Escolar Documentos
Profissional Documentos
Cultura Documentos
Reference Kit
I M P O R TA N T I N F O R M AT I O N ENCLOSED
The information in this packet includes summaries of certain requirements imposed as of May 2009 by BB&T, the Card Associations and applicable law relating to merchant acceptance and processing of credit and debit card transactions. This packet is not meant to be a detailed description or a complete listing of all these requirements or of your obligations. We urge you to read your merchant agreement with us, the rules and regulations of the Card Associations and applicable law in order to understand fully all of your obligations as a merchant accepting card transactions and, if appropriate, consult with your own legal advisor. We also note that these requirements may change over time, and that you will be responsible for complying with any such changes as they come into effect. BB&T Merchant Services is a division of BB&T Financial, FSB, a subsidiary of BB&T Corporation. Member FDIC.
Getting Started
Client Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1.1 Clients Using Terminals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1.2 Clients Using Software or Payment Gateways . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1.3 Clients Using DialPay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1.3
Daily Processing
Card Acceptance Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.1 Card Processing Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2.3 Key- Entered Transactions/Obtaining Manual Imprints . . . . . . . . . . . . . . . . . . . . . . . . 2.4 Understanding Interchange/Minimizing Processing Costs . . . . . . . . . . . . . . . . . . . . . . 2.8 Your Merchant Statement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.12 Maintaining Your Account . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.15 If Your Terminal Breaks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.15
Loss Prevention
Card Identification Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.1 Code 10 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.5 Fraud Prevention Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3.6 CVV2/CVC2 Processing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3.6 Address Verification Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3.8 Understanding and Avoiding Chargebacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3.10
Data Security/Compliance
Payment Card Industry Data Security Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4.1 If You Have a Security Breach . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4.4 Merchant Website Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4.5
Glossary/Resources
Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6.1 Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6.4
CLIENTS SUPPORT
1-877-MRCHBBT 1-877-672-4228 Menu Options
If you are experiencing terminal or printer malfunction or terminal error messages, or if you need assistance with terminal operation, Press 1 to access the technical help desk. Please choose the technical help desk that supports your terminal. - - - - - For TSYS Acquiring Solutions (formerly Vital), Press 1. For Global, Press 2. For Paymentech Press 3. For NDC, Press 4. If you do not know your technical support provider, Press 0 for BB&T Client Support.
For supplies, Press 2. For retrieval requests or for inquiries about a chargeback you recently received, Press 3. To speak with a BB&T Client Support representative regarding your BB&T Merchant Services account, Press 0. Our office hours are 8:30 a.m. 9:00 p.m. (ET), Monday through Friday. Technical and terminal support is available 24 hours a day 7 days a week.
Merchant ID #: Terminal ID #:
BBT V1234567
1.1
1.2
Note: If you purchased service through BB&T Payment Gateway or Virtual Terminal, you should have received a welcome email and welcome call from a BB&T training specialist to walk you through your new method IMPORTANT of processing. If you have not received your welcome email or you are ready for training, please call the Merchant Client Support Center.
! !
IMPORTANT
Certain settings in your software will affect your transaction costs, your ability to prevent fraud and chargebacks, and your compliance with Card Association rules. It is your responsibility to ensure the settings established in your software are the most appropriate for processing your transactions. In addition, compliance with Data Security Standards established by the Card Associations is critical. Further details on these topics are provided throughout this Reference Kit.
! !
IMPORTANT
All DialPay merchants should be processing transactions using the Address Verification Service as described on page 3.7. For Card-Present transactions, manual imprints, as explained on page 2.4, should be obtained. For Card-Not-Present transactions, DialPay merchants should adhere whenever possible to the Fraud Prevention Guidelines on page 3.5.
IMPORTANT
IMPORTANT
1.3
BB& T M e rch a n t S e r vi ce s G e t t i n g S t a r t e d
No Surcharging
Always treat card transactions like any other transaction; that is, do not impose any surcharge on a transaction. You may, however, offer a discount for cash transactions, provided that the offer is clearly disclosed to customers and the cash price is presented as a discount from the standard price charged for all other forms of payment.
Taxes
Include required taxes in the total transaction amount. Do not collect taxes separately in cash. This policy reflects the needs of the many Visa, MasterCard, and Discover Network cardholders who must have written records of the taxes they pay for goods and services.
Split Sales
Prepare one sales receipt per transaction, using the full transaction amount. Merchants are not allowed to split the cost of a single transaction on a single cardholder account between two or more sales receipts in order to avoid authorization limits.
Laundering
Deposit transactions only for your own business. Depositing transactions for a business that does not have a valid merchant agreement is called laundering or factoring. Laundering is not allowed; it is a form of fraud associated with high chargeback rates and the potential for forcing merchants out of business.
No Cash Refunds
Complete a credit receipt for merchandise returns or adjustments. Do not provide cash refunds for returned merchandise originally purchased with a card. Visa and Discover Network does not permit cash refunds for any credit or debit card transaction. By issuing credits, you protect your customers from individuals who might fraudulently make a purchase on their account and then return the merchandise for cash.
2.1
Zero-Percent Authorizations
Merchants should not estimate transaction amounts. For restaurant merchants, in particular, this means debit or credit card transactions should be authorized only for the known amount of the check. Do not add on an estimated tip. Cardholders today can check their account balances almost instantly via the Internet or ATMs. An authorization that includes an estimated tip can reduce their available cash or credit balance by an unrecognizable amount. Say, for example, a cardholders restaurant bill is $100, but the staff adds on a 20 percent tip that is, $20 for authorization purposes. If the cardholder only adds on a $15 tip, or leaves the tip in cash, the authorization hold on the larger amount may make it appear he or she was overcharged. And that, in turn, can mean angry phone calls from unhappy customers and the potential for reduced business. To ensure zero-percent tip authorization for all transactions, restaurant merchants should: Instruct staff to authorize only for the check amount. Your staff training and review materials should emphasize the importance of authorizing only for the known amount of the check, excluding any estimated tip. Ensure your authorization system is set up for zero-percent authorization. For further information on zero-percent tip authorization, contact the Merchant Client Support Center.
Merchants should not use your own card, or one to which you have access, to process a transaction for the purpose of obtaining credit for your own benefit.
2.2
BB& T M e rch a n t S e r vi ce s D a i l y P r o c e s s i n g
request the transaction authorization. Hold the card throughout the transaction.
being processed, check the cards features and security elements to make sure the card is valid and has not been altered in any way.
3 Obtain authorization
4 Compare the
name, number, and signature on the card to those on the transaction receipt.
