Log in to:
Learn More & Sign Up
| |

Customer Support Center


These guidelines are useful tools to answer most of your processing questions.

General Processing
Face-to-Face Processing
Mail Order/Telephone Order/Internet Processing
Lodging Reservation Processing
Car Rental Reservation Processing
Recurring Charges Processing
Address Verification Service Processing
3-digit Security Code Verification Processing
Best Practices to Prevent Chargebacks
Data Security Standards
Improperly Installed Point of Sale Software

General Processing

All merchants are required to:
  • Honor each valid card properly presented by cardholders
  • Include any tax amount, if allowed, in the total charge amount
  • Avoid establishing a minimum or maximum amount for charges or credit vouchers
  • Refrain from submitting a charge which merchant knows or should have known to be either fraudulent or not authorized by the Cardholder
  • Return cash for a charge on a card
  • Accept a card to collect or refinance an existing debit that has been deemed uncollectible by the merchant providing the associated goods or services
  • Process any charge for a transaction that was previously charged back to the Bank and subsequently returned to the Merchant, irrespective of Cardholder approval
A complete list of Processing Procedures can be found on the Visa and MasterCard Web sites.

TOP

Face-to-Face Processing
  • Verify the cardholder's signature. Make sure the signature is the same as the name embossed on the card. If it is not, request another credit card or some form of identification.
  • Obtain an authorization. An authorization confirms the validity of the card number and expiration date and determines funds are available for the transaction amount. It does not guarantee that the sale is not fraudulent. As a result, other verification steps may be required.
  • Swipe or obtain an imprint of the card. If you are unable to swipe a credit card through your point-of-sale terminal, be sure to obtain a manual imprint of the card. This provides proof the card was present for the sale.
  • Delayed delivery. Merchandise should be shipped as close to the charge date as possible. If the sale is charged in advance, it may not be charged more than 7 days in advance of the shipping date and the cardholder must be notified of the advance billing. The longer you delay in shipping merchandise, especially longer than 30 days, the more likely you are to experience chargebacks.
  • Proof of delivery. If merchandise is delivered or shipped after the sale, merchant should obtain the cardholder's signature at the point of delivery.
  • Complete information. Ensure that all information on a sales draft is complete, accurate and legible before completing the transaction. Keep the ink cartridge or ribbon on your printer working.
  • Process refunds quickly. When processing a refund, always use the same card number as the original sale. Never give a customer a refund by cash or check for a credit card sale. If your return or refund policy is limited, preprint or write the restrictions on each sales draft near the signature line, prior to the customer signing the receipt. Be sure the information shows clearly on all copies of the sales draft.
  • Declined means declined. Do not continue to seek authorization on a declined transaction; do not reduce the amount requested, and do not repeat the request.
  • Display your return policy prominently. Ensure that your customers are aware of your return policy by printing it on your sales slips directly above the cardholder signature.
  • Keep accurate records. You may have to provide documentation to your card processing company should your customer dispute the transaction.
  • Check the security features on the card. Card security features are designed to help you fight fraud. You should review the card for the holograms that change color in the light, non-erasable signature lines and comparing the name embossed with the signature on the back. Call INTRUST Card Center with any concerns regarding processing transactions that seem suspicious.
Code 10 Authorizations

If you suspect that a sale that is in process to be fraud, call 800-228-1122 and follow the prompts.

The Code 10 operator will ask you for the following information:
  • Cardholder account information
  • Purchase amount
  • Card expiration date
  • Merchant name
  • Merchant location/address
  • Sales associate's name
The Code 10 operator will instruct and advise you on how or if to complete the sale.

