BBT Merchant Services Ref Kit_v1
Content
BB&T Merchant Services
Reference Kit
I M P O R TA N T I N F O R M AT I O N ENCLOSED
Welcome to BB&T Merchant Services
Thank you for choosing BB&T as your Merchant Services provider. BB&T has been providing payment processing solutions to businesses like yours for more than 35 years and has been consistently ranked as one of the top small-business-friendly banks in the nation. We look forward to servicing your credit card acceptance needs with a host of products and services that will help your business increase sales and customer loyalty. As a BB&T Merchant Services client, you can be confident that BB&T will provide you with resources and tools to help you grow your business more effectively. This Reference Kit has been designed to help you get started as well as to identify potential fraud, reduce chargebacks, ensure compliance, and provide tips for easier processing. These valuable tips and strategies were developed to help make accepting cards simple and safe. We hope you find it useful. If you have questions regarding your account, please contact the Merchant Client Support Center at 1-877-MRCHBBT (672-4228). Our hours of operation are 8:30 a.m. - 9:00 p.m. Monday through Friday. Again, thank you for choosing BB&T.
The information in this packet includes summaries of certain requirements imposed as of May 2009 by BB&T, the Card Associations and applicable law relating to merchant acceptance and processing of credit and debit card transactions. This packet is not meant to be a detailed description or a complete listing of all these requirements or of your obligations. We urge you to read your merchant agreement with us, the rules and regulations of the Card Associations and applicable law in order to understand fully all of your obligations as a merchant accepting card transactions and, if appropriate, consult with your own legal advisor. We also note that these requirements may change over time, and that you will be responsible for complying with any such changes as they come into effect. BB&T Merchant Services is a division of BB&T Financial, FSB, a subsidiary of BB&T Corporation. Member FDIC.
BB&T Merchan t S e r v ic e s – Wel c om e
BB&T Merchant Services Reference Guide
TABLE OF CONTENTS
Getting Started
Client Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1.1 Clients Using Terminals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1.2 Clients Using Software or Payment Gateways . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1.3 Clients Using DialPay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1.3
Daily Processing
Card Acceptance Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.1 Card Processing Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.3 Key- Entered Transactions/Obtaining Manual Imprints . . . . . . . . . . . . . . . . . . . . . . . . 2.4 Understanding Interchange/Minimizing Processing Costs . . . . . . . . . . . . . . . . . . . . . . 2.8 Your Merchant Statement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.12 Maintaining Your Account . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.15 If Your Terminal Breaks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.15
Loss Prevention
Card Identification Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.1 Code 10 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.5 Fraud Prevention Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3.6 CVV2/CVC2 Processing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3.6 Address Verification Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3.8 Understanding and Avoiding Chargebacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3.10
Data Security/Compliance
Payment Card Industry Data Security Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4.1 If You Have a Security Breach . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4.4 Merchant Website Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4.5
Customize Your Solution
BB&T Merchant Connection Web Based Reporting . . . . . . . . . . . . . . . . . . . . . . . . . 5.1 Check Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.2 Gift Cards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.4 Other Card Types (AMEX, PCARD, WEX) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.5 BB&T Bankcards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.6
Glossary/Resources
Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6.1 Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6.4
BB&T Merchan t S e r v ic e s – Ta bl e of C on ten ts
CLIENTS SUPPORT
1-877-MRCHBBT • 1-877-672-4228 Menu Options
• If you are experiencing terminal or printer malfunction or terminal error messages, or if you need assistance with terminal operation, Press 1 to access the technical help desk. • Please choose the technical help desk that supports your terminal. - - - - - For TSYS Acquiring Solutions (formerly Vital), Press 1. For Global, Press 2. For Paymentech Press 3. For NDC, Press 4. If you do not know your technical support provider, Press 0 for BB&T Client Support.
• For supplies, Press 2. • For retrieval requests or for inquiries about a chargeback you recently received, Press 3. • To speak with a BB&T Client Support representative regarding your BB&T Merchant Services account, Press 0. Our office hours are 8:30 a.m. – 9:00 p.m. (ET), Monday through Friday. • Technical and terminal support is available 24 hours a day 7 days a week.
Help Desk Sticker Enclosed…
Need terminal or transaction assistance? Service and support for your credit card and check authorization equipment is just a phone call away! Affix the Help Desk sticker included in your welcome package, to the face of your credit card terminal or computer if using software and call the toll-free number on the sticker whenever you need credit card related assistance.
TSYS Technical Support - Helpdesk: Supplies: Voice Authorizations: General Inquiries:
Merchant ID #: Terminal ID #:
BBT V1234567
800-552-8227 800-300-3328 800-291-4840 877-672-4228
Technical Support is just a phone call away … 24 hours – every day!
B B&T Me rchant Ser v ic e s – G etti n g St a rt ed
1.1
CLIENTS USING TERMINALS
Clients Purchasing Terminals
Now that you have received your terminal, it’s time to start processing transactions. In most cases, your terminal is ready to process transactions straight out of the box. Please take a few minutes to ensure that all of the necessary devices (terminal, PIN Pad, or check readers), power units, and cords have been included in your package. If anything appears to be missing or if the terminal is not the one you expected to receive, contact the Merchant Client Support Center at 1-877-672-4228.
Clients with Existing Terminals
By the time you are reviewing this kit, you may already be processing with BB&T; if so, Welcome! However, if you have not received your terminal programming to start processing transactions with BB&T, you may call 1-866-634-2125 to obtain your new download. The download process should only take a few minutes.
Merchant Terminal Training
To help you get started processing transactions successfully, BB&T Merchant Services is pleased to provide terminal training via telephone for you and your sales associates at no charge. During the application process, you may have requested training; if so, you will soon be contacted by one of our associates to schedule or perform the training and answer any questions you may have. If you prefer not to wait to be contacted, you may call the Training Help Desk at 1-866-634-2125 to schedule training at a time convenient for you and your sales associates. During training you will be instructed on how to: • Properly install your credit card terminal • Process sales and refunds • Settle batches • Run reports • And much more! If you did not initially request training but would now like to receive training, please call the BB&T Merchant Client Support Center at 1-877-672-4228 and we will be glad to schedule training for you.
B B&T Merchant Se r v ic e s – G et t i n g Sta rted
1.2
CLIENTS USING THIRD PARTY SOFTWARE OR PAYMENT GATEWAYS
By the time you are reviewing this you may already be processing with BB&T; if so, Welcome! In order to begin processing through your new merchant account, you or your software provider may need specific information from BB&T to configure your software correctly. Depending on your specific software, we may provide a form to you via email containing the basic information necessary. However, certain software providers require special parameter forms to be completed prior to configuration and/or installation of your software. If your software provider requires information from you that we have not supplied, please contact the Merchant Client Support Center at 1-877-672-4228. We will be happy to assist you by supplying the specific information requested by your software provider. Note: If you purchased software through BB&T, your installation or activation disk will provide instructions for getting started. Training may be available for software purchased through BB&T; contact the Merchant Client Support Center for more information.
IMPORTANT
Note: If you purchased service through BB&T Payment Gateway or Virtual Terminal, you should have received a welcome email and welcome call from a BB&T training specialist to walk you through your new method IMPORTANT of processing. If you have not received your welcome email or you are ready for training, please call the Merchant Client Support Center.
!
! !
IMPORTANT
Certain settings in your software will affect your transaction costs, your ability to prevent fraud and chargebacks, and your compliance with Card Association rules. It is your responsibility to ensure the settings established in your software are the most appropriate for processing your transactions. In addition, compliance with Data Security Standards established by the Card Associations is critical. Further details on these topics are provided throughout this Reference Kit.
CLIENTS USING DIALPAY IMPORTANT
DialPay is a processing option that allows authorization and capture of transactions via a touch-tone telephone instead of a credit card terminal. This option should only be used by merchants who have an infrequent need to process transactions. If your account was set up IMPORTANT to process transactions in this manner, a booklet entitled DialPay Authorization with Capture IMPORTANT Operating Guide has been included in the welcome package you may have already received. The DialPay guide contains all of the information you need to process your transactions.
IMPORTANT
!
! !
IMPORTANT
All DialPay merchants should be processing transactions using the Address Verification Service as described on page 3.7. For Card-Present transactions, manual imprints, as explained on page 2.4, should be obtained. For Card-Not-Present transactions, DialPay merchants should adhere whenever possible to the Fraud Prevention Guidelines on page 3.5.
IMPORTANT
IMPORTANT
1.3
BB& T M e rch a n t S e r vi ce s – G e t t i n g S t a r t e d
CARD ACCEPTANCE POLICIES
Dollar Minimums and Maximums
Always honor valid Visa®, MasterCard®, or Discover®Network cards in your acceptance category regardless of the dollar amount of the purchase. Imposing minimum or maximum purchase amounts is a violation.
No Surcharging
Always treat card transactions like any other transaction; that is, do not impose any surcharge on a transaction. You may, however, offer a discount for cash transactions, provided that the offer is clearly disclosed to customers and the cash price is presented as a discount from the standard price charged for all other forms of payment.
Taxes
Include required taxes in the total transaction amount. Do not collect taxes separately in cash. This policy reflects the needs of the many Visa, MasterCard, and Discover Network cardholders who must have written records of the taxes they pay for goods and services.
Split Sales
Prepare one sales receipt per transaction, using the full transaction amount. Merchants are not allowed to split the cost of a single transaction on a single cardholder account between two or more sales receipts in order to avoid authorization limits.
Laundering
Deposit transactions only for your own business. Depositing transactions for a business that does not have a valid merchant agreement is called laundering or factoring. Laundering is not allowed; it is a form of fraud associated with high chargeback rates and the potential for forcing merchants out of business.
No Cash Refunds
Complete a credit receipt for merchandise returns or adjustments. Do not provide cash refunds for returned merchandise originally purchased with a card. Visa and Discover Network does not permit cash refunds for any credit or debit card transaction. By issuing credits, you protect your customers from individuals who might fraudulently make a purchase on their account and then return the merchandise for cash.
Delivery of Goods and Services
Deliver the merchandise or services to the cardholder at the time of the transaction. Cardholders expect immediate delivery of goods and services unless other delivery arrangements have been made. For card-not-present transactions, cardholders should be informed of delivery method and tentative delivery date.
Asking for Identification
Although payment network rules do not preclude merchants from asking for cardholder ID, merchants cannot make an ID a condition of acceptance.Therefore, merchants cannot refuse to complete a purchase transaction because a cardholder refuses to provide ID. The payment networks do not allow merchants to ask for ID as part of their regular card acceptance procedures. Laws in several states also make it illegal for merchants to write a cardholder’s personal information, such as an address or phone number, on a sales receipt. You may ask for ID if the card is not signed; you must have the cardholder sign it and check the signature against two other pieces of identification, including one government issued ID.
B B&T Merchant Se r v ic e s – Da i l y P roc es s i n g
2.1
Zero-Percent Authorizations
Merchants should not estimate transaction amounts. For restaurant merchants, in particular, this means debit or credit card transactions should be authorized only for the known amount of the check. Do not add on an estimated tip. Cardholders today can check their account balances almost instantly via the Internet or ATMs. An authorization that includes an estimated tip can reduce their available cash or credit balance by an unrecognizable amount. Say, for example, a cardholder’s restaurant bill is $100, but the staff adds on a 20 percent tip – that is, $20 – for authorization purposes. If the cardholder only adds on a $15 tip, or leaves the tip in cash, the authorization “hold” on the larger amount may make it appear he or she was overcharged. And that, in turn, can mean angry phone calls from unhappy customers – and the potential for reduced business. To ensure zero-percent tip authorization for all transactions, restaurant merchants should: • Instruct staff to authorize only for the check amount. Your staff training and review materials should emphasize the importance of authorizing only for the known amount of the check, excluding any estimated tip. • Ensure your authorization system is set up for zero-percent authorization. For further information on zero-percent tip authorization, contact the Merchant Client Support Center.
No Transactions on Merchant’s own card
Merchants should not use your own card, or one to which you have access, to process a transaction for the purpose of obtaining credit for your own benefit.
2.2
BB& T M e rch a n t S e r vi ce s – D a i l y P r o c e s s i n g
CARD PROCESSING PROCEDURES
Doing It Right at the Point of Sale
Whether sales associates are experienced or new to the job, they will accept cards correctly the first time and every time if they follow a few basic procedures. The illustration below provides an overview of the card acceptance steps that should be followed at the point of sale.
Illustration of Card Acceptance
2 While the transaction is 1 Swipe the card to
request the transaction authorization. Hold the card throughout the transaction.
being processed, check the card’s features and security elements to make sure the card is valid and has not been altered in any way.
3 Obtain authorization
and get the cardholder signature on the transaction receipt.
If you suspect fraud, make a Code 10 call*.
4 Compare the
name, number, and signature on the card to those on the transaction receipt.
* See page 3.4 for information on Code 10 calls.
It Pays to Swipe the Stripe
On the back of every card, you’ll find a magnetic stripe. It contains the cardholder name, card account number, and expiration date, as well as special security information designed to help detect counterfeit cards. When the stripe is swiped through the terminal, this information is electronically read and relayed to the Issuer, who then uses it as crucial input for the authorization decision. Swipe the card to request the transaction authorization. Hold the card throughout the transaction.
B B&T Merchant Se r v ic e s – Da i l y P roc es s i n g
2.3
Verifying the Account Number
Most POS terminals allow merchants to verify that the account number embossed on the front of the card is the same as the account number encoded on the card’s magnetic stripe. How you check the numbers depends on your POS terminal. In some cases, the magnetic stripe number is displayed on the terminal. In others, the terminal may be programmed to IMPORTANT check the numbers electronically. In such instances, you will be prompted to enter the last four digits of the embossed account number, which will then be matched against the last four digits of the account number on the magnetic stripe.
!
IMPORTANT If the account number is printed on the receipt, only the last four digits will be used in many cases. If the numbers don’t match, you will receive a “No Match” message. In such instances, you should make a Code 10 call.*
!
! IMPORTANT
IMPORTANT
*IMPORTANT information on Code 10 calls. See page 3.4 for
All POS terminals and systems are required to provide account number truncation on electronically printed transaction receipts. This means that only the last four digits of an account number should be printed on the customer’s copy of the receipt, and the expiration date should not appear at all. All POS terminals and systems must now comply with these requirements. The Merchant copy of the receipt may be required to reflect no more than the last four or five digits of the cardholder account number depending upon state or local legislation enacted in the jurisdiction of Merchant’s location. It is Merchant’s responsibility to determine requirements of and comply with local and/or state legislation as applicable. If the full card number does appear on the Merchant’s copy, please make sure the correct receipt, the cardholder copy, is provided to the customer. If the full card number does not appear on the Merchant copy, we suggest you print out a batch detail report before closing out in order to have a record of the full card number. Retain in a secure location.
KEY-ENTERED TRANSACTIONS
If a Card Won’t Read When Swiped
In some instances, when you swipe a card the terminal will not be able to read the magnetic stripe or perform an authorization. When this occurs, it usually means one of three things:
• The terminal’s magnetic-stripe reader is not working properly. • The card is not being swiped through the reader correctly. • The magnetic stripe on the card has been damaged or demagnetized. Damage to the card may happen accidentally, but it may also be a sign that the card is counterfeit or has been altered.
If a card won’t read when swiped, you should:
• Check the terminal to make sure that it is working properly and that you are swiping the card correctly. • If the terminal is OK, take a look at the card’s security features to make sure the card is not counterfeit or has not been altered in any way. • For key-entered or voice-authorized transactions, make an imprint of the front of the card. The imprint proves the card was present at the point of sale and protects your business from potential chargebacks if the transaction turns out to be fraudulent. The imprint can be made either on the sales receipt generated by the terminal or on a separate manual sales receipt form signed by the customer.
2.4
BB& T M e rch a n t S e r vi ce s – D a i l y P r o c e s s i n g
Find Causes and Look for Solutions
If a large percentage of your transactions are key entered, you should investigate the situation and try to find out why. The following chart summarizes the most common reasons for high key-entry rates and provides possible solutions.
KEY-ENTRY CAUSE Damaged Magnetic-Stripe Readers SOLUTION Check magnetic-stripe readers regularly to make sure they are working. Clean magnetic-stripe reader heads several times a year to ensure continued good use.
Dirty Magnetic-Stripe Readers
Magnetic-Stripe Reader Obstructions Remove obstructions near the magnetic-stripe reader. Electric cords or other equipment could prevent a card from being swiped straight through the reader in one easy movement. Spilled Food or Drink Remove any food or beverages near the magnetic stripe reader. Falling crumbs or an unexpected spill could soil or damage the machines. Keep magnetic anti-theft deactivation devices away from any counter area where customers might place their cards. These devices can erase a card’s magnetic stripe. • Swipe the card once in one direction, using a quick, smooth motion. • Never swipe a card back and forth. • Never swipe a card at an angle; this may cause a faulty reading.
Anti-Theft Devices that Damage Magnetic Stripes
Improper Card Swiping
M E R CH A NT
Key-entered transactions are fully acceptable, but they are associated with higher fraud and higher chargeback rates. Key entered transactions may increase your processing costs because of the increased risks.
TIP
Special Guidelines Regarding Unembossed Cards
Unembossed Cards
Visa, MasterCard, and Discover Network both offer unembossed cards to accommodate a changing payment environment. Some cards now have laser-engraved or thermal printing of the account number, presenting a smooth appearance to the face of the cards. Traditionally, these cards were issued outside the United States; however, the cards are now offered for products such as prepaid and gift cards. Below we have provided a list of frequently asked questions regarding unembossed cards.
How do you identify an unembossed card?
MasterCard has branded it’s card offering as “MasterCard Electronic” and the logo on the card reflects this terminology. Visa, and Discover Network cards will indicate “electronic use only” on the face of the card. Card numbers on both cards are smooth in contrast to raised numbers on the cards we are familiar with today.
Who can accept unembossed cards?
Unembossed cards work just like any other card at the point-of-sale. Any merchant utilizing an electronic payments terminal, which is capable of reading the magnetic stripe, can accept the card.
B B&T Merchant Se r v ic e s – Da i l y P roc es s i n g
2.5
If the magnetic-stripe read fails, what can the merchant do?
Visa and Discover Network recommend that the merchant request another form of payment. Because the card is not capable of being imprinted, the merchant would have to hand-write the card number on the sales draft and/or key-enter the transaction. Visa and Discover Network advise that merchants who accept an unembossed card without a swipe do so at their own risk, and could be subject to a “Missing Imprint” chargeback should the issuer dispute the transaction. MasterCard’s requirements indicate their MasterCard Electronic card cannot be processed if the swipe cannot be completed. NO hand-keyed transactions or hand-written sales drafts are allowed.The cardholder must be physically present in order to complete a transaction. If the card is valid only in a country different from where the merchant establishment is located, the card may not be accepted.
Directions for Processing Credit Cards Using Manual Imprint
1 3 2 5 7 9 8 6 4
1 5 2 3 7 4
10
8
1 Imprint of credit card number will show here. 2 Imprint of plate showing merchant number,
6 Enter the authorization number from Visa or
MC.
name, and state will show here. If imprint of IMPORTANT plate is unavailable, write in the mermerchant chant name and place of business. (Merchant account number is not required).
7 Enter reference number on the receipt
!
from the terminal.
8 Enter amount of total transaction. 9 If cardholders sign the terminal receipt, they
3 Enter description of sale, ex. gift cards,
merchandise, etc. IMPORTANT
4 Enter the amount of each sale. 5 Enter the date of each sale.
! !
are not required to sign manual imprint receipt. Attach the merchant copy to the terminal copy for the merchant’s file.
10 If manual imprint receipt is used to issue a
credit, the merchant has to sign to authorize the credit.
BB& T M e rch a n t S e r vi ce s – D a i l y P r o c e s s i n g
IMPORTANT
A manual imprint must NOT consist of an impression taken from the card using pencil, crayon or other writing instrument.
2.6
Authorization
The authorization process allows the card issuer to approve or decline a transaction. In most cases, authorizations are processed electronically in a matter of moments. However, to protect against fraud, the card issuer may request additional information about the transaction. If properly done, authorizing a transaction is quick and easy and protects merchants against fraud and chargebacks.
MERC HANT
Authorization should be seen as an indication that account funds are available at the time of authorization and a card has not been reported as lost or stolen. It is not proof that the true cardholder or a valid card is involved in a transaction. It is highly recommended and in your benefit to settle all authorized transactions daily or within 24 hours of the time of the authoirzation. Settling in this manner may prevent chargebacks and will prevent additional interchange fees.
TIP
Authorization Responses
During the authorization process, your sales associates should receive one of the following responses, or one that is similarly worded.
RESPONSE Approved MEANING Card issuer approves the transaction. This is the most common response — about 95% of all authorization requests are approved. Card issuer does not approve the transaction. The transaction should not be completed. Return the card and instruct the cardholder to call the card issuer for more information on the status of the account. Card issuer needs more information before approving the sale. Most of these transactions are approved, but you should call your authorization center and follow the instructions you are given. In most cases, an authorization agent will ask to speak directly with the cardholder or will instruct you to check the cardholder’s identification. Card issuer wants to recover the card. Do not complete the transaction. Inform the customer that you have been instructed to keep the card, and ask for an alternative form of payment. If you feel uncomfortable, simply return the card to the cardholder. The embossed account number on the front of the card does not match the account number encoded on the magnetic stripe. Swipe the card again and re-key the last four digits at the prompt. If a “No Match” response appears again, it means the card is counterfeit. If it can be done safely, keep the card in your possession, and make a Code 10 call.
Declined or Card Not Accepted
Call, Call Center, or Referrals
Pick Up
No Match
B B&T Merchant Se r v ic e s – Da i l y P roc es s i n g
2.7
UNDERSTANDING INTERCHANGE/ MINIMIZING PROCESSING COSTS
Q: What is interchange?
A: Interchange is the fee that merchant-acquiring institutions must pay card-issuing institutions to help offset card issuers’ processing costs and cost of funds. Revenue from interchange fees permits issuers to offer consumers value-added card products at lower prices. This helps increase card availability and usage, which benefits merchants through incremental sales and displacement of other more expensive forms of payment. Interchange rates are set and governed by Visa, MasterCard, and Discover Network, and are the same for all card-issuing and merchant-acquiring institutions. Such control helps maintain the integrity of the most widely used, complex electronic payment system in the world.
Q: What are non-qualified transactions?
