycle for each of your transactions:

• Get an authorization approval for all payments. The floor limit for all card-not-present transactions is inevitably zero and all that means is that card acceptors always ask for and actually receive an authorization approval for each payment, regardless of the payment amount.
• Get the expiration date of the card. You need to always ask consumers to provide their card's expiration date. It serves as another way to verify that the consumer is in a physical possession of their card during the time of the payment.
• Get the security code of the card. Card security codes are, as you no doubt know, the three- (for Discover, MasterCard and Visa bank cards) and the four-digit (for AmEx cards) codes on the back (for MasterCard, Discover and Visa bank cards) or the front of the bank card (for AmEx). Getting the security code of the card in none-face-to-face payments is a crucial way to validate that the customer is in actual physical possession of his card. Remember that you should never store the security codes of the cards anywhere in your database. This storage is prohibited by Visa and MasterCard and violators, when caught, will be charged with substantial fines.
• Use the AVS (Address Verification Service) system. The (AVS) allows web-based merchants to validate the correctness of the billing address that the customer has listed at the checkout. It does that by routing the provided address, through Visa and MasterCard, to the card's issuer. The card issuer receives the information and matches it to what it has on file for its own customer and returns a response code that gives the result of its validation process.

Using these fraud prevention tools and procedures will help reduce fraud and limit chargebacks. Your online payment processing provider should always be available to help you implement these suggestions and offer others.

Credit Card Merchant Services Fee Guidelines

If you are in our business, you are probably used to fielding questions about the lowest possible credit card merchant services fees available to businesses. I don't know about you, but my responses have no doubt disappointed many merchants, because I simply tell them that the question is not answerable. It is just not feasible that one can be arrived at. The issue is that, if you want to reach an answer, you will be required to wade through zillions of website pages of across all merchant account service providers in existence, provided you could get your hands on a list of their URLs. Then, even if you somehow managed to do that, you will immediately run into another issue, which is that many of the credit card merchant services vendors just won't list their processing rates online.

Watch out for 'Low Rate' Banners

So we have all stumbled upon incredibly low processing rates, prominently displayed in banners with contrasting colors within the headers of their websites. I have, for example, just recently seen one such banner promising rates "as low as 1.57%" for card-not-present transactions. That will have to be the lowest non-face-to-face rate I have come across. OK, but what does such a rate tell us? What kinds of payments does it apply to? Under what conditions? What kind of rates do all other transactions get?

There are many other questions whose answers you will need to know, before you can make a well-informed decision, one you can feel confident will ensure a real low-cost processing service. To get these answers, you will have to analyze the pricing schedule in its entirety. If you have not received a full proposal, make sure to get one from your processor.

Analyzing Pricing Proposals

This is the crucial pint so let's stop for a moment and analyze the information the above rate gives us. A 1.57 percent is only possible to apply to some of your debit card transactions, but is not at all possible to have your credit card payments processed at this rate. It is just that interchange fees prevent that, unless the processor wants to be losing money.

The issue is that debit payments typically make up a very tiny proportion of the average merchant's total card volume. That's the reason you absolutely need to find out the rate for credit cards. In our little example your credit card processing rate is probably going to be a little over 2 percent, although it is not completely improbable to be somewhat lower than that.

So you will need to make sure that your credit card processing acquirer gives you separate rates for credit and debit cards. That is the only way to ensure that you are not overcharged for any of your transactions.

Examine the Whole Proposal!

Now that you understand that the flashy advertising rate on your credit card services provider's website is but one of the factors that you should be taking into consideration when selecting a service provider, you should also have realized that there are a few other factors you should look at and you will have to take the trouble to understand them all. Otherwise you just can't be sure that the incredibly low headline rate is not made up for in some other way.

Considerations for E-Commerce Credit Card Merchant Services Fees

What are acceptable rates you should agree to pay for your credit card merchant services? This is of course the most common question we are asked by businesses looking for processing services. Then we also get asked why card-not-present rates are higher than face-to-face rates. In this post I will explain the reason for it the discrepancy and will give you a template on the fees you should agree to be paying.

Why Are E-Commerce Processing Fees Higher?

This one is simple. E-commerce transactions are more expensive, because historically they have produced much more customer disputes than transactions processed by brick-and-mortar businesses. Disputes are a problem in themselves, however, to make matters worse, they often deteriorate into the even more unpalatable chargebacks, which are the biggest reason why Visa and MasterCard suspend merchant account services.