TOP

Mail Order/Telephone Order/Internet Processing
  • Proof of delivery. If merchandise is delivered or shipped after the sale, merchant should obtain the cardholder's signature at the point of delivery.
  • Delayed delivery. Merchandise should be shipped as close to the charge date as possible. If the sale is charged in advance, it may not be charged more than 7 days in advance of the shipping date and the cardholder must be notified of the advance billing. The longer you delay in shipping merchandise, especially longer than 30 days, the more likely you are to experience chargebacks.
  • Complete information. Ensure that you have complete customer information including: complete address and day and evening telephone numbers in case there is a question after the order has been placed. Call the customer back at the phone number given to you to verify the order.
  • Placing a large order. Crooks don't care how expensive the sale is – since they don't intend to pay it. Carefully examine any order with an unusually high dollar amount or one that involves an out-of-the-ordinary situation.
  • Physical address. The physical address must match the credit card billing and shipping address. If it does not match, additional verification should be done.
  • E-Mail address. Names that have no apparent connection to the customer's name or include random characters could be attempts to mask identity.
  • Repeated authorization attempts. Criminals can obtain fraudulent card numbers by using account number generating software programs. They will make multiple authorization attempts where the name, last few digits of the card account, expiration date and/or the 3-digit security code is slightly varied until the transaction is approved. In many cases, these attempts will happen consecutively.
  • Customer responses. Educate operators to pay particular attention to anything suspicious in the way the customer speaks or responds to questions such as a long pause or a hesitant answer. Make it a policy to request the name of the credit card issuing bank for large purchases. If the caller doesn't know the bank's name, they may be using a stolen card number.
  • Always ask for the cardholder's billing address. Orders with a “ship to” address that is different from the cardholder's billing address can be a warning sign. If you are suspicious, contact the cardholder using the second phone number they provided to verify the order.
  • Develop and maintain a “bad” customer file. This should contain fraudulent names, addresses, zip codes, card numbers and companies you come across. Compile a zip code listing that spotlights areas in which you've experienced fraud.
  • Delivery address is a P. O. box in a large city. Further checking is suggested, especially if the order is from a new customer. Mail delivery services require a street address and will not ship to P.O. boxes.
  • “Rush order” request from a new customer. Be cautious when the caller appears ready to order whatever merchandise is in stock regardless of size and style.
  • Utilize CVC2 (MasterCard) and CVV2 (Visa). These are the three unique digits on the back of a MasterCard or Visa card. When you enter card-not-present transactions, have your terminal or software program set-up to ask for these three digits. Learn more information on how to process transactions using the 3-digit security codes.
  • Include your customer service telephone number. The sale should appear on the customer's billing statement with your recognizable merchant name and your customer service phone number.
  • Installment transactions. Disclose to your customer in writing the terms of the installment transaction, including shipping and handling charges and any applicable tax.
  • Send a confirmation notice. Notify the customer with a confirmation notice that includes your business name and contact phone number as it will appear on their billing statement.
  • Stop recurring transactions. If the customer has contacted you and requested that a recurring charge be canceled; update your records immediately to prevent future charges. This will reduce the likelihood of unwanted chargebacks.
Code 10 Authorizations
If you suspect that a sale that is in process to be fraud, call 800-228-1122 and follow the prompts.

The Code 10 operator will ask you for the following information:
  • Cardholder account information
  • Purchase amount
  • Card expiration date
  • Merchant name
  • Merchant location/address
  • Sales associate's name
The Code 10 operator will instruct and advise you on how or if to complete the sale.

