Category Archives: Merchant Issues

Welcome ICVerify Customers!

As some of you know, ICVerify has recently shut down their business. As such, many businesses are now being left without a payment solution for their businesses and merchant accounts. From us here at Web Payment Software, we would like to welcome any and all former ICVerify customers to our business. We would love to become your payment gateway solution. If you look over our site, you’ll see that not only do we offer great rates, we are half the cost of our competitors. We offer cost-plus pricing for all of our merchant accounts with rates as low as 2.25% which can’t be beat by our competitors.

Curious how Web Payment Software can streamline your merchant account and payment gateway services? Contact Us Today!

Merchant Category Codes: What Are They and How Do They Affect You?


There’s an awful lot of data that’s thrown at merchants and consumers where credit cards are concerned. However, from a consumer perspective, knowing how your credit card categorizes businesses is a useful tool to maximize the benefits you gain from your card’s rewards program. For merchants, knowing how your business is classified will help you make sure you’re getting the best rates for interchange fees. I’ll be going over why you should know the different, “merchant categorization codes” so you can take maximum advantage of your card and get the best benefits from them.

History of Merchant Categorization Codes

Back in ’04, the IRS required that businesses be classified based upon the market segment that they occupy. An MCC is a four-digit code that a business is assigned once it starts accepting one of the two major credit card brands; Visa or MasterCard. Businesses that purchase some kind of service are required to report it on a 1099 form at the end of the year, while purchased goods don’t have the same requirements. Certain businesses are also tagged for lower interchange fees depending on the type of business that it is. You can find a database of MCCs here.

How MCC Affects Consumers

While a consumer doesn’t have to worry about interchange fees for their business, MCC still affects consumers by the codes assigned to the stores that they frequent and how that comes into effect with their rewards programs for their credit cards. Say your Visa card gives you 5% cash back on groceries when you use it, you’re going to want to know what stores qualify as a grocery store according to Visa