2.3
IMPORTANT If the account number is printed on the receipt, only the last four digits will be used in many cases. If the numbers dont match, you will receive a No Match message. In such instances, you should make a Code 10 call.*
! IMPORTANT
IMPORTANT
All POS terminals and systems are required to provide account number truncation on electronically printed transaction receipts. This means that only the last four digits of an account number should be printed on the customers copy of the receipt, and the expiration date should not appear at all. All POS terminals and systems must now comply with these requirements. The Merchant copy of the receipt may be required to reflect no more than the last four or five digits of the cardholder account number depending upon state or local legislation enacted in the jurisdiction of Merchants location. It is Merchants responsibility to determine requirements of and comply with local and/or state legislation as applicable. If the full card number does appear on the Merchants copy, please make sure the correct receipt, the cardholder copy, is provided to the customer. If the full card number does not appear on the Merchant copy, we suggest you print out a batch detail report before closing out in order to have a record of the full card number. Retain in a secure location.
KEY-ENTERED TRANSACTIONS
If a Card Wont Read When Swiped
In some instances, when you swipe a card the terminal will not be able to read the magnetic stripe or perform an authorization. When this occurs, it usually means one of three things:
The terminals magnetic-stripe reader is not working properly. The card is not being swiped through the reader correctly. The magnetic stripe on the card has been damaged or demagnetized. Damage to the card may happen accidentally, but it may also be a sign that the card is counterfeit or has been altered.
2.4
BB& T M e rch a n t S e r vi ce s D a i l y P r o c e s s i n g
Magnetic-Stripe Reader Obstructions Remove obstructions near the magnetic-stripe reader. Electric cords or other equipment could prevent a card from being swiped straight through the reader in one easy movement. Spilled Food or Drink Remove any food or beverages near the magnetic stripe reader. Falling crumbs or an unexpected spill could soil or damage the machines. Keep magnetic anti-theft deactivation devices away from any counter area where customers might place their cards. These devices can erase a cards magnetic stripe. Swipe the card once in one direction, using a quick, smooth motion. Never swipe a card back and forth. Never swipe a card at an angle; this may cause a faulty reading.
M E R CH A NT
Key-entered transactions are fully acceptable, but they are associated with higher fraud and higher chargeback rates. Key entered transactions may increase your processing costs because of the increased risks.
TIP
2.5
1 5 2 3 7 4
10
1 Imprint of credit card number will show here. 2 Imprint of plate showing merchant number,
MC.
name, and state will show here. If imprint of IMPORTANT plate is unavailable, write in the mermerchant chant name and place of business. (Merchant account number is not required).
8 Enter amount of total transaction. 9 If cardholders sign the terminal receipt, they
4 Enter the amount of each sale. 5 Enter the date of each sale.
! !
are not required to sign manual imprint receipt. Attach the merchant copy to the terminal copy for the merchants file.
IMPORTANT
A manual imprint must NOT consist of an impression taken from the card using pencil, crayon or other writing instrument.
2.6
Authorization
The authorization process allows the card issuer to approve or decline a transaction. In most cases, authorizations are processed electronically in a matter of moments. However, to protect against fraud, the card issuer may request additional information about the transaction. If properly done, authorizing a transaction is quick and easy and protects merchants against fraud and chargebacks.
MERC HANT
Authorization should be seen as an indication that account funds are available at the time of authorization and a card has not been reported as lost or stolen. It is not proof that the true cardholder or a valid card is involved in a transaction. It is highly recommended and in your benefit to settle all authorized transactions daily or within 24 hours of the time of the authoirzation. Settling in this manner may prevent chargebacks and will prevent additional interchange fees.
TIP
Authorization Responses
During the authorization process, your sales associates should receive one of the following responses, or one that is similarly worded.
RESPONSE Approved MEANING Card issuer approves the transaction. This is the most common response about 95% of all authorization requests are approved. Card issuer does not approve the transaction. The transaction should not be completed. Return the card and instruct the cardholder to call the card issuer for more information on the status of the account. Card issuer needs more information before approving the sale. Most of these transactions are approved, but you should call your authorization center and follow the instructions you are given. In most cases, an authorization agent will ask to speak directly with the cardholder or will instruct you to check the cardholders identification. Card issuer wants to recover the card. Do not complete the transaction. Inform the customer that you have been instructed to keep the card, and ask for an alternative form of payment. If you feel uncomfortable, simply return the card to the cardholder. The embossed account number on the front of the card does not match the account number encoded on the magnetic stripe. Swipe the card again and re-key the last four digits at the prompt. If a No Match response appears again, it means the card is counterfeit. If it can be done safely, keep the card in your possession, and make a Code 10 call.
Pick Up
No Match
2.7
A: Interchange is the fee that merchant-acquiring institutions must pay card-issuing institutions to help offset card issuers processing costs and cost of funds. Revenue from interchange fees permits issuers to offer consumers value-added card products at lower prices. This helps increase card availability and usage, which benefits merchants through incremental sales and displacement of other more expensive forms of payment. Interchange rates are set and governed by Visa, MasterCard, and Discover Network, and are the same for all card-issuing and merchant-acquiring institutions. Such control helps maintain the integrity of the most widely used, complex electronic payment system in the world.
Q: What are non-qualified transactions?
A: Visa, MasterCard, and Discover Network establish interchange fees for transactions based on the data submitted and the risk associated with the particular transaction. Your merchant account and the agreed-upon rates and fees are based on an interchange level that is established according to your processing method and business type. A non-qualified transaction is a transaction that does not qualify at the expected level because it does not meet Visa, MasterCard, and Discover Network requirements for that level. Your account will be billed the difference in cost between the expected interchange rate and the interchange level at which the transaction actually qualified plus a surcharge. For example: The interchange level established for an account may require that the card be present and swiped as part of the transaction. The interchange rate is lower because more magnetic stripe content data is submitted and since the card is present, there is lower associated risk. If the card is not present or swiped, the transaction will not meet the requirements for the established interchange level, will be considered non-qualified, and will cost more to process.
Q: Why is a surcharge assessed on non-qualified transactions?
A: Merchant-acquiring institutions assess a surcharge to cover the additional handling costs associated with non-qualified transactions, such as increased processing and operational expenses.
Q: What can I do to reduce the number of non-qualified transactions I have and minimize my transaction costs?
A: To minimize processing costs and ensure that your transactions are clearing at the best possible interchange rate, you should observe the best practices referenced below as indicated for your processing method and business type. For additional advice on reducing transaction processing costs, please contact our Merchant Client Support Center for assistance.
2.8
BB& T M e rch a n t S e r vi ce s D a i l y P r o c e s s i n g
Restaurant Merchants:
Card-swipe all of your transactions. Electronically authorize all transactions. Obtain one authorization per transaction. Voice authorized or forced transactions will not be eligible for the qualified rate. All transactions must be settled within 24 hours of the authorization. Indicate the card is present (by transaction type or at appropriate prompt) and perform Address Verification Services (AVS) on key-entered transactions; a full AVS match must be received on the cardholders billing zip code to qualify for the best non-qualified rate.
Hotel Merchants:
Card-swipe all of your transactions. Electronically authorize all transactions. Settlement amount must equal the authorized amount. Settle your terminal daily. Include a Room or Folio number on all transactions. Include the Check-in and Check-out date on all transactions. Indicator for Ancillary charges and No-show charge is required.