TOP

Lodging Reservation Processing

Follow the procedures below if a merchant provides lodging services (hotel, motel, resort or inn).
  1. Verbally confirm to the cardholder the reservation by stating the following information:
    1. Card's embossed name, card account and expiration date provided by the cardholder.
    2. Name and exact mailing address, including street, city and state of the location of the lodging check-in, phone number, and check-in date.
    3. Reservation confirmation code, rate and any other details relating to the reservation.
    4. Provisions of the guaranteed reservation relating to the cardholder's obligations and any other cancellation details related to the reservation as specified below.
    5. Estimate the transaction amount based on the customer's intended length of stay at check-in time, the room rate, applicable tax and/or service charge rates, plus estimated additional ancillary charges (if any). The authorization must be made for this estimated amount. Be sure to retain the date, amount and authorization code.
      1. If necessary, you may obtain additional authorizations for additional amounts (not cumulative or previous amounts) at any time on or between the customer's check-in date and check-out date. Record the date, amount and approval code for each additional authorization obtained.
      2. A final or additional authorization is not necessary if the final total transaction amount does not exceed the sum of the authorized amounts plus fifteen percent (15%).
    6. Inform the cardholder that accommodations will be held until check-out time on the day after the scheduled arrival date unless cancelled by 6:00 p.m. (local establishment time) on the scheduled arrival date.
    7. For resort establishments, requiring cancellation before 6:00 p.m. (local establishment time) on the scheduled arrival date, the cancellation time must not exceed 72 hours before the scheduled arrival date. The cardholder must be provided with the specific written cancellation policy, including the date and time the cancellation privileges expire. If a reservation is made less than 72 hours before the scheduled arrival, the cancellation procedure of 6:00 p.m. (local establishment time) on the scheduled arrival date will apply.
  2. Provide the cardholder with the following written confirmation:
    1. If requested, provide a written confirmation to the cardholder, including the information specified above.
    2. Advise the cardholder of the billing for a No Show Charge as specified below. (A “No Show Charge” is a charge resulting from the cardholder's failure to use the reservation.) The No Show Charge must have an authorization code and must bear the words “No Show” on the signature line of the sales slip.
    3. If the cardholder has not checked in by check-out time the day following the scheduled arrival date and the reservation was not properly cancelled, the cardholder may be charged for one night's lodging (including tax).
  3. Cancellation Procedures
    1. You must accept a cancellation request from a cardholder provided the cancellation request is made before the specified cancellation time.
    2. You must provide the cardholder with a cancellation code and advise the cardholder to retain it in case of dispute.
    3. If requested, you must also provide the cardholder with written confirmation of the cancellation including the cardholder's name, the cancellation code and the details related to the cancellation reservation.
  4. No Show Procedures
    1. If the reserved lodging accommodation has not been cancelled by the specified cancellation time, the lodging accommodation must be held available in accordance with the reservation.
    2. If the cardholder does not cancel or claim the reservation within the prescribed time you may submit a No Show Charge (including tax) with the cardholder's name, card account and expiration date and the words “No Show” on the signature line of the sales slip.
    3. You must obtain an authorization code for the No Show Charge.
  5. Alternate Lodging. If the guaranteed lodging is not available, you must provide alternate lodging as specified below at no charge to the cardholder:
    1. Provide the cardholder with at least comparable lodging for one night at another establishment.
    2. Provide transportation for the cardholder to the other establishment.
    3. If requested, provide the cardholder with a 3-minute telephone call.
TOP

Car Rental Reservation Processing

Follow the procedures below if a merchant provides car rental services.
  1. Verbally confirm to the cardholder the reservation by stating the following information:
    1. Card's embossed name, card account and expiration date provided by the cardholder.
    2. Name and exact address, including street, city and state of the location of the vehicle pick-up, and customer phone number.
    3. Reservation confirmation code, rate and any other details relating to the reservation.
    4. Provisions of the guaranteed reservation relating to the cardholder's obligations and any other cancellation details related to the reservation as specified below.
  2. Inform the cardholder that the vehicle will be held until the scheduled pick-up time, unless the reservation is cancelled by the specified cancellation time, which must not exceed 72 hours before the scheduled pick-up time. If the reservation is made less than 72 hours before the scheduled rental, the cancellation period must be no earlier than 12 hours before the scheduled pick-up time.
  3. Provide the cardholder with the following written confirmation:
    1. Provide a written confirmation to the cardholder, including the information specified above. For reservations made less than 72 hours before the scheduled pick-up time, written confirmation is required only upon the cardholder's request.
    2. Advise the cardholder of the billing for a No Show Charge as specified below (a “No Show Charge” is a charge resulting from the cardholder's failure to use the reservation.) The No Show Charge must have an authorization code and must bear the words “No Show” on the signature line of the sales slip.
    3. If the vehicle has not been rented by the scheduled pick-up time and the reservation was not properly cancelled, you may bill the cardholder a No Show Charge. The amount of the No Show Charge may vary, but may not exceed the value of 2 days' rental (including tax). If the cardholder is charged a No Show Charge for a reserved vehicle, you must hold the vehicle available for the cardholder for the period of time represented by the No Show Charge.
  4. Cancellation Procedures
    1. You must accept a cancellation request from a cardholder provided the cancellation request is made before the specified cancellation time.
    2. You must provide the cardholder with a cancellation code and advise them to retain it in case of dispute.
    3. If requested, you will also provide the cardholder with written confirmation of the cancellation including the cardholder's name, the cancellation code and the details related to the cancellation.
  5. No Show Procedures
    1. If the reserved vehicle has not been rented or cancelled by the specified cancellation time, the vehicle must be held available in accordance with the reservation.
    2. If the cardholder does not cancel or claim the reservation within the prescribed time, you may submit a No Show Charge (including tax) with the cardholder's name, card account and expiration date and the words “No Show” on the signature line of the sales slip.
    3. You must obtain an authorization code for the No Show Charge.
  6. Alternate Vehicle. If the guaranteed vehicle is not available, you must provide an alternate vehicle as specified below at no charge to the cardholder:
    1. Provide the cardholder with at least a comparable vehicle from another car rental merchant for the period of time guaranteed.
    2. Provide transportation for the cardholder to the location of the other car rental merchant.
TOP

