Rob Crutchington, Director at Encoded, discusses how merchants can avoid bank penalty fees from processing non-secure payments
First there was the Payment Card Industry Data Security Standard (PCI DSS) and now there is another set of legislation that affects the way merchants collect and store their customers’ personal information, General Data Protection Regulation (GDPR) which came into force on 25th May. With so many important changes affecting the card payment industry, merchants might be forgiven for losing sight of the everyday basics of running their business, in particular acquirer fees. Easily overlooked, these fees soon mount up and can result in a significant dent in the profits of any organisation if left unchecked.
To pay or not to pay?
Let’s consider the thorny issue of non-secure charges. A merchant may get charged a non-secure fee when they process a transaction that requires a level of security (such as Chip & Pin for face-to-face transactions and 3D Secure for e-commerce payments) but have actually failed to do so. These fees can add up quite quickly and often merchants are not aware of why they get them.
Contact centres that accept debit or credit card payments are generally considered to be high risk environments because they face the dual challenges of minimising the risk of fraud and reducing the higher processing costs associated with so-called non-secure transactions. The latter could be the occasional face-to-face sign-and-swipe payments where cardholders do not have a Chip and PIN facility; telephony-based transactions where merchants have to collect the 3-digit CSV security code themselves or online orders that do not automatically undergo a 3D Secure authentication process.
The theory is that if the above transactions are done in a secure environment and now contact centres are more secure than ever, as a result of developing a tight framework that meets stringent PCI DSS requirements – no additional non-secure fees should be charged. The reality is that many merchants continue to be charged these fees that often result in more losses than the initial transaction amount along with wasted time and administrative costs associated with correcting errors.
Avoiding the pitfalls of unnecessary fees in three easy steps
So what can merchants do to avoid the pitfalls of unnecessary fees? The following three steps are a good place to start:
1.Don’t just take their word for it, push back! – when was the last time you checked your fees and the agreement you have with your acquiring bank? Chances are it was when the auditors were around to check the annual accounts or worse still, you can’t remember.
Review your contract with the acquirer, take a close, regular look at the number and amount of fees you are incurring and then challenge any discrepancies. Look at any recurring payments you may have. Non-secure fees should not be charged for these transactions but only as long as they are flagged correctly as being a recurring transaction.
Look at the small print. Any reputable acquiring bank will clearly state the methods they deem to be secure and then list the charges that will apply if these methods are not employed or are employed incorrectly.
Better to check than be sorry. Vigilance is the first step to taking control and avoiding unwanted fees.
2.Switch to online payments – it’s probably clear by now that acquiring banks view non Chip and PIN face-to-face and telephony-based card payment transactions with a great deal of suspicion and impose what can only be described as penalties (non-secure fees) on merchants choosing to handle payments in this way. Wherever possible, try and encourage customers to pay for your products and services online to mitigate the risks of security and increased charges.
3.Tap into the power of digital engagement – the latest innovations in automated payments provide the highest levels of security while creating an engaging customer experience at the same time. Designed with PCI DSS and GDPR in mind, they tap into the demand for super connectivity by combining the non-intrusive and convenient method of SMS with the rich functionality of proven automated payments technology. Capable of linking seamlessly to leading messaging services such as Facebook Messenger, these new solutions accept payments via SMS from stored cards. Customers simply reply with the word ‘pay’ to process their transactions securely on the move and at a time to suit them.
Ask yourself this: would you ignore any false interest charges on your personal credit card bill? Would you do online banking without the latest virus and security software? The answers to both are probably a definite “No”. The moral of the story is to apply the same level of care to your company finances as you do to your own. The great thing is, it’s never too late to start – check those contracts and speak to your acquirer without delay.