A: Visa, MasterCard, and Discover Network establish interchange fees for transactions based on the data submitted and the risk associated with the particular transaction. Your merchant account and the agreed-upon rates and fees are based on an interchange level that is established according to your processing method and business type. A non-qualified transaction is a transaction that does not qualify at the expected level because it does not meet Visa, MasterCard, and Discover Network requirements for that level. Your account will be billed the difference in cost between the expected interchange rate and the interchange level at which the transaction actually qualified plus a surcharge. For example: The interchange level established for an account may require that the card be present and swiped as part of the transaction. The interchange rate is lower because more magnetic stripe content data is submitted and since the card is present, there is lower associated risk. If the card is not present or swiped, the transaction will not meet the requirements for the established interchange level, will be considered non-qualified, and will cost more to process.
Q: Why is a surcharge assessed on non-qualified transactions?
A: Merchant-acquiring institutions assess a surcharge to cover the additional handling costs associated with non-qualified transactions, such as increased processing and operational expenses.
Q: What can I do to reduce the number of non-qualified transactions I have and minimize my transaction costs?
A: To minimize processing costs and ensure that your transactions are clearing at the best possible interchange rate, you should observe the best practices referenced below as indicated for your processing method and business type. For additional advice on reducing transaction processing costs, please contact our Merchant Client Support Center for assistance.
2.8
BB& T M e rch a n t S e r vi ce s – D a i l y P r o c e s s i n g
Retail / Face-to-Face Merchants:
• Card-swipe all of your transactions. • Electronically authorize all transactions. • Obtain one authorization per transaction. • Voice authorized or “forced” transactions will not be eligible for the qualified rate. • Settlement amount must equal the authorized amount for signature debit (non-PIN) transactions. • All transactions must be settled within 24 hours of the authorization. • Indicate the card is present (by transaction type or at appropriate prompt) and perform Address Verification Services (AVS) on key-entered transactions; a full AVS match must be received on the cardholder’s billing zip code to qualify for the best non-qualified rate. • For MasterCard transactions: The settlement amount for each transaction must be within 25% of the authorized amount for Beauty Salon transactions and within 10% of the authorized amount for all other transactions. • For Discover Network transactions: The settlement amount for each transaction must be within 20% of the authorized amount for Beauty/Barber Shops and Taxicabs/Limousines and within 10% of the authorized amount for all other transactions.
Restaurant Merchants:
• Card-swipe all of your transactions. • Electronically authorize all transactions. • Obtain one authorization per transaction. • Voice authorized or “forced” transactions will not be eligible for the qualified rate. • All transactions must be settled within 24 hours of the authorization. • Indicate the card is present (by transaction type or at appropriate prompt) and perform Address Verification Services (AVS) on key-entered transactions; a full AVS match must be received on the cardholder’s billing zip code to qualify for the best non-qualified rate.
Hotel Merchants:
• Card-swipe all of your transactions. • Electronically authorize all transactions. • Settlement amount must equal the authorized amount. • Settle your terminal daily. • Include a Room or Folio number on all transactions. • Include the Check-in and Check-out date on all transactions. • Indicator for Ancillary charges and No-show charge is required.
B B&T Me rchant Ser v ic e s – Da i l y P roc es s i n g
2.9
Card Not Present - Mail/Phone Order Merchants:
• Electronically authorize all transactions. • Perform Address Verification Services (AVS) on all transactions. • Invoice number or customer order number must be included on all transactions. • The customer service phone number is required in settlement record. • The purchase date is the shipment date and must be within seven days after the authorization date or one day prior to the authorization date. • Transactions must be settled within two days of the purchase date. • Settlement amount must equal the authorized amount. • Transaction must be properly identified as Mail/Phone Order with the appropriate MOTO indicator. • Bill Payment transactions must be properly identified with a Market Specific Indicator of “B”, ACI of “Y” and processing code of “50” and a MOTO indicator of “01” for one payment, “02” for recurring payment and “03” for installment payment. The first or initial transaction must be properly identified as Mail/Phone Order; subsequent transactions must be properly identified as Recurring. • Transaction identification is usually handled automatically by a merchant’s transaction-processing system; however, you should check with your software provider to confirm that your system is properly set up.
Card Not Present - Internet/ Electronic Commerce Merchants:
• Electronically authorize all transactions. • Perform Address Verification Services (AVS) on all transactions. • Invoice number or customer order number must be included on all transactions. • The customer service phone number, email address, or the merchant’s URL is required in the settlement record. • Transactions must be settled within two days. • Settlement amount must equal the authorized amount. • The purchase date is the shipment date and must be within seven days after the authorization date or one day prior to the authorization date. • Transaction must be properly identified as e-Commerce with the appropriate ECI indicator. • Bill Payment transactions must also be properly identified with a Market Specific Indicator of “B,” ACI of “Y” and processing code of “50” and an ECI of “5,” “6,” ”7” or “8”. • Transaction identification is usually handled automatically by a merchant’s transaction-processing system; however, you should check with your software provider to confirm that your system is properly set up.
2.10
BB& T M e rch a n t S e r vi ce s – D a i l y P r o c e s s i n g
Business-to-Business Transactions In order to ensure that transactions conducted with Business, Corporate or Purchasing Cards clear at the best possible interchange rate, you should observe the best practices referenced above as applicable to your processing method and business type. In addition, provide the enhanced data below: For Business and Corporate Cards:
• Submit the Tax Included Indicator and Sales Tax Amount (amount must be between 0.1% and 22% of the transaction amount for Visa and 1% and 30% of the transaction amount for MasterCard).
For Purchasing Card transactions only:
To meet Level II Enhanced Data requirements: • Submit the Tax Included Indicator and Sales Tax Amount (amount must be between 0.1% and 22% of the transaction amount for Visa and 1% and 30% of the transaction amount for MasterCard). – Customer Code (as provided by cardholder) is required at Fuel Merchants. To meet Level III Enhanced Data requirements: • Submit Summary Data (minimum required data shown below): – Discount amount - Last two digits are implied decimal places. Must not be all zeros if a discount amount exists. Must be all zeros if discount amount does not exist. – Freight/shipping amount - Last two digits are implied decimal places. Must not be all zeros if a freight/shipping amount exists. Must be all zeros if freight/ shipping amount does not exist. – Duty amount - Last two digits are implied decimal places. Must not be all zeros if a duty amount exists. Must be all zeros if duty amount does not exist. • and, submit Line Item Detail (minimum required data shown below): – Item descriptor - Must not be all spaces or all zeros. – Item quantity - Last four digits are implied decimal places. Must not be all spaces or all zeros. – Item unit of measure - Must not be all spaces or all zeros. – Item commodity code - Must not be all spaces or all zeros.
IMPORTANT
– Item product code - Must not be all spaces or all zeros.
– Item unit cost - Last four digits are implied decimal places. Must not be all spaces or all zeros. – Discount per Line Item - Last two digits are implied decimal places. Must not be all zeros if a discount exists. Must be all zeros if discount does not exist. IMPORTANT – Line Item total - Last two digits are implied decimal places. Must not be all spaces or all zeros.
!
!
! IMPORTANT
IMPORTANT
ON ALL TRANSACTIONS: Make sure your credit card equipment is functioning properly. Do not bypass any terminal or software prompts for specific data; doing so will affect your transaction costs, your ability to prevent fraud and chargebacks, and your compliance with Payment Network rules. If you are a merchant using third-party software, ensure the settings established in your software are the most appropriate for the processing nature of your business.
B B&T Merchant Se r v ic e s – Da i l y P roc es s i n g
2.11
1
2 3 4 5 6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21 22
23
24
25
26
27
28
29
30
31
33 35 37 39
32 34 36 38
2.12
BB& T M e rch a n t S e r vi ce s – D a i l y P r o c e s s i n g
How To Read Your Merchant Statement
Use this information to become familiar with your merchant statement.
1 Address of BB&T Merchant Services 2 Processing Month 15 Avg Tkt 16 Disc P/I 17 Disc %
Dollar amount of the average sales transaction. Discount charged per item for transactions. Discount percentage rate assessed for transactions. Discount due to BB&T Merchant Services. This is calculated as either your net or gross sales multiplied by the discount rate plus the discount per item multiplied by the total number of sales.
The date your statement was produced (MM-YY). An internal tracking number for BB&T Merchant Services is also included.
3 Processor Use Only 4 Merchant Number
This number is assigned to your company for identification purposes. It is exclusive to your company. If you call with statement inquiries, please be prepared to provide your merchant number. This number identifies your bank. This number identifies your account at your bank.
18 Discount Due
5 Routing Number
Transaction Detail
This section displays a breakdown of each transaction made during the statement period. The transactions are separated into three categories: deposits, adjustments, and chargebacks.
19 Day
6 Deposit Account Number
7 Your Statement Mailing Address 8 Amount
This is the amount that is due to BB&T Merchant Services this month. This amount is deducted from or added to your checking account. It includes the difference between fees owed and fees actually paid. Plan Code that identifies the type of card used. See the list of Plan Codes at the bottom of the statement. Total number of sales and cash advances for this statement period. Total dollar amount of sales and cash advances for this statement period. Total number of credits for this statement period. Total dollar amount of credits for this statement period. Total dollar amount of sales and cash advances less total dollar amount of credits.
Day of the month that your batch was processed. Reference number assigned to the batch for tracking purposes. Code that identifies the type of transaction processed. See the list of Transaction Codes at the bottom of the statement. Transaction plan type. See the list of Plan Codes at the bottom of the statement. Total number of sales and cash advances for this batch. Total dollar amount of sales and cash advances for this batch. Total dollar amount of credits for this batch. Total discount previously paid to BB&T Merchant Services. This amount will only display if you participate in a daily discount program with BB&T Merchant Services. 2.13
20 Ref Number
9 PL
21 *(Transaction Code)
10 # Sales
22 PL
11 $ Sales
23 # Sales
12 # Credits 13 $ Credits
24 $ Sales
25 $ Credits
14 Net Sales
26 Discount Paid
B B&T Merchant Se r v ic e s – Da i l y P roc es s i n g
How To Read Your Merchant Statement (continued)
27 Net Deposit
Statement Totals
This section contains discount information and the amount credited or debited from the account. The following fields may appear if applicable.
33 Minimum Discount
Total dollar amount of sales and cash advances less total dollar amount of credits and paid discount. Deposit, Adjustment and Chargeback totals will appear under each respective section.
Fee Totals
This section displays the fees that will be charged to the merchant.
28 Number 29 Amount
Minimum amount of discount that will be charged. This figure will be used if the discount amount is less than the minimum stated in your merchant contract. Total dollar amount of discount due from the merchant as calculated throughout the month. Total dollar figure of discount that has been paid during the month by the merchant if participating in a daily program. Discount due less the discount paid. Total fees due from the merchant. Total dollar amount credited or debited from the account.
Total number of items billed. Total dollar amount used to calculate the amount billed. (This may not be used for all items.) Description of the item billed. Total dollar amount to be billed. Total dollar amount of fees to be paid by the merchant.
34 Discount Due
35 Discount Paid
30 Description 31 Total
36 Net Discount Due 37 Fees Due
32 Total Fees Due
38 Amount Deducted
Note: Fees will be deducted on the 15th day (or next business day) of the month following the statement processing date.
Statement Message
39 Statement Message
Important information from BB&T Merchant Services.
Plan Codes and Transaction Codes
IMPORTANT
!
List of Plan Codes and Transaction Codes are printed along the bottom border of the statement.
IMPORTANT
!
! IMPORTANT
IMPORTANT
Merchant should review monthly statement and report questions, disputes, or missing transactions within 90 days of receipt of statement. Please refer to Section 1.5(k) of your BB&T Merchant Agreement for additional information. It is important to review your monthly statement for important messages from BB&T regarding your merchant statement.
2.14
BB& T M e rch a n t S e r vi ce s – D a i l y P r o c e s s i n g
MAINTAINING YOUR ACCOUNT
When to Contact Us
From time to time, your business may experience change. Some changes may require updates to your merchant relationship, including the following: • DDA Account Number or “Operating Account” - If the DDA account is held at a financial institution other than BB&T, the Bank will require a voided check drawn on the new DDA account to be submitted with the written request for verification purposes. • Ownership or ownership structure • Federal tax identification number • Type or kind of business • Processing method • When you employ a third party provider(s), begin operating a website, or add payment acceptance to an existing account • Company DBA name • Address, or telephone/facsimile number • When you enter into an agreement with a third party offering a cash advance loan program, in which you pledge future credit card receivables as collateral • When you begin a gift card program To request account changes, please call the BB&T Merchant Client Support Center at 1-877-672-4228 or send written correspondence to the following address: BB&T Financial, FSB P.O. Box 200 Wilson, North Carolina 27894
IF YOUR TERMINAL BREAKS
If your terminal becomes inoperable, please follow the steps below: • Call the Client Support Center at 1-877-672-4228. • Choose option 1. • Choose the appropriate technical help desk from the menu. As a reminder, if you own a terminal that has been deemed obsolete by its manufacturer or is no longer capable of compliance with card association requirements and it becomes inoperable, you will have to purchase a new terminal in order to continue processing. Equipment damaged as a result of abuse, power failure, physical damage, fire, or water may not be eligible for replacement or may be subject to additional fees.
B B&T Merchant Se r v ic e s – Da i l y P roc es s i n g
2.15
CARD IDENTIFICATION FEATURES AND SECURITY ELEMENTS
If you are ever suspicious about a card or transaction, call your authorization center and request a Code 10 authorization. Every card contains a set of unique design features and security elements developed by each card manufacturer to help merchants verify a card’s legitimacy. By knowing what to look for on each card, your sales associates can avoid inadvertently accepting a counterfeit card or processing a fraudulent transaction. Train your sales staff to take a few seconds to look at the card’s basic features and security elements after they have swiped the card and are waiting for authorization. Checking card features and security elements helps to ensure that the card is valid and has not been altered in any way. Holding onto the Card Sales staff should be instructed to keep payment cards in their possession during transaction processing. Holding onto the card allows time to check card features and security elements and to compare the cardholder signature on the card with the signature on the transaction receipt. Visa Features (original Visa may be valid through 2010) You may have already noticed that Visa is changing its card design. We have included both the old and new card designs in this guide.
All Visa account numbers start with 4. The embossing should be clear and uniform in size and spacing and extend into the hologram. The account number embossed on the card must match the account number printed on the sales draft or displayed on the terminal (if equipment allows). Visa Debit Identifier To clearly distinguish Visa Debit cards, all consumer Debit cards must show the word “Debit” above the hologram.
The four-digit number printed below the embossed account number must match the first four digits of the account number.
Check the “Good Thru” or “Valid thru” date. Make sure the date of the transaction is no later than the date on the card. If the transaction date is after the “Good Thru” date, the card has expired. In such instances, an authorization request can be called in to your authorization center, or you can ask the customer for a Visa card that is currently valid. Always request authorization on an expired card. If the Issuer approves the transaction, proceed with the sale. Never accept a transaction that has been declined.
Visa cards have a stylized “V” security character embossed to the right of the expiration date.
A three-dimensional dove hologram should reflect light and seem to change as you rotate the card.
B B&T Me rchant Ser v ic e s – Los s P reven t i on
3.1
Back of Visa Cards
All Visa Cards must be signed in order to be valid. The signature on the sales draft should match the signature on the back of the card. If the card is not signed, ask the cardholder to provide a valid government ID (e.g., driver’s license). Then have the customer sign the card. Check to be sure the signatures match. The magnetic stripe should appear smooth and straight, with no signs of tampering. The signature panel should have a repetitive pattern of the word “Visa” printed in color at an angle. A full or partial account number, plus a three-digit Card Verification Value 2 (CVV2), is indent-printed on the signature panel.
Visa Features (Updated Visa Card – Beginning January 2006) Front of Card
Check the account number for evenness and clarity. Look closely at the account number. On valid cards, the numbers will be even and straight; on altered cards, they may have fuzzy edges, or you may be able to see “ghost images” of the original numbers. Compare numbers. The printed four-digit number must match the first four digits of the account number above it. Both should begin with a “4.” If the numbers are not identical or the printed number is missing, the card is not valid and should not be accepted. Check the “Good Thru” or “Valid thru” date. Make sure the date of the transaction is no later than the date on the card. If the transaction date is after the “Good Thru” date, the card has expired. In such instances, an authorization request can be called in to your authorization center, or you can ask the customer for a Visa card that is currently valid.
Back of Card
Check the hologram. When the card is tilted, a ring should appear around the sun and the word “VISA” should appear in the center. If not, the card may be counterfeit. Look at the signature panel. The signature panel will look like this or have a custom design. Check for the Card Verification Value (CVV2). It is a three-digit code that appears either on the signature panel or on a white box to the right of the signature panel. Portions of the account number may also be present on the signature panel. CVV2 is used primarily in card-not-present transactions to verify that the customer is in possession of a valid Visa card at the time of the sale. Check for signs of tampering. Any attempt to erase the signature will cause the word “VOID” to appear.
B B &T Merchant Se r v ic e s – Los s P reven t i on
3.2
MasterCard Features
All MasterCard account numbers start with 5. The embossing should be clear and uniform in size and spacing and extend into the hologram. The 16-digit account number embossed on the card must be exactly the same as the account number printed on the sales draft, or displayed on your terminal (if equipment allows). A three-dimensional hologram with interlocking globes should reflect light and seem to move as you rotate the card. The word “MasterCard” is printed repeatedly in the background of the hologram. The letters “MC” are micro-engraved around the two rings. The pre-printed Bank Identification Number (BIN) must match the first four digits of the embossed account number. The valid date lists the last day on which the card is valid. Some cards may have an effective date as well. MasterCard cards have a stylized “MC” security character embossed to the right of the valid dates. MasterCard Debit Hologram To clearly distinguish MasterCard Debit cards, all new and re-issued consumer Debit cards must display the Debit hologram. By January 1, 2007, all Debit cards must be in compliance with this rule. Until then you may still see some older cards with the word “Debit” printed above the global hologram.
Back of MasterCard
The back of the card must be signed. The magnetic stripe should appear smooth and straight, with no signs of tampering.
The word “MasterCard” is printed repeatedly in multicolors at an angle on a tamper-evident signature panel. You may see only the last four digits of the account number, plus the three-digit CVC2 indentprinted on some newer cards. Some cards may contain the full 16-digit account number, followed by the threedigit CVC2, indent-printed on the signature panel.
Updates for MasterCard (Beginning June 2006) Front of Card
A three-dimensional hologram with interlocking globes should reflect light and seem to move as you rotate the card. Beginning in June 2006, card issuers have the option of placing the hologram on the card back. The familiar “MC” security character will not be present on cards issued after June 2006. To clearly distinguish Debit cards, all new and re-issued consumer Debit cards must display the Debit hologram. By January 1, 2007, all Debit cards must be in compliance with this rule.
Back of Card
Beginning in June 2006, card issuers have the option of placing a holographic magnetic stripe on the card back, replacing the Globe hologram or the Debit hologram. The word “MasterCard” is printed repeatedly in multicolors at an angle on a tamper-evident signature panel. The last four digits of the account number are indent-printed on the signature panel. Beginning in June 2006, the three-digit CVC2 must be printed in a white rectangle to the right of the signature panel. The MasterCard Alternative Design Option will allow issuers greater flexibility. You may see vertical cards, unembossed cards and smaller size cards.
3.3
BB& T M e rch a n t S e r vi ce s – L o s s P r e v e n t i o n
Discover®
The words “DISCOVER NETWORK” will appear under an ultraviolet light. All Discover Network account numbers start with 6. The embossing should be uniform in size and spacing, and extend into the hologram. “Valid Thru” indicates the last month in which the card is valid. A Business Name may be embossed below the account name. An embossed Security Character appears as a stylized “D.” The Discover® Network Acceptance Mark appears on both sides of the card. and appear to move. The magnetic stripe should appear smooth, with no signs of tampering. The words “DISCOVER NETWORK” appear on the signature panel, and an underprint reading “VOID.” The last four digits of the account number appear on the signature panel in reverse indent printing. The three-digit Data (CID) appears to the right of the signature panel.
Law Enforcement Phone Line
Merchant Code 10 Authorization
1-800-347-3083
1-800-347-1111
for suspicious transactions
American Express®
The letters “AMEX” and a phosphorescence in the Centurion portrait are visible under an ultraviolet light. Pre-printed (non-embossed) (CID) should always appear above the account number. All American Express account numbers start with 3. Embossing should be clear and uniform in size and spacing. The number on the front and back of the Card, plus the one printed on the sales receipt should all match. With this statement on the Card, American Express reserves the right to “pick up” the Card at any time. Some Cards have a hologram of the American Express image embedded into the magnetic stripe. The signature on the back of the Card should match the customer’s signature on the receipt. The signature panel is tamper-evident.
Do not accept a Card after the expiration date. Only the person whose name is embossed on an American Express Card is entitled to use it.
Merchant Code 10 Authorization
1-800-528-1212
B B&T Me rchant Ser v ic e s – Los s P reven t i on
if you are suspicious of a card transaction 3.4
CODE 10 CALLS
Code 10 calls allow merchants to alert card issuers to suspicious activity and take appropriate action when instructed to do so.You should make a Code 10 call to your voice authorization center whenever you are suspicious about a card, cardholder, or a transaction. The term “Code 10” is used so the call can be made at any time during a transaction without arousing a customer’s suspicions.
MERC HANT
TIP
Emphasize to your sales staff that they can make Code 10 calls even after a cardholder leaves the store. A Code 10 alert at this time may help stop fraudulent card use at another location, or perhaps during a future transaction at your store.
To make a Code 10 call: Keep the card in your possession during the call. Call your voice authorization center, at 800-291- 4840 Enter your Merchant Identification Number Press # , then 8, then enter card number. Enter the expiration date. Enter the amount of the transaction. You will be transferred to a special operator who will ask you a series of questions that can be answered with a simple yes or no. • When connected to the special operator, answer all questions calmly and in a normal tone of voice. Your answers will be used to determine whether the card is valid. • Follow all operator instructions. • If the operator tells you to pick up the card, do so only if recovery is possible by reasonable and peaceful means.
3.5
BB& T M e rch a n t S e r vi ce s – L o s s P r e v e n t i o n
FRAUD PREVENTION GUIDELINES FOR CARD-NOTPRESENT TRANSACTIONS
A range of fraud-prevention policies, guidelines, and services have been developed for card-not-present merchants. Using these tools will help protect your business from fraud-related chargebacks and losses. Mail Order/Telephone Order (MO/TO) and Internet merchants should strongly consider developing in-house fraud control policies and providing appropriate training for employees.
The following sections outline basic fraud-prevention guidelines and best practices for card-not-present merchants.