Recurring Charges Processing

A recurring sale is a transaction for goods or services that are delivered or performed periodically. A recurring sale does not include partial payments for goods or services purchased in a single transaction; and additional finance charges cannot be assessed.

To complete a recurring sale, follow the procedures below.
  1. The cardholder must deliver a written request to charge the sale to their card account including the following information:
    1. the sale amount;
    2. the frequency of the sale; and
    3. the duration of time for which the cardholder's permission is granted.
  2. The cardholder must deliver a similar written request for any renewal.
  3. If the sale is for varying amounts, the following additional conditions apply:
    1. The cardholder's written request must include the minimum and maximum amount which you may charge periodically;
    2. You must inform the cardholder of the right to receive written notification of the amount and date of the next sale at least 10 days in advance. The cardholder may elect to receive the notice:
      1. for each sale; or
      2. only when the sale amount does not fall within the range of amounts specified in the cardholder's written request; or
      3. only when the sale amount will differ from the most recent amount by more than an agreed amount.
  4. You must retain the original or a facsimile copy of the cardholder's written request for the duration of the recurring transactions. When completing the sales slip for the recurring charge, you must note “recurring charge” on the signature line. If requested, you must be able to provide a legible copy of the cardholder's written request and the sales slip.
  5. You may not process additional recurring transactions after receiving a cancellation notice from the cardholder or the issuing bank, or after receiving declined authorization.
TOP

Address Verification Service Processing

Requesting address verification is one way to help you limit the potential for accepting fraudulent card-not-present transactions.

To request address verification in card-not-present situation, follow these steps:
  1. Enter the street address, including apartment numbers.
  2. Enter the 5 or 9 digit zip code.
  3. Follow your terminal or computer instructions to enter and send this information.
U.S.A. AVS Result Codes
Code Definition Explanation
Y Exact Match Street address and 5 or 9 digit zip code match
A Partial Match Street address matched, zip code does not match
Z Partial Match Zip code matches, street address does not
N No Match Street address and zip code do not match
U Unavailable Address information is unavailable for that account number
G Global Address information not verified for international transaction
R Retry Issuer authorization system is unavailable, retry later

TOP

3-digit Security Code Verification Processing

How does the 3-digit security code work?
  • A customer places an order with the merchant
  • The merchant asks the customer for the 3-digit code on the back of the credit card
  • Card issuer checks the code to determine validity and issues a result code
  • The merchant evaluates the result code
3-digit Security Code
Code Definition Directions
M Match Complete the Transaction
N No Match View the no match as a sign of potential fraud
P Request Not Processed Resubmit the authorization request
S Code should be on the card but cardholder has reported to the merchant that there is no code Consider following up with your customer to verify that he or she checked the correct card location for the code. All valid cards are required to have the 3-digit security code printed on the signature panel
U Issuer does not support code Evaluate all available information and decide weather to proceed with the transaction

TOP

Best Practices to Prevent Chargebacks

Most chargebacks can be attributed to improper transaction processing and can be prevented with attention to detail. The following best practices will help you minimize chargebacks.

