Credit Card Processing
Understanding Risks & Fees
Michelle Powell - BASYS Processing, Inc.
Major Industry Topics
Industry Process Flow
Breakdown of the different fees
How to lower your rates
PCI DSS – Compliance
Risks of Non-Compliance & Breach
Chargebacks
Industry Process Flow
1. Issuer
2. Acquirer (BASYS)
3. Merchant
4. Settlement Bank
Breakdown of the different fees
Interchange Rates
Processor fees
Set by the Issuing Bank
Monthly Fees
Rate and per item fee
Per item fees
Assessment Fees
Discount Rates
Debit vs. Credit
Rewards vs. Corporate
Programs
Tiered
Target Rate or Flat Rate
Cost Plus
What’s your Rate?
Always the first question
How processing?
What type cards accepting?
Re-Qualification analysis
Blind quotes will always lead you astray
1,200 different rates of interchange
How to lower your costs
Lower risk = Lower cost
Processing Method – Terminal, Software, Gateway
Additional Data Sent
AVS = Address Verification System
Level 2 vs. Level 3
Pre-Authorizations
Daily settlement
PCI - DSS
Payment Card Industry – Data Security Standards
Set of comprehensive requirements to help ensure the safe
handling of cardholder data throughout the payments chain.
ALL Organizations, regardless of size or number of
transactions must comply with PCI DSS and fill out the
annual questionnaire.
PCI, Audits and Breach
Completing the SAQ will sometimes uncover
vulnerabilities or areas of concern that your IT
department will need to address.
Data Audits may be necessary and are provided by one
of the authorized 3rd party partners Visa/MC/Discover
have approved
Breach Insurance = Costs range from $10 - $40/month
Can cover $50,000 or more in expenses related to the
breach
PCI Potential Risks
Non-Compliance
Fees range from $19.99 - $89.99 per month
Attacks against Level 4 merchants are on the rise
Merchants who process <1 millions transactions annually
Average organizational cost per breach is $5.5 million
Cost per compromised card is $195 on average
Recent surveys showed that over 70% of small
businesses that have a breach do not recover
Credit card industry approach to PCI
Typically merchant processors prefer a Reactive
approach
PCI Requirements and action items are buried in
generic statement messages
Merchants are left to their own devices to complete
SAQ
Non-Compliance is viewed as a revenue generator and
a way for companies to assess additional fees
BASYS Processing approach to PCI
Unique and pro-active approach to Compliance
Fully staffed PCI Compliance team to assist with annual
questionnaires as well as quarterly scans
Follow up on an annual basis to make sure you’re
compliant
Our goal is to not have to bill Non-Compliance
Chargebacks
A transaction disputed by the Cardholder or Card
Issuing Bank
Most common reasons for Chargeback
Returned merchandise
Terminated services
Disputes, errors, or fraud
Risk of the business, however there are ways to
prevent or prohibit this from happening to your
business
Questions?
Thank you for coming!
Visit our booth in the Exhibit Hall
Contact me at [email protected]
By phone at 1-800-386-0711