Authorize All Card-Not-Present Transactions
Authorization is required on all card-not-present transactions. Card-not-present transactions are considered as zero-floor-limit sales. Authorization should occur before any merchandise is shipped or services performed. An authorization number serves as approval that the card is valid and funds are available. It is not proof that the cardholder was engaged in the transaction.
Ask for Card Expiration Date
Card-not-present merchants should always ask customers for their card expiration, or “Good Thru,” date and include it in their authorization requests. Including the date helps to verify that the card and transaction are legitimate. A MO/TO or Internet order containing an invalid or missing expiration date may indicate counterfeit or other unauthorized use.
Ask for CVV2/CVC2
The Card Verification Value (CVV2 - Visa), Card Validation Code (CVC2-MasterCard), and Card Identification (CID - Discover) is a three- or four-digit security number printed on the front or back of cards to help validate that a customer is in possession of a legitimate card at the time of an order. Studies show that merchants who include CVV2/CVC2/CID validation in their authorization procedures for card-not-present transactions can reduce their fraud-related chargebacks.
B B &T Merchant Se r v ic e s – Los s P reven t i on
3.6
CVV2/CVC2 PROCESSING
To ensure proper CVV2/CVC2/CID processing for card-not-present transactions, merchants should: • Ask card-not-present customers for the last three numbers in the signature panel on the back of their cards. • If the customer provides a CVV2/CVC2/CID, submit this information with other transaction data (card expiration date and account number) for electronic authorization. You should also include one of the following CVV2/CVC2/CID presence indicators, even if you are not including a CVV2/CVC2/CID in your authorization request:
INDICATOR 0 1 2 9 WHAT IT MEANS CVV2/CVC2/CID is not included in authorization request. CVV2/CVC2/CID is included in authorization request. Cardholder has stated that CVV2/CVC2/CID is illegible. Cardholder has stated that CVV2/CVC2/CID is not on the card.
• Evaluate the CVV2/CVC2/CID result code you receive with the transaction authorization, and take appropriate action based on all transaction characteristics.
CVV2 RESULT CODE M - Match N - No Match RECOMMENDED ACTION Complete the transaction, taking into account all other transaction characteristics and verification data. View a “No Match” response as a sign of potential fraud, which should be taken into account along with the authorization response and any other verification data. You may also want to resubmit the CVV2/CVC2/CID to ensure a key-entry error did not occur. Resubmit the authorization request. Follow up with the customer to verify that the correct card location has been checked for CVV2/CVC2/CID. Evaluate all available information and decide whether to proceed with the transaction or to investigate further.
P - CVV2* S - CVV2** U***
* request not processed ** should be on the card, but the cardholder has reported that it isn’t. *** card issuer does not support CVV2/CVC2/CID
3.7
BB& T M e rch a n t S e r vi ce s – L o s s P r e v e n t i o n
ADDRESS VERIFICATION SERVICE
To use the Address Verification Service (AVS), simply ask card-not-present customers for their billing address as it appears on their monthly statement. This information is then submitted with other transaction data for electronic authorization. Address verification and IMPORTANT authorization occur simultaneously — in a matter of seconds — and you will receive an AVS response code with the authorization.
!
You should evaluate the AVS response code and take appropriate action, based on all transaction IMPORTANT characteristics and any other verification information received with the authorization (expiration date, CVV2/CVC2/CID, etc.). An authorization response always takes precedence over AVS. Do not accept any transaction that has been declined, regardless of the AVS response.
! !
IMPORTANT
If you complete a transaction for which you received an authorization approval and an AVS response of “U” (unavailable), and the transaction is later charged back to you as fraudulent, BB&T Merchant Services may represent the item. U.S. Issuers must support AVS or lose their right to fraud chargebacks for card-not-present transactions.
AVS RESPONSE IMPORTANT X – Exact Match Y – Match
WHAT IT MEANS Address and nine-digit zip code match. Both street address and five-digit zip code match. Complete the transaction; you can be relatively confident it is legitimate. Street address matches, but zip code doesn’t. View as a sign of potential fraud. Depending on the transaction amount, you may decide to complete the transaction or investigate further to ensure it is valid. Zip code matches but the street address doesn’t. View as a sign of potential fraud. Depending on the transaction amount, you may decide to complete the transaction or investigate further to ensure it is valid. Street address and zip code don’t match. View as a sign of potential fraud and take further steps to validate the transaction. The Issuer’s system is not available, or the Issuer does not support AVS. The address cannot be verified at present. You must decide whether to accept or refuse the transaction, or investigate further. The Issuer’s system is not available; try again later. The Issuer’s system may not be working. You should resubmit your AVS request later. Evaluate all available information and decide whether to proceed with the transaction or to investigate further. Unless you sent only a zip code AVS request and it matched, you may want to follow up before shipping merchandise.
IMPORTANT
A – Partial Match
Z – Partial Match
N – No Match
U – Unavailable
R – Retry
IMPORTANT
U – Issuer does not support AVS
!
IMPORTANT Z – Partial Match
! !
IMPORTANT
For a zip code only request and P.O. Box address, Issuers may respond with either a “Y” (Exact Match), or a “Z” (Partial match-zip Code Matches).
B B &T Merchant Se r v ic e s – Los s P reven t i on
3.8
IMPORTANT
Suspicious Transactions
Card-not-present merchants should develop in-house policies and procedures for handling irregular or suspicious transactions and provide appropriate training for their sales associates. Being able to recognize suspicious orders may be particularly important for merchants involved in telephone sales, and employees should be given clear instructions on the steps to take to verify these transactions. Your sales employees should be on the lookout for any of the following signs of suspicious customer behavior: • Hesitation: Beware of customers who hesitate or seem uncertain when giving you personal information, such as a zip code or the spelling of a street or family name. This is often a sign that the person is using a false identity. • Rush orders: Urgent requests for quick or overnight delivery — the customer who “needs it yesterday”— should be another red flag for possible fraud. While often perfectly valid, rush orders are one of the common characteristics of “hit and run” fraud schemes aimed at obtaining merchandise for quick resale. • Random orders: Watch out also for customers who don’t seem to care if a particular item is out of stock —“You don’t have it in red? What colors do you have?”— or who order haphazardly —“I’ll take one of everything!” Again, orders of this kind may be intended for resale rather than personal use. • Suspicious shipping address: Scrutinize and flag any order with a ship to address that is different from the billing address on the cardholder’s account. – Requests to ship merchandise to post office boxes or an office address are often associated with fraud. – Keep lists of zip codes where high fraud rates are common and verify any order that has a ship-to address in these areas. – If your business does not typically service foreign customers, use caution when shipping to addresses outside the United States, particularly if you are dealing with a new customer or a very large order. – Requests to wire funds to pay shipping costs are often associated with fraud. – Requests to provide cash back for any credit card transaction are often associated with fraud. In examining what appears to be an unusual order, keep in mind that if the sale sounds too good to be true, it probably is. Merchants should NEVER provide cash back to a cardholder when processing a credit card transaction, as this is prohibited by the credit card associations. Also, please be aware of a growing problem impacting merchants across the country. Merchants have received telephone and fax orders, often originating in foreign countries, attempting to purchase goods and services. The cardholder requests that the merchant wire back to them a part of the credit transaction for various reasons, i.e. shipping charges by a carrier of their choice, or for other arrangements they prefer to make rather than follow the normal merchant business practices. These orders often include fraudulent Visa, MasterCard, and Discover Network numbers for payment, which have led to high volumes of chargebacks and significant merchant losses. These fraudulent schemes particularly target businesses that do not usually handle mail or telephone transactions. Please use caution with any orders received from unusual sources. You must know for certain that you are dealing with the authorized user of the card that is being offered. Never provide cash back to the cardholder under any circumstances.
3.9
BB& T M e rch a n t S e r vi ce s – L o s s P r e v e n t i o n
UNDERSTANDING AND AVOIDING CHARGEBACKS
A chargeback is a transaction that an Issuer returns to BB&T Merchant Services — and most often, to the merchant — as a financial liability. In essence, it reverses a sales transaction, as follows: • The card issuer subtracts the transaction dollar amount from the cardholder’s credit card account. The cardholder receives a credit and is no longer financially responsible for the dollar amount of the transaction. • The card issuer debits BB&T Merchant Services for the dollar amount of the transaction. • BB&T Merchant Services may deduct the transaction dollar amount from the merchant’s account. The merchant may lose the dollar amount of the transaction.
IMPORTANT
!
IMPORTANT For merchants, chargebacks can be costly. You can lose both the dollar amount of the transaction being charged back and the related merchandise. You also incur your own internal costs for processing the chargeback.
! !
IMPORTANT
Your merchant account is debited the same day the chargeback notification is mailed.
Why Chargebacks Occur IMPORTANT
The most common reasons for chargebacks include: • Customer disputes •IMPORTANT Fraud • Processing errors • Authorization issues • Nonfulfillment of copy requests (only if fraud or illegible) Although you cannot avoid the occurrence of chargebacks completely, you can take steps to reduce or prevent them. Many chargebacks result from easily avoidable mistakes, so the more you know about proper transaction-processing procedures, the less likely you will be to inadvertently do or fail to do something that might result in a chargeback. Of course, chargebacks are not always the result of something merchants did or did not do. Errors are also made by merchant banks, card issuers, and cardholders.
Avoiding Chargebacks
Most chargebacks can be attributed to improper transaction-processing procedures and can be prevented with appropriate training and attention to detail. The following best practices will help you minimize chargebacks.
B B &T Merchant Se r v ic e s – Los s P reven t i on
3.10
Chargeback Remedies
Even when you do receive a chargeback, you may be able to resolve it without losing the sale. Simply provide BB&T Merchant Services with additional information about the transaction or the actions you have taken related to it. For example, you might receive a chargeback because the cardholder is claiming that credit has not been given for returned merchandise. You may be able to resolve the issue by providing proof that you submitted the credit on a specific date. Send this information to BB&T Merchant Services in a timely manner. The key in this and similar situations is always to send BB&T Merchant Services as much information as possible to help remedy the chargeback. With appropriate information, BB&T may be able to resubmit, or “re-present,” the item to the card issuer for payment. Timeliness is also essential when attempting to remedy a chargeback. Each step in the chargeback cycle has a defined time limit during which action can be taken. If you do not respond during the time specified on the request— which may vary depending on Card Association rules— BB&T will not be able to remedy the chargeback. Although many chargebacks are resolved so that the merchant does not lose the sale, some cannot be remedied. In such cases, accepting the chargeback may save you the time and expense of needlessly contesting it.
Point of Sale
• Declined Authorization. Do not complete a transaction if the authorization request was declined. Do not repeat the authorization request after receiving a decline; ask for another form of payment. • Transaction Amount. Do not estimate transaction amounts. For example, restaurant merchants should authorize transactions only for the known amount on the check; they should not add on a tip. • Referrals. If you receive a “Call” message in response to an authorization request, do not accept the transaction until you have called the authorization center. In such instances, be prepared to answer questions. The operator may ask to speak with the cardholder. If the transaction is approved, write the authorization code on the sales receipt. If declined, ask the cardholder for another form of payment. • Expired Card. Do not accept a card after its “Good Thru” or “Valid Thru” date unless you obtain an authorization approval for the transaction. • Card Imprint for Key-Entered Card-Present Transactions. If you must key-enter a transaction to complete a card-present sale, make an imprint of the front of the card on the sales receipt, using a manual imprinter. Even if the transaction is authorized and the cardholder signs the receipt, the transaction may be charged back to you if the receipt does not have an imprint of the embossed account number and expiration date. • Cardholder Signature. The cardholder’s signature is required for all card-present transactions. Failure to obtain the cardholder’s signature could result in a chargeback if the cardholder later denies authorizing or participating in the transaction. When checking the signature, always compare the first letter and spelling of the surname on the sales receipt with the signature on the card. If they are not the same, ask for additional identification or make a Code 10 call.
3.11
BB& T M e rch a n t S e r vi ce s – L o s s P r e v e n t i o n
• Digitized Cardholder Signature. Some cards have a digitized cardholder signature on the front of the card, in addition to the hand-written signature on the signature panel on the back. However, checking the digitized signature is not sufficient for completing a transaction. Sales staff must always compare the customer’s signature on the sales receipt with the hand-written signature in the signature panel. • Fraudulent Card-Present Transaction. If the cardholder is present and has the account number but not the card, do not accept the transaction. Even with an authorization approval, the transaction can be charged back to you if it turns out to be fraudulent. • Legibility. Ensure that the transaction information on the sales receipt is complete, accurate, and legible before completing the sale. An illegible receipt, or a receipt that produces an illegible copy, may be returned because it cannot be processed properly. The growing use of electronic scanning devices for the electronic transmission of copies of sales receipts makes it imperative that the item being scanned be very legible.
Avoid Illegible Transaction Receipts
Ensuring legibility of transaction receipts is key to minimizing copy requests and chargebacks. When responding to a copy request, you will usually photocopy or scan the transaction receipt before mailing or electronically sending it to BB&T Merchant Services. If the receipt is not legible to begin with, the copy that the bank receives and then sends to the card issuer may not be useful in resolving the cardholder’s question. If this occurs, the transaction may be returned to you as a chargeback for an illegible copy. At this point, unless you can improve the readability of the transaction receipt, you may end up taking a loss on the transaction. The following best practices are recommended to help avoid illegible transaction receipts. • Change point-of-sale printer cartridge routinely. Faded, barely visible ink on transaction receipts is the top cause of illegible receipt copies. Check readability on all printers daily, and make sure the printing is clear and dark on every sales draft. • Change point-of-sale printer paper when the colored streak first appears. The colored streak down the center or the edges of printer paper indicates the end of the paper roll. It also diminishes the legibility of transaction information. • Keep the white copy of the transaction receipt. If your transaction receipts include a white original and a colored copy, always give customers the colored copy of the receipt. Since colored paper does not photocopy as clearly as white paper, it often results in illegible copies. • Handle carbon-backed, silver-backed, or carbonless paper carefully. Silver-backed paper appears black when copied. Any pressure on carbon backed or carbonless paper during handling and storage causes black blotches, making copies illegible.
B B &T Merchant Se r v ic e s – Los s P reven t i on
3.12
Sales-Receipt Processing
• One Entry for Each Transaction. Ensure that transactions are entered into point-of-sale terminals only once and are deposited only once. You may get a chargeback for duplicate transactions if you: – Enter the same transaction into a terminal more than once – Process the same transaction with more than one merchant bank • Voiding Incorrect or Duplicate Sales Receipts. Ensure that incorrect or duplicate sales receipts are voided and that transactions are processed only once. • Close your Batches as quickly as possible, preferably within 24 hours of the transaction date; do not hold on to them. • Process credit transactions as quickly as possible. • Ship Merchandise Before Processing Transaction. For card-not-present transactions, do not process the transactions until you have shipped the related merchandise. If customers see a transaction on their monthly card statement before they receive the merchandise, they may contact their Issuer to dispute the billing. Similarly, if delivery is delayed on a card-present transaction, do not deposit the sales receipt until the merchandise has been shipped. • Requests for Cancellation of Recurring Transactions. If a customer requests cancellation of a transaction that is billed periodically (monthly, quarterly, or annually), cancel the transaction immediately or as specified by the customer. As a service to the customer, advise the customer in writing that the service, subscription, or membership has been cancelled and state the effective date of the cancellation. • Disclosing Refund, Return, or Service Cancellation Policies. If your business has policies regarding merchandise returns, refunds, or service cancellations, these policies must be disclosed to the cardholder at the time of the transaction. Your policies should IMPORTANT be pre-printed on your sales receipts, if not, write or stamp your refund or return policy information on the sales receipt near the customer signature line before the customer signs (be sure the information is clearly legible on all copies of the sales receipt). Failure to disclose your refund and return policies at the time of a transaction could result in a IMPORTANT dispute if the customer returns the merchandise.
!
! !
IMPORTANT
For questions regarding chargebacks or sales receipt requests, please call 1-877-672-4228, option 3.
IMPORTANT
IMPORTANT
3.13
BB& T M e rch a n t S e r vi ce s – L o s s P r e v e n t i o n
PAYMENT CARD INDUSTRY DATA SECURITY STANDARDS
Requirements for Protecting Transaction Data Combating fraud is the shared responsibility of all parties involved in payment card transactions. Visa, MasterCard and Discover Network are reaching out to merchants, acquirers and other partners to minimize risk and share requirements for safeguarding transaction data. Below are the 12 requirements included in the Payment Card Industry Data Security Standard (PCI DSS). The PCI DSS can be viewed in its entirety at www.mastercard.com/us/sdp or www.visa.com/cisp, http://discover networ k.com/fr audsecur ity/disc .html/ or www.pcisecuritystandards.org. Compliance with the PCI DSS helps preserve the integrity of the payments system and maintains consumer confidence. Depending on your processing methodand type of business, BB&T may require you to engage with a PCI SSC Qualified Security Assessor (QSA) or Approved Scanning Vendor (ASV) and receive PCI compliance certification. Any merchant or service provider that stores, processes, or transmits cardholder information must comply with these standards. All eligible merchants and service providers, regardless of size (or in the case of service providers, whether they support issuing or merchant activity) must comply with the 12 basic requirements outlined below. 1. Install and maintain a firewall configuration to protect data. Firewalls are computer software devices that control traffic in the company’s network. This includes unauthorized access from the Internet, as well as access to sensitive areas from the company’s internal network. 2. Avoid vendor-supplied defaults for system passwords. Hackers attempt to identify these passwords and settings, and use them to compromise systems. You should always change these defaults before installing a system on the network. 3. Protect stored transaction data. Keep transaction storage to a minimum and never store sensitive authentication data after authorization. Take precautions to make stored transaction data unreadable through encryption or some other secure and robust approach. 4. Encrypt transaction data when transferred over networks. Sensitive information should always be encrypted during transmission over wireless networks or the Internet, as it is often easy to divert or intercept data while in transit. Never send encrypted transaction information via E-mail. 5. Utilize anti-virus software or programs. Install these mechanisms on all systems that can be affected by viruses and ensure that these systems are current, running, and capable of generating audit logs. 6. Develop and maintain secure systems and applications. As a participating merchant or service provider, you must ensure that all components have the latest vendor security and software patches to protect against external hackers and viruses. Develop standard system development processes and secure coding techniques.
B B&T Me rchant Ser v ic e s – Da t a Sec u ri t y /C om pl i a n c e
4.1
7. Restrict access to data. Limit access to resources and cardholder information to employees who need access to the information to do their jobs and limit access only to what is needed. Establish a mechanism for systems with multiple users that restrict access based on an individual’s need to know. 8. Assign a unique username and password to each person with computer access to transaction data. This allows for all actions taken on the system to be identified and tracked.Take necessary precautions to protect user identification and immediately revoke access by terminated users. 9. Restrict physical access to transaction data. Use appropriate facility entry controls and monitor access. Develop procedures to help personnel easily distinguish between employees and others. Destroy media containing transaction information when it is no longer needed. 10. Track and monitor access to network resources and transaction data. Logging mechanisms and tracking user activity is critical to uncovering unauthorized and illegal activity. 11. Regularly test security systems and processes. New vulnerabilities are continually being discovered. Consistent testing ensures security maintenance. 12. Maintain an information security policy. A strong security policy sets the security tone for the entire company.
Data Security Frequently Asked Questions (FAQs)
Below are answers to frequently asked questions about how to best store, secure and share cardholder information to protect against many forms of fraud. We encourage you to share this information with your partners in the merchant community. Q. Where do I find the payment industry requirements for account data security? A. The Payment Card Industry Data Security (PCI DSS) is available on any of the following websites: the Visa website at www.visa.com/cisp, the MasterCard website at www.mastercard.com/us/sdp, the Discover Network at http://discovernetwork.com/fraudsecurity/disc.html or the PCI Security Standards Council website at www.pcisecuritystandards.org. This standard was developed jointly by MasterCard,Visa and Discover Network and has been endorsed by other payment brands. Q. What transaction information can be stored, and what cannot? A. Once the authorization process is complete, only specific information should be retained. Merchants and third-party agents may securely store the cardholder name, account number, expiration date but should destroy all other transaction information after the Authorization Request Response message is received. This includes discretionary cardread data, CVC2/CVV2 data, PIN data, and address verification service (AVS) data. Failure to adhere to this standard will result in significant fines and termination of your account.
4.2
B B & T M e rch a n t S e r vi ce s – D a t a S e c u r i t y / Co m p l i a n c e
Q. Where can transaction information be stored? A. As stated in the PCI DSS, all systems and media containing transaction data must be protected in a secure environment to which access is controlled and limited to selected personnel. Merchants must establish procedures that control all means of access and use a password system to maximize the security of their transaction and cardholder information. REMEMBER: IF YOU DON’T NEED IT, DON’T STORE IT. Q. Do data storage requirements apply to third-party agents? A. Yes. The PCI DSS applies to anyone who stores, processes or transmits payment data, including members, merchants and third parties. Third-party agents include Web hosting companies, payment gateways, terminal drivers, software providers and processors. The merchant must inform its bankcard acquirer of its third-party agents – terminal and software vendors, anyone providing transaction processing, sorting or other services – and ensure that these agents adhere to all applicable data security standards. Q. Does the PCI DSS apply to all merchants or only to online merchants? A. PCI DSS is mandatory for all merchants, third party agents, and service providers. Q. Who should assess and regulate security in merchant systems and networks? A. According to Visa, MasterCard and Discover Network mandates, and depending on the size of a business, merchants may be required to take steps necessary to validate compliance. These steps mayI nclude: an annual onsite audit, quarterly network scan and/ or an annual self-assessment questionnaire (SAQ). For merchants, onsite audits may be conducted by qualifiedonsite assessors or by the merchant’s qualified and authorized staff. Qualified scanningvendors must conduct network scans, and the merchant’s internal staff is responsible for completing the SAQ. All PCI compliance validation requirements are listed on the following websites: www.mastercard.com/us/sdp, www.visa.com/cisp, http://discovernetwork.com/fraudsecurity/disc.html, www.pcisecuritystandards.org Visa, MasterCard and Discover Network are reaching out to merchants, acquirers and their partners to share and publicize these requirements and best practices, and thereby help protect transaction and cardholder information. These policies help to safeguard the entire payments industryand maintain consumer confidence. BB&T Merchant Services strives to be a trusted business partner to you and your customers. Merchants who are interested in learning more about this initiative can log onto www.mastercard.com/us/sdp, www.visa.com/cisp, http://discovernetwork.com/fraudsecurity/disc.html or www.pcisecuritystandards.org
B B&T Merchant Se r v ic e s – Da t a Sec u ri t y /C om pl i a n c e
4.3
IF YOU HAVE A SECURITY BREACH
If you experience a suspected or confirmed security breach, you should: • Immediately contain and limit the exposure. To prevent any further loss of data, conduct a thorough investigation of the suspected or confirmed loss or theft of account information within 24 hours of the compromise. – Do not access or alter compromised systems. Do not log on to the machine or change passwords. – Do not turn off the compromised machine. Instead, isolate compromised systems from the network by unplugging their cables. – Preserve logs and electronic evidence. – Log all actions taken. – If using a wireless network, change the service set identifier (SSID) — or network name — on the access point (AP) and on other machines that may be using this connection (with the exception of any systems believed to be compromised). – Be on HIGH alert and monitor all payment systems. • Alert all necessary parties. Be sure to contact: – Your internal information security group, incident response team and legal department – Your merchant bank : BB&T Merchant Services at 1-877-672-4228. Contact must be made immediately and no later than 24 hours after discovery of a suspected breach. BB&T will follow up with you to discuss the compromise and review the action required to demonstrate the ability to prevent future loss or theft of transaction information. Provide all compromised accounts to your BB&T Merchant Services within 10 business days. All potentially compromised accounts must be provided and transmitted as instructed by your merchant bank and card associations. The card associations will distribute the compromised account numbers to Issuers and ensure the confidentiality of entity and nonpublic information. Within 3 business days of the reported compromise, provide an Incident Report document to BB&T Merchant Services.