2.9
2.10
BB& T M e rch a n t S e r vi ce s D a i l y P r o c e s s i n g
Business-to-Business Transactions In order to ensure that transactions conducted with Business, Corporate or Purchasing Cards clear at the best possible interchange rate, you should observe the best practices referenced above as applicable to your processing method and business type. In addition, provide the enhanced data below: For Business and Corporate Cards:
Submit the Tax Included Indicator and Sales Tax Amount (amount must be between 0.1% and 22% of the transaction amount for Visa and 1% and 30% of the transaction amount for MasterCard).
Item unit cost - Last four digits are implied decimal places. Must not be all spaces or all zeros. Discount per Line Item - Last two digits are implied decimal places. Must not be all zeros if a discount exists. Must be all zeros if discount does not exist. IMPORTANT Line Item total - Last two digits are implied decimal places. Must not be all spaces or all zeros.
! IMPORTANT
IMPORTANT
ON ALL TRANSACTIONS: Make sure your credit card equipment is functioning properly. Do not bypass any terminal or software prompts for specific data; doing so will affect your transaction costs, your ability to prevent fraud and chargebacks, and your compliance with Payment Network rules. If you are a merchant using third-party software, ensure the settings established in your software are the most appropriate for the processing nature of your business.
2.11
2 3 4 5 6
10
11
12
13
14
15
16
17
18
19
20
21 22
23
24
25
26
27
28
29
30
31
33 35 37 39
32 34 36 38
2.12
BB& T M e rch a n t S e r vi ce s D a i l y P r o c e s s i n g
Dollar amount of the average sales transaction. Discount charged per item for transactions. Discount percentage rate assessed for transactions. Discount due to BB&T Merchant Services. This is calculated as either your net or gross sales multiplied by the discount rate plus the discount per item multiplied by the total number of sales.
The date your statement was produced (MM-YY). An internal tracking number for BB&T Merchant Services is also included.
This number is assigned to your company for identification purposes. It is exclusive to your company. If you call with statement inquiries, please be prepared to provide your merchant number. This number identifies your bank. This number identifies your account at your bank.
18 Discount Due
5 Routing Number
Transaction Detail
This section displays a breakdown of each transaction made during the statement period. The transactions are separated into three categories: deposits, adjustments, and chargebacks.
19 Day
This is the amount that is due to BB&T Merchant Services this month. This amount is deducted from or added to your checking account. It includes the difference between fees owed and fees actually paid. Plan Code that identifies the type of card used. See the list of Plan Codes at the bottom of the statement. Total number of sales and cash advances for this statement period. Total dollar amount of sales and cash advances for this statement period. Total number of credits for this statement period. Total dollar amount of credits for this statement period. Total dollar amount of sales and cash advances less total dollar amount of credits.
Day of the month that your batch was processed. Reference number assigned to the batch for tracking purposes. Code that identifies the type of transaction processed. See the list of Transaction Codes at the bottom of the statement. Transaction plan type. See the list of Plan Codes at the bottom of the statement. Total number of sales and cash advances for this batch. Total dollar amount of sales and cash advances for this batch. Total dollar amount of credits for this batch. Total discount previously paid to BB&T Merchant Services. This amount will only display if you participate in a daily discount program with BB&T Merchant Services. 2.13
20 Ref Number
9 PL
21 *(Transaction Code)
10 # Sales
22 PL
11 $ Sales
23 # Sales
12 # Credits 13 $ Credits
24 $ Sales
25 $ Credits
14 Net Sales
26 Discount Paid
Statement Totals
This section contains discount information and the amount credited or debited from the account. The following fields may appear if applicable.
33 Minimum Discount
Total dollar amount of sales and cash advances less total dollar amount of credits and paid discount. Deposit, Adjustment and Chargeback totals will appear under each respective section.
Fee Totals
This section displays the fees that will be charged to the merchant.
28 Number 29 Amount
Minimum amount of discount that will be charged. This figure will be used if the discount amount is less than the minimum stated in your merchant contract. Total dollar amount of discount due from the merchant as calculated throughout the month. Total dollar figure of discount that has been paid during the month by the merchant if participating in a daily program. Discount due less the discount paid. Total fees due from the merchant. Total dollar amount credited or debited from the account.
Total number of items billed. Total dollar amount used to calculate the amount billed. (This may not be used for all items.) Description of the item billed. Total dollar amount to be billed. Total dollar amount of fees to be paid by the merchant.
34 Discount Due
35 Discount Paid
30 Description 31 Total
38 Amount Deducted
Note: Fees will be deducted on the 15th day (or next business day) of the month following the statement processing date.
Statement Message
39 Statement Message
List of Plan Codes and Transaction Codes are printed along the bottom border of the statement.
IMPORTANT
! IMPORTANT
IMPORTANT
Merchant should review monthly statement and report questions, disputes, or missing transactions within 90 days of receipt of statement. Please refer to Section 1.5(k) of your BB&T Merchant Agreement for additional information. It is important to review your monthly statement for important messages from BB&T regarding your merchant statement.
2.14
BB& T M e rch a n t S e r vi ce s D a i l y P r o c e s s i n g
2.15
The four-digit number printed below the embossed account number must match the first four digits of the account number.
Check the Good Thru or Valid thru date. Make sure the date of the transaction is no later than the date on the card. If the transaction date is after the Good Thru date, the card has expired. In such instances, an authorization request can be called in to your authorization center, or you can ask the customer for a Visa card that is currently valid. Always request authorization on an expired card. If the Issuer approves the transaction, proceed with the sale. Never accept a transaction that has been declined.
Visa cards have a stylized V security character embossed to the right of the expiration date.
A three-dimensional dove hologram should reflect light and seem to change as you rotate the card.
3.1
Visa Features (Updated Visa Card Beginning January 2006) Front of Card
Check the account number for evenness and clarity. Look closely at the account number. On valid cards, the numbers will be even and straight; on altered cards, they may have fuzzy edges, or you may be able to see ghost images of the original numbers. Compare numbers. The printed four-digit number must match the first four digits of the account number above it. Both should begin with a 4. If the numbers are not identical or the printed number is missing, the card is not valid and should not be accepted. Check the Good Thru or Valid thru date. Make sure the date of the transaction is no later than the date on the card. If the transaction date is after the Good Thru date, the card has expired. In such instances, an authorization request can be called in to your authorization center, or you can ask the customer for a Visa card that is currently valid.
Back of Card
Check the hologram. When the card is tilted, a ring should appear around the sun and the word VISA should appear in the center. If not, the card may be counterfeit. Look at the signature panel. The signature panel will look like this or have a custom design. Check for the Card Verification Value (CVV2). It is a three-digit code that appears either on the signature panel or on a white box to the right of the signature panel. Portions of the account number may also be present on the signature panel. CVV2 is used primarily in card-not-present transactions to verify that the customer is in possession of a valid Visa card at the time of the sale. Check for signs of tampering. Any attempt to erase the signature will cause the word VOID to appear.