At the Point of Sale
  • Declined authorization. Do not complete a transaction if the authorization request is declined. Do not attempt a second authorization request on the same card. Instead, you should request another form of payment.
  • Transaction amount. Do not estimate transaction amounts. For example, restaurant merchants should authorize transaction only for the known amount on the check; they should not add on a tip amount.
  • Referrals. If you receive a “call” message in response to an authorization request, do not accept the transaction until you have called your authorization center. In such instances, be prepared to answer questions. The operator may ask to speak with the cardholder. If the transaction is approved, write the authorization code on the sales receipt and run a ticket-only into the terminal with the voice authorization code. If declined, ask the cardholder for another form of payment.
  • Expired card. Do not accept a card after its “Good Thru” or “Valid Thru” date unless you have obtained an authorization for the transaction.
  • Card imprint for card-present but key-entered transactions. If, for any reason, you must key-enter a transaction to complete a card-present sale, make an imprint of the front of the card on the sales receipt, using a manual imprinter. Even if the transaction is authorized and the cardholder signs the recipe, the transaction may be charged back to you if the receipt does not have an imprint of the embossed account number and expiration date.
  • Cardholder signature. The cardholder's signature is required for all card-present transactions. Failure to obtain the cardholder's signature could result in a chargeback if the cardholder later denies authorizing or participating in the transaction. When checking the signature, always compare the first letter and spelling of the surname on the sales receipt with the signature on the card. If they are not the same, ask for additional identification or make a Code 10 call.
  • Digitized cardholder signature. Some Visa cards have a digitized cardholder signature on the front of the card in addition to the hand-written signature on the back signature panel. However, checking the digitized signature is not sufficient for completing a transaction. Sales staff must always compare the customer's signature on the sales recipe with the hand-written signature on the back signature panel.
  • Fraudulent card-present transaction. If the cardholder is present and has the account number but not the card, do not accept the transaction. Even with an authorization approval, the transaction can be charged back to you if it turns out to be fraudulent.
  • Legible transaction information. Ensure that the transaction information on the sales receipt is complete, accurate, and legible before completing the sale. An illegible receipt, or a receipt which produces an illegible copy, may be returned because it cannot be processed properly. The growing use of electronic scanning devices for the electronic transmission of copies of sales receipts makes it imperative that the item being scanned be very legible.
  • “No Chargeback” sales receipts. Independent entrepreneurs have been selling sales-receipt stock bearing a statement near the signature area that the cardholder waives the right to charge the transaction back to the merchant. These receipts are being marketed to merchants with the claim that they can protect businesses against chargebacks; in fact, they do not. “No chargeback” sales receipts undermine the integrity of the payment system and are prohibited.
Transaction Processing
  • One entry for each transaction. Ensure that transactions are entered into point-of-sale terminals only once and are deposited only once. You may get a chargeback for duplicate transactions if you:
    • Enter the same transaction into a terminal more than once
    • Deposit both the merchant copy and bank copy of a sales receipt with your merchant bank
    • Deposit the same transaction with more than one merchant bank
  • Voiding incorrect or duplicate transactions. Ensure that incorrect or duplicate sales receipts are voided and that transactions are processed only once. Voided transactions may only be processed on open batches. Returns will need to be processed if the batch is closed.
  • Timely deposit of transactions. Deposit transactions with your merchant bank as quickly as possible, preferably the same day it is generated.
  • Ship merchandise before depositing the transaction. For any card-not-present” transaction, do not deposit sales receipts until you have shipped the related merchandise. If a transaction appears on the card statement before merchandise is received, the customer may dispute the billing. Similarly, if delivery is delayed on a card-present transaction, do not deposit the sales receipt until the merchandise has been shipped.
  • Cancellation of recurring transactions. If a customer requests cancellation of a transaction that is billed periodically (monthly, quarterly, or annually), cancel the transaction immediately or as specified by the customer. Notify the customer in writing that the service has been cancelled and state the effective date of the cancellation.
Customer Service
  • Delayed delivery. If the merchandise or service to be provided to the cardholder will be delayed, notify the cardholder in writing of the delay and the new expected delivery or service date.
  • Item out of stock. If the cardholder has ordered merchandise that is out of stock or no longer available, notify the cardholder in writing. If the merchandise is out of stock, let the cardholder know when it will be delivered. If the item is no longer available, offer the option of either purchasing a similar item or canceling the transaction. Do not substitute another item without the customer's approval.
  • Disclosing refund, return, or service cancellation policies. If your business has policies regarding merchandise returns, refunds, or service cancellation, these policies must be disclosed to the cardholder at the time of the transaction. Your policies should be pre-printed on your sales receipts; if not, write or stamp your refund policy information on the sales receipt near the customer signature line before the customer signs (be sure the information is clearly legible on all copies of the sales receipt). Failure to disclose your refund and return policies at the time of the transaction could result in a dispute should the customer return the merchandise.
  • Return, refund, and cancellation policy for Internet merchants. This policy must be clearly posted to inform cardholders of their rights and responsibilities. If you have a limited or no refund policy, this must be clearly disclosed to the cardholder and approved by the cardholder on your Web site before the purchase decision is made to prevent misunderstandings and disputes. You must be able to provide proof of cardholder verification of terms on your Web site.
TOP