4.4
B B & T M e rch a n t S e r vi ce s – D a t a S e c u r i t y / Co m p l i a n c e
MERCHANT WEBSITE REQUIREMENTS
Note: Merchants must notify BB&T Merchant Services prior to establishing a website and accepting payment transactions online. The Card Associations require that you include certain content or features on your website. These elements are intended to promote ease of use for online shoppers and reduce cardholder disputes and potential chargebacks. • Complete description of goods and services. Remember you have a global market, which increases opportunities for unintended misunderstandings or miscommunications. For example, if you sell electrical goods, be sure to state voltage requirements, which vary around the world. • Customer service contact information, including e-mail address or phone number. Online communication may not always be the most time-efficient or user-friendly for some customers. Including a customer service telephone number as well as email address promotes customer satisfaction. • Return, refund, and cancellation policy. This policy must be clearly posted. (See Disclosure for Card-Not-Present Merchants on page 3.5.) • Delivery policy. Merchants set their own policies about delivery of goods; that is, if they have any geographic or other restrictions on where or under what circumstances they provide delivery. Any restrictions on delivery must be clearly stated on the website. • Country of origin. You must disclose the permanent address of your establishment on the website. • Export restrictions (if known).
M E R CH A NT
Merchants cannot convert transaction amounts into a different currency. Equivalent amounts in other currencies may be shown, but they must be clearly labeled as being listed for information only.
TIP
Best Practices for the Web
Suggested best practices for merchant websites include: • Privacy statements. • Information on when credit cards are charged. You should not bill the customer until merchandise has been shipped. • Order-fulfillment information. State timeframes for order processing and send an email confirmation and order summary within one business day of the original order. Provide up-to-date stock information if an item is back-ordered. • Customer service timeframes. Ideally, customer service emails or phone calls should be answered within two business days. • A statement on website regarding security controls used to protect customers. • A statement encouraging cardholders to retain a copy of the transaction.
B B&T Merchant Se r v ic e s – Da t a Sec u ri t y /C om pl i a n c e
4.5
BB&T Merchant Connection® Web Based Reporting
Through BB&T Merchant Connection, you have immediate access to everything you need to know about your account 24 hours a day.
ONLINE CONVENIENCE
All you need is a computer with the minimum operating requirements* and access to the Web. No special skills are needed. No more waiting for your monthly merchant statement to arrive in the mail. The information is at your fingertips for instant access.
*Minimum operating system requirements are: Internet Explorer 6.0 sp2 or higher; Adobe Reader version 8.0 or higher; Adobe Flash Player version 9 or higher; Pop-up windows should be allowed to pop-up and not be forced into a new window/ tab or blocked from view. If a pop-up blocker is enabled on your browser, the pop-up blocker needs to allow pop-up windows for www.mreports.com.
Start Using the Speed of the Internet Right Away
Take a moment to look over the features on the following pages, then log on to see how these powerful advantages can save you time and help you more efficiently run your business. • Perform sales volume comparisons and analyze potential merchant fraud. • Monitor batches for high risk transaction activity. • Report features include flexible date ranges, long-term storage, data files and chain reports. • Download report data for import into your accounting software.
Information Security
• All information is communicated through the web using SSL-encryption, the web standard. • Access requires use of a bank issued user ID and password.
Common Report Features
• Change the start and end dates for reports to view information by day, or rolled up by week, month, or any other date range. • Up to 30 months of historical data. • For businesses with multiple locations, use summary reports to see information for the business as a whole, as well as detailed reports for each individual location. • Click on underlined dollar amounts to see more information, or click on underlined column headings to list information in alpha or numeric order.
For more information: www.bbt.com/merchantservices
Everything You Need To Know 24 Hours A Day, 7 Days A Week
B B&T Merchant Se r v ic e s – C u s tom i z e You r Sol u ti on
5.1
CHECK SERVICES
With options available through BB&T Merchant Services, you can remove almost all of the uncertainties when accepting a paper check: • With Electronic Check, you convert paper checks into electronic funds transfers at the point of sale, and funds are moved electronically from consumer’s account to your account through the Automated Clearing House (ACH) network. • With Check Verification, you take advantage of a verification system at the point of sale to identify potential check fraud and habitual bad check writers before you accept a check. Or you can choose to have us guarantee payment. These services allow you to reduce losses due to check fraud and non-sufficient funds, shorten the time required for checks to clear, and please your customers by continuing to offer the option of paying by check.
Electronic Check Conversion Options
You may choose from two options in the conversion process: • Conversion Only – Paper checks are converted at the point of sale with account verification. A third-party processor will determine the probability that the check will be paid. The risk of loss remains with you. • Conversion With Guarantee – A guarantor ensures that you receive payment for the check.
Check Verification
If you prefer a more traditional approach to accepting payment by check, our Check Verification service allows you to reduce the acceptance of NSFs while continuing to deposit checks at your bank. The process is transparent to your customers.
Check Verification Options
You can choose from two options in the verification process: • Verification Only – Checks are verified at the point of sale against national databases to identify habitual bad check writers or the potential for check fraud. • Verification With Guarantee – BB&T guarantees that you will be reimbursed in full for most returned checks. Payroll checks, third-party checks, and money orders are among the few items not eligible for the program.
5.2
BB& T M e rch a n t S e r vi ce s – Cu s t o m i z e Yo u r S o l u t i o n
Benefits to You
The Check Verification program provides you with greater confidence in the checks you accept, while contributing to a smooth sales transaction at the point of sale. Other benefits include: • Reduced exposure to fraud • Smoother and faster checkout for customers • Reduced losses from non-sufficient funds • Improved efficiency resulting from fewer returned checks and collections (verification with guarantee option) • Uninterrupted cash flow (verification with guarantee option)
For details, talk with your BB&T Merchant Sales Consultant, or call 1-877-MRCHBBT (672-4228).
BB&T Merchant Services is a division of BB&T Financial, FSB, a subsidiary of BB&T Corporation. Member FDIC.
B B&T Me rchant Ser v ic e s – C u s t om i ze You r Sol u ti on
5.3
GIFT CARDS
Whether you’re a small merchant or a large chain, you know you can take advantage of the efficiency and profitability of gift cards. They are among the fastest growing merchant products ever introduced, with more than 115 billion cards issued and growth above 20 percent annually. These pre-paid cards carry your business’ name.They allow your customers to determine the value they want to store on the card and the ability to pay by credit card, check or cash. Card buyers are making a commitment to purchase from you before they select the products or services you offer. You may also use the card to provide extra convenience to your frequent buyers or recognize and reward preferred customers. The gift card program can be used for special sales and promotions and is a great tool to attract new customers.
Ring up the Benefits
Greater brand awareness. Increased sales. Improved customer loyalty. Your store-branded card delivers these benefits…and more. You keep the full cash value of stored value card sales in your store. Customers tend to be less price sensitive, which means the cards actually generate additional sales. Stored value cards also represent a great promotional tool for you. The cards are an everpresent reminder of your business.They bring customers back frequently so that you become their shopping destination.
Ease of Use
The stored value system flows smoothly for customers and merchants. Cards are easy to purchase and use. Activation, sales, and balance inquiries all occur in real time between your point of sale terminal and our processing center. The transaction is fulfilled, data is captured, and a response is transmitted back to your terminal where paper receipts – including the card balance – can be generated for you and your customer. Look to BB&T to provide a full range of support in implementing your stored value card program. Turnkey marketing and promotional materials, such as counter displays, posters, and table tents, are available. You can choose the program that matches your size and needs, or we’ll customize a program just for you – all on an accelerated schedule that usually can have your program ready to roll out in just a few days. And you’ll get ongoing support that is readily accessible through our help desk and Client Support Center. For details, talk with your BB&T Merchant Sales Consultant, or call 1-877-MRCHBBT (672-4228).
BB&T Merchant Services is a division of BB&T Financial, FSB, a subsidiary of BB&T Corporation. Member FDIC.
5.4
BB& T M e rch a n t S e r vi ce s – Cu s t o m i z e Yo u r S o l u t i o n
OTHER CARD TYPES
BB&T can customize your program to accept any and all major credit card payment options, including VISA, MasterCard, American Express, Discover Network, Wright Express, and Voyager plus purchasing cards, Electronic Benefits Transfer (EBT) cards, debit cards, and healthcare spending cards. Accepting other card types can increase your customers’ spending with you but understanding these different card types can be challenging. Almost everyone is familiar with Visa, MasterCard, American Express, and Discover, but what about other card types? Would accepting them increase your sales, customer loyalty, or bottom line? American Express Cards – These cards for both consumers and businesses have significantly grown in popularity over the last several years. As demand for acceptance of American Express cards grow, if you are not already, you may decide to accept these card types. BB&T Merchant Services can provide pricing and documentation to get you started. Wright Express and Voyager Fleet Cards – Fleet Cards are generally used by companies that have a “fleet” of vehicles used as a part of the business. Depending on where the card is used, the card will prompt for additional information in order to accept the transaction. As the popularity of fleet cards grows, demand for the acceptance of these cards will grow as well. Fleet cards can be accepted by both fuel and nonfuel merchants that have clients requesting fleet card acceptance. Most commonly, fleet cards are accepted at convenience stores, auto repair shops, car washes, and auto part stores. Commercial Cards – These cards, which are similar to fleet cards with their advanced reporting and additional prompts, are used by companies that prefer to use cards over checks for their low dollar purchases. By accepting MasterCard and VISA you will automatically be able to accept these cards; however, you may not be passing the additional data requested by this card type. Merchants performing a significant number of business-to-business transactions may receive requests to process commercial cards. Electronic Benefits Transfer (EBT) – EBT is a card program that allows recipients to authorize transfer of their government benefits from a Federal account to a merchant account to pay for products received. EBT is currently being used in many States to issue food stamps and other benefits. EBT cards are generally accepted at grocery stores and other retailers where government subsidized purchasing is allowed. Debit Cards – Although accepting VISA and MasterCard allows you to accept debit cards, you may choose to accept PIN-based debit, where the customer enters their PIN at the point of sale. This eliminates the customer’s signature and may reduce your cost. HealthCare Spending Cards – These cards have become increasingly popular as insurance providers look to save money and create efficiencies. HealthCare Spending Accounts (HSAs) and Flexible Spending Accounts (FSAs) are generally accepted at medical practices, pharmacies, and hospitals. (Special software may be required to meet IRS requirements.) No matter how your customers choose to pay, we’ll help make the process a positive experience. For details on accepting any of these card types call 1-877-MRCHBBT (672-4228).
BB&T Merchant Services is a division of BB&T Financial, FSB, a subsidiary of BB&T Corporation. Member FDIC. B B&T Merchant Se r v ic e s – C u s t om i zi n g You r Sol u t i on
5.5
BankCard Services
BB&T offers the versatile Visa Business Credit Card to business clients requiring a credit line less than $100,000 to meet their everyday business purchasing needs and Visa Commercial OneCard solutions to business clients requiring a credit line greater than $100,000 to meet their purchasing, corporate or fuel and business vehicle needs. These simplified choices replace cash, checks and personal credit cards - and are offered with no annual or per-card fee, 24/7 online account access and maintenance, as well as customized reports and individualized account statements. In addition, the Visa Liability Waiver Program and proactive fraud monitoring are included features.
The BB&T Visa Platinum Credit Card gives you convenient credit on a personal level for everyday items or special purchases. Accepted at over 32 million merchant locations worldwide, the BB&T Platinum Card comes with zero liability for unauthorized use and easy online account management with Credit Card Connection. And a low introductory rate, 25day grace period and optional BB&T Rewards Program add to the superior value that the BB&T Platinum Card offers. For complete details on BB&T ‘s Consumer and Commercial Credit Cards, please call 1-800-397-1253 or visit a local BB&T financial center.
BB&T credit cards are subject to credit approval and are issued by BB&T Financial, FSB, a subsidiary of BB&T Corporation. Member FDIC.
5.6
B B& T M e rch a n t S e r vi ce s – Cu s t o m i z i n g Yo u r S o l u t i o n
Glossary/Resources
Address Verification Service (AVS) A service that a mail/telephone order merchant can perform to verify that the street number and zip code that the cardholder provides the Merchant matches the address on file with the card- issuing bank. AVS is designed to reduce fraud. Account Number The payment card number (credit or debit) that identifies the issuer and the particular cardholder account. Acquirer A financial institution that initiates and maintains contractual agreements with merchants for the purpose of accepting and processing credit and debit card transactions (also: Card Acquirer, Financial Institution, Merchant Bank). Authentication The process of verifying identity of a subject or process. Authorization The process of validating with the card issuing institution that funds are available on the card at the time the authorization request is submitted by the merchant. Authorization Code A numerical code designated by the issuer, given at the time the transaction is approved by the card issuer. If the transaction is declined, the issuer will respond with a “decline” response. The code is always included on the electronically printed sales receipt. If a manual sales draft needs to be created by the merchant, the original approval code must be included on this draft. Batch Processing The authorization of transactions offline when immediate approval is not required. Transactions are collected in a batch and sent as one transmission for authorization and/or settlement. Batch processing is generally used with mail/telephone order transactions. Card-Not-Present A type of card transaction in which the card is not present at the point of sale for the magnetic stripe to be read. These are considered higher risk transactions. Card-Validation Code The three-digit value printed on the signature panel of a payment card used to verify card-not-present transactions. On a MasterCard payment card this is called CVC2. On a Visa payment card this is called CVV2. Cardholder The customer to whom a card has been issued or the individual authorized to use the card.
B B&T Merchant Se r v ic e s – G l os s a r y / R es ou rc es
Cardholder Data All personally identifiable data about the cardholder and relationship to the Member (i.e., account number, expiration date, data provided by the Member, other electronic data gathered by the merchant/ agent, and so on). This term also accounts for other personal insights gathered about the cardholder (i.e., addresses, telephone numbers, and so on). Chargeback A bankcard transaction disputed by a cardholder. The dispute is sent from the cardholder’s issuing bank to the merchant’s bank for review. Check Guarantee A service that guarantees check payment to a merchant up to a specified amount. However, merchants are required to perform correct authorization procedures. Check Verification A service that provides merchants with some security against bad checks. The person writing the check is matched against a national negative file database to flag outstanding or bad checks on record from other members of this service. Compromise An intrusion into a computer system where unauthorized disclosure, modification, or destruction of cardholder data may have occurred. Consumer Individual purchasing goods and /or services. DBA Doing Business As. Compliance validation levels are based on the transaction volume of a DBA or chain of stores (not of a corporation that owns several chains). Dial-Up Terminal An authorized terminal that uses a telephone line to communicate with the authorization center. Discount Rate The fee charged by the merchant financial institution to the merchant for services rendered in connection with processing card sales transactions. EBT Electronic Benefits Transfer - The automation of government benefits through electronic authorization, data capture and settlement processes. Plastic cards with magnetic stripes are used, eliminating paper benefits and coupon distribution. ECR Electronic Cash Register - A cash register that also emulates a point-of-sale terminal for processing credit card transactions.
6.1
EDC Electronic Draft Capture – The use of a point-of-sale device to authorize and settle credit card transactions. EFT Electronic Funds Transfer – An electronic system that automatically moves funds, e.g., an ATM withdrawal or pay-by-phone transaction. Firewall Hardware and/or software that protect the resources of one network from users from other networks. Typically, an enterprise with an intranet that allows its workers access to the wider Internet must have a firewall to prevent outsiders from accessing its own private data resources. Force-post The process by which a voice-authorized transaction is key-entered to be settled electronically with a batch of transactions. Also know as a post-auth. Gateway Manages the electronic connection between consumers and their financial institutions and transmits data. Gift Card A reusable, stored-value card that enables merchants to have an electronic alternative to paper gift certificates. Host The main hardware on which software is resident. Imprinter A device used to imprint embossed card information onto a sales draft for payment card transactions. An imprinter is used if the card is present and the POS device cannot read the contents of the magnetic stripe. Information Security Protection of information for confidentiality, integrity and availability. Interchange Fee A fee that acquiring banks must pay issuing banks to offset the issuer’s cost of funds and processing expenses. IP address An IP address is a numeric code that uniquely identifies a particular computer on the Internet. Magnetic Stripe A panel located on the back of a payment card containing magnetically encoded cardholder account information.
Magnetic Stripe Data (Track Data) Data encoded in the magnetic stripe used for authorization during a card present transaction. Entities may not retain full magnetic stripe data subsequent to transaction authorization. Specifically, subsequent to authorization, service codes, discretionary data/CVV, CVC and MasterCard/Visa reserved values must be purged; however, account number, expiration date, and name may be extracted and retained. Magnetic Stripe Reader A point-of-sale device that reads the encoded information from the magnetic stripe when the card is passed through the reader. Readers may read Track Two, which contains the cardholder account number and expiration date, or both Track Two and Track One, which contains the cardholder name. Network A network is two or more computers connected to each other so they can share resources. Offline Debit Debit transaction that occurs when a Visa/MasterCard check card is authorized through the credit card system and the amount is debited from the cardholder’s checking (DDA) account. Offline Transaction A transaction that is authorized through a voice authorization and later keyed into a POS terminal prior to settlement. Password A string of characters that serve as an authenticator of the user. PIN Personal Identification Number – A numeric code used as verification to complete a transaction via a payment card. The number is entered in to a keypad and is encrypted to travel along with the authorization. POS Point of Sale – The location in which a payment card transaction occurs, usually by way of a device such as a credit card terminal or cash register. POS Terminal A terminal at the point of sale, connected via telecommunication lines to a central computer. Authorization, recording, and transmission of electronic transactions are performed through the terminal. Private Label Card A card issued by a merchant that can only be used in the issuing merchant’s business. An example would be a department store credit card.
6.2
BB& T M e rch a n t S e r vi ce s – G l o s s a r y/ R e s o u r c e s
Reason Code A two-digit code identifying the reason a chargeback was initiated. Re-authorization (re-auth, add auth) To request an additional amount to be authorized on an existing transaction. Used in the lodging industry when the original authorization is not sufficient to cover the charges. Recurring Transaction A transaction charged to a cardholder’s account (with prior permission) on a periodic basis for recurring goods and services, i.e., health club memberships. Refund A refund occurs when the merchant rebates all, or a portion, of an original transaction amount to the cardholder. Refunds are made to the same card that was used for the original transaction. Retail Transaction A face-to-face transaction in which the cardholder presents a card to the merchant to pay for goods or services. Reversal When an acquirer successfully represents a chargeback to the issuer, the chargeback is reversed and the funds are returned to the merchant. Sensitive Cardholder Data Data whose unauthorized disclosure may be used in fraudulent transactions. It includes, the account number, magnetic stripe data, CVC2/CVV2 and expiration date. Settlement The process in which a merchant transmits batches of transactions to the acquirer. In interchange, it is the process by which acquirers and issuers exchange financial data resulting from sales transactions, cash advances, merchandise credits, etc.
Split Dial The capability of a card terminal to dial different telephone numbers to obtain an authorization or settlement of different card types. SSL An established industry standard that encrypts the channel between a web browser and Web server to ensure the privacy and reliability of data transmitted over this channel. T&E Cas Cards that are developed for and used primarily in travel-related services. Track One Track One information, stored on the magnetic stripe on the back of a card, has the cardholder’s name in addition to the account number and expiration date stored in it. Track Two Track Two information, stored on the magnetic stripe on the back of a card, has the account number and expiration date. Transaction Data Data related to an electronic payment. Truncation The practice of removing a data segment. Commonly, when account numbers are truncated, the first 12 digits are deleted, leaving only the last 4 digits. VAR Value Added Reseller - A third party that certifies its software to be used on a processor’s system. Voice Authorization Transactions authorized by a voice operator. Voice-approved transactions must be “forced” into a terminal batch for settlement.
B B&T Merchant Se r v ic e s – G l os s a r y / R es ou rc es
6.3
Resources
BB&T website: www.BBT.com BB&T Merchant Services website: www.BBT.com/merchantservices BB&T Client Support 1-877-672-4228 Monday – Friday, 8:30 a.m. – 9:00 p.m. (ET) Visa http://usa.visa.com/merchants/index.html Visit this site for information on: • Visa policies and procedures • Visa marketing materials, stickers, tip trays, check presenters, etc. Visa Fulfillment 1-800-VISA-311 (1-800-847-2311) MasterCard www.mastercard.com/us/merchant Visit this site for information on: • MasterCard acceptance policies • Services provided by MasterCard • MasterCard marketing materials such as stickers, tip trays, check presenters, etc. MasterCard Fulfillment 1-800-622-7747 Discover Network http://www.discovernetwork.com/clientsupport/signage.html Visit this site for Discover Network marketing materials http://www.discovernetwork.com/getstarted/merchant/merchant.html Visit this site for Discover Network policies and procedures Data Security Related Sites www.visa.com/cisp www.mastercard.com/us/sdp http://discovernetwork.com/fraudsecurity/disc.html www.pcisecuritystandards.org
6.4
BB& T M e rch a n t S e r vi ce s – G l o s s a r y / R e s o u r c e s
BBT.com
C0036450000 5/1/09
Reference Kit
I M P O R TA N T I N F O R M AT I O N ENCLOSED
Welcome to BB&T Merchant Services
Thank you for choosing BB&T as your Merchant Services provider. BB&T has been providing payment processing solutions to businesses like yours for more than 35 years and has been consistently ranked as one of the top small-business-friendly banks in the nation. We look forward to servicing your credit card acceptance needs with a host of products and services that will help your business increase sales and customer loyalty. As a BB&T Merchant Services client, you can be confident that BB&T will provide you with resources and tools to help you grow your business more effectively. This Reference Kit has been designed to help you get started as well as to identify potential fraud, reduce chargebacks, ensure compliance, and provide tips for easier processing. These valuable tips and strategies were developed to help make accepting cards simple and safe. We hope you find it useful. If you have questions regarding your account, please contact the Merchant Client Support Center at 1-877-MRCHBBT (672-4228). Our hours of operation are 8:30 a.m. - 9:00 p.m. Monday through Friday. Again, thank you for choosing BB&T.
