How 3-D Secure Can Help Reduce Fraud Chargeback Losses

Do your e-commerce merchants find themselves in this seemingly helpless situation?

They accept payments for legitimate sales, only to have cardholders dispute the transaction, claiming fraud.

There are products that can completely shift liability for fraud chargebacks from the merchant to the issuer.

These products are based on EMV 3-D Secure 2.0 technology, which is a security protocol that allows issuers to authenticate online consumers.

We won’t get into the technical specifics here, but in general they:

  • Allow merchants/payment providers to send additional data elements to the cardholder’s bank.
  • Can be specific to that payment, like shipping address or contextual, such as the customer’s IP address, location, or transaction history.
  • The issuing bank uses this information to determine whether the cardholder is making the purchase.

Sometimes this is frictionless, others, an additional step is required to authenticate the cardholder.  When an additional step is needed, the issuing bank “challenges” the cardholder by sending a one-time passcode to the cardholder, for example.

How can this help merchants manage chargebacks?  It provides liability protection for certain fraud chargeback reason codes: Visa 10.4, Mastercard 4837 and 4863.

That means that if a transaction was authenticated using 3DS, and a cardholder dispute is filed for specific fraud reason codes, the liability falls to the issuer instead of the merchant.  This is commonly referred to as “liability shift.”

When cardholders commit friendly fraud and the transaction is 3DS-authenticated, the issuer is responsible for covering the chargeback.
If you have experience with the original version of 3DS and stopped using it because of the friction, it’s time to revisit.  3-D Secure 2.0 has much less friction than the original.

PAAY‘s EMV 3DS is built understanding the pain points that 1.0 brought. Friction, latency and difficulty integrating are some of the few things that were a big concern. PAAY’s solution is easy to implement, completely frictionless off-the-shelf and minimal latency.

All this to say, 3DS, specifically the solution provided by PAAY, can be an effective tool in a merchant’s toolbox for fighting fraud chargebacks.

A few things to keep in mind:

  • There are a handful of merchant category codes that are not eligible for coverage.
  • If 3DS authentication is attempted and the issuing bank does not participate, the merchant still gets the liability shift.
  • PAAY has options when it comes to implementation method. Their javascript SDK can often be implemented in less than a day.  They also offer assistance if merchants don’t have an in-house development team.
  • PAAY’s solution has all merchants in mind, especially SMB.  But is especially helpful for high-risk verticals like nutra, digital downloads, ticketing, continuity/subscriptions, travel, etc.

Chargeback Prevention Alerts: What are they and how do they work?

prevention alerts

Most merchants are reactive when it comes to chargebacks because they respond after they’re filed, which might be fine if they happen infrequently. 

However, if chargebacks are common, merchants might benefit from implementing prevention alerts.

What value do prevention alerts bring?
✔️ Keep chargeback counts low.  The notifications can help merchants stop chargebacks before they count against them.
✔️ Provide a better customer experience.  Quickly and proactively respond to customer complaints.
✔️ Take quick action.  In the normal chargeback notification process, it can take 2-5 weeks to be notified.  Prevention alerts arrive within 24 hours of a dispute.
✔️ Save on fulfillment costs.  If an order is disputed, it can be stopped before it ships.
 
Now that we know what prevention alerts can do, let’s talk about how they work.
 
Prevention alerts allow issuing banks to communicate with merchants in real-time.  When a cardholder disputes a transaction, a prevention alert network like Verifi or Ethoca alerts the merchant.  The merchant can then issue a refund and notify the alert network, thereby avoiding the chargeback.