The Issue with Chargebacks

The problem with chargebacks is that, if their rate jumps above 1 percent of your total transaction count, your credit card processing service will be suspended one of the Credit Card Association, if at all it comes to that. What I mean is that your acquirer will be the one to suspend your account way before the rate comes anywhere close to 1%. Why? Because acquirers also get fined by the Associations quite steep penalties for any of their merchants whose chargeback rate exceeds this threshold and they won't accept that.

E-Commerce Rate Suggestions

So what should you pay for your w-commerce merchant account? Here are my suggestions:

• Discount. E-commerce transaction processing rates should never exceed 2.11 percent for credit cards and 1.88 percent for debit cards. These rates, however, will be for the so-called "regular cards." There are other types like rewards, commercial, purchase, etc., that are usually processed at considerably higher rates. However, the type of pricing model you have set up by your processing bank will have much to do with the concrete rates you get. Some models, for instance, will give you one rate for both debit and credit cards. The problem with this type of model is that the interchange rates for the various debit cards are much lower than the ones for credit cards. What you should take of that is that such models will have you overpay. A considerably better model would be one based on the interchange-plus pricing structure, which provides for your acquirer's fee is directly added to the interchange fees set by the Associations. While you don't have control over what the Association charge, you can ensure that your processor charges the same for all transactions.
• Transaction charges. Transaction fees at $0.30 per item should be acceptable.
• Application processing and set-up fees. Do not agree to any such fees!
• Payment gateway fees. Payment gateways are virtual tools used to connect shopping carts of online stores with the acquirer's payment systems and communicate information back and forth between the two of them. For instance, the most widely used gateway is Authorize.Net. A set-up fee of under $100 should be considered acceptable and a monthly fee of $10 is also OK.
• Monthly statement fee. This one is known by any number of names, but in any case it shouldn't be in excess of $20 per month.
• PCI compliance fee. This one is a new fee, charged either on a monthly or yearly basis. Whatever the calculation, the fee should remain below $150 a year.

Finally, evaluate each pricing proposal you receive as a whole, not by looking at its components separately.

How to Take Credit Cards when the Card is Unreadable

Do you know the experience? You swipe your card through the machine at the register and it gives you an error. You do it again, but you get another error. It can be frustrating, but it does not have to be. If the merchant knows what they are doing, the situation should be handled quickly and painlessly.

So first of all you need to understand that a face-to-face setting does not always translate into card-present transactions. In this post I will go over the reasons why this is so and will show you how to take credit cards every time this happens in a way that will be satisfactory to both you and your customer.

Issues with Card Readability

First of all, why would a card be unreadable? 99% of the time the reason is one of the following:

• The credit card terminal is damaged.
• The card is damaged, most often its mag stripe is demagnetized. This could be totally accidental, but it could also be caused the card being counterfeit or somehow altered.
• The card is not swiped incorrectly.

What Should You Do When the Card Is Unreadable?

When, for whatever reason, the card is unreadable, you need to follow these procedures:

1. Examine the credit card terminal to make certain it is working correctly.
2. Verify that your customer is swiping the card correctly.
3. If there is no issue with either of the above items, examine the card itself to verify that it is valid and has not been damaged in any way.
4. If it turns out that the issue is with the card itself, you have several options. Whatever you choose these procedures to be, write them down and train your staff. You could request another card or a different payment form. You could, on the other hand, manually enter the payment data. You could also request a voice authorization approval for the transaction.
5. If you choose to be implementing one of the last two options in the preceding item, you will also need to take an impression of the front of the credit card, to be placed on the transaction receipt or on a separate receipt, which will have to be signed by your customer. The impression of the card could then be needed in chargeback disputes.

Before you decide on your procedures for handling unreadable cards, you need to know that when you accept credit cards that are not swiped, they will be processed at card-not-present rates. Simple as that and there is nothing you can do about it, even though you had the card in your hands.

Go to our website for more.

Credit Card Processing Guidelines for Cruise Lines

Cruise line businesses are considered exceptionally high-risk by Visa and MasterCard and consequently are required to implement specific credit card processing practices that are often quite different from the ones followed by most other types of businesses that take credit cards in lower-risk types of settings.