3.2
MasterCard Features
All MasterCard account numbers start with 5. The embossing should be clear and uniform in size and spacing and extend into the hologram. The 16-digit account number embossed on the card must be exactly the same as the account number printed on the sales draft, or displayed on your terminal (if equipment allows). A three-dimensional hologram with interlocking globes should reflect light and seem to move as you rotate the card. The word MasterCard is printed repeatedly in the background of the hologram. The letters MC are micro-engraved around the two rings. The pre-printed Bank Identification Number (BIN) must match the first four digits of the embossed account number. The valid date lists the last day on which the card is valid. Some cards may have an effective date as well. MasterCard cards have a stylized MC security character embossed to the right of the valid dates. MasterCard Debit Hologram To clearly distinguish MasterCard Debit cards, all new and re-issued consumer Debit cards must display the Debit hologram. By January 1, 2007, all Debit cards must be in compliance with this rule. Until then you may still see some older cards with the word Debit printed above the global hologram.
Back of MasterCard
The back of the card must be signed. The magnetic stripe should appear smooth and straight, with no signs of tampering.
The word MasterCard is printed repeatedly in multicolors at an angle on a tamper-evident signature panel. You may see only the last four digits of the account number, plus the three-digit CVC2 indentprinted on some newer cards. Some cards may contain the full 16-digit account number, followed by the threedigit CVC2, indent-printed on the signature panel.
Back of Card
Beginning in June 2006, card issuers have the option of placing a holographic magnetic stripe on the card back, replacing the Globe hologram or the Debit hologram. The word MasterCard is printed repeatedly in multicolors at an angle on a tamper-evident signature panel. The last four digits of the account number are indent-printed on the signature panel. Beginning in June 2006, the three-digit CVC2 must be printed in a white rectangle to the right of the signature panel. The MasterCard Alternative Design Option will allow issuers greater flexibility. You may see vertical cards, unembossed cards and smaller size cards.
3.3
BB& T M e rch a n t S e r vi ce s L o s s P r e v e n t i o n
Discover
The words DISCOVER NETWORK will appear under an ultraviolet light. All Discover Network account numbers start with 6. The embossing should be uniform in size and spacing, and extend into the hologram. Valid Thru indicates the last month in which the card is valid. A Business Name may be embossed below the account name. An embossed Security Character appears as a stylized D. The Discover Network Acceptance Mark appears on both sides of the card. and appear to move. The magnetic stripe should appear smooth, with no signs of tampering. The words DISCOVER NETWORK appear on the signature panel, and an underprint reading VOID. The last four digits of the account number appear on the signature panel in reverse indent printing. The three-digit Data (CID) appears to the right of the signature panel.
1-800-347-3083
1-800-347-1111
American Express
The letters AMEX and a phosphorescence in the Centurion portrait are visible under an ultraviolet light. Pre-printed (non-embossed) (CID) should always appear above the account number. All American Express account numbers start with 3. Embossing should be clear and uniform in size and spacing. The number on the front and back of the Card, plus the one printed on the sales receipt should all match. With this statement on the Card, American Express reserves the right to pick up the Card at any time. Some Cards have a hologram of the American Express image embedded into the magnetic stripe. The signature on the back of the Card should match the customers signature on the receipt. The signature panel is tamper-evident.
Do not accept a Card after the expiration date. Only the person whose name is embossed on an American Express Card is entitled to use it.
1-800-528-1212
CODE 10 CALLS
Code 10 calls allow merchants to alert card issuers to suspicious activity and take appropriate action when instructed to do so.You should make a Code 10 call to your voice authorization center whenever you are suspicious about a card, cardholder, or a transaction. The term Code 10 is used so the call can be made at any time during a transaction without arousing a customers suspicions.
MERC HANT
TIP
Emphasize to your sales staff that they can make Code 10 calls even after a cardholder leaves the store. A Code 10 alert at this time may help stop fraudulent card use at another location, or perhaps during a future transaction at your store.
To make a Code 10 call: Keep the card in your possession during the call. Call your voice authorization center, at 800-291- 4840 Enter your Merchant Identification Number Press # , then 8, then enter card number. Enter the expiration date. Enter the amount of the transaction. You will be transferred to a special operator who will ask you a series of questions that can be answered with a simple yes or no. When connected to the special operator, answer all questions calmly and in a normal tone of voice. Your answers will be used to determine whether the card is valid. Follow all operator instructions. If the operator tells you to pick up the card, do so only if recovery is possible by reasonable and peaceful means.
3.5
BB& T M e rch a n t S e r vi ce s L o s s P r e v e n t i o n
The following sections outline basic fraud-prevention guidelines and best practices for card-not-present merchants.
3.6
CVV2/CVC2 PROCESSING
To ensure proper CVV2/CVC2/CID processing for card-not-present transactions, merchants should: Ask card-not-present customers for the last three numbers in the signature panel on the back of their cards. If the customer provides a CVV2/CVC2/CID, submit this information with other transaction data (card expiration date and account number) for electronic authorization. You should also include one of the following CVV2/CVC2/CID presence indicators, even if you are not including a CVV2/CVC2/CID in your authorization request:
INDICATOR 0 1 2 9 WHAT IT MEANS CVV2/CVC2/CID is not included in authorization request. CVV2/CVC2/CID is included in authorization request. Cardholder has stated that CVV2/CVC2/CID is illegible. Cardholder has stated that CVV2/CVC2/CID is not on the card.
Evaluate the CVV2/CVC2/CID result code you receive with the transaction authorization, and take appropriate action based on all transaction characteristics.
CVV2 RESULT CODE M - Match N - No Match RECOMMENDED ACTION Complete the transaction, taking into account all other transaction characteristics and verification data. View a No Match response as a sign of potential fraud, which should be taken into account along with the authorization response and any other verification data. You may also want to resubmit the CVV2/CVC2/CID to ensure a key-entry error did not occur. Resubmit the authorization request. Follow up with the customer to verify that the correct card location has been checked for CVV2/CVC2/CID. Evaluate all available information and decide whether to proceed with the transaction or to investigate further.
* request not processed ** should be on the card, but the cardholder has reported that it isnt. *** card issuer does not support CVV2/CVC2/CID
3.7
BB& T M e rch a n t S e r vi ce s L o s s P r e v e n t i o n
You should evaluate the AVS response code and take appropriate action, based on all transaction IMPORTANT characteristics and any other verification information received with the authorization (expiration date, CVV2/CVC2/CID, etc.). An authorization response always takes precedence over AVS. Do not accept any transaction that has been declined, regardless of the AVS response.
! !
IMPORTANT
If you complete a transaction for which you received an authorization approval and an AVS response of U (unavailable), and the transaction is later charged back to you as fraudulent, BB&T Merchant Services may represent the item. U.S. Issuers must support AVS or lose their right to fraud chargebacks for card-not-present transactions.