Merchants can work directly with Verifi and/or Ethoca, or these services can be obtained through a platform like Midigator.  Here are a few considerations as merchants navigate these choices:
✔️ Verifi is more commonly used if most of the chargeback reason codes are for consumer disputes predominantly taking place in the U.S., while Ethoca handles more chargeback reason codes for unauthorized transactions globally.  These are generalities – there is some overlap between these two networks.
✔️ Sometimes, Verifi and Ethoca have volume requirements when merchants work with them directly.  These may be avoided by enrolling through a provider like Midigator.
✔️ The alert functionality merchants have access to will be the same whether they work directly or indirectly with an alert network.  When used through Midigator, they have access to the added bonus of reporting & analytics.
✔️ Platforms like Midigator can also automate the alert process, which is not offered directly.  This technology reduces the risk of errors, improves outcomes, and cuts back on time-consuming, labor-intensive tasks.
✔️ Accessing these tools through a platform like Midigator also has the benefits of ease of use and visibility.  It is much easier to manage notifications from both providers on a single platform, and the consolidated data makes it much easier to spot trends and threats.
✔️ Lastly, pricing is set by Verifi and Ethoca, whether the merchant is accessing these services directly or through a reseller like Midigator. 

Even though there are fees for prevention alert services, they can pay for themselves or even produce a return when closely managed.   The key is to select the option that best matches the merchant’s needs, and then consistently monitor to ensure the solution continues to deliver results.  It is not set-it-and-forget-it.

Secrets of Building a Successful ISO: Don’t Forget the Customers You Already Have

This is a mistake we see ISOs and agents make repeatedly: they spend more time focusing on new sales rather than supporting existing merchants.

As a result, they feel the ongoing burn of merchant services churn. With typical attrition rates hovering around 20%, that number can be almost impossible to overcome, even by the very best payments sales force.

What can you do about it?

The easiest and best place to start is choosing a processing partner that addresses these support areas well:
👉 Access to right-fit products & solutions for the types of merchants you serve. What are the pain points your merchants experience, and who has the solutions that best address them?
👉 Access to a self-service reporting platform that is easy to use and accurate.
👉 Transparency delivered, not just talked about. If there’s an issue that affects merchants, do they own it or do they use the complexity of payments to hide behind it? When you want to dig deeper into the data for your merchants, do you have that information available?
👉 Customer service requests like refunds and banking updates are handled efficiently.

The customers you already have are your most powerful form of advertising– testimonials, which can lead to a steady referral source. What are you doing to nurture those relationships and convert them to referrals?

The old adage is true ~ if you’re not growing, you’re dying. But don’t focus so much on bringing new business through the front door that you fail to see the back door swinging wide open.

Secrets of Building a Successful ISO: Don’t Spread Yourself Too Thin

Don’t spread yourself too thin across too many processing relationships.

It is nearly impossible to have only one payment processing relationship. One might be your only source for petro, another might be your only best option for high risk, while yet another might have your favorite solution for retail card-present business.

ISOs usually find themselves in a situation with multiple processing relationships because they’re trying to be everything to everyone. They want to sell into every opportunity that they walk into.

But ISOs should try to minimize these relationships down to a select few.

Why?
➡️ When ISOs spread themselves too thin across several relationships, they usually don’t have leverage in any of them.
➡️ They spend too much time managing merchants across several platforms, leading to inefficiency
➡️ They spend too much time learning the ins and outs and supporting each of these processor platforms.
➡️ They spend too much time consolidating residual downlines across several relationships. Yes, there are tools to help manage this, but they can be expensive and the more relationships, the more complicated you make this activity.
➡️ They significantly reduce the value of their business if their ultimate goal is to sell.

Diversity isn’t a bad thing when it comes to processing relationships.

After all, we’ve all seen a merchant services portfolio go downhill fast after an acquisition, a sponsor bank program that’s gone sour, or some other major event that puts a portfolio at risk.

But diversification is a balancing act. ISOs should find their niche, establish solid processing relationships that meet the needs of that niche, invest in making the processes with them more efficient, and then nurture those relationships.

Secrets of Building a Successful ISO: Integrity Has a Rightful Place in the Most Successful Payments Companies

Integrity has a rightful place in the most successful payments companies.

Success and operating with integrity aren’t mutually exclusive in merchant services.

We don’t know how the idea of anything contrary to this started, but it’s time to reverse it.