To remain in compliance with Visa and MasterCard rules and to keep your customers satisfied with your services, you need to follow these procedures:

1. Request an authorization approval for any additional fees that were not initially authorized. To obtain the transaction authorization approval for the additional amount, follow these guidelines:
   
   1. Follow your regular authorization process.
   2. If the issuer declines the additional authorization request, call your customer and request an additional method of payment, like a check or another card.
2. If the issuer declines authorization for the additional amount, settle only the initially approved amount. More particularly, you will need to:
   
   1. Request settlement of the amount that is already authorized, leaving out any of the additional charges, for which the issuer has not given authorization.
   2. Contact your customer and request a different form of payment for the declined amount.
3. Whenever the originally authorized amount is greater than the actual cost of the cruise, submit an authorization reversal for the balance. You can't charge your customer for any amount above the actual cost of the services he used, even if the amount was authorized.
4. Implement the final authorization rule and the 15 percent rule. At the check out at the end of the cruise, an authorization approval is required in the following situations:
   
   1. If, for some reason or other, an authorization approval was not initially obtained. I don't need to elaborate on this requirement, other than to say that you should avoid such circumstances.
   2. You were given an authorization approval initially, but the eventual transaction amount is greater than the initially authorized one. In such instances you will have to use the 15 percent rule to estimate whether or not another authorization approval is necessary. Following is a step-by-step guide on how you can to do this:
      
      1. Begin by adding 15 percent to the initially authorized amount.
      2. Then compare the total received above to the actual transaction amount.
      3. If the actual amount of your service is greater than the total you calculated, you will have to receive an additional authorization approval for the balance.
5. Obtain approval to the terms and conditions of the sale from your customer. It is essential that your customers are given access to all terms and conditions of the service, prior to the reservation. More to the point, the following details will have to be disclosed and accepted:
   
   1. The sale's amount, including all applicable fees.
   2. How any additional fees will be disclosed on the cardholder's monthly card statement and when they will be assessed.
   3. The way your business name will be shown on your customer's statement.

Interchange-Plus Pricing Model for Credit Card Processing

At UniBul we have just introduced a new model to our rapidly expanding line-up of pricing structures, based on the interchange-plus type of models and I wanted to share my views about it. The new pricing model is available to both commercial and non-profit organizations that do their credit card processing in card-present as well as card-not-present environment.

Why Did We Design It?

Most merchants name pricing as the single most important factor they use when selecting a merchant services provider. It is totally understandable, as many of us have done precisely the same when we have selected service providers for whatever we may have needed. Nonetheless, offering low pricing is the only way we can be competitive nowadays and it is the reason why we have launched an interchange-plus credit card processing structure.

How Does It Work?

Our interchange-plus credit card processing model works by adding our mark-up to whatever the interchange fee may be (it is set by Visa and MasterCard for each type of card transaction). By making sure that the mark-up is as low as possible, UniBul guarantees that the business is given the lowest possible processing rate.

UniBul Merchant Services' new pricing structure assesses no fixed monthly fees.

Rates and Fees

Here is a list of all applicable rates and fees:

• Application - $0.
• Payment account set-up - $0.
• Terminal set-up or reprogramming - $0.
• Payment gateway set-up - $0.
• Payment gateway monthly fee - $0.
• Monthly maintenance service - $0.
• UniBul's discount rate – 0.25% + $0.15 above interchange cost.

The card acceptor's ultimate processing rate is the sum of the processor's (e.g. UniBul Merchant Services) fees and whatever Visa or MasterCard charge. With the interchange-plus model, the fee the processor charges is precisely the same for all credit and debit card types, which ensures that the business does not overpay for any transactions that may otherwise have been labelled as "mid-" or "non-qualified." The total processing fee varies by transaction, as the fees charged by Visa and MasterCard vary by card type.

Interchange-Plus Credit Card Processing Pricing Model Benefits

Among the benefits of the new pricing model are:

• Merchant approval rate at 98% of qualified applicants.
• No teaser rates, no hidden fees - all charges are fully disclosed in our pricing agreement.
• Application decision as soon as within hours of submission.
• Processing of all American and the major European and Asian credit and debit card brands.
• Wide range of third party non-cash payment services to accommodate customers who cannot use cards.
• Consolidated, automatic daily ACH deposits for all payment types directly into your bank account.
• Sales reports, trend analyses, chargeback management and much more online with our client center.
• Round-the-clock US-based merchant support.