Card Data Security Standards

MasterCard and Visa have collaborated to create Payment Card Industry (PCI) Data Security Standards (DSS). Data Security Standards consists of twelve basic requirements for safeguarding account data, supported by more detailed sub-requirements. These data security requirements apply to all entities that accept, process or store card information.

PCI Data Security Standards
Build and Maintain a Secure Network
  1. Install and maintain a firewall configuration to protect data
  2. Do not use vendor-supplied defaults for system passwords and other security parameters
Protect Cardholder Data
  1. Protect stored data
  2. Encrypt transmission of cardholder data and sensitive information across public networks
Maintain a Vulnerability Management Program
  1. Use and regularly update anti-virus software
  2. Develop and maintain secure systems and applications
Implement Strong Access Control Measures
  1. Restrict access to data by business need-to-know
  2. Assign a unique ID to each person with computer access
  3. Restrict physical access to cardholder data
Regularly Monitor and Test Networks
  1. Track and monitor all access to network resources and cardholder data
  2. Regularly test security systems and processes
Maintain an Information Security Policy
  1. Maintain a policy that addresses information security

Data Security Compliance
If a merchant does not comply with PCI Data Security Standards or fails to correct a security issue, the merchant may be subject to steep fines and operating restrictions.

Avoid Penalties and Expensive Fines
If a merchant knows or suspects a security breach, the merchant must take immediate action to investigate the incident, limit the exposure of cardholder data and notify INTRUST Card Center.

If the merchant fails to notify INTRUST Card Center of the incident, you will be subject to penalties of $100,000 per incident.

If the merchants' card transaction data is compromised and not compliant at the time of the incident, the merchant is subject to fines, up to $500,000 per incident.

Are you compliant?
Many merchants are asking how the standards will affect their business. INTRUST Card Center works with merchants to address your questions about the standards and how to comply. Statement messages and statement inserts contain helpful information about how to be compliant.

Learn more about the PCI Data Security Standards.

TOP

Improperly Installed Point of Sale (“POS”) Software

Merchants may be exposed to compromise attacks due to vulnerabilities caused by mis-configured POS software. Software that is not properly installed or adequately maintained can contribute to the compromise of cardholder account information and other sensitive data. Third-party firms, known as “integrators” or “resellers”, are often used to configure or install POS software. Because third-party firms may vary in their ability to properly install and configure common security controls, POS software may be vulnerable to compromise upon installation. Merchants are urged to begin a dialogue with their vendors to ensure their POS software is adequately safeguarded from internal and external intrusions.

To safeguard your POS software, ask your POS vendor (i.e. resellers / integrators) the following questions:
  • Does my POS software store magnetic stripe data (e.g., track data) or PIN blocks? If so, this is prohibited and must be immediately corrected.
  • Does my network have a properly-configured firewall installed to protect my POS system from unauthorized access?
  • Are complex and unique passwords required to access my system?
  • Can the POS vendor confirm they don't use a common or default password across other merchant systems they support?
  • Does my POS software enable the POS vendor to have remote access for support or maintenance? If so, merchants must ensure appropriate controls are implemented to prevent unauthorized access.
  • Is the POS software configured so that access to critical functions may be restricted?
  • Is the POS software used for payment card processing used for other functions? If so, it must be segregated from other functions. (i.e. Web browsing / e-mailing)
  • Is the operating system hosting the POS software patched with the applicable security updates in a timely manner?
  • Has my POS software version been validated as compliant against the Visa Payment Application Best Practices (“PABP”)?
Learn more about Visa's Cardholder Information Security Program and see a list of PABP compliant applications.

TOP


Want to learn more?
Contact INTRUST Card Center – Merchant Services
Call 316-383-1433 or 800-327-3483 or e-mail us.

Ready to apply to become an INTRUST merchant?
Send us an e-mail to let us know and a representative will get in touch with you.