WHAT IT MEANS Address and nine-digit zip code match. Both street address and five-digit zip code match. Complete the transaction; you can be relatively confident it is legitimate. Street address matches, but zip code doesnt. View as a sign of potential fraud. Depending on the transaction amount, you may decide to complete the transaction or investigate further to ensure it is valid. Zip code matches but the street address doesnt. View as a sign of potential fraud. Depending on the transaction amount, you may decide to complete the transaction or investigate further to ensure it is valid. Street address and zip code dont match. View as a sign of potential fraud and take further steps to validate the transaction. The Issuers system is not available, or the Issuer does not support AVS. The address cannot be verified at present. You must decide whether to accept or refuse the transaction, or investigate further. The Issuers system is not available; try again later. The Issuers system may not be working. You should resubmit your AVS request later. Evaluate all available information and decide whether to proceed with the transaction or to investigate further. Unless you sent only a zip code AVS request and it matched, you may want to follow up before shipping merchandise.
IMPORTANT
A Partial Match
Z Partial Match
N No Match
U Unavailable
R Retry
IMPORTANT
! !
IMPORTANT
For a zip code only request and P.O. Box address, Issuers may respond with either a Y (Exact Match), or a Z (Partial match-zip Code Matches).
3.8
IMPORTANT
Suspicious Transactions
Card-not-present merchants should develop in-house policies and procedures for handling irregular or suspicious transactions and provide appropriate training for their sales associates. Being able to recognize suspicious orders may be particularly important for merchants involved in telephone sales, and employees should be given clear instructions on the steps to take to verify these transactions. Your sales employees should be on the lookout for any of the following signs of suspicious customer behavior: Hesitation: Beware of customers who hesitate or seem uncertain when giving you personal information, such as a zip code or the spelling of a street or family name. This is often a sign that the person is using a false identity. Rush orders: Urgent requests for quick or overnight delivery the customer who needs it yesterday should be another red flag for possible fraud. While often perfectly valid, rush orders are one of the common characteristics of hit and run fraud schemes aimed at obtaining merchandise for quick resale. Random orders: Watch out also for customers who dont seem to care if a particular item is out of stock You dont have it in red? What colors do you have? or who order haphazardly Ill take one of everything! Again, orders of this kind may be intended for resale rather than personal use. Suspicious shipping address: Scrutinize and flag any order with a ship to address that is different from the billing address on the cardholders account. Requests to ship merchandise to post office boxes or an office address are often associated with fraud. Keep lists of zip codes where high fraud rates are common and verify any order that has a ship-to address in these areas. If your business does not typically service foreign customers, use caution when shipping to addresses outside the United States, particularly if you are dealing with a new customer or a very large order. Requests to wire funds to pay shipping costs are often associated with fraud. Requests to provide cash back for any credit card transaction are often associated with fraud. In examining what appears to be an unusual order, keep in mind that if the sale sounds too good to be true, it probably is. Merchants should NEVER provide cash back to a cardholder when processing a credit card transaction, as this is prohibited by the credit card associations. Also, please be aware of a growing problem impacting merchants across the country. Merchants have received telephone and fax orders, often originating in foreign countries, attempting to purchase goods and services. The cardholder requests that the merchant wire back to them a part of the credit transaction for various reasons, i.e. shipping charges by a carrier of their choice, or for other arrangements they prefer to make rather than follow the normal merchant business practices. These orders often include fraudulent Visa, MasterCard, and Discover Network numbers for payment, which have led to high volumes of chargebacks and significant merchant losses. These fraudulent schemes particularly target businesses that do not usually handle mail or telephone transactions. Please use caution with any orders received from unusual sources. You must know for certain that you are dealing with the authorized user of the card that is being offered. Never provide cash back to the cardholder under any circumstances.
3.9
BB& T M e rch a n t S e r vi ce s L o s s P r e v e n t i o n
IMPORTANT For merchants, chargebacks can be costly. You can lose both the dollar amount of the transaction being charged back and the related merchandise. You also incur your own internal costs for processing the chargeback.
! !
IMPORTANT
Your merchant account is debited the same day the chargeback notification is mailed.
Avoiding Chargebacks
Most chargebacks can be attributed to improper transaction-processing procedures and can be prevented with appropriate training and attention to detail. The following best practices will help you minimize chargebacks.
3.10
Chargeback Remedies
Even when you do receive a chargeback, you may be able to resolve it without losing the sale. Simply provide BB&T Merchant Services with additional information about the transaction or the actions you have taken related to it. For example, you might receive a chargeback because the cardholder is claiming that credit has not been given for returned merchandise. You may be able to resolve the issue by providing proof that you submitted the credit on a specific date. Send this information to BB&T Merchant Services in a timely manner. The key in this and similar situations is always to send BB&T Merchant Services as much information as possible to help remedy the chargeback. With appropriate information, BB&T may be able to resubmit, or re-present, the item to the card issuer for payment. Timeliness is also essential when attempting to remedy a chargeback. Each step in the chargeback cycle has a defined time limit during which action can be taken. If you do not respond during the time specified on the request which may vary depending on Card Association rules BB&T will not be able to remedy the chargeback. Although many chargebacks are resolved so that the merchant does not lose the sale, some cannot be remedied. In such cases, accepting the chargeback may save you the time and expense of needlessly contesting it.
Point of Sale
Declined Authorization. Do not complete a transaction if the authorization request was declined. Do not repeat the authorization request after receiving a decline; ask for another form of payment. Transaction Amount. Do not estimate transaction amounts. For example, restaurant merchants should authorize transactions only for the known amount on the check; they should not add on a tip. Referrals. If you receive a Call message in response to an authorization request, do not accept the transaction until you have called the authorization center. In such instances, be prepared to answer questions. The operator may ask to speak with the cardholder. If the transaction is approved, write the authorization code on the sales receipt. If declined, ask the cardholder for another form of payment. Expired Card. Do not accept a card after its Good Thru or Valid Thru date unless you obtain an authorization approval for the transaction. Card Imprint for Key-Entered Card-Present Transactions. If you must key-enter a transaction to complete a card-present sale, make an imprint of the front of the card on the sales receipt, using a manual imprinter. Even if the transaction is authorized and the cardholder signs the receipt, the transaction may be charged back to you if the receipt does not have an imprint of the embossed account number and expiration date. Cardholder Signature. The cardholders signature is required for all card-present transactions. Failure to obtain the cardholders signature could result in a chargeback if the cardholder later denies authorizing or participating in the transaction. When checking the signature, always compare the first letter and spelling of the surname on the sales receipt with the signature on the card. If they are not the same, ask for additional identification or make a Code 10 call.