Unacceptable Businesses for Merchant Credit Card Processing

Businesses and non-profit organizations operating in some types of industries are unqualified to set up merchant credit card processing services in the U.S. Others are severely restricted, but allowed, provided they manage to produce a string of documents and have an acceptable credit profile. The criteria are set by the individual credit card services providers, according to guidelines set out by the Credit Card Networks of Visa and MasterCard. These "black lists" are not set in stone. Rather, they are regularly updated with the inclusion or exclusion of certain business types.

Yet, there are some permanent features of these lists and some industries are unlikely to ever leave them. Mostly the determination of which industry should fall in there is based on the legality of the provided services and the probability of generating unacceptably high levels of chargebacks. The first criterion is self explanatory. As far as the other is concerned, historical data clearly indicate that some industries have simply been unable to cope with chargeback risk.

I should also mention that, even when the merchant credit card processing account is set up, the business' chargeback levels are monitored by the processor on a monthly basis and, if they go over 1% of the total transaction count in any individual month, the merchant will be categorized as high-chargeback one and subjected to very heavy additional requirements. Organizations that are not able to fix their chargeback problem within three months will lose their payment accounts altogether.

Following is a list of business types which will fall into credit the non-qualified merchant credit card processing services category for most merchant account providers.

• Advanced payments greater than 1 year for any product or service.
• Any adult products and services, including but not limited to phone sex, web-based sexually oriented chat, images via the internet, sexually oriented dating services, companion and escort services, prostitution, adult toys, bookstores, strip clubs and other miscellaneous adult entertainment, services or products.
• Bidding fee auctions.
• Cash advances.
• Chain letters.
• Charities without evidence or proof of 501(C) (3) status.
• Check cashing establishments.
• Collection agencies or firms involved in recovering / collecting past due receivables.
• Credit card protection or identity theft service.
• Credit repair or restoration.
• Cruise lines.
• Currency exchanges.
• Debt consolidation or reduction services.
• Drug paraphernalia of any form.
• Essay mills and paper mills.
• Extended warranty companies.
• Foreclosure protection and guarantees.
• Government grants
• How-to books, newsletter, subscription or on line access for any industry shown in the unqualified list.

Go to our website for pricing details.

How to Accept Credit Cards at Hotels

If you own or manage a hotel or another lodging type of business, you will have to accept credit cards in a way slightly different from other businesses. In this article I will offer you a set of best practices to build your payment processing procedures:

1. Get an incremental authorization approval if the hotel stay has been extended by your customer or if additional charges have been incurred. If incremental charges have been incurred, you will need to obtain an authorization approval only for the additional transaction amount that are expected be generated by the extension or by the additional charges. To do this:
   
   1. Follow your regular transaction authorization process for obtain an approval for the additional amount.
   2. In case your authorization request is rejected, do not proceed with the payment and instead request from the customer an alternative payment method for the additional amount.
2. Only submit for settlement the approved authorization amount if your authorization request for the incremental charges was rejected. You should:
   1. Only settle the already authorized amount and do not include any amount for which authorization was rejected.
   2. Contact your customer and request an alternative payment method for the rejected incremental amount.
3. Process an authorization reversal if the initially authorized amount exceeds the actual cost of the hotel stay. If this is the case, you will have to process an authorization reversal request for the difference between the authorization amount and the actual hotel booking agreement.
4. Use the final authorization and the 15% rules. At the checkout, authorization approval is required when:
   
   1. There was no original authorization. If this is the case, authorize the total amount.
   2. There was an initial authorization, but the final amount exceeds it. In this case, apply the 15% rule to estimate whether or not an additional authorization is necessary. Here is how to do this:
      
      1. Add 15 percent to the originally authorized amount.
      2. Compare the calculated total to the actual transaction amount.
      3. If the total amount exceeds the total, request an authorization for the difference between the initial authorization and the final transaction amounts.
5. Disclose and request acceptance of all terms and conditions of the sale. You must tell your customers what the terms and conditions of the sale are before they book a hotel room. In particular, you should disclose the following details:
   1. Your cancellation policy.
   2. Whether a "no-show" fee will be added to the total amount or billed separately.
   3. When the "no show" fee will be charged.
   4. How your name will appear on the cardholder's credit card statement.
   
   The disclosure of the above information will improve the quality of your service and help minimize customer inquiries and disputes which will inevitably minimize chargebacks.
   
   You should require that your customers accept your terms and conditions by clicking on an "Accept" or "Agree" button for the disclosure statement on your website.