The information in this packet includes summaries of certain requirements imposed as of May 2009 by BB&T, the Card Associations and applicable law relating to merchant acceptance and processing of credit and debit card transactions. This packet is not meant to be a detailed description or a complete listing of all these requirements or of your obligations. We urge you to read your merchant agreement with us, the rules and regulations of the Card Associations and applicable law in order to understand fully all of your obligations as a merchant accepting card transactions and, if appropriate, consult with your own legal advisor. We also note that these requirements may change over time, and that you will be responsible for complying with any such changes as they come into effect. BB&T Merchant Services is a division of BB&T Financial, FSB, a subsidiary of BB&T Corporation. Member FDIC.
BB&T Merchan t S e r v ic e s – Wel c om e
BB&T Merchant Services Reference Guide
TABLE OF CONTENTS
Getting Started
Client Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1.1 Clients Using Terminals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1.2 Clients Using Software or Payment Gateways . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1.3 Clients Using DialPay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1.3
Daily Processing
Card Acceptance Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.1 Card Processing Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.3 Key- Entered Transactions/Obtaining Manual Imprints . . . . . . . . . . . . . . . . . . . . . . . . 2.4 Understanding Interchange/Minimizing Processing Costs . . . . . . . . . . . . . . . . . . . . . . 2.8 Your Merchant Statement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.12 Maintaining Your Account . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.15 If Your Terminal Breaks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.15
Loss Prevention
Card Identification Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.1 Code 10 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.5 Fraud Prevention Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3.6 CVV2/CVC2 Processing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3.6 Address Verification Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3.8 Understanding and Avoiding Chargebacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3.10
Data Security/Compliance
Payment Card Industry Data Security Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4.1 If You Have a Security Breach . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4.4 Merchant Website Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4.5
Customize Your Solution
BB&T Merchant Connection Web Based Reporting . . . . . . . . . . . . . . . . . . . . . . . . . 5.1 Check Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.2 Gift Cards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.4 Other Card Types (AMEX, PCARD, WEX) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.5 BB&T Bankcards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5.6
Glossary/Resources
Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6.1 Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6.4
BB&T Merchan t S e r v ic e s – Ta bl e of C on ten ts
CLIENTS SUPPORT
1-877-MRCHBBT • 1-877-672-4228 Menu Options
• If you are experiencing terminal or printer malfunction or terminal error messages, or if you need assistance with terminal operation, Press 1 to access the technical help desk. • Please choose the technical help desk that supports your terminal. - - - - - For TSYS Acquiring Solutions (formerly Vital), Press 1. For Global, Press 2. For Paymentech Press 3. For NDC, Press 4. If you do not know your technical support provider, Press 0 for BB&T Client Support.
• For supplies, Press 2. • For retrieval requests or for inquiries about a chargeback you recently received, Press 3. • To speak with a BB&T Client Support representative regarding your BB&T Merchant Services account, Press 0. Our office hours are 8:30 a.m. – 9:00 p.m. (ET), Monday through Friday. • Technical and terminal support is available 24 hours a day 7 days a week.
Help Desk Sticker Enclosed…
Need terminal or transaction assistance? Service and support for your credit card and check authorization equipment is just a phone call away! Affix the Help Desk sticker included in your welcome package, to the face of your credit card terminal or computer if using software and call the toll-free number on the sticker whenever you need credit card related assistance.
TSYS Technical Support - Helpdesk: Supplies: Voice Authorizations: General Inquiries:
Merchant ID #: Terminal ID #:
BBT V1234567
800-552-8227 800-300-3328 800-291-4840 877-672-4228
Technical Support is just a phone call away … 24 hours – every day!
B B&T Me rchant Ser v ic e s – G etti n g St a rt ed
1.1
CLIENTS USING TERMINALS
Clients Purchasing Terminals
Now that you have received your terminal, it’s time to start processing transactions. In most cases, your terminal is ready to process transactions straight out of the box. Please take a few minutes to ensure that all of the necessary devices (terminal, PIN Pad, or check readers), power units, and cords have been included in your package. If anything appears to be missing or if the terminal is not the one you expected to receive, contact the Merchant Client Support Center at 1-877-672-4228.
Clients with Existing Terminals
By the time you are reviewing this kit, you may already be processing with BB&T; if so, Welcome! However, if you have not received your terminal programming to start processing transactions with BB&T, you may call 1-866-634-2125 to obtain your new download. The download process should only take a few minutes.
Merchant Terminal Training
To help you get started processing transactions successfully, BB&T Merchant Services is pleased to provide terminal training via telephone for you and your sales associates at no charge. During the application process, you may have requested training; if so, you will soon be contacted by one of our associates to schedule or perform the training and answer any questions you may have. If you prefer not to wait to be contacted, you may call the Training Help Desk at 1-866-634-2125 to schedule training at a time convenient for you and your sales associates. During training you will be instructed on how to: • Properly install your credit card terminal • Process sales and refunds • Settle batches • Run reports • And much more! If you did not initially request training but would now like to receive training, please call the BB&T Merchant Client Support Center at 1-877-672-4228 and we will be glad to schedule training for you.
B B&T Merchant Se r v ic e s – G et t i n g Sta rted
1.2
CLIENTS USING THIRD PARTY SOFTWARE OR PAYMENT GATEWAYS
By the time you are reviewing this you may already be processing with BB&T; if so, Welcome! In order to begin processing through your new merchant account, you or your software provider may need specific information from BB&T to configure your software correctly. Depending on your specific software, we may provide a form to you via email containing the basic information necessary. However, certain software providers require special parameter forms to be completed prior to configuration and/or installation of your software. If your software provider requires information from you that we have not supplied, please contact the Merchant Client Support Center at 1-877-672-4228. We will be happy to assist you by supplying the specific information requested by your software provider. Note: If you purchased software through BB&T, your installation or activation disk will provide instructions for getting started. Training may be available for software purchased through BB&T; contact the Merchant Client Support Center for more information.
IMPORTANT
Note: If you purchased service through BB&T Payment Gateway or Virtual Terminal, you should have received a welcome email and welcome call from a BB&T training specialist to walk you through your new method IMPORTANT of processing. If you have not received your welcome email or you are ready for training, please call the Merchant Client Support Center.
!
! !
IMPORTANT
Certain settings in your software will affect your transaction costs, your ability to prevent fraud and chargebacks, and your compliance with Card Association rules. It is your responsibility to ensure the settings established in your software are the most appropriate for processing your transactions. In addition, compliance with Data Security Standards established by the Card Associations is critical. Further details on these topics are provided throughout this Reference Kit.
CLIENTS USING DIALPAY IMPORTANT
DialPay is a processing option that allows authorization and capture of transactions via a touch-tone telephone instead of a credit card terminal. This option should only be used by merchants who have an infrequent need to process transactions. If your account was set up IMPORTANT to process transactions in this manner, a booklet entitled DialPay Authorization with Capture IMPORTANT Operating Guide has been included in the welcome package you may have already received. The DialPay guide contains all of the information you need to process your transactions.
IMPORTANT
!
! !
IMPORTANT
All DialPay merchants should be processing transactions using the Address Verification Service as described on page 3.7. For Card-Present transactions, manual imprints, as explained on page 2.4, should be obtained. For Card-Not-Present transactions, DialPay merchants should adhere whenever possible to the Fraud Prevention Guidelines on page 3.5.
IMPORTANT
IMPORTANT
1.3
BB& T M e rch a n t S e r vi ce s – G e t t i n g S t a r t e d
CARD ACCEPTANCE POLICIES
Dollar Minimums and Maximums
Always honor valid Visa®, MasterCard®, or Discover®Network cards in your acceptance category regardless of the dollar amount of the purchase. Imposing minimum or maximum purchase amounts is a violation.
No Surcharging
Always treat card transactions like any other transaction; that is, do not impose any surcharge on a transaction. You may, however, offer a discount for cash transactions, provided that the offer is clearly disclosed to customers and the cash price is presented as a discount from the standard price charged for all other forms of payment.
Taxes
Include required taxes in the total transaction amount. Do not collect taxes separately in cash. This policy reflects the needs of the many Visa, MasterCard, and Discover Network cardholders who must have written records of the taxes they pay for goods and services.
Split Sales
Prepare one sales receipt per transaction, using the full transaction amount. Merchants are not allowed to split the cost of a single transaction on a single cardholder account between two or more sales receipts in order to avoid authorization limits.
Laundering
Deposit transactions only for your own business. Depositing transactions for a business that does not have a valid merchant agreement is called laundering or factoring. Laundering is not allowed; it is a form of fraud associated with high chargeback rates and the potential for forcing merchants out of business.
No Cash Refunds
Complete a credit receipt for merchandise returns or adjustments. Do not provide cash refunds for returned merchandise originally purchased with a card. Visa and Discover Network does not permit cash refunds for any credit or debit card transaction. By issuing credits, you protect your customers from individuals who might fraudulently make a purchase on their account and then return the merchandise for cash.
Delivery of Goods and Services
Deliver the merchandise or services to the cardholder at the time of the transaction. Cardholders expect immediate delivery of goods and services unless other delivery arrangements have been made. For card-not-present transactions, cardholders should be informed of delivery method and tentative delivery date.
Asking for Identification
Although payment network rules do not preclude merchants from asking for cardholder ID, merchants cannot make an ID a condition of acceptance.Therefore, merchants cannot refuse to complete a purchase transaction because a cardholder refuses to provide ID. The payment networks do not allow merchants to ask for ID as part of their regular card acceptance procedures. Laws in several states also make it illegal for merchants to write a cardholder’s personal information, such as an address or phone number, on a sales receipt. You may ask for ID if the card is not signed; you must have the cardholder sign it and check the signature against two other pieces of identification, including one government issued ID.
B B&T Merchant Se r v ic e s – Da i l y P roc es s i n g
2.1
Zero-Percent Authorizations
Merchants should not estimate transaction amounts. For restaurant merchants, in particular, this means debit or credit card transactions should be authorized only for the known amount of the check. Do not add on an estimated tip. Cardholders today can check their account balances almost instantly via the Internet or ATMs. An authorization that includes an estimated tip can reduce their available cash or credit balance by an unrecognizable amount. Say, for example, a cardholder’s restaurant bill is $100, but the staff adds on a 20 percent tip – that is, $20 – for authorization purposes. If the cardholder only adds on a $15 tip, or leaves the tip in cash, the authorization “hold” on the larger amount may make it appear he or she was overcharged. And that, in turn, can mean angry phone calls from unhappy customers – and the potential for reduced business. To ensure zero-percent tip authorization for all transactions, restaurant merchants should: • Instruct staff to authorize only for the check amount. Your staff training and review materials should emphasize the importance of authorizing only for the known amount of the check, excluding any estimated tip. • Ensure your authorization system is set up for zero-percent authorization. For further information on zero-percent tip authorization, contact the Merchant Client Support Center.
No Transactions on Merchant’s own card
Merchants should not use your own card, or one to which you have access, to process a transaction for the purpose of obtaining credit for your own benefit.
2.2
BB& T M e rch a n t S e r vi ce s – D a i l y P r o c e s s i n g
CARD PROCESSING PROCEDURES
Doing It Right at the Point of Sale
Whether sales associates are experienced or new to the job, they will accept cards correctly the first time and every time if they follow a few basic procedures. The illustration below provides an overview of the card acceptance steps that should be followed at the point of sale.
Illustration of Card Acceptance
2 While the transaction is 1 Swipe the card to
request the transaction authorization. Hold the card throughout the transaction.
being processed, check the card’s features and security elements to make sure the card is valid and has not been altered in any way.
3 Obtain authorization
and get the cardholder signature on the transaction receipt.
If you suspect fraud, make a Code 10 call*.
4 Compare the
name, number, and signature on the card to those on the transaction receipt.
* See page 3.4 for information on Code 10 calls.
It Pays to Swipe the Stripe
On the back of every card, you’ll find a magnetic stripe. It contains the cardholder name, card account number, and expiration date, as well as special security information designed to help detect counterfeit cards. When the stripe is swiped through the terminal, this information is electronically read and relayed to the Issuer, who then uses it as crucial input for the authorization decision. Swipe the card to request the transaction authorization. Hold the card throughout the transaction.
B B&T Merchant Se r v ic e s – Da i l y P roc es s i n g
2.3
Verifying the Account Number
Most POS terminals allow merchants to verify that the account number embossed on the front of the card is the same as the account number encoded on the card’s magnetic stripe. How you check the numbers depends on your POS terminal. In some cases, the magnetic stripe number is displayed on the terminal. In others, the terminal may be programmed to IMPORTANT check the numbers electronically. In such instances, you will be prompted to enter the last four digits of the embossed account number, which will then be matched against the last four digits of the account number on the magnetic stripe.
!
IMPORTANT If the account number is printed on the receipt, only the last four digits will be used in many cases. If the numbers don’t match, you will receive a “No Match” message. In such instances, you should make a Code 10 call.*
!
! IMPORTANT
IMPORTANT
*IMPORTANT information on Code 10 calls. See page 3.4 for
All POS terminals and systems are required to provide account number truncation on electronically printed transaction receipts. This means that only the last four digits of an account number should be printed on the customer’s copy of the receipt, and the expiration date should not appear at all. All POS terminals and systems must now comply with these requirements. The Merchant copy of the receipt may be required to reflect no more than the last four or five digits of the cardholder account number depending upon state or local legislation enacted in the jurisdiction of Merchant’s location. It is Merchant’s responsibility to determine requirements of and comply with local and/or state legislation as applicable. If the full card number does appear on the Merchant’s copy, please make sure the correct receipt, the cardholder copy, is provided to the customer. If the full card number does not appear on the Merchant copy, we suggest you print out a batch detail report before closing out in order to have a record of the full card number. Retain in a secure location.
KEY-ENTERED TRANSACTIONS
If a Card Won’t Read When Swiped
In some instances, when you swipe a card the terminal will not be able to read the magnetic stripe or perform an authorization. When this occurs, it usually means one of three things:
• The terminal’s magnetic-stripe reader is not working properly. • The card is not being swiped through the reader correctly. • The magnetic stripe on the card has been damaged or demagnetized. Damage to the card may happen accidentally, but it may also be a sign that the card is counterfeit or has been altered.
If a card won’t read when swiped, you should:
• Check the terminal to make sure that it is working properly and that you are swiping the card correctly. • If the terminal is OK, take a look at the card’s security features to make sure the card is not counterfeit or has not been altered in any way. • For key-entered or voice-authorized transactions, make an imprint of the front of the card. The imprint proves the card was present at the point of sale and protects your business from potential chargebacks if the transaction turns out to be fraudulent. The imprint can be made either on the sales receipt generated by the terminal or on a separate manual sales receipt form signed by the customer.
2.4
BB& T M e rch a n t S e r vi ce s – D a i l y P r o c e s s i n g
Find Causes and Look for Solutions
If a large percentage of your transactions are key entered, you should investigate the situation and try to find out why. The following chart summarizes the most common reasons for high key-entry rates and provides possible solutions.
KEY-ENTRY CAUSE Damaged Magnetic-Stripe Readers SOLUTION Check magnetic-stripe readers regularly to make sure they are working. Clean magnetic-stripe reader heads several times a year to ensure continued good use.
Dirty Magnetic-Stripe Readers
Magnetic-Stripe Reader Obstructions Remove obstructions near the magnetic-stripe reader. Electric cords or other equipment could prevent a card from being swiped straight through the reader in one easy movement. Spilled Food or Drink Remove any food or beverages near the magnetic stripe reader. Falling crumbs or an unexpected spill could soil or damage the machines. Keep magnetic anti-theft deactivation devices away from any counter area where customers might place their cards. These devices can erase a card’s magnetic stripe. • Swipe the card once in one direction, using a quick, smooth motion. • Never swipe a card back and forth. • Never swipe a card at an angle; this may cause a faulty reading.
Anti-Theft Devices that Damage Magnetic Stripes
Improper Card Swiping
M E R CH A NT
Key-entered transactions are fully acceptable, but they are associated with higher fraud and higher chargeback rates. Key entered transactions may increase your processing costs because of the increased risks.
TIP
Special Guidelines Regarding Unembossed Cards
Unembossed Cards
Visa, MasterCard, and Discover Network both offer unembossed cards to accommodate a changing payment environment. Some cards now have laser-engraved or thermal printing of the account number, presenting a smooth appearance to the face of the cards. Traditionally, these cards were issued outside the United States; however, the cards are now offered for products such as prepaid and gift cards. Below we have provided a list of frequently asked questions regarding unembossed cards.
How do you identify an unembossed card?
MasterCard has branded it’s card offering as “MasterCard Electronic” and the logo on the card reflects this terminology. Visa, and Discover Network cards will indicate “electronic use only” on the face of the card. Card numbers on both cards are smooth in contrast to raised numbers on the cards we are familiar with today.
Who can accept unembossed cards?
Unembossed cards work just like any other card at the point-of-sale. Any merchant utilizing an electronic payments terminal, which is capable of reading the magnetic stripe, can accept the card.
B B&T Merchant Se r v ic e s – Da i l y P roc es s i n g
2.5
If the magnetic-stripe read fails, what can the merchant do?
Visa and Discover Network recommend that the merchant request another form of payment. Because the card is not capable of being imprinted, the merchant would have to hand-write the card number on the sales draft and/or key-enter the transaction. Visa and Discover Network advise that merchants who accept an unembossed card without a swipe do so at their own risk, and could be subject to a “Missing Imprint” chargeback should the issuer dispute the transaction. MasterCard’s requirements indicate their MasterCard Electronic card cannot be processed if the swipe cannot be completed. NO hand-keyed transactions or hand-written sales drafts are allowed.The cardholder must be physically present in order to complete a transaction. If the card is valid only in a country different from where the merchant establishment is located, the card may not be accepted.
Directions for Processing Credit Cards Using Manual Imprint
1 3 2 5 7 9 8 6 4
1 5 2 3 7 4
10
8
1 Imprint of credit card number will show here. 2 Imprint of plate showing merchant number,
6 Enter the authorization number from Visa or
MC.
name, and state will show here. If imprint of IMPORTANT plate is unavailable, write in the mermerchant chant name and place of business. (Merchant account number is not required).
7 Enter reference number on the receipt
!
from the terminal.
8 Enter amount of total transaction. 9 If cardholders sign the terminal receipt, they
3 Enter description of sale, ex. gift cards,
merchandise, etc. IMPORTANT
4 Enter the amount of each sale. 5 Enter the date of each sale.
! !
are not required to sign manual imprint receipt. Attach the merchant copy to the terminal copy for the merchant’s file.
10 If manual imprint receipt is used to issue a
credit, the merchant has to sign to authorize the credit.
BB& T M e rch a n t S e r vi ce s – D a i l y P r o c e s s i n g
IMPORTANT
A manual imprint must NOT consist of an impression taken from the card using pencil, crayon or other writing instrument.
2.6
Authorization
The authorization process allows the card issuer to approve or decline a transaction. In most cases, authorizations are processed electronically in a matter of moments. However, to protect against fraud, the card issuer may request additional information about the transaction. If properly done, authorizing a transaction is quick and easy and protects merchants against fraud and chargebacks.
MERC HANT
Authorization should be seen as an indication that account funds are available at the time of authorization and a card has not been reported as lost or stolen. It is not proof that the true cardholder or a valid card is involved in a transaction. It is highly recommended and in your benefit to settle all authorized transactions daily or within 24 hours of the time of the authoirzation. Settling in this manner may prevent chargebacks and will prevent additional interchange fees.
TIP
Authorization Responses
During the authorization process, your sales associates should receive one of the following responses, or one that is similarly worded.
RESPONSE Approved MEANING Card issuer approves the transaction. This is the most common response — about 95% of all authorization requests are approved. Card issuer does not approve the transaction. The transaction should not be completed. Return the card and instruct the cardholder to call the card issuer for more information on the status of the account. Card issuer needs more information before approving the sale. Most of these transactions are approved, but you should call your authorization center and follow the instructions you are given. In most cases, an authorization agent will ask to speak directly with the cardholder or will instruct you to check the cardholder’s identification. Card issuer wants to recover the card. Do not complete the transaction. Inform the customer that you have been instructed to keep the card, and ask for an alternative form of payment. If you feel uncomfortable, simply return the card to the cardholder. The embossed account number on the front of the card does not match the account number encoded on the magnetic stripe. Swipe the card again and re-key the last four digits at the prompt. If a “No Match” response appears again, it means the card is counterfeit. If it can be done safely, keep the card in your possession, and make a Code 10 call.
Declined or Card Not Accepted
Call, Call Center, or Referrals
Pick Up
No Match
B B&T Merchant Se r v ic e s – Da i l y P roc es s i n g
2.7
UNDERSTANDING INTERCHANGE/ MINIMIZING PROCESSING COSTS
Q: What is interchange?
A: Interchange is the fee that merchant-acquiring institutions must pay card-issuing institutions to help offset card issuers’ processing costs and cost of funds. Revenue from interchange fees permits issuers to offer consumers value-added card products at lower prices. This helps increase card availability and usage, which benefits merchants through incremental sales and displacement of other more expensive forms of payment. Interchange rates are set and governed by Visa, MasterCard, and Discover Network, and are the same for all card-issuing and merchant-acquiring institutions. Such control helps maintain the integrity of the most widely used, complex electronic payment system in the world.
Q: What are non-qualified transactions?
