Credit Card Best Practices
Manually Entered Card-Not-Present Transactions
- CVV Code - When entering phone orders ask the customer to give you the three-digit code that is printed on the signature panel and key it into the device as prompted. Do NOT make note of the code in any way, as this is a compliance violation.
- Address Verification Service - Enter the House Number and Zip Code of the Credit Card Holder's Billing Address. If the transaction returns an Address Mismatch, do not ship the products.
- Authorization Code - If your system prompts you to "Call Authorization", DO NOT accept the Authorization Code from the cardholder, call the Authorization Center direct to receive a valid Authorization Code. Remember that an authorization only confirms that funds are available at the time of the order and that the card has not been reported lost or stolen. It does not guarantee that the person providing the card number is the owner of the card or is entitled to use the card.
- Additional Validation - Use another form of validation, such as www.WhitePages.com to cross check the address and phone details provided.
- Further Identification - Call the customer to confirm details of the order, especially for large and/or suspicious orders. Request further identification such as a photocopy of the front and back of the card. This will ensure the person has the card in their possession. Make sure it is a genuine photocopy, not a photoshopped image. Remember to keep the photocopy under lock and key, and to shred or burn it at the appropriate time.
Manually Entered Card-Present Transactions
- CVV Code - When a credit card won't swipe at the check out, enter the 3 or 4 digit CVV Code from the back of this card. This will prove that the card was present at the time of the transaction so that you may receive chargeback protection on Visa Cards. Other types of cards must be manually imprinted. If the card is not embossed, do not enter manually.
- Address Verification Service - Enter the House Number and Zip Code of the Credit Card Holder's Billing Address. If the transaction returns an Address Mismatch you may choose to request a different form of payment because it could be a stolen card.
- Authorization Code - If your system prompts you to "Call Authorization", DO NOT accept the Authorization Code from the cardholder, call the Authorization Center direct to receive a valid Authorization Code.
Voids & Refunds
- Void or Refund - Void if the same day, Refund if not same day.
Refunds - Do not give cash refund for merchandise purchased with a credit card.
Same Card - Do not give credit refunds to any card other than the card used for the original transaction.
Debit Refunds - PIN Based Debit Transitions must be processed as a "Credit" Refund.
Staff - Be aware of what your staff is processing. Look out for staff refunding to their own credit cards or storing unnecessary customer information.
Password Protection - Many credit card terminals allow you to password protect certain functions. Consider enabling a password for credit card refunds.
Storing Card Numbers For Recurring Billing
- Recurring Billing - We have programs that offer a secure credit card storing feature that allows you to schedule a recurring bill to a credit card.
- Secure Storage - Do not store card numbers on your computer. Only enter them in PCI Compliant programs designed for storing card data.
- Address Verification Service - Enter the House Number and Zip Code of the Credit Card Holder's Billing Address.
Preventing Fraud & Chargebacks
- Declined - If a card transaction is declined, do not attempt to obtain an authorization for a different amount on the same card.
- Shipping - For phone and ecommerce transactions where merchandise is to be shipped or delivered to the cardholder, the shipping date should not be more than seven calendar days after the authorization is obtained and any shipping costs not included in the authorization amount must not exceed 15% of the amount authorized. Do not submit these sales for settlement until the merchandise has been shipped.
- Large Transactions - If the transaction amount is larger than a typical transaction, take extra precautions, especially if the card will not swipe - check the signature on the back of the card and match the name on the card to the name on the Driver's License. If in doubt, ask for a different form of payment.
- Proof of Delivery - Only ship products to the Billing Address and make sure the deliverer obtains a signature of the person taking the delivery.
- Respond Promptly - Respond to Retrieval (Copy Requests) and Chargebacks as soon as possible. Call the Chargeback Department to confirm receipt of information faxed.
Settlement & Reporting
- Bank Account Reconciliation - Use your monthly Merchant Statement to reconcile credit card deposits with your bank account.
Additional Reports - Use the robust online reporting available through the credit card processor to reconcile credit card deposits with your bank account, and get other detailed information about your processing.
- PCI Compliance - Be sure to complete the Self-Assessment Questionnaire Annually and the PCI Scan Quarterly.
- IRS Regulations - You will receive a 1099-K for the previous year’s processing volume for filing with your taxes.
- Factoring - Do not accept or process credit card sales for another merchant (business). This is known as factoring of tickets.
- Cash Advance - Do not deposit any transactions for the purpose of obtaining or providing a cash advance.
Make sure you have all the information needed to stop fraudulent transactions and to protect yourself from credit card fraud. Please review these best practices and make sure your staff is thoroughly familiar with them.
For more detail, you can view the Visa Card Acceptance Guidelines.