✨ We can do things the right way and be richly rewarded. Bring your own definition of rich, whether it’s financial, surrounded by great people, building a legacy, work/life balance, etc.
✨ We can opt out of using the complexity of payments to our advantage, and instead, work transparently and honestly.
✨ We can stop trying to make a quick buck via hidden, dishonest nickels and dimes (mega processors that try to recoup acquisition costs in this way, I’m talking to you.)
✨ We can lead by sharing knowledge instead of hoarding it.
✨ We can be honest stewards of the lifeline of funds for the businesses we serve.

Payments people who have figured this out are truly living the dream.

The right way is THE way.

Secrets of Building a Successful ISO: Know Your Numbers

Secret # 4 to building an ISO that will stand the test of time: Know your numbers.

One of the key activities to managing a successful payments portfolio is to track its performance with meaningful KPI’s.

✔️ First, set your strategic, financial, and operational goals.
✔️ Identify the KPI’s that align with your goals.
✔️ Set up a system to collect, calculate, and review regularly.

Here are a few ideas to get you started:
• First the obvious – processing volume, active merchant count, revenue billed, etc. If these baseline numbers aren’t correct, nothing else will be. START WITH GOOD NUMBERS! Then be consistent in the way that you measure.
• Profitability by merchant so that you can easily identify under- and over-performers
• Month over month margin change for the overall portfolio
• Average merchant life
• Average lifetime value of merchants
• Net revenue / gross revenue ratio (how well are you managing your expenses as your revenue grows? If you’re scaling well, this ratio should be increasing)
• Net margin loss – average margin of deals lost vs. average margin of deals being boarded
• Losses as a percentage of revenue (are you taking too much or too little risk?)
• Overall chargeback ratios

Operational:
• Calls/Inbound customer service inquiries per day
• Average call time / response time
• Call hold times, average and longest
• Number of customer service inquiries per rep per day
• Client satisfaction level whether your clients are merchants, agents, or other ISOs
• Underwriting timeframe from application submission to MID issue.

As you track these, you’ll see the trends– the most important of which is that improvement in your operational metrics leads to success with the financial ones.

Secrets of Building a Successful ISO: Don’t Feed the Beast

Here’s a scenario that plays out too often:
ISO gets locked into a payments processing deal with a minimum. The processor doesn’t have the right solution or consistent service for the type of merchant services business ISO is boarding.

They end up sending business there because they have to, not because they want to.

Or, maybe the processor is great, but the ISO has underestimated the effort required to meet the minimum and ends up having to cover the difference.

There are great processing arrangements out there without minimums.

Do your homework and spend time to shop it.

But remember, picking the right one goes much deeper than cost.

Why Price-Based Selling Can Be Detrimental

If this is your merchant services hook, you might need a new one:
“I can save you money.”

Here’s the problem with a price-based sales approach: Anyone can do it. And as we drive closer to zero margins, why would you want to?

You have to find a differentiator that sets you apart from the competition.

Not sure where to start?
This is where.   Business owners/stakeholders are looking for ways to 1) Save time and 2) Grow revenue

What are some specific ways we can help businesses save time and increase efficiency?
✔️ Integrated payments that streamline business operations
✔️ POS with additional features like inventory management, timesheet management for employees
✔️ Adding e-invoicing and payment collection that syncs to accounting software

Examples to grow revenue:
✔️ Omnichannel
✔️ Adding a loyalty program, gift cards

If you can help them achieve these things, price becomes secondary.

Here’s the good news— we have an abundant supply of tools at our disposal to help merchants streamline payments and provide value-added benefits to their business. But it’s on you to stay curious enough to find them, and then partner with a processor that can support them.

Those are the things you should do, now let’s talk about what you shouldn’t. These strategies center the sale around price, which is detrimental:

👎 A Cash discount/dual pricing with nothing else backing it.
A strategy based on this alone is a losing one. Someone can come right behind you and offer a lower cash discount rate. You’d better have something else making the merchant sticky or prepare to lose them in the near future.