A: Visa, MasterCard, and Discover Network establish interchange fees for transactions based on the data submitted and the risk associated with the particular transaction. Your merchant account and the agreed-upon rates and fees are based on an interchange level that is established according to your processing method and business type. A non-qualified transaction is a transaction that does not qualify at the expected level because it does not meet Visa, MasterCard, and Discover Network requirements for that level. Your account will be billed the difference in cost between the expected interchange rate and the interchange level at which the transaction actually qualified plus a surcharge. For example: The interchange level established for an account may require that the card be present and swiped as part of the transaction. The interchange rate is lower because more magnetic stripe content data is submitted and since the card is present, there is lower associated risk. If the card is not present or swiped, the transaction will not meet the requirements for the established interchange level, will be considered non-qualified, and will cost more to process.
Q: Why is a surcharge assessed on non-qualified transactions?
A: Merchant-acquiring institutions assess a surcharge to cover the additional handling costs associated with non-qualified transactions, such as increased processing and operational expenses.
Q: What can I do to reduce the number of non-qualified transactions I have and minimize my transaction costs?
A: To minimize processing costs and ensure that your transactions are clearing at the best possible interchange rate, you should observe the best practices referenced below as indicated for your processing method and business type. For additional advice on reducing transaction processing costs, please contact our Merchant Client Support Center for assistance.
2.8
BB& T M e rch a n t S e r vi ce s – D a i l y P r o c e s s i n g
Retail / Face-to-Face Merchants:
• Card-swipe all of your transactions. • Electronically authorize all transactions. • Obtain one authorization per transaction. • Voice authorized or “forced” transactions will not be eligible for the qualified rate. • Settlement amount must equal the authorized amount for signature debit (non-PIN) transactions. • All transactions must be settled within 24 hours of the authorization. • Indicate the card is present (by transaction type or at appropriate prompt) and perform Address Verification Services (AVS) on key-entered transactions; a full AVS match must be received on the cardholder’s billing zip code to qualify for the best non-qualified rate. • For MasterCard transactions: The settlement amount for each transaction must be within 25% of the authorized amount for Beauty Salon transactions and within 10% of the authorized amount for all other transactions. • For Discover Network transactions: The settlement amount for each transaction must be within 20% of the authorized amount for Beauty/Barber Shops and Taxicabs/Limousines and within 10% of the authorized amount for all other transactions.
Restaurant Merchants:
• Card-swipe all of your transactions. • Electronically authorize all transactions. • Obtain one authorization per transaction. • Voice authorized or “forced” transactions will not be eligible for the qualified rate. • All transactions must be settled within 24 hours of the authorization. • Indicate the card is present (by transaction type or at appropriate prompt) and perform Address Verification Services (AVS) on key-entered transactions; a full AVS match must be received on the cardholder’s billing zip code to qualify for the best non-qualified rate.
Hotel Merchants:
• Card-swipe all of your transactions. • Electronically authorize all transactions. • Settlement amount must equal the authorized amount. • Settle your terminal daily. • Include a Room or Folio number on all transactions. • Include the Check-in and Check-out date on all transactions. • Indicator for Ancillary charges and No-show charge is required.
B B&T Me rchant Ser v ic e s – Da i l y P roc es s i n g
2.9
Card Not Present - Mail/Phone Order Merchants:
• Electronically authorize all transactions. • Perform Address Verification Services (AVS) on all transactions. • Invoice number or customer order number must be included on all transactions. • The customer service phone number is required in settlement record. • The purchase date is the shipment date and must be within seven days after the authorization date or one day prior to the authorization date. • Transactions must be settled within two days of the purchase date. • Settlement amount must equal the authorized amount. • Transaction must be properly identified as Mail/Phone Order with the appropriate MOTO indicator. • Bill Payment transactions must be properly identified with a Market Specific Indicator of “B”, ACI of “Y” and processing code of “50” and a MOTO indicator of “01” for one payment, “02” for recurring payment and “03” for installment payment. The first or initial transaction must be properly identified as Mail/Phone Order; subsequent transactions must be properly identified as Recurring. • Transaction identification is usually handled automatically by a merchant’s transaction-processing system; however, you should check with your software provider to confirm that your system is properly set up.
Card Not Present - Internet/ Electronic Commerce Merchants:
• Electronically authorize all transactions. • Perform Address Verification Services (AVS) on all transactions. • Invoice number or customer order number must be included on all transactions. • The customer service phone number, email address, or the merchant’s URL is required in the settlement record. • Transactions must be settled within two days. • Settlement amount must equal the authorized amount. • The purchase date is the shipment date and must be within seven days after the authorization date or one day prior to the authorization date. • Transaction must be properly identified as e-Commerce with the appropriate ECI indicator. • Bill Payment transactions must also be properly identified with a Market Specific Indicator of “B,” ACI of “Y” and processing code of “50” and an ECI of “5,” “6,” ”7” or “8”. • Transaction identification is usually handled automatically by a merchant’s transaction-processing system; however, you should check with your software provider to confirm that your system is properly set up.
2.10
BB& T M e rch a n t S e r vi ce s – D a i l y P r o c e s s i n g
Business-to-Business Transactions In order to ensure that transactions conducted with Business, Corporate or Purchasing Cards clear at the best possible interchange rate, you should observe the best practices referenced above as applicable to your processing method and business type. In addition, provide the enhanced data below: For Business and Corporate Cards:
• Submit the Tax Included Indicator and Sales Tax Amount (amount must be between 0.1% and 22% of the transaction amount for Visa and 1% and 30% of the transaction amount for MasterCard).
For Purchasing Card transactions only:
To meet Level II Enhanced Data requirements: • Submit the Tax Included Indicator and Sales Tax Amount (amount must be between 0.1% and 22% of the transaction amount for Visa and 1% and 30% of the transaction amount for MasterCard). – Customer Code (as provided by cardholder) is required at Fuel Merchants. To meet Level III Enhanced Data requirements: • Submit Summary Data (minimum required data shown below): – Discount amount - Last two digits are implied decimal places. Must not be all zeros if a discount amount exists. Must be all zeros if discount amount does not exist. – Freight/shipping amount - Last two digits are implied decimal places. Must not be all zeros if a freight/shipping amount exists. Must be all zeros if freight/ shipping amount does not exist. – Duty amount - Last two digits are implied decimal places. Must not be all zeros if a duty amount exists. Must be all zeros if duty amount does not exist. • and, submit Line Item Detail (minimum required data shown below): – Item descriptor - Must not be all spaces or all zeros. – Item quantity - Last four digits are implied decimal places. Must not be all spaces or all zeros. – Item unit of measure - Must not be all spaces or all zeros. – Item commodity code - Must not be all spaces or all zeros.
IMPORTANT
– Item product code - Must not be all spaces or all zeros.
– Item unit cost - Last four digits are implied decimal places. Must not be all spaces or all zeros. – Discount per Line Item - Last two digits are implied decimal places. Must not be all zeros if a discount exists. Must be all zeros if discount does not exist. IMPORTANT – Line Item total - Last two digits are implied decimal places. Must not be all spaces or all zeros.
!
!
! IMPORTANT
IMPORTANT
ON ALL TRANSACTIONS: Make sure your credit card equipment is functioning properly. Do not bypass any terminal or software prompts for specific data; doing so will affect your transaction costs, your ability to prevent fraud and chargebacks, and your compliance with Payment Network rules. If you are a merchant using third-party software, ensure the settings established in your software are the most appropriate for the processing nature of your business.
B B&T Merchant Se r v ic e s – Da i l y P roc es s i n g
2.11
1
2 3 4 5 6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21 22
23
24
25
26
27
28
29
30
31
33 35 37 39
32 34 36 38
2.12
BB& T M e rch a n t S e r vi ce s – D a i l y P r o c e s s i n g
How To Read Your Merchant Statement
Use this information to become familiar with your merchant statement.
1 Address of BB&T Merchant Services 2 Processing Month 15 Avg Tkt 16 Disc P/I 17 Disc %
Dollar amount of the average sales transaction. Discount charged per item for transactions. Discount percentage rate assessed for transactions. Discount due to BB&T Merchant Services. This is calculated as either your net or gross sales multiplied by the discount rate plus the discount per item multiplied by the total number of sales.
The date your statement was produced (MM-YY). An internal tracking number for BB&T Merchant Services is also included.
3 Processor Use Only 4 Merchant Number
This number is assigned to your company for identification purposes. It is exclusive to your company. If you call with statement inquiries, please be prepared to provide your merchant number. This number identifies your bank. This number identifies your account at your bank.
18 Discount Due
5 Routing Number
Transaction Detail
This section displays a breakdown of each transaction made during the statement period. The transactions are separated into three categories: deposits, adjustments, and chargebacks.
19 Day
6 Deposit Account Number
7 Your Statement Mailing Address 8 Amount
This is the amount that is due to BB&T Merchant Services this month. This amount is deducted from or added to your checking account. It includes the difference between fees owed and fees actually paid. Plan Code that identifies the type of card used. See the list of Plan Codes at the bottom of the statement. Total number of sales and cash advances for this statement period. Total dollar amount of sales and cash advances for this statement period. Total number of credits for this statement period. Total dollar amount of credits for this statement period. Total dollar amount of sales and cash advances less total dollar amount of credits.
Day of the month that your batch was processed. Reference number assigned to the batch for tracking purposes. Code that identifies the type of transaction processed. See the list of Transaction Codes at the bottom of the statement. Transaction plan type. See the list of Plan Codes at the bottom of the statement. Total number of sales and cash advances for this batch. Total dollar amount of sales and cash advances for this batch. Total dollar amount of credits for this batch. Total discount previously paid to BB&T Merchant Services. This amount will only display if you participate in a daily discount program with BB&T Merchant Services. 2.13
20 Ref Number
9 PL
21 *(Transaction Code)
10 # Sales
22 PL
11 $ Sales
23 # Sales
12 # Credits 13 $ Credits
24 $ Sales
25 $ Credits
14 Net Sales
26 Discount Paid
B B&T Merchant Se r v ic e s – Da i l y P roc es s i n g
How To Read Your Merchant Statement (continued)
27 Net Deposit
Statement Totals
This section contains discount information and the amount credited or debited from the account. The following fields may appear if applicable.
33 Minimum Discount
Total dollar amount of sales and cash advances less total dollar amount of credits and paid discount. Deposit, Adjustment and Chargeback totals will appear under each respective section.
Fee Totals
This section displays the fees that will be charged to the merchant.
28 Number 29 Amount
Minimum amount of discount that will be charged. This figure will be used if the discount amount is less than the minimum stated in your merchant contract. Total dollar amount of discount due from the merchant as calculated throughout the month. Total dollar figure of discount that has been paid during the month by the merchant if participating in a daily program. Discount due less the discount paid. Total fees due from the merchant. Total dollar amount credited or debited from the account.
Total number of items billed. Total dollar amount used to calculate the amount billed. (This may not be used for all items.) Description of the item billed. Total dollar amount to be billed. Total dollar amount of fees to be paid by the merchant.
34 Discount Due
35 Discount Paid
30 Description 31 Total
36 Net Discount Due 37 Fees Due
32 Total Fees Due
38 Amount Deducted
Note: Fees will be deducted on the 15th day (or next business day) of the month following the statement processing date.
Statement Message
39 Statement Message
Important information from BB&T Merchant Services.
Plan Codes and Transaction Codes
IMPORTANT
!
List of Plan Codes and Transaction Codes are printed along the bottom border of the statement.
IMPORTANT
!
! IMPORTANT
IMPORTANT
Merchant should review monthly statement and report questions, disputes, or missing transactions within 90 days of receipt of statement. Please refer to Section 1.5(k) of your BB&T Merchant Agreement for additional information. It is important to review your monthly statement for important messages from BB&T regarding your merchant statement.
2.14
BB& T M e rch a n t S e r vi ce s – D a i l y P r o c e s s i n g
MAINTAINING YOUR ACCOUNT
When to Contact Us
From time to time, your business may experience change. Some changes may require updates to your merchant relationship, including the following: • DDA Account Number or “Operating Account” - If the DDA account is held at a financial institution other than BB&T, the Bank will require a voided check drawn on the new DDA account to be submitted with the written request for verification purposes. • Ownership or ownership structure • Federal tax identification number • Type or kind of business • Processing method • When you employ a third party provider(s), begin operating a website, or add payment acceptance to an existing account • Company DBA name • Address, or telephone/facsimile number • When you enter into an agreement with a third party offering a cash advance loan program, in which you pledge future credit card receivables as collateral • When you begin a gift card program To request account changes, please call the BB&T Merchant Client Support Center at 1-877-672-4228 or send written correspondence to the following address: BB&T Financial, FSB P.O. Box 200 Wilson, North Carolina 27894
IF YOUR TERMINAL BREAKS
If your terminal becomes inoperable, please follow the steps below: • Call the Client Support Center at 1-877-672-4228. • Choose option 1. • Choose the appropriate technical help desk from the menu. As a reminder, if you own a terminal that has been deemed obsolete by its manufacturer or is no longer capable of compliance with card association requirements and it becomes inoperable, you will have to purchase a new terminal in order to continue processing. Equipment damaged as a result of abuse, power failure, physical damage, fire, or water may not be eligible for replacement or may be subject to additional fees.
B B&T Merchant Se r v ic e s – Da i l y P roc es s i n g
2.15
CARD IDENTIFICATION FEATURES AND SECURITY ELEMENTS
If you are ever suspicious about a card or transaction, call your authorization center and request a Code 10 authorization. Every card contains a set of unique design features and security elements developed by each card manufacturer to help merchants verify a card’s legitimacy. By knowing what to look for on each card, your sales associates can avoid inadvertently accepting a counterfeit card or processing a fraudulent transaction. Train your sales staff to take a few seconds to look at the card’s basic features and security elements after they have swiped the card and are waiting for authorization. Checking card features and security elements helps to ensure that the card is valid and has not been altered in any way. Holding onto the Card Sales staff should be instructed to keep payment cards in their possession during transaction processing. Holding onto the card allows time to check card features and security elements and to compare the cardholder signature on the card with the signature on the transaction receipt. Visa Features (original Visa may be valid through 2010) You may have already noticed that Visa is changing its card design. We have included both the old and new card designs in this guide.
All Visa account numbers start with 4. The embossing should be clear and uniform in size and spacing and extend into the hologram. The account number embossed on the card must match the account number printed on the sales draft or displayed on the terminal (if equipment allows). Visa Debit Identifier To clearly distinguish Visa Debit cards, all consumer Debit cards must show the word “Debit” above the hologram.
The four-digit number printed below the embossed account number must match the first four digits of the account number.
Check the “Good Thru” or “Valid thru” date. Make sure the date of the transaction is no later than the date on the card. If the transaction date is after the “Good Thru” date, the card has expired. In such instances, an authorization request can be called in to your authorization center, or you can ask the customer for a Visa card that is currently valid. Always request authorization on an expired card. If the Issuer approves the transaction, proceed with the sale. Never accept a transaction that has been declined.
Visa cards have a stylized “V” security character embossed to the right of the expiration date.
A three-dimensional dove hologram should reflect light and seem to change as you rotate the card.
B B&T Me rchant Ser v ic e s – Los s P reven t i on
3.1
Back of Visa Cards
All Visa Cards must be signed in order to be valid. The signature on the sales draft should match the signature on the back of the card. If the card is not signed, ask the cardholder to provide a valid government ID (e.g., driver’s license). Then have the customer sign the card. Check to be sure the signatures match. The magnetic stripe should appear smooth and straight, with no signs of tampering. The signature panel should have a repetitive pattern of the word “Visa” printed in color at an angle. A full or partial account number, plus a three-digit Card Verification Value 2 (CVV2), is indent-printed on the signature panel.
Visa Features (Updated Visa Card – Beginning January 2006) Front of Card
Check the account number for evenness and clarity. Look closely at the account number. On valid cards, the numbers will be even and straight; on altered cards, they may have fuzzy edges, or you may be able to see “ghost images” of the original numbers. Compare numbers. The printed four-digit number must match the first four digits of the account number above it. Both should begin with a “4.” If the numbers are not identical or the printed number is missing, the card is not valid and should not be accepted. Check the “Good Thru” or “Valid thru” date. Make sure the date of the transaction is no later than the date on the card. If the transaction date is after the “Good Thru” date, the card has expired. In such instances, an authorization request can be called in to your authorization center, or you can ask the customer for a Visa card that is currently valid.
Back of Card
Check the hologram. When the card is tilted, a ring should appear around the sun and the word “VISA” should appear in the center. If not, the card may be counterfeit. Look at the signature panel. The signature panel will look like this or have a custom design. Check for the Card Verification Value (CVV2). It is a three-digit code that appears either on the signature panel or on a white box to the right of the signature panel. Portions of the account number may also be present on the signature panel. CVV2 is used primarily in card-not-present transactions to verify that the customer is in possession of a valid Visa card at the time of the sale. Check for signs of tampering. Any attempt to erase the signature will cause the word “VOID” to appear.
B B &T Merchant Se r v ic e s – Los s P reven t i on
3.2
MasterCard Features
All MasterCard account numbers start with 5. The embossing should be clear and uniform in size and spacing and extend into the hologram. The 16-digit account number embossed on the card must be exactly the same as the account number printed on the sales draft, or displayed on your terminal (if equipment allows). A three-dimensional hologram with interlocking globes should reflect light and seem to move as you rotate the card. The word “MasterCard” is printed repeatedly in the background of the hologram. The letters “MC” are micro-engraved around the two rings. The pre-printed Bank Identification Number (BIN) must match the first four digits of the embossed account number. The valid date lists the last day on which the card is valid. Some cards may have an effective date as well. MasterCard cards have a stylized “MC” security character embossed to the right of the valid dates. MasterCard Debit Hologram To clearly distinguish MasterCard Debit cards, all new and re-issued consumer Debit cards must display the Debit hologram. By January 1, 2007, all Debit cards must be in compliance with this rule. Until then you may still see some older cards with the word “Debit” printed above the global hologram.
Back of MasterCard
The back of the card must be signed. The magnetic stripe should appear smooth and straight, with no signs of tampering.
The word “MasterCard” is printed repeatedly in multicolors at an angle on a tamper-evident signature panel. You may see only the last four digits of the account number, plus the three-digit CVC2 indentprinted on some newer cards. Some cards may contain the full 16-digit account number, followed by the threedigit CVC2, indent-printed on the signature panel.
Updates for MasterCard (Beginning June 2006) Front of Card
A three-dimensional hologram with interlocking globes should reflect light and seem to move as you rotate the card. Beginning in June 2006, card issuers have the option of placing the hologram on the card back. The familiar “MC” security character will not be present on cards issued after June 2006. To clearly distinguish Debit cards, all new and re-issued consumer Debit cards must display the Debit hologram. By January 1, 2007, all Debit cards must be in compliance with this rule.
Back of Card
Beginning in June 2006, card issuers have the option of placing a holographic magnetic stripe on the card back, replacing the Globe hologram or the Debit hologram. The word “MasterCard” is printed repeatedly in multicolors at an angle on a tamper-evident signature panel. The last four digits of the account number are indent-printed on the signature panel. Beginning in June 2006, the three-digit CVC2 must be printed in a white rectangle to the right of the signature panel. The MasterCard Alternative Design Option will allow issuers greater flexibility. You may see vertical cards, unembossed cards and smaller size cards.
3.3
BB& T M e rch a n t S e r vi ce s – L o s s P r e v e n t i o n
Discover®
The words “DISCOVER NETWORK” will appear under an ultraviolet light. All Discover Network account numbers start with 6. The embossing should be uniform in size and spacing, and extend into the hologram. “Valid Thru” indicates the last month in which the card is valid. A Business Name may be embossed below the account name. An embossed Security Character appears as a stylized “D.” The Discover® Network Acceptance Mark appears on both sides of the card. and appear to move. The magnetic stripe should appear smooth, with no signs of tampering. The words “DISCOVER NETWORK” appear on the signature panel, and an underprint reading “VOID.” The last four digits of the account number appear on the signature panel in reverse indent printing. The three-digit Data (CID) appears to the right of the signature panel.
Law Enforcement Phone Line
Merchant Code 10 Authorization
1-800-347-3083
1-800-347-1111
for suspicious transactions
American Express®
The letters “AMEX” and a phosphorescence in the Centurion portrait are visible under an ultraviolet light. Pre-printed (non-embossed) (CID) should always appear above the account number. All American Express account numbers start with 3. Embossing should be clear and uniform in size and spacing. The number on the front and back of the Card, plus the one printed on the sales receipt should all match. With this statement on the Card, American Express reserves the right to “pick up” the Card at any time. Some Cards have a hologram of the American Express image embedded into the magnetic stripe. The signature on the back of the Card should match the customer’s signature on the receipt. The signature panel is tamper-evident.
Do not accept a Card after the expiration date. Only the person whose name is embossed on an American Express Card is entitled to use it.
Merchant Code 10 Authorization
1-800-528-1212
B B&T Me rchant Ser v ic e s – Los s P reven t i on
if you are suspicious of a card transaction 3.4
CODE 10 CALLS
Code 10 calls allow merchants to alert card issuers to suspicious activity and take appropriate action when instructed to do so.You should make a Code 10 call to your voice authorization center whenever you are suspicious about a card, cardholder, or a transaction. The term “Code 10” is used so the call can be made at any time during a transaction without arousing a customer’s suspicions.
MERC HANT
TIP
Emphasize to your sales staff that they can make Code 10 calls even after a cardholder leaves the store. A Code 10 alert at this time may help stop fraudulent card use at another location, or perhaps during a future transaction at your store.
To make a Code 10 call: Keep the card in your possession during the call. Call your voice authorization center, at 800-291- 4840 Enter your Merchant Identification Number Press # , then 8, then enter card number. Enter the expiration date. Enter the amount of the transaction. You will be transferred to a special operator who will ask you a series of questions that can be answered with a simple yes or no. • When connected to the special operator, answer all questions calmly and in a normal tone of voice. Your answers will be used to determine whether the card is valid. • Follow all operator instructions. • If the operator tells you to pick up the card, do so only if recovery is possible by reasonable and peaceful means.
3.5
BB& T M e rch a n t S e r vi ce s – L o s s P r e v e n t i o n
FRAUD PREVENTION GUIDELINES FOR CARD-NOTPRESENT TRANSACTIONS
A range of fraud-prevention policies, guidelines, and services have been developed for card-not-present merchants. Using these tools will help protect your business from fraud-related chargebacks and losses. Mail Order/Telephone Order (MO/TO) and Internet merchants should strongly consider developing in-house fraud control policies and providing appropriate training for employees.
The following sections outline basic fraud-prevention guidelines and best practices for card-not-present merchants.