3.11
BB& T M e rch a n t S e r vi ce s L o s s P r e v e n t i o n
Digitized Cardholder Signature. Some cards have a digitized cardholder signature on the front of the card, in addition to the hand-written signature on the signature panel on the back. However, checking the digitized signature is not sufficient for completing a transaction. Sales staff must always compare the customers signature on the sales receipt with the hand-written signature in the signature panel. Fraudulent Card-Present Transaction. If the cardholder is present and has the account number but not the card, do not accept the transaction. Even with an authorization approval, the transaction can be charged back to you if it turns out to be fraudulent. Legibility. Ensure that the transaction information on the sales receipt is complete, accurate, and legible before completing the sale. An illegible receipt, or a receipt that produces an illegible copy, may be returned because it cannot be processed properly. The growing use of electronic scanning devices for the electronic transmission of copies of sales receipts makes it imperative that the item being scanned be very legible.
3.12
Sales-Receipt Processing
One Entry for Each Transaction. Ensure that transactions are entered into point-of-sale terminals only once and are deposited only once. You may get a chargeback for duplicate transactions if you: Enter the same transaction into a terminal more than once Process the same transaction with more than one merchant bank Voiding Incorrect or Duplicate Sales Receipts. Ensure that incorrect or duplicate sales receipts are voided and that transactions are processed only once. Close your Batches as quickly as possible, preferably within 24 hours of the transaction date; do not hold on to them. Process credit transactions as quickly as possible. Ship Merchandise Before Processing Transaction. For card-not-present transactions, do not process the transactions until you have shipped the related merchandise. If customers see a transaction on their monthly card statement before they receive the merchandise, they may contact their Issuer to dispute the billing. Similarly, if delivery is delayed on a card-present transaction, do not deposit the sales receipt until the merchandise has been shipped. Requests for Cancellation of Recurring Transactions. If a customer requests cancellation of a transaction that is billed periodically (monthly, quarterly, or annually), cancel the transaction immediately or as specified by the customer. As a service to the customer, advise the customer in writing that the service, subscription, or membership has been cancelled and state the effective date of the cancellation. Disclosing Refund, Return, or Service Cancellation Policies. If your business has policies regarding merchandise returns, refunds, or service cancellations, these policies must be disclosed to the cardholder at the time of the transaction. Your policies should IMPORTANT be pre-printed on your sales receipts, if not, write or stamp your refund or return policy information on the sales receipt near the customer signature line before the customer signs (be sure the information is clearly legible on all copies of the sales receipt). Failure to disclose your refund and return policies at the time of a transaction could result in a IMPORTANT dispute if the customer returns the merchandise.
! !
IMPORTANT
For questions regarding chargebacks or sales receipt requests, please call 1-877-672-4228, option 3.
IMPORTANT
IMPORTANT
3.13
BB& T M e rch a n t S e r vi ce s L o s s P r e v e n t i o n
4.1
7. Restrict access to data. Limit access to resources and cardholder information to employees who need access to the information to do their jobs and limit access only to what is needed. Establish a mechanism for systems with multiple users that restrict access based on an individuals need to know. 8. Assign a unique username and password to each person with computer access to transaction data. This allows for all actions taken on the system to be identified and tracked.Take necessary precautions to protect user identification and immediately revoke access by terminated users. 9. Restrict physical access to transaction data. Use appropriate facility entry controls and monitor access. Develop procedures to help personnel easily distinguish between employees and others. Destroy media containing transaction information when it is no longer needed. 10. Track and monitor access to network resources and transaction data. Logging mechanisms and tracking user activity is critical to uncovering unauthorized and illegal activity. 11. Regularly test security systems and processes. New vulnerabilities are continually being discovered. Consistent testing ensures security maintenance. 12. Maintain an information security policy. A strong security policy sets the security tone for the entire company.
Q. Where can transaction information be stored? A. As stated in the PCI DSS, all systems and media containing transaction data must be protected in a secure environment to which access is controlled and limited to selected personnel. Merchants must establish procedures that control all means of access and use a password system to maximize the security of their transaction and cardholder information. REMEMBER: IF YOU DONT NEED IT, DONT STORE IT. Q. Do data storage requirements apply to third-party agents? A. Yes. The PCI DSS applies to anyone who stores, processes or transmits payment data, including members, merchants and third parties. Third-party agents include Web hosting companies, payment gateways, terminal drivers, software providers and processors. The merchant must inform its bankcard acquirer of its third-party agents terminal and software vendors, anyone providing transaction processing, sorting or other services and ensure that these agents adhere to all applicable data security standards. Q. Does the PCI DSS apply to all merchants or only to online merchants? A. PCI DSS is mandatory for all merchants, third party agents, and service providers. Q. Who should assess and regulate security in merchant systems and networks? A. According to Visa, MasterCard and Discover Network mandates, and depending on the size of a business, merchants may be required to take steps necessary to validate compliance. These steps mayI nclude: an annual onsite audit, quarterly network scan and/ or an annual self-assessment questionnaire (SAQ). For merchants, onsite audits may be conducted by qualifiedonsite assessors or by the merchants qualified and authorized staff. Qualified scanningvendors must conduct network scans, and the merchants internal staff is responsible for completing the SAQ. All PCI compliance validation requirements are listed on the following websites: www.mastercard.com/us/sdp, www.visa.com/cisp, http://discovernetwork.com/fraudsecurity/disc.html, www.pcisecuritystandards.org Visa, MasterCard and Discover Network are reaching out to merchants, acquirers and their partners to share and publicize these requirements and best practices, and thereby help protect transaction and cardholder information. These policies help to safeguard the entire payments industryand maintain consumer confidence. BB&T Merchant Services strives to be a trusted business partner to you and your customers. Merchants who are interested in learning more about this initiative can log onto www.mastercard.com/us/sdp, www.visa.com/cisp, http://discovernetwork.com/fraudsecurity/disc.html or www.pcisecuritystandards.org
4.3
4.4
B B & T M e rch a n t S e r vi ce s D a t a S e c u r i t y / Co m p l i a n c e
TIP
Suggested best practices for merchant websites include: Privacy statements. Information on when credit cards are charged. You should not bill the customer until merchandise has been shipped. Order-fulfillment information. State timeframes for order processing and send an email confirmation and order summary within one business day of the original order. Provide up-to-date stock information if an item is back-ordered. Customer service timeframes. Ideally, customer service emails or phone calls should be answered within two business days. A statement on website regarding security controls used to protect customers. A statement encouraging cardholders to retain a copy of the transaction.
B B&T Merchant Se r v ic e s Da t a Sec u ri t y /C om pl i a n c e
4.5
ONLINE CONVENIENCE
All you need is a computer with the minimum operating requirements* and access to the Web. No special skills are needed. No more waiting for your monthly merchant statement to arrive in the mail. The information is at your fingertips for instant access.
*Minimum operating system requirements are: Internet Explorer 6.0 sp2 or higher; Adobe Reader version 8.0 or higher; Adobe Flash Player version 9 or higher; Pop-up windows should be allowed to pop-up and not be forced into a new window/ tab or blocked from view. If a pop-up blocker is enabled on your browser, the pop-up blocker needs to allow pop-up windows for www.mreports.com.
