- Get valid authorizations and process within 14 days
- Settle authorized transactions within 24 hours
- Document return and cancellation policies
- Include transaction descriptions on billing statements and receipts
- Keep all records
- Insert, don't swipe, EMV chip cards
- Have each customer sign a sales slip
- Verify each cardholder's identity and signature
- Get an imprint of each card
- Verify the last four digits of each card's account number
- Verify security features on the back of each card
- Audit and keep sales slips
- Obtain as much information as possible
- Verify addresses through the Address Verification Service
- Cross-check identities and addresses through online resources
- Call customers and confirm orders
- Request additional information
- Transmit each card's security code or identification number
- Use cardholder authentication programs
- Use fraud-prevention software and encryption in your payment gateway
- Include your fraud policy on your website
- Ship merchandise to verified addresses and require signatures upon delivery
Obtain a valid authorization response for all transactions. Remember that authorization-only transactions don't verify that the cardholder is the actual person who made the transaction.
Process authorized transactions for billing within 14 days from the date of the issuer's valid authorization response.
Settle batches within 24 hours to prevent late presentments and technical chargebacks. Do not settle transactions with invalid authorization numbers, which also can cause technical chargebacks.
In addition, please remember that you need to settle your transactions before we can pay you for those transactions.
Document your return policy or cancellation policy on the sales draft or the sales documentation to be signed by the cardholder. This information helps set your customers' expectations and can reduce your liability for disputed transactions.
Include soft and hard billing descriptors on customers' billing statements and receipts, including your merchant name, location, and customer service telephone number. Such descriptions help customers identify transactions from your business.
A soft descriptor is the information that appears on customers' account statements while transactions are being authorized. A hard descriptor is the information that appears on customers' account statements after transactions are settled. Ensure both descriptors accurately identify your business.
If you want to change the information that appears on your customers' billing statements or receipts, please contact our Client Services team at 800-787-4105 or firstname.lastname@example.org.
Keep copies of all transaction receipts and correspondence with customers, including invoices, quotes, email messages, faxes, and proof of deliveries.
Ask customers to insert (also called dip) EMV chip cards into an EMV card reader to obtain authorizations with the EMV chip data. If you or a consumer swipes a chip card, you could be liable for a fraud chargeback dispute.
If a customer refuses to sign a sales slip after you process an authorization, void the transaction. Don't process a sale if a cardholder refuses to sign the sales draft.
Verify the card is signed before you process a transaction. If the signature panel on a card is not signed, ask the customer for a government-issued ID such as a driver's license or passport, then ask the customer to sign the card. When the customer signs the card, compare the signatures of the card and ID.
After you process a transaction, verify the signature on the sales draft matches the signature on the card.
You can also call the Voice Authorization Center at 800-291-4840 and verify the cardholder's information.
Get an imprint of the card for every transaction. To electronically imprint a card, insert EMV cards or swipe magnetic stripe cards. To manually imprint a card, use a manual imprint machine. Consider keeping a manual imprinter on hand in case your electronic terminal stops working.
Enter the last four digits of the card number into the terminal to confirm the account numbers imprinted on the card match the numbers stored on the card's chip or magnetic stripe. (If you previously turned off this feature of your terminal, please turn this feature on. For details, please Client Services team at 800-787-4105 or email@example.com.)
Also, verify that the last four digits of the account number shown on the terminal or sales draft match the last four digits of the account number embossed on the card.
Become familiar with the security features of each type of card and look for those security features. For example, Visa cards include the word “Visa” printed multiple times, at an angle, and in blue or blue and yellow on a white background.
See the Related resources section below for links to each card brand's website.
As you process transactions throughout the day, ensure all sales slips are legible. Change the register ribbon or paper when necessary.
Keep each sales slip after you complete a transaction. Organize sales slips into groups by day, week, and month to help you locate transactions in the future.
Periodically compare the terminal's sales slips with the register's records to ensure they match. If they don't match, your sales associate may need additional training or supervision.
When you close transactions at the end of each business day, compare sales slips with the register's records and confirm each transaction is documented and accurate.
Obtain as much information as possible for each card transaction, such as the name of the bank on the card, card's expiration date, card's security code or identification number, customer's full name, customer's address, and customer's telephone number.
Use the Address Verification Services (AVS) to verify a cardholder's billing address and detect stolen cards during a transaction.
Locate people and addresses through online resources, such as electronic white pages, and compare the information you find with the information provided by the customer. Don't rely solely on such online resources, but consider the information in addition to information validated through other verification methods.
Call the contact phone number provided by the customer and confirm details of the order, especially if the order is large or suspicious.
Contact the customer and request additional information to help confirm their identity and that they possess the card used in the transaction. Ask for a photograph or photocopy of a government-issued ID, such as a driver's license or passport, or the front and back of the card that was used to make the purchase. Verify the information in the image is accurate and that the image was not digitally altered.
Transmit the card's security code or identification number (also called a card verification value, or CVV) with every transaction, which provides some assurance that the cardholder is in possession of the credit card.
Visa, Mastercard, and Discover cards have a three-digit security code on the back, and American Express cards have a four-digit identification number on the front.
Contact your payment gateway provider and ask if they have fraud-prevention software you can use. Also, confirm the order form uses the SSL (Secure Sockets Layer) protocol to encrypt sensitive data when orders are routed online.
Include your credit card fraud policy on your website's billing page. Its presence may help to dissuade some people from attempting to commit fraud.
Ship merchandise only to addresses that are verified and associated with the credit card on the transaction. Require signatures on all merchandise shipped to customers.