Authorize All Card-Not-Present Transactions
Authorization is required on all card-not-present transactions. Card-not-present transactions are considered as zero-floor-limit sales. Authorization should occur before any merchandise is shipped or services performed. An authorization number serves as approval that the card is valid and funds are available. It is not proof that the cardholder was engaged in the transaction.
Ask for Card Expiration Date
Card-not-present merchants should always ask customers for their card expiration, or “Good Thru,” date and include it in their authorization requests. Including the date helps to verify that the card and transaction are legitimate. A MO/TO or Internet order containing an invalid or missing expiration date may indicate counterfeit or other unauthorized use.
Ask for CVV2/CVC2
The Card Verification Value (CVV2 - Visa), Card Validation Code (CVC2-MasterCard), and Card Identification (CID - Discover) is a three- or four-digit security number printed on the front or back of cards to help validate that a customer is in possession of a legitimate card at the time of an order. Studies show that merchants who include CVV2/CVC2/CID validation in their authorization procedures for card-not-present transactions can reduce their fraud-related chargebacks.
B B &T Merchant Se r v ic e s – Los s P reven t i on
3.6
CVV2/CVC2 PROCESSING
To ensure proper CVV2/CVC2/CID processing for card-not-present transactions, merchants should: • Ask card-not-present customers for the last three numbers in the signature panel on the back of their cards. • If the customer provides a CVV2/CVC2/CID, submit this information with other transaction data (card expiration date and account number) for electronic authorization. You should also include one of the following CVV2/CVC2/CID presence indicators, even if you are not including a CVV2/CVC2/CID in your authorization request:
INDICATOR 0 1 2 9 WHAT IT MEANS CVV2/CVC2/CID is not included in authorization request. CVV2/CVC2/CID is included in authorization request. Cardholder has stated that CVV2/CVC2/CID is illegible. Cardholder has stated that CVV2/CVC2/CID is not on the card.
• Evaluate the CVV2/CVC2/CID result code you receive with the transaction authorization, and take appropriate action based on all transaction characteristics.
CVV2 RESULT CODE M - Match N - No Match RECOMMENDED ACTION Complete the transaction, taking into account all other transaction characteristics and verification data. View a “No Match” response as a sign of potential fraud, which should be taken into account along with the authorization response and any other verification data. You may also want to resubmit the CVV2/CVC2/CID to ensure a key-entry error did not occur. Resubmit the authorization request. Follow up with the customer to verify that the correct card location has been checked for CVV2/CVC2/CID. Evaluate all available information and decide whether to proceed with the transaction or to investigate further.
P - CVV2* S - CVV2** U***
* request not processed ** should be on the card, but the cardholder has reported that it isn’t. *** card issuer does not support CVV2/CVC2/CID
3.7
BB& T M e rch a n t S e r vi ce s – L o s s P r e v e n t i o n
ADDRESS VERIFICATION SERVICE
To use the Address Verification Service (AVS), simply ask card-not-present customers for their billing address as it appears on their monthly statement. This information is then submitted with other transaction data for electronic authorization. Address verification and IMPORTANT authorization occur simultaneously — in a matter of seconds — and you will receive an AVS response code with the authorization.
!
You should evaluate the AVS response code and take appropriate action, based on all transaction IMPORTANT characteristics and any other verification information received with the authorization (expiration date, CVV2/CVC2/CID, etc.). An authorization response always takes precedence over AVS. Do not accept any transaction that has been declined, regardless of the AVS response.
! !
IMPORTANT
If you complete a transaction for which you received an authorization approval and an AVS response of “U” (unavailable), and the transaction is later charged back to you as fraudulent, BB&T Merchant Services may represent the item. U.S. Issuers must support AVS or lose their right to fraud chargebacks for card-not-present transactions.
AVS RESPONSE IMPORTANT X – Exact Match Y – Match
WHAT IT MEANS Address and nine-digit zip code match. Both street address and five-digit zip code match. Complete the transaction; you can be relatively confident it is legitimate. Street address matches, but zip code doesn’t. View as a sign of potential fraud. Depending on the transaction amount, you may decide to complete the transaction or investigate further to ensure it is valid. Zip code matches but the street address doesn’t. View as a sign of potential fraud. Depending on the transaction amount, you may decide to complete the transaction or investigate further to ensure it is valid. Street address and zip code don’t match. View as a sign of potential fraud and take further steps to validate the transaction. The Issuer’s system is not available, or the Issuer does not support AVS. The address cannot be verified at present. You must decide whether to accept or refuse the transaction, or investigate further. The Issuer’s system is not available; try again later. The Issuer’s system may not be working. You should resubmit your AVS request later. Evaluate all available information and decide whether to proceed with the transaction or to investigate further. Unless you sent only a zip code AVS request and it matched, you may want to follow up before shipping merchandise.
IMPORTANT
A – Partial Match
Z – Partial Match
N – No Match
U – Unavailable
R – Retry
IMPORTANT
U – Issuer does not support AVS
!
IMPORTANT Z – Partial Match
! !
IMPORTANT
For a zip code only request and P.O. Box address, Issuers may respond with either a “Y” (Exact Match), or a “Z” (Partial match-zip Code Matches).
B B &T Merchant Se r v ic e s – Los s P reven t i on
3.8
IMPORTANT
Suspicious Transactions
Card-not-present merchants should develop in-house policies and procedures for handling irregular or suspicious transactions and provide appropriate training for their sales associates. Being able to recognize suspicious orders may be particularly important for merchants involved in telephone sales, and employees should be given clear instructions on the steps to take to verify these transactions. Your sales employees should be on the lookout for any of the following signs of suspicious customer behavior: • Hesitation: Beware of customers who hesitate or seem uncertain when giving you personal information, such as a zip code or the spelling of a street or family name. This is often a sign that the person is using a false identity. • Rush orders: Urgent requests for quick or overnight delivery — the customer who “needs it yesterday”— should be another red flag for possible fraud. While often perfectly valid, rush orders are one of the common characteristics of “hit and run” fraud schemes aimed at obtaining merchandise for quick resale. • Random orders: Watch out also for customers who don’t seem to care if a particular item is out of stock —“You don’t have it in red? What colors do you have?”— or who order haphazardly —“I’ll take one of everything!” Again, orders of this kind may be intended for resale rather than personal use. • Suspicious shipping address: Scrutinize and flag any order with a ship to address that is different from the billing address on the cardholder’s account. – Requests to ship merchandise to post office boxes or an office address are often associated with fraud. – Keep lists of zip codes where high fraud rates are common and verify any order that has a ship-to address in these areas. – If your business does not typically service foreign customers, use caution when shipping to addresses outside the United States, particularly if you are dealing with a new customer or a very large order. – Requests to wire funds to pay shipping costs are often associated with fraud. – Requests to provide cash back for any credit card transaction are often associated with fraud. In examining what appears to be an unusual order, keep in mind that if the sale sounds too good to be true, it probably is. Merchants should NEVER provide cash back to a cardholder when processing a credit card transaction, as this is prohibited by the credit card associations. Also, please be aware of a growing problem impacting merchants across the country. Merchants have received telephone and fax orders, often originating in foreign countries, attempting to purchase goods and services. The cardholder requests that the merchant wire back to them a part of the credit transaction for various reasons, i.e. shipping charges by a carrier of their choice, or for other arrangements they prefer to make rather than follow the normal merchant business practices. These orders often include fraudulent Visa, MasterCard, and Discover Network numbers for payment, which have led to high volumes of chargebacks and significant merchant losses. These fraudulent schemes particularly target businesses that do not usually handle mail or telephone transactions. Please use caution with any orders received from unusual sources. You must know for certain that you are dealing with the authorized user of the card that is being offered. Never provide cash back to the cardholder under any circumstances.
3.9
BB& T M e rch a n t S e r vi ce s – L o s s P r e v e n t i o n
UNDERSTANDING AND AVOIDING CHARGEBACKS
A chargeback is a transaction that an Issuer returns to BB&T Merchant Services — and most often, to the merchant — as a financial liability. In essence, it reverses a sales transaction, as follows: • The card issuer subtracts the transaction dollar amount from the cardholder’s credit card account. The cardholder receives a credit and is no longer financially responsible for the dollar amount of the transaction. • The card issuer debits BB&T Merchant Services for the dollar amount of the transaction. • BB&T Merchant Services may deduct the transaction dollar amount from the merchant’s account. The merchant may lose the dollar amount of the transaction.
IMPORTANT
!
IMPORTANT For merchants, chargebacks can be costly. You can lose both the dollar amount of the transaction being charged back and the related merchandise. You also incur your own internal costs for processing the chargeback.
! !
IMPORTANT
Your merchant account is debited the same day the chargeback notification is mailed.
Why Chargebacks Occur IMPORTANT
The most common reasons for chargebacks include: • Customer disputes •IMPORTANT Fraud • Processing errors • Authorization issues • Nonfulfillment of copy requests (only if fraud or illegible) Although you cannot avoid the occurrence of chargebacks completely, you can take steps to reduce or prevent them. Many chargebacks result from easily avoidable mistakes, so the more you know about proper transaction-processing procedures, the less likely you will be to inadvertently do or fail to do something that might result in a chargeback. Of course, chargebacks are not always the result of something merchants did or did not do. Errors are also made by merchant banks, card issuers, and cardholders.
Avoiding Chargebacks
Most chargebacks can be attributed to improper transaction-processing procedures and can be prevented with appropriate training and attention to detail. The following best practices will help you minimize chargebacks.
B B &T Merchant Se r v ic e s – Los s P reven t i on
3.10
Chargeback Remedies
Even when you do receive a chargeback, you may be able to resolve it without losing the sale. Simply provide BB&T Merchant Services with additional information about the transaction or the actions you have taken related to it. For example, you might receive a chargeback because the cardholder is claiming that credit has not been given for returned merchandise. You may be able to resolve the issue by providing proof that you submitted the credit on a specific date. Send this information to BB&T Merchant Services in a timely manner. The key in this and similar situations is always to send BB&T Merchant Services as much information as possible to help remedy the chargeback. With appropriate information, BB&T may be able to resubmit, or “re-present,” the item to the card issuer for payment. Timeliness is also essential when attempting to remedy a chargeback. Each step in the chargeback cycle has a defined time limit during which action can be taken. If you do not respond during the time specified on the request— which may vary depending on Card Association rules— BB&T will not be able to remedy the chargeback. Although many chargebacks are resolved so that the merchant does not lose the sale, some cannot be remedied. In such cases, accepting the chargeback may save you the time and expense of needlessly contesting it.
Point of Sale
• Declined Authorization. Do not complete a transaction if the authorization request was declined. Do not repeat the authorization request after receiving a decline; ask for another form of payment. • Transaction Amount. Do not estimate transaction amounts. For example, restaurant merchants should authorize transactions only for the known amount on the check; they should not add on a tip. • Referrals. If you receive a “Call” message in response to an authorization request, do not accept the transaction until you have called the authorization center. In such instances, be prepared to answer questions. The operator may ask to speak with the cardholder. If the transaction is approved, write the authorization code on the sales receipt. If declined, ask the cardholder for another form of payment. • Expired Card. Do not accept a card after its “Good Thru” or “Valid Thru” date unless you obtain an authorization approval for the transaction. • Card Imprint for Key-Entered Card-Present Transactions. If you must key-enter a transaction to complete a card-present sale, make an imprint of the front of the card on the sales receipt, using a manual imprinter. Even if the transaction is authorized and the cardholder signs the receipt, the transaction may be charged back to you if the receipt does not have an imprint of the embossed account number and expiration date. • Cardholder Signature. The cardholder’s signature is required for all card-present transactions. Failure to obtain the cardholder’s signature could result in a chargeback if the cardholder later denies authorizing or participating in the transaction. When checking the signature, always compare the first letter and spelling of the surname on the sales receipt with the signature on the card. If they are not the same, ask for additional identification or make a Code 10 call.
3.11
BB& T M e rch a n t S e r vi ce s – L o s s P r e v e n t i o n
• Digitized Cardholder Signature. Some cards have a digitized cardholder signature on the front of the card, in addition to the hand-written signature on the signature panel on the back. However, checking the digitized signature is not sufficient for completing a transaction. Sales staff must always compare the customer’s signature on the sales receipt with the hand-written signature in the signature panel. • Fraudulent Card-Present Transaction. If the cardholder is present and has the account number but not the card, do not accept the transaction. Even with an authorization approval, the transaction can be charged back to you if it turns out to be fraudulent. • Legibility. Ensure that the transaction information on the sales receipt is complete, accurate, and legible before completing the sale. An illegible receipt, or a receipt that produces an illegible copy, may be returned because it cannot be processed properly. The growing use of electronic scanning devices for the electronic transmission of copies of sales receipts makes it imperative that the item being scanned be very legible.
Avoid Illegible Transaction Receipts
Ensuring legibility of transaction receipts is key to minimizing copy requests and chargebacks. When responding to a copy request, you will usually photocopy or scan the transaction receipt before mailing or electronically sending it to BB&T Merchant Services. If the receipt is not legible to begin with, the copy that the bank receives and then sends to the card issuer may not be useful in resolving the cardholder’s question. If this occurs, the transaction may be returned to you as a chargeback for an illegible copy. At this point, unless you can improve the readability of the transaction receipt, you may end up taking a loss on the transaction. The following best practices are recommended to help avoid illegible transaction receipts. • Change point-of-sale printer cartridge routinely. Faded, barely visible ink on transaction receipts is the top cause of illegible receipt copies. Check readability on all printers daily, and make sure the printing is clear and dark on every sales draft. • Change point-of-sale printer paper when the colored streak first appears. The colored streak down the center or the edges of printer paper indicates the end of the paper roll. It also diminishes the legibility of transaction information. • Keep the white copy of the transaction receipt. If your transaction receipts include a white original and a colored copy, always give customers the colored copy of the receipt. Since colored paper does not photocopy as clearly as white paper, it often results in illegible copies. • Handle carbon-backed, silver-backed, or carbonless paper carefully. Silver-backed paper appears black when copied. Any pressure on carbon backed or carbonless paper during handling and storage causes black blotches, making copies illegible.
B B &T Merchant Se r v ic e s – Los s P reven t i on
3.12
Sales-Receipt Processing
• One Entry for Each Transaction. Ensure that transactions are entered into point-of-sale terminals only once and are deposited only once. You may get a chargeback for duplicate transactions if you: – Enter the same transaction into a terminal more than once – Process the same transaction with more than one merchant bank • Voiding Incorrect or Duplicate Sales Receipts. Ensure that incorrect or duplicate sales receipts are voided and that transactions are processed only once. • Close your Batches as quickly as possible, preferably within 24 hours of the transaction date; do not hold on to them. • Process credit transactions as quickly as possible. • Ship Merchandise Before Processing Transaction. For card-not-present transactions, do not process the transactions until you have shipped the related merchandise. If customers see a transaction on their monthly card statement before they receive the merchandise, they may contact their Issuer to dispute the billing. Similarly, if delivery is delayed on a card-present transaction, do not deposit the sales receipt until the merchandise has been shipped. • Requests for Cancellation of Recurring Transactions. If a customer requests cancellation of a transaction that is billed periodically (monthly, quarterly, or annually), cancel the transaction immediately or as specified by the customer. As a service to the customer, advise the customer in writing that the service, subscription, or membership has been cancelled and state the effective date of the cancellation. • Disclosing Refund, Return, or Service Cancellation Policies. If your business has policies regarding merchandise returns, refunds, or service cancellations, these policies must be disclosed to the cardholder at the time of the transaction. Your policies should IMPORTANT be pre-printed on your sales receipts, if not, write or stamp your refund or return policy information on the sales receipt near the customer signature line before the customer signs (be sure the information is clearly legible on all copies of the sales receipt). Failure to disclose your refund and return policies at the time of a transaction could result in a IMPORTANT dispute if the customer returns the merchandise.
!
! !
IMPORTANT
For questions regarding chargebacks or sales receipt requests, please call 1-877-672-4228, option 3.
IMPORTANT
IMPORTANT
3.13
BB& T M e rch a n t S e r vi ce s – L o s s P r e v e n t i o n
PAYMENT CARD INDUSTRY DATA SECURITY STANDARDS
Requirements for Protecting Transaction Data Combating fraud is the shared responsibility of all parties involved in payment card transactions. Visa, MasterCard and Discover Network are reaching out to merchants, acquirers and other partners to minimize risk and share requirements for safeguarding transaction data. Below are the 12 requirements included in the Payment Card Industry Data Security Standard (PCI DSS). The PCI DSS can be viewed in its entirety at www.mastercard.com/us/sdp or www.visa.com/cisp, http://discover networ k.com/fr audsecur ity/disc .html/ or www.pcisecuritystandards.org. Compliance with the PCI DSS helps preserve the integrity of the payments system and maintains consumer confidence. Depending on your processing methodand type of business, BB&T may require you to engage with a PCI SSC Qualified Security Assessor (QSA) or Approved Scanning Vendor (ASV) and receive PCI compliance certification. Any merchant or service provider that stores, processes, or transmits cardholder information must comply with these standards. All eligible merchants and service providers, regardless of size (or in the case of service providers, whether they support issuing or merchant activity) must comply with the 12 basic requirements outlined below. 1. Install and maintain a firewall configuration to protect data. Firewalls are computer software devices that control traffic in the company’s network. This includes unauthorized access from the Internet, as well as access to sensitive areas from the company’s internal network. 2. Avoid vendor-supplied defaults for system passwords. Hackers attempt to identify these passwords and settings, and use them to compromise systems. You should always change these defaults before installing a system on the network. 3. Protect stored transaction data. Keep transaction storage to a minimum and never store sensitive authentication data after authorization. Take precautions to make stored transaction data unreadable through encryption or some other secure and robust approach. 4. Encrypt transaction data when transferred over networks. Sensitive information should always be encrypted during transmission over wireless networks or the Internet, as it is often easy to divert or intercept data while in transit. Never send encrypted transaction information via E-mail. 5. Utilize anti-virus software or programs. Install these mechanisms on all systems that can be affected by viruses and ensure that these systems are current, running, and capable of generating audit logs. 6. Develop and maintain secure systems and applications. As a participating merchant or service provider, you must ensure that all components have the latest vendor security and software patches to protect against external hackers and viruses. Develop standard system development processes and secure coding techniques.
B B&T Me rchant Ser v ic e s – Da t a Sec u ri t y /C om pl i a n c e
4.1
7. Restrict access to data. Limit access to resources and cardholder information to employees who need access to the information to do their jobs and limit access only to what is needed. Establish a mechanism for systems with multiple users that restrict access based on an individual’s need to know. 8. Assign a unique username and password to each person with computer access to transaction data. This allows for all actions taken on the system to be identified and tracked.Take necessary precautions to protect user identification and immediately revoke access by terminated users. 9. Restrict physical access to transaction data. Use appropriate facility entry controls and monitor access. Develop procedures to help personnel easily distinguish between employees and others. Destroy media containing transaction information when it is no longer needed. 10. Track and monitor access to network resources and transaction data. Logging mechanisms and tracking user activity is critical to uncovering unauthorized and illegal activity. 11. Regularly test security systems and processes. New vulnerabilities are continually being discovered. Consistent testing ensures security maintenance. 12. Maintain an information security policy. A strong security policy sets the security tone for the entire company.
Data Security Frequently Asked Questions (FAQs)
Below are answers to frequently asked questions about how to best store, secure and share cardholder information to protect against many forms of fraud. We encourage you to share this information with your partners in the merchant community. Q. Where do I find the payment industry requirements for account data security? A. The Payment Card Industry Data Security (PCI DSS) is available on any of the following websites: the Visa website at www.visa.com/cisp, the MasterCard website at www.mastercard.com/us/sdp, the Discover Network at http://discovernetwork.com/fraudsecurity/disc.html or the PCI Security Standards Council website at www.pcisecuritystandards.org. This standard was developed jointly by MasterCard,Visa and Discover Network and has been endorsed by other payment brands. Q. What transaction information can be stored, and what cannot? A. Once the authorization process is complete, only specific information should be retained. Merchants and third-party agents may securely store the cardholder name, account number, expiration date but should destroy all other transaction information after the Authorization Request Response message is received. This includes discretionary cardread data, CVC2/CVV2 data, PIN data, and address verification service (AVS) data. Failure to adhere to this standard will result in significant fines and termination of your account.
4.2
B B & T M e rch a n t S e r vi ce s – D a t a S e c u r i t y / Co m p l i a n c e
Q. Where can transaction information be stored? A. As stated in the PCI DSS, all systems and media containing transaction data must be protected in a secure environment to which access is controlled and limited to selected personnel. Merchants must establish procedures that control all means of access and use a password system to maximize the security of their transaction and cardholder information. REMEMBER: IF YOU DON’T NEED IT, DON’T STORE IT. Q. Do data storage requirements apply to third-party agents? A. Yes. The PCI DSS applies to anyone who stores, processes or transmits payment data, including members, merchants and third parties. Third-party agents include Web hosting companies, payment gateways, terminal drivers, software providers and processors. The merchant must inform its bankcard acquirer of its third-party agents – terminal and software vendors, anyone providing transaction processing, sorting or other services – and ensure that these agents adhere to all applicable data security standards. Q. Does the PCI DSS apply to all merchants or only to online merchants? A. PCI DSS is mandatory for all merchants, third party agents, and service providers. Q. Who should assess and regulate security in merchant systems and networks? A. According to Visa, MasterCard and Discover Network mandates, and depending on the size of a business, merchants may be required to take steps necessary to validate compliance. These steps mayI nclude: an annual onsite audit, quarterly network scan and/ or an annual self-assessment questionnaire (SAQ). For merchants, onsite audits may be conducted by qualifiedonsite assessors or by the merchant’s qualified and authorized staff. Qualified scanningvendors must conduct network scans, and the merchant’s internal staff is responsible for completing the SAQ. All PCI compliance validation requirements are listed on the following websites: www.mastercard.com/us/sdp, www.visa.com/cisp, http://discovernetwork.com/fraudsecurity/disc.html, www.pcisecuritystandards.org Visa, MasterCard and Discover Network are reaching out to merchants, acquirers and their partners to share and publicize these requirements and best practices, and thereby help protect transaction and cardholder information. These policies help to safeguard the entire payments industryand maintain consumer confidence. BB&T Merchant Services strives to be a trusted business partner to you and your customers. Merchants who are interested in learning more about this initiative can log onto www.mastercard.com/us/sdp, www.visa.com/cisp, http://discovernetwork.com/fraudsecurity/disc.html or www.pcisecuritystandards.org
B B&T Merchant Se r v ic e s – Da t a Sec u ri t y /C om pl i a n c e
4.3
IF YOU HAVE A SECURITY BREACH
If you experience a suspected or confirmed security breach, you should: • Immediately contain and limit the exposure. To prevent any further loss of data, conduct a thorough investigation of the suspected or confirmed loss or theft of account information within 24 hours of the compromise. – Do not access or alter compromised systems. Do not log on to the machine or change passwords. – Do not turn off the compromised machine. Instead, isolate compromised systems from the network by unplugging their cables. – Preserve logs and electronic evidence. – Log all actions taken. – If using a wireless network, change the service set identifier (SSID) — or network name — on the access point (AP) and on other machines that may be using this connection (with the exception of any systems believed to be compromised). – Be on HIGH alert and monitor all payment systems. • Alert all necessary parties. Be sure to contact: – Your internal information security group, incident response team and legal department – Your merchant bank : BB&T Merchant Services at 1-877-672-4228. Contact must be made immediately and no later than 24 hours after discovery of a suspected breach. BB&T will follow up with you to discuss the compromise and review the action required to demonstrate the ability to prevent future loss or theft of transaction information. Provide all compromised accounts to your BB&T Merchant Services within 10 business days. All potentially compromised accounts must be provided and transmitted as instructed by your merchant bank and card associations. The card associations will distribute the compromised account numbers to Issuers and ensure the confidentiality of entity and nonpublic information. Within 3 business days of the reported compromise, provide an Incident Report document to BB&T Merchant Services.