Visit our website for pricing details.

Virtual Terminal Payment Processing Facts

Having recently reviewed Authorize.Net, the world's most widely used payment gateway, I thought I should do the same for virtual terminal, which is the primary tool for direct marketers and all other businesses accepting payments over the phone or in the mail. Of course, it is a service that comes as part of each major payment gateway's package, Authorize.Net very much included.

The Virtual Terminal Basics

Virtual terminal is a web-based platform used by MO / TO businesses and non-profit organizations to access their merchant processing services provider's payment system and manually enter transaction information. It works very much like the online payment tools run by utilities, telecoms and other service providers that allow customers to pay their bills online. You have no doubt made such payments. The difference of course is that the virtual terminal enables you to enter your customers' account information, not your own.

Payment Types Supported by Virtual Terminals

All virtual terminals support credit and debit cards, so that is a given. Additionally, just as your cell phone provider allows you to make payments by online checks, so do some virtual terminals. Yet, not all of them support this option, so if you need ACH acceptance, you will have to explicitly verify that with your prospective processor.

Customer Profile Management Features

Some virtual terminals can enable you to set up and manage recurring and installment payment plans, where customer accounts are charged at pre-defined intervals and for pre-defined amounts. This billing is done through managed billing and customer profile management add-on services. The customer profile management allows you to save your customers' credit card account information on your processor's server. The managed billing service then allows you to access the stored customer profiles and manage various operations, including processing regular payments, setting-up recurring, deferred and installment payments, etc. Such features are mostly needed by merchants selling subscriptions, insurance packages, and other services and merchandise that are provided over time.

Pricing Guidelines

When it comes to pricing, your virtual terminal's will be similar, if not identical, to what you'd be paying for a payment gateway. Still, you may be able to get it cheaper at some providers. Then again, if you get a payment gateway, you will also get a virtual terminal by default, so keep that in mind.

Having said that, let me give you some pricing guidelines. First of all, there may be a set-up fee, but you should be able to get a service set up for free. Then you should not be paying a monthly fee in excess of $10.00. Thirdly, there will be a per-transaction authorization fee, which should not be in excess of $0.10. Then you will have the merchant account fees.

Basic Facts About Authorize.Net

Our clients are predominently e-commerce and MO / TO businesses and we are constantly answering inquiries about payment gateways and virtual terminals. To be sure, our free Authorize.Net merchant account is a quite substantial reason for all this interest. But we also learn a lot from these inquiries and the biggest lesson so far has been that there is quite a bit of confusion about what a payment gateway does in the credit card processing chain. In this post I will attempt to disspell at least some of that misunderstanding.

How Does Authorize.Net Compares to a Physical Terminal?

So a payment gateway is a service for collecting and securely transmitting payment information, which is the function also performed by the point of sale (POS) credit card machine. Authorize.Net serves as the link between your e-commerce merchant account and the processor who established it and manages it for you.

As it is to be expected, there are quite a few differences between the functions performed by a POS machine and Authorize.Net and the most conspicuous one is that the former collects the payment data directly from the customer's bank card by "reading" the its magnetic stripe. The gateway, in contrast, collects the information that the customer has manually inputed into the checkout's payment form. Yet, this is actually just a minor technical detail.

Once the information is gathered, both Authorize.Net and the credit card machine encrypt it before transmitting it to the merchant services provider for protection against cyber criminals. The processor then communicates the payment data to the card issuer, who either approves or declines the payment and routes its response back to the merchant through the same channel.

How Much Should You Pay for Authorize.Net?

This is the number one question we get, by far. OK, even though all payment gateways at the end perform the same functions, there can be substantial differences in their pricing. Authorize.Net usually costs roughly $20 per month, but some providers may charge you $10 or less. You may also be charged a set-up fee of up to $100 and there will most likely be a per-transaction authorization fee, usually of $0.10 per transaction.

It is essential that you understand that the payment gateway fees are quite separate from the merchant services fees. To help you understand why this is the case, I will use the POS machine analogy again. You may be charged a monthly fee for the terminal, especially if it has some fancy features for accounting integration or for managing inventory. When looking into pricing proposals, you need to evaluate the whole package, including the merchant services rates and fees. You cannot afford to allow yourself to be blinded by impossibly low headline rates. As usual, if it looks too good to be true, it always is. Authorize.Net and payment processing are certainly no exception to this rule.