150 likes | 161 Views
Learn about lowering credit card fees, understand interchange fees, tricks to reduce fees, minimize chargeback losses, and achieve PCI compliance. Contact Dave Crooks for expert guidance.
E N D
Lower Credit Card Fees & PCI Compliance Presented by Easy Pay Solutions Dave Crooks, Presidentdcrooks@interserv.com800-715-7160
Lower Credit Card Fees • The bad news • Visa & MasterCard have historically increased rates on most transaction types and added merchant fees • The interchange fees that Visa & MasterCard establish are based on risk, since the bank generally carries the risk of loss, fraud & bankruptcy • In hard economic times, bank losses increase so credit card interchange rates have historically increased at a greater rate
Lower Credit Card Fees • The good news • The recently passed Dodd-Frank Act will lower debit card interchange rates for cards issued by large banks beginning in July • Unfortunately, corporate apartments don’t process many debit card transactions • Designed to lower payment costs for consumers…but will merchants pass savings on to customers? • Most significantly, for the first time the government has regulated payment card rates! • Can regulation of credit card rates be far behind? • Will Visa & MasterCard lower credit card interchange rates on their own volition to avoid government regulation?
Interchange Fees • Suppose a guest checked into a corporate apartment and paid $3000 with a credit card. The merchant is paying a credit card discount rate of 2.5%. • The total cost to the corporate apartment for the credit card transaction is $75 (2.5% of $3000) • Approximately $66 of the $75 goes to the customer’s bank (the bank that issued the customer the card). This amount is regulated by Visa/MasterCard and is called the interchange rate. Theoretically, this money covers the issuing bank’s risk of loss and fraud • Approximately $9 of the $75 goes to the credit card processing bank (also called the merchant or acquiring bank), the bank’s distributors, and the credit card processing network(s)
Lower Credit Card Fees • Tricks to reduce credit card fees • If entering a card into a terminal or credit card software program, always enter the cardholder’s zip code, check-in date, check-out date, and voucher number • May require you get a new software program for your terminal or computer • Visa and MasterCard have special promotional rates for consumer card transactions at corporate apartments…but they require different industry codes • Since a merchant account can only have 1 industry code, this will require 2 merchant accounts to take advantage of (one for Visa transactions and one for MasterCard transactions)
Lower Credit Card Fees • Reduce your chargeback losses • Get a signature. When there is no signature, it's the cardholder's word against the merchant's word...and unfortunately, the cardholder usually wins • One other technique that we've seen work with a number of banks is to print your cancellation policy in BOLD PRINT right above where the cardholder signs the credit card signature-on-file form. With some banks, this has been persuasive • Be sure the cancellation policy is clearly spelled out in BOLD PRINT on an email or printed confirmation when the reservation is made…and keep a copy of it
Lower Credit Card Fees • Reduce your chargeback losses • You can count on Amex to always side with the cardholder. The merchant rarely wins....right or wrong. This is unfortunate but a fact of life. • Did you know that 92% of Amex card holders also have a Visa or MasterCard in their wallet? Perhaps you should ask customers that offer you an Amex card, for a Visa or MasterCard...it would improve your odds in a chargeback situation
Lower Credit Card Fees • Reduce your chargeback losses • With Visa and MasterCard, you need to get an imprint of the card to be on really solid ground in the event of a chargeback. I understand this is difficult in your industry...but it's the way the rules are written (the rules are the same for all US banks and their merchants). • The next best situation is to have a fax copy of the FRONT of the credit card and a driver’s license
PCI Compliance • PCI = Payment Card Industry • Several years ago, Visa, MasterCard, and Amex all had their own unique security rules • Two years ago, they got together to form the PCI Security Standards Council…to implement one set of rules for all card brands • Rules apply to merchants that store, process and/or transmit credit/debit data • Rules vary depending upon how many credit card transactions you process • Rules are enforced by your credit card processing bank
PCI Compliance • 6 basics of PCI • Build and maintain a secure network • Protect cardholder data • Maintain a vulnerability management program • Implement strong access control measures • Regularly monitor and test networks • Maintain an information security policy
PCI Compliance • 4 levels of PCI merchants • Level 1 • Processing over 6 million transactions per year or who has had a security breach • Level 2 • Processing between 1 and 6 million transactions per year • Level 3 • Processing between 20,000 and 1 million e-commerce transactions per year • Level 4 • All other merchants process up to 1 million transactions per year • As you approach Level 1, the rules become more onerous
PCI Compliance • Level 4 merchant requirements • Pass an external network scan quarterly • Applies to all internet merchants, or any merchant with credit card software on a computer connected to the Internet • Applies to all merchant with a credit card terminal connected to the Internet • Scans are checking for: • Some security updates to the Windows operating system have been applied • Firewall software/hardware is present and some updates applied • Open ports on the computer where hackers could infiltrate it
PCI Compliance • Level 4 merchant requirements • Complete a PCI questionnaire (self assessment) annually • You may be required to submit this to your credit card processing bank • Applies to every Level 4 Merchant • Will require your technical staff to complete • In most cases, you must use PCI (PA-DSS) approved software in the computer or terminal
PCI Compliance • PCI prohibits you from storing the following on paper or in the computer: • CVV, CVV2, CID information (three or four digit numbers on front of the card or on the signature line) • PIN numbers on debit cards • PIN block (an encrypted PIN number) • Magnetic stripe image • OK to store card number, expiration date and cardholder name in the computer as long as it meets the PCI (PA-DSS) encryption standard • Must store in secure environment if on paper
Good Sense • Use passwords in all your software and change them frequently • Keep your computer servers in a locked room • Control who can make copies of files and store back-ups securely • Mask sensitive information on screens and reports (only display the necessary portion of the computer record) • Cross-cut shred paper with sensitive information on it • Consider a formal computer security review…it’s cheaper than paying for a breach