Information Security
All information is communicated through the web using SSL-encryption, the web standard. Access requires use of a bank issued user ID and password.
5.1
CHECK SERVICES
With options available through BB&T Merchant Services, you can remove almost all of the uncertainties when accepting a paper check: With Electronic Check, you convert paper checks into electronic funds transfers at the point of sale, and funds are moved electronically from consumers account to your account through the Automated Clearing House (ACH) network. With Check Verification, you take advantage of a verification system at the point of sale to identify potential check fraud and habitual bad check writers before you accept a check. Or you can choose to have us guarantee payment. These services allow you to reduce losses due to check fraud and non-sufficient funds, shorten the time required for checks to clear, and please your customers by continuing to offer the option of paying by check.
Check Verification
If you prefer a more traditional approach to accepting payment by check, our Check Verification service allows you to reduce the acceptance of NSFs while continuing to deposit checks at your bank. The process is transparent to your customers.
5.2
BB& T M e rch a n t S e r vi ce s Cu s t o m i z e Yo u r S o l u t i o n
Benefits to You
The Check Verification program provides you with greater confidence in the checks you accept, while contributing to a smooth sales transaction at the point of sale. Other benefits include: Reduced exposure to fraud Smoother and faster checkout for customers Reduced losses from non-sufficient funds Improved efficiency resulting from fewer returned checks and collections (verification with guarantee option) Uninterrupted cash flow (verification with guarantee option)
For details, talk with your BB&T Merchant Sales Consultant, or call 1-877-MRCHBBT (672-4228).
BB&T Merchant Services is a division of BB&T Financial, FSB, a subsidiary of BB&T Corporation. Member FDIC.
5.3
GIFT CARDS
Whether youre a small merchant or a large chain, you know you can take advantage of the efficiency and profitability of gift cards. They are among the fastest growing merchant products ever introduced, with more than 115 billion cards issued and growth above 20 percent annually. These pre-paid cards carry your business name.They allow your customers to determine the value they want to store on the card and the ability to pay by credit card, check or cash. Card buyers are making a commitment to purchase from you before they select the products or services you offer. You may also use the card to provide extra convenience to your frequent buyers or recognize and reward preferred customers. The gift card program can be used for special sales and promotions and is a great tool to attract new customers.
Ease of Use
The stored value system flows smoothly for customers and merchants. Cards are easy to purchase and use. Activation, sales, and balance inquiries all occur in real time between your point of sale terminal and our processing center. The transaction is fulfilled, data is captured, and a response is transmitted back to your terminal where paper receipts including the card balance can be generated for you and your customer. Look to BB&T to provide a full range of support in implementing your stored value card program. Turnkey marketing and promotional materials, such as counter displays, posters, and table tents, are available. You can choose the program that matches your size and needs, or well customize a program just for you all on an accelerated schedule that usually can have your program ready to roll out in just a few days. And youll get ongoing support that is readily accessible through our help desk and Client Support Center. For details, talk with your BB&T Merchant Sales Consultant, or call 1-877-MRCHBBT (672-4228).
BB&T Merchant Services is a division of BB&T Financial, FSB, a subsidiary of BB&T Corporation. Member FDIC.
5.4
BB& T M e rch a n t S e r vi ce s Cu s t o m i z e Yo u r S o l u t i o n
5.5
BankCard Services
BB&T offers the versatile Visa Business Credit Card to business clients requiring a credit line less than $100,000 to meet their everyday business purchasing needs and Visa Commercial OneCard solutions to business clients requiring a credit line greater than $100,000 to meet their purchasing, corporate or fuel and business vehicle needs. These simplified choices replace cash, checks and personal credit cards - and are offered with no annual or per-card fee, 24/7 online account access and maintenance, as well as customized reports and individualized account statements. In addition, the Visa Liability Waiver Program and proactive fraud monitoring are included features.
The BB&T Visa Platinum Credit Card gives you convenient credit on a personal level for everyday items or special purchases. Accepted at over 32 million merchant locations worldwide, the BB&T Platinum Card comes with zero liability for unauthorized use and easy online account management with Credit Card Connection. And a low introductory rate, 25day grace period and optional BB&T Rewards Program add to the superior value that the BB&T Platinum Card offers. For complete details on BB&T s Consumer and Commercial Credit Cards, please call 1-800-397-1253 or visit a local BB&T financial center.
BB&T credit cards are subject to credit approval and are issued by BB&T Financial, FSB, a subsidiary of BB&T Corporation. Member FDIC.
5.6
B B& T M e rch a n t S e r vi ce s Cu s t o m i z i n g Yo u r S o l u t i o n
Glossary/Resources
Address Verification Service (AVS) A service that a mail/telephone order merchant can perform to verify that the street number and zip code that the cardholder provides the Merchant matches the address on file with the card- issuing bank. AVS is designed to reduce fraud. Account Number The payment card number (credit or debit) that identifies the issuer and the particular cardholder account. Acquirer A financial institution that initiates and maintains contractual agreements with merchants for the purpose of accepting and processing credit and debit card transactions (also: Card Acquirer, Financial Institution, Merchant Bank). Authentication The process of verifying identity of a subject or process. Authorization The process of validating with the card issuing institution that funds are available on the card at the time the authorization request is submitted by the merchant. Authorization Code A numerical code designated by the issuer, given at the time the transaction is approved by the card issuer. If the transaction is declined, the issuer will respond with a decline response. The code is always included on the electronically printed sales receipt. If a manual sales draft needs to be created by the merchant, the original approval code must be included on this draft. Batch Processing The authorization of transactions offline when immediate approval is not required. Transactions are collected in a batch and sent as one transmission for authorization and/or settlement. Batch processing is generally used with mail/telephone order transactions. Card-Not-Present A type of card transaction in which the card is not present at the point of sale for the magnetic stripe to be read. These are considered higher risk transactions. Card-Validation Code The three-digit value printed on the signature panel of a payment card used to verify card-not-present transactions. On a MasterCard payment card this is called CVC2. On a Visa payment card this is called CVV2. Cardholder The customer to whom a card has been issued or the individual authorized to use the card.
B B&T Merchant Se r v ic e s G l os s a r y / R es ou rc es
Cardholder Data All personally identifiable data about the cardholder and relationship to the Member (i.e., account number, expiration date, data provided by the Member, other electronic data gathered by the merchant/ agent, and so on). This term also accounts for other personal insights gathered about the cardholder (i.e., addresses, telephone numbers, and so on). Chargeback A bankcard transaction disputed by a cardholder. The dispute is sent from the cardholders issuing bank to the merchants bank for review. Check Guarantee A service that guarantees check payment to a merchant up to a specified amount. However, merchants are required to perform correct authorization procedures. Check Verification A service that provides merchants with some security against bad checks. The person writing the check is matched against a national negative file database to flag outstanding or bad checks on record from other members of this service. Compromise An intrusion into a computer system where unauthorized disclosure, modification, or destruction of cardholder data may have occurred. Consumer Individual purchasing goods and /or services. DBA Doing Business As. Compliance validation levels are based on the transaction volume of a DBA or chain of stores (not of a corporation that owns several chains). Dial-Up Terminal An authorized terminal that uses a telephone line to communicate with the authorization center. Discount Rate The fee charged by the merchant financial institution to the merchant for services rendered in connection with processing card sales transactions. EBT Electronic Benefits Transfer - The automation of government benefits through electronic authorization, data capture and settlement processes. Plastic cards with magnetic stripes are used, eliminating paper benefits and coupon distribution. ECR Electronic Cash Register - A cash register that also emulates a point-of-sale terminal for processing credit card transactions.