4.4
B B & T M e rch a n t S e r vi ce s – D a t a S e c u r i t y / Co m p l i a n c e
MERCHANT WEBSITE REQUIREMENTS
Note: Merchants must notify BB&T Merchant Services prior to establishing a website and accepting payment transactions online. The Card Associations require that you include certain content or features on your website. These elements are intended to promote ease of use for online shoppers and reduce cardholder disputes and potential chargebacks. • Complete description of goods and services. Remember you have a global market, which increases opportunities for unintended misunderstandings or miscommunications. For example, if you sell electrical goods, be sure to state voltage requirements, which vary around the world. • Customer service contact information, including e-mail address or phone number. Online communication may not always be the most time-efficient or user-friendly for some customers. Including a customer service telephone number as well as email address promotes customer satisfaction. • Return, refund, and cancellation policy. This policy must be clearly posted. (See Disclosure for Card-Not-Present Merchants on page 3.5.) • Delivery policy. Merchants set their own policies about delivery of goods; that is, if they have any geographic or other restrictions on where or under what circumstances they provide delivery. Any restrictions on delivery must be clearly stated on the website. • Country of origin. You must disclose the permanent address of your establishment on the website. • Export restrictions (if known).
M E R CH A NT
Merchants cannot convert transaction amounts into a different currency. Equivalent amounts in other currencies may be shown, but they must be clearly labeled as being listed for information only.
TIP
Best Practices for the Web
Suggested best practices for merchant websites include: • Privacy statements. • Information on when credit cards are charged. You should not bill the customer until merchandise has been shipped. • Order-fulfillment information. State timeframes for order processing and send an email confirmation and order summary within one business day of the original order. Provide up-to-date stock information if an item is back-ordered. • Customer service timeframes. Ideally, customer service emails or phone calls should be answered within two business days. • A statement on website regarding security controls used to protect customers. • A statement encouraging cardholders to retain a copy of the transaction.
B B&T Merchant Se r v ic e s – Da t a Sec u ri t y /C om pl i a n c e
4.5
BB&T Merchant Connection® Web Based Reporting
Through BB&T Merchant Connection, you have immediate access to everything you need to know about your account 24 hours a day.
ONLINE CONVENIENCE
All you need is a computer with the minimum operating requirements* and access to the Web. No special skills are needed. No more waiting for your monthly merchant statement to arrive in the mail. The information is at your fingertips for instant access.
*Minimum operating system requirements are: Internet Explorer 6.0 sp2 or higher; Adobe Reader version 8.0 or higher; Adobe Flash Player version 9 or higher; Pop-up windows should be allowed to pop-up and not be forced into a new window/ tab or blocked from view. If a pop-up blocker is enabled on your browser, the pop-up blocker needs to allow pop-up windows for www.mreports.com.
Start Using the Speed of the Internet Right Away
Take a moment to look over the features on the following pages, then log on to see how these powerful advantages can save you time and help you more efficiently run your business. • Perform sales volume comparisons and analyze potential merchant fraud. • Monitor batches for high risk transaction activity. • Report features include flexible date ranges, long-term storage, data files and chain reports. • Download report data for import into your accounting software.
Information Security
• All information is communicated through the web using SSL-encryption, the web standard. • Access requires use of a bank issued user ID and password.
Common Report Features
• Change the start and end dates for reports to view information by day, or rolled up by week, month, or any other date range. • Up to 30 months of historical data. • For businesses with multiple locations, use summary reports to see information for the business as a whole, as well as detailed reports for each individual location. • Click on underlined dollar amounts to see more information, or click on underlined column headings to list information in alpha or numeric order.
For more information: www.bbt.com/merchantservices
Everything You Need To Know 24 Hours A Day, 7 Days A Week
B B&T Merchant Se r v ic e s – C u s tom i z e You r Sol u ti on
5.1
CHECK SERVICES
With options available through BB&T Merchant Services, you can remove almost all of the uncertainties when accepting a paper check: • With Electronic Check, you convert paper checks into electronic funds transfers at the point of sale, and funds are moved electronically from consumer’s account to your account through the Automated Clearing House (ACH) network. • With Check Verification, you take advantage of a verification system at the point of sale to identify potential check fraud and habitual bad check writers before you accept a check. Or you can choose to have us guarantee payment. These services allow you to reduce losses due to check fraud and non-sufficient funds, shorten the time required for checks to clear, and please your customers by continuing to offer the option of paying by check.
Electronic Check Conversion Options
You may choose from two options in the conversion process: • Conversion Only – Paper checks are converted at the point of sale with account verification. A third-party processor will determine the probability that the check will be paid. The risk of loss remains with you. • Conversion With Guarantee – A guarantor ensures that you receive payment for the check.
Check Verification
If you prefer a more traditional approach to accepting payment by check, our Check Verification service allows you to reduce the acceptance of NSFs while continuing to deposit checks at your bank. The process is transparent to your customers.
Check Verification Options
You can choose from two options in the verification process: • Verification Only – Checks are verified at the point of sale against national databases to identify habitual bad check writers or the potential for check fraud. • Verification With Guarantee – BB&T guarantees that you will be reimbursed in full for most returned checks. Payroll checks, third-party checks, and money orders are among the few items not eligible for the program.
5.2
BB& T M e rch a n t S e r vi ce s – Cu s t o m i z e Yo u r S o l u t i o n
Benefits to You
The Check Verification program provides you with greater confidence in the checks you accept, while contributing to a smooth sales transaction at the point of sale. Other benefits include: • Reduced exposure to fraud • Smoother and faster checkout for customers • Reduced losses from non-sufficient funds • Improved efficiency resulting from fewer returned checks and collections (verification with guarantee option) • Uninterrupted cash flow (verification with guarantee option)
For details, talk with your BB&T Merchant Sales Consultant, or call 1-877-MRCHBBT (672-4228).
BB&T Merchant Services is a division of BB&T Financial, FSB, a subsidiary of BB&T Corporation. Member FDIC.
B B&T Me rchant Ser v ic e s – C u s t om i ze You r Sol u ti on
5.3
GIFT CARDS
Whether you’re a small merchant or a large chain, you know you can take advantage of the efficiency and profitability of gift cards. They are among the fastest growing merchant products ever introduced, with more than 115 billion cards issued and growth above 20 percent annually. These pre-paid cards carry your business’ name.They allow your customers to determine the value they want to store on the card and the ability to pay by credit card, check or cash. Card buyers are making a commitment to purchase from you before they select the products or services you offer. You may also use the card to provide extra convenience to your frequent buyers or recognize and reward preferred customers. The gift card program can be used for special sales and promotions and is a great tool to attract new customers.
Ring up the Benefits
Greater brand awareness. Increased sales. Improved customer loyalty. Your store-branded card delivers these benefits…and more. You keep the full cash value of stored value card sales in your store. Customers tend to be less price sensitive, which means the cards actually generate additional sales. Stored value cards also represent a great promotional tool for you. The cards are an everpresent reminder of your business.They bring customers back frequently so that you become their shopping destination.
Ease of Use
The stored value system flows smoothly for customers and merchants. Cards are easy to purchase and use. Activation, sales, and balance inquiries all occur in real time between your point of sale terminal and our processing center. The transaction is fulfilled, data is captured, and a response is transmitted back to your terminal where paper receipts – including the card balance – can be generated for you and your customer. Look to BB&T to provide a full range of support in implementing your stored value card program. Turnkey marketing and promotional materials, such as counter displays, posters, and table tents, are available. You can choose the program that matches your size and needs, or we’ll customize a program just for you – all on an accelerated schedule that usually can have your program ready to roll out in just a few days. And you’ll get ongoing support that is readily accessible through our help desk and Client Support Center. For details, talk with your BB&T Merchant Sales Consultant, or call 1-877-MRCHBBT (672-4228).
BB&T Merchant Services is a division of BB&T Financial, FSB, a subsidiary of BB&T Corporation. Member FDIC.
5.4
BB& T M e rch a n t S e r vi ce s – Cu s t o m i z e Yo u r S o l u t i o n
OTHER CARD TYPES
BB&T can customize your program to accept any and all major credit card payment options, including VISA, MasterCard, American Express, Discover Network, Wright Express, and Voyager plus purchasing cards, Electronic Benefits Transfer (EBT) cards, debit cards, and healthcare spending cards. Accepting other card types can increase your customers’ spending with you but understanding these different card types can be challenging. Almost everyone is familiar with Visa, MasterCard, American Express, and Discover, but what about other card types? Would accepting them increase your sales, customer loyalty, or bottom line? American Express Cards – These cards for both consumers and businesses have significantly grown in popularity over the last several years. As demand for acceptance of American Express cards grow, if you are not already, you may decide to accept these card types. BB&T Merchant Services can provide pricing and documentation to get you started. Wright Express and Voyager Fleet Cards – Fleet Cards are generally used by companies that have a “fleet” of vehicles used as a part of the business. Depending on where the card is used, the card will prompt for additional information in order to accept the transaction. As the popularity of fleet cards grows, demand for the acceptance of these cards will grow as well. Fleet cards can be accepted by both fuel and nonfuel merchants that have clients requesting fleet card acceptance. Most commonly, fleet cards are accepted at convenience stores, auto repair shops, car washes, and auto part stores. Commercial Cards – These cards, which are similar to fleet cards with their advanced reporting and additional prompts, are used by companies that prefer to use cards over checks for their low dollar purchases. By accepting MasterCard and VISA you will automatically be able to accept these cards; however, you may not be passing the additional data requested by this card type. Merchants performing a significant number of business-to-business transactions may receive requests to process commercial cards. Electronic Benefits Transfer (EBT) – EBT is a card program that allows recipients to authorize transfer of their government benefits from a Federal account to a merchant account to pay for products received. EBT is currently being used in many States to issue food stamps and other benefits. EBT cards are generally accepted at grocery stores and other retailers where government subsidized purchasing is allowed. Debit Cards – Although accepting VISA and MasterCard allows you to accept debit cards, you may choose to accept PIN-based debit, where the customer enters their PIN at the point of sale. This eliminates the customer’s signature and may reduce your cost. HealthCare Spending Cards – These cards have become increasingly popular as insurance providers look to save money and create efficiencies. HealthCare Spending Accounts (HSAs) and Flexible Spending Accounts (FSAs) are generally accepted at medical practices, pharmacies, and hospitals. (Special software may be required to meet IRS requirements.) No matter how your customers choose to pay, we’ll help make the process a positive experience. For details on accepting any of these card types call 1-877-MRCHBBT (672-4228).
BB&T Merchant Services is a division of BB&T Financial, FSB, a subsidiary of BB&T Corporation. Member FDIC. B B&T Merchant Se r v ic e s – C u s t om i zi n g You r Sol u t i on
5.5
BankCard Services
BB&T offers the versatile Visa Business Credit Card to business clients requiring a credit line less than $100,000 to meet their everyday business purchasing needs and Visa Commercial OneCard solutions to business clients requiring a credit line greater than $100,000 to meet their purchasing, corporate or fuel and business vehicle needs. These simplified choices replace cash, checks and personal credit cards - and are offered with no annual or per-card fee, 24/7 online account access and maintenance, as well as customized reports and individualized account statements. In addition, the Visa Liability Waiver Program and proactive fraud monitoring are included features.
The BB&T Visa Platinum Credit Card gives you convenient credit on a personal level for everyday items or special purchases. Accepted at over 32 million merchant locations worldwide, the BB&T Platinum Card comes with zero liability for unauthorized use and easy online account management with Credit Card Connection. And a low introductory rate, 25day grace period and optional BB&T Rewards Program add to the superior value that the BB&T Platinum Card offers. For complete details on BB&T ‘s Consumer and Commercial Credit Cards, please call 1-800-397-1253 or visit a local BB&T financial center.
BB&T credit cards are subject to credit approval and are issued by BB&T Financial, FSB, a subsidiary of BB&T Corporation. Member FDIC.
5.6
B B& T M e rch a n t S e r vi ce s – Cu s t o m i z i n g Yo u r S o l u t i o n
Glossary/Resources
Address Verification Service (AVS) A service that a mail/telephone order merchant can perform to verify that the street number and zip code that the cardholder provides the Merchant matches the address on file with the card- issuing bank. AVS is designed to reduce fraud. Account Number The payment card number (credit or debit) that identifies the issuer and the particular cardholder account. Acquirer A financial institution that initiates and maintains contractual agreements with merchants for the purpose of accepting and processing credit and debit card transactions (also: Card Acquirer, Financial Institution, Merchant Bank). Authentication The process of verifying identity of a subject or process. Authorization The process of validating with the card issuing institution that funds are available on the card at the time the authorization request is submitted by the merchant. Authorization Code A numerical code designated by the issuer, given at the time the transaction is approved by the card issuer. If the transaction is declined, the issuer will respond with a “decline” response. The code is always included on the electronically printed sales receipt. If a manual sales draft needs to be created by the merchant, the original approval code must be included on this draft. Batch Processing The authorization of transactions offline when immediate approval is not required. Transactions are collected in a batch and sent as one transmission for authorization and/or settlement. Batch processing is generally used with mail/telephone order transactions. Card-Not-Present A type of card transaction in which the card is not present at the point of sale for the magnetic stripe to be read. These are considered higher risk transactions. Card-Validation Code The three-digit value printed on the signature panel of a payment card used to verify card-not-present transactions. On a MasterCard payment card this is called CVC2. On a Visa payment card this is called CVV2. Cardholder The customer to whom a card has been issued or the individual authorized to use the card.
B B&T Merchant Se r v ic e s – G l os s a r y / R es ou rc es
Cardholder Data All personally identifiable data about the cardholder and relationship to the Member (i.e., account number, expiration date, data provided by the Member, other electronic data gathered by the merchant/ agent, and so on). This term also accounts for other personal insights gathered about the cardholder (i.e., addresses, telephone numbers, and so on). Chargeback A bankcard transaction disputed by a cardholder. The dispute is sent from the cardholder’s issuing bank to the merchant’s bank for review. Check Guarantee A service that guarantees check payment to a merchant up to a specified amount. However, merchants are required to perform correct authorization procedures. Check Verification A service that provides merchants with some security against bad checks. The person writing the check is matched against a national negative file database to flag outstanding or bad checks on record from other members of this service. Compromise An intrusion into a computer system where unauthorized disclosure, modification, or destruction of cardholder data may have occurred. Consumer Individual purchasing goods and /or services. DBA Doing Business As. Compliance validation levels are based on the transaction volume of a DBA or chain of stores (not of a corporation that owns several chains). Dial-Up Terminal An authorized terminal that uses a telephone line to communicate with the authorization center. Discount Rate The fee charged by the merchant financial institution to the merchant for services rendered in connection with processing card sales transactions. EBT Electronic Benefits Transfer - The automation of government benefits through electronic authorization, data capture and settlement processes. Plastic cards with magnetic stripes are used, eliminating paper benefits and coupon distribution. ECR Electronic Cash Register - A cash register that also emulates a point-of-sale terminal for processing credit card transactions.
6.1
EDC Electronic Draft Capture – The use of a point-of-sale device to authorize and settle credit card transactions. EFT Electronic Funds Transfer – An electronic system that automatically moves funds, e.g., an ATM withdrawal or pay-by-phone transaction. Firewall Hardware and/or software that protect the resources of one network from users from other networks. Typically, an enterprise with an intranet that allows its workers access to the wider Internet must have a firewall to prevent outsiders from accessing its own private data resources. Force-post The process by which a voice-authorized transaction is key-entered to be settled electronically with a batch of transactions. Also know as a post-auth. Gateway Manages the electronic connection between consumers and their financial institutions and transmits data. Gift Card A reusable, stored-value card that enables merchants to have an electronic alternative to paper gift certificates. Host The main hardware on which software is resident. Imprinter A device used to imprint embossed card information onto a sales draft for payment card transactions. An imprinter is used if the card is present and the POS device cannot read the contents of the magnetic stripe. Information Security Protection of information for confidentiality, integrity and availability. Interchange Fee A fee that acquiring banks must pay issuing banks to offset the issuer’s cost of funds and processing expenses. IP address An IP address is a numeric code that uniquely identifies a particular computer on the Internet. Magnetic Stripe A panel located on the back of a payment card containing magnetically encoded cardholder account information.
Magnetic Stripe Data (Track Data) Data encoded in the magnetic stripe used for authorization during a card present transaction. Entities may not retain full magnetic stripe data subsequent to transaction authorization. Specifically, subsequent to authorization, service codes, discretionary data/CVV, CVC and MasterCard/Visa reserved values must be purged; however, account number, expiration date, and name may be extracted and retained. Magnetic Stripe Reader A point-of-sale device that reads the encoded information from the magnetic stripe when the card is passed through the reader. Readers may read Track Two, which contains the cardholder account number and expiration date, or both Track Two and Track One, which contains the cardholder name. Network A network is two or more computers connected to each other so they can share resources. Offline Debit Debit transaction that occurs when a Visa/MasterCard check card is authorized through the credit card system and the amount is debited from the cardholder’s checking (DDA) account. Offline Transaction A transaction that is authorized through a voice authorization and later keyed into a POS terminal prior to settlement. Password A string of characters that serve as an authenticator of the user. PIN Personal Identification Number – A numeric code used as verification to complete a transaction via a payment card. The number is entered in to a keypad and is encrypted to travel along with the authorization. POS Point of Sale – The location in which a payment card transaction occurs, usually by way of a device such as a credit card terminal or cash register. POS Terminal A terminal at the point of sale, connected via telecommunication lines to a central computer. Authorization, recording, and transmission of electronic transactions are performed through the terminal. Private Label Card A card issued by a merchant that can only be used in the issuing merchant’s business. An example would be a department store credit card.
6.2
BB& T M e rch a n t S e r vi ce s – G l o s s a r y/ R e s o u r c e s
Reason Code A two-digit code identifying the reason a chargeback was initiated. Re-authorization (re-auth, add auth) To request an additional amount to be authorized on an existing transaction. Used in the lodging industry when the original authorization is not sufficient to cover the charges. Recurring Transaction A transaction charged to a cardholder’s account (with prior permission) on a periodic basis for recurring goods and services, i.e., health club memberships. Refund A refund occurs when the merchant rebates all, or a portion, of an original transaction amount to the cardholder. Refunds are made to the same card that was used for the original transaction. Retail Transaction A face-to-face transaction in which the cardholder presents a card to the merchant to pay for goods or services. Reversal When an acquirer successfully represents a chargeback to the issuer, the chargeback is reversed and the funds are returned to the merchant. Sensitive Cardholder Data Data whose unauthorized disclosure may be used in fraudulent transactions. It includes, the account number, magnetic stripe data, CVC2/CVV2 and expiration date. Settlement The process in which a merchant transmits batches of transactions to the acquirer. In interchange, it is the process by which acquirers and issuers exchange financial data resulting from sales transactions, cash advances, merchandise credits, etc.
Split Dial The capability of a card terminal to dial different telephone numbers to obtain an authorization or settlement of different card types. SSL An established industry standard that encrypts the channel between a web browser and Web server to ensure the privacy and reliability of data transmitted over this channel. T&E Cas Cards that are developed for and used primarily in travel-related services. Track One Track One information, stored on the magnetic stripe on the back of a card, has the cardholder’s name in addition to the account number and expiration date stored in it. Track Two Track Two information, stored on the magnetic stripe on the back of a card, has the account number and expiration date. Transaction Data Data related to an electronic payment. Truncation The practice of removing a data segment. Commonly, when account numbers are truncated, the first 12 digits are deleted, leaving only the last 4 digits. VAR Value Added Reseller - A third party that certifies its software to be used on a processor’s system. Voice Authorization Transactions authorized by a voice operator. Voice-approved transactions must be “forced” into a terminal batch for settlement.
B B&T Merchant Se r v ic e s – G l os s a r y / R es ou rc es
6.3
Resources
BB&T website: www.BBT.com BB&T Merchant Services website: www.BBT.com/merchantservices BB&T Client Support 1-877-672-4228 Monday – Friday, 8:30 a.m. – 9:00 p.m. (ET) Visa http://usa.visa.com/merchants/index.html Visit this site for information on: • Visa policies and procedures • Visa marketing materials, stickers, tip trays, check presenters, etc. Visa Fulfillment 1-800-VISA-311 (1-800-847-2311) MasterCard www.mastercard.com/us/merchant Visit this site for information on: • MasterCard acceptance policies • Services provided by MasterCard • MasterCard marketing materials such as stickers, tip trays, check presenters, etc. MasterCard Fulfillment 1-800-622-7747 Discover Network http://www.discovernetwork.com/clientsupport/signage.html Visit this site for Discover Network marketing materials http://www.discovernetwork.com/getstarted/merchant/merchant.html Visit this site for Discover Network policies and procedures Data Security Related Sites www.visa.com/cisp www.mastercard.com/us/sdp http://discovernetwork.com/fraudsecurity/disc.html www.pcisecuritystandards.org
6.4
BB& T M e rch a n t S e r vi ce s – G l o s s a r y / R e s o u r c e s
BBT.com
C0036450000 5/1/09