👎 Leading a sale with statement analysis and a savings proposal.
I love the tools that are out there to help a merchant understand what they’re paying and they have their place. But when you start with this, expect the sale to be centered around it. It’s nearly impossible to transition the value you bring to something else once you’ve made this your starting point.

Lastly, when you compromise on price, you compromise your value. Be willing to say no and walk away if a sale isn’t mutually beneficial.

Proposed new MCC for Guns & Ammunition

Everyone is talking about the new Merchant Category Code (MCC) for sellers of guns and ammunition.

Let’s discuss why we have MCC’s, what they can be used for, and then let you draw your own conclusions about whether this is a meaningful solution for the problem the greater powers set out to solve.

The card brands use MCCs to classify businesses based on the types of products or services they provide. They are set by the International Organization for Standardization.

Card brands, issuers, and acquirers use them to categorize, track, and sometimes restrict transactions. They can be used for tax reporting. They can be used for interchange qualification.

Why would we want to put a certain business in its own category?
➡️ Prohibit a certain business type from accepting payments or categorize it as high risk.
➡️ Issuers can decide they do not want to allow transactions on their card for a MCC and block that transaction from being accepted. The most common example of this is using a health care savings card – you can use it at a qualifying healthcare provider’s practice but not to buy a Big Mac from McDonalds.
➡️ Charge a special interchange rate for that MCC.
➡️ Set special chargeback rules for a given MCC.
➡️ Provide rewards to cardholders based on the type of purchase
➡️ Give certain business types the ability to charge a convenience fee.

And lastly, when we categorize anything at all, we do it for the purpose of data collection and analytics. Previously, we had a haystack full of “sporting good” providers, now we can easily pick out all of the gun and ammo needles within.

But while an MCC can help us categorize the stores that are selling these products, it does nothing to provide visibility into the actual products being purchased. It tells us where a cardholder spends money, but it doesn’t tell us exactly what they purchased. It could be an assault rifle or a child’s BB gun— that type of reporting will not be accomplished with this MCC.

Now you decide… Will there be sweeping changes/impacts for gun dealer payment acceptance?

Don’t Let Weak Financials Lead to an Underwriting Decline

Have you ever submitted a high volume, low risk deal to underwriting, only to have it declined due to weak financials?

Here’s what you need to know before you spend time working the next big deal.

One of the things always top of mind for acquirers is mitigating financial risk. Higher stakes with large volume deals means more exposure. Add in another risky component like future delivery and the stakes get higher, so the underwriting requirement list starts to get longer.

At a minimum, they’re going to want financial statements and bank statements. They’re trying to assess whether this company has the resources it needs to continue operating indefinitely, that it will make enough money to stay afloat and avoid bankruptcy. They’re also looking for activity on the bank statements that aligns with the company’s business model.

It’s not hard to do a cursory review yourself before spending a lot of time on it. After all, there’s a lot of work involved in assembling a package for underwriting. Plus, it’s not beneficial for you to be involved with failing businesses, whether you hold liability or not.

Here are some quick hits to figure out how healthy a company is:

✅ Current ratio: this measures whether a company has enough assets to meet its short-term obligations. Divide current assets by current liabilities. In general, the larger the number the better, and anything less than 1 can be concerning.
✅ Net income: Are they profitable? If there are losses, are they trending in the right direction? Where does funding come from to cover losses? Do they have enough runway to make it to profitability?
✅ Does the balance and activity in the bank account make sense given the business model? Is there cushion to cover unforeseen circumstances?
✅ Does the company have significant debt obligations that could be difficult to meet with any decline in income?
✅ Do the financial statements make sense given the business type? If it’s future delivery, they should have a liability line item that shows you exactly what they owe for products/services that haven’t been delivered.

Even if you’re intimidated by accounting, you can learn the basics to best position yourself to help the merchants that will be around for years to come.

And remember, acquirers like to come from a place of Yes, too. They like to add volume and margin just as much as you do. But they’re careful to weigh financial risks against potential gain. After all, when things go south, they are usually the ones left holding the bag and covering the losses. And no matter how seldom it happens or how small the dollar amount, a loss hurts just the same.