6.1
EDC Electronic Draft Capture The use of a point-of-sale device to authorize and settle credit card transactions. EFT Electronic Funds Transfer An electronic system that automatically moves funds, e.g., an ATM withdrawal or pay-by-phone transaction. Firewall Hardware and/or software that protect the resources of one network from users from other networks. Typically, an enterprise with an intranet that allows its workers access to the wider Internet must have a firewall to prevent outsiders from accessing its own private data resources. Force-post The process by which a voice-authorized transaction is key-entered to be settled electronically with a batch of transactions. Also know as a post-auth. Gateway Manages the electronic connection between consumers and their financial institutions and transmits data. Gift Card A reusable, stored-value card that enables merchants to have an electronic alternative to paper gift certificates. Host The main hardware on which software is resident. Imprinter A device used to imprint embossed card information onto a sales draft for payment card transactions. An imprinter is used if the card is present and the POS device cannot read the contents of the magnetic stripe. Information Security Protection of information for confidentiality, integrity and availability. Interchange Fee A fee that acquiring banks must pay issuing banks to offset the issuers cost of funds and processing expenses. IP address An IP address is a numeric code that uniquely identifies a particular computer on the Internet. Magnetic Stripe A panel located on the back of a payment card containing magnetically encoded cardholder account information.
Magnetic Stripe Data (Track Data) Data encoded in the magnetic stripe used for authorization during a card present transaction. Entities may not retain full magnetic stripe data subsequent to transaction authorization. Specifically, subsequent to authorization, service codes, discretionary data/CVV, CVC and MasterCard/Visa reserved values must be purged; however, account number, expiration date, and name may be extracted and retained. Magnetic Stripe Reader A point-of-sale device that reads the encoded information from the magnetic stripe when the card is passed through the reader. Readers may read Track Two, which contains the cardholder account number and expiration date, or both Track Two and Track One, which contains the cardholder name. Network A network is two or more computers connected to each other so they can share resources. Offline Debit Debit transaction that occurs when a Visa/MasterCard check card is authorized through the credit card system and the amount is debited from the cardholders checking (DDA) account. Offline Transaction A transaction that is authorized through a voice authorization and later keyed into a POS terminal prior to settlement. Password A string of characters that serve as an authenticator of the user. PIN Personal Identification Number A numeric code used as verification to complete a transaction via a payment card. The number is entered in to a keypad and is encrypted to travel along with the authorization. POS Point of Sale The location in which a payment card transaction occurs, usually by way of a device such as a credit card terminal or cash register. POS Terminal A terminal at the point of sale, connected via telecommunication lines to a central computer. Authorization, recording, and transmission of electronic transactions are performed through the terminal. Private Label Card A card issued by a merchant that can only be used in the issuing merchants business. An example would be a department store credit card.
6.2
BB& T M e rch a n t S e r vi ce s G l o s s a r y/ R e s o u r c e s
Reason Code A two-digit code identifying the reason a chargeback was initiated. Re-authorization (re-auth, add auth) To request an additional amount to be authorized on an existing transaction. Used in the lodging industry when the original authorization is not sufficient to cover the charges. Recurring Transaction A transaction charged to a cardholders account (with prior permission) on a periodic basis for recurring goods and services, i.e., health club memberships. Refund A refund occurs when the merchant rebates all, or a portion, of an original transaction amount to the cardholder. Refunds are made to the same card that was used for the original transaction. Retail Transaction A face-to-face transaction in which the cardholder presents a card to the merchant to pay for goods or services. Reversal When an acquirer successfully represents a chargeback to the issuer, the chargeback is reversed and the funds are returned to the merchant. Sensitive Cardholder Data Data whose unauthorized disclosure may be used in fraudulent transactions. It includes, the account number, magnetic stripe data, CVC2/CVV2 and expiration date. Settlement The process in which a merchant transmits batches of transactions to the acquirer. In interchange, it is the process by which acquirers and issuers exchange financial data resulting from sales transactions, cash advances, merchandise credits, etc.
Split Dial The capability of a card terminal to dial different telephone numbers to obtain an authorization or settlement of different card types. SSL An established industry standard that encrypts the channel between a web browser and Web server to ensure the privacy and reliability of data transmitted over this channel. T&E Cas Cards that are developed for and used primarily in travel-related services. Track One Track One information, stored on the magnetic stripe on the back of a card, has the cardholders name in addition to the account number and expiration date stored in it. Track Two Track Two information, stored on the magnetic stripe on the back of a card, has the account number and expiration date. Transaction Data Data related to an electronic payment. Truncation The practice of removing a data segment. Commonly, when account numbers are truncated, the first 12 digits are deleted, leaving only the last 4 digits. VAR Value Added Reseller - A third party that certifies its software to be used on a processors system. Voice Authorization Transactions authorized by a voice operator. Voice-approved transactions must be forced into a terminal batch for settlement.
B B&T Merchant Se r v ic e s G l os s a r y / R es ou rc es
6.3
Resources
BB&T website: www.BBT.com BB&T Merchant Services website: www.BBT.com/merchantservices BB&T Client Support 1-877-672-4228 Monday Friday, 8:30 a.m. 9:00 p.m. (ET) Visa http://usa.visa.com/merchants/index.html Visit this site for information on: Visa policies and procedures Visa marketing materials, stickers, tip trays, check presenters, etc. Visa Fulfillment 1-800-VISA-311 (1-800-847-2311) MasterCard www.mastercard.com/us/merchant Visit this site for information on: MasterCard acceptance policies Services provided by MasterCard MasterCard marketing materials such as stickers, tip trays, check presenters, etc. MasterCard Fulfillment 1-800-622-7747 Discover Network http://www.discovernetwork.com/clientsupport/signage.html Visit this site for Discover Network marketing materials http://www.discovernetwork.com/getstarted/merchant/merchant.html Visit this site for Discover Network policies and procedures Data Security Related Sites www.visa.com/cisp www.mastercard.com/us/sdp http://discovernetwork.com/fraudsecurity/disc.html www.pcisecuritystandards.org
6.4
BB& T M e rch a n t S e r vi ce s G l o s s a r y / R e s o u r c e s
BBT.com
C0036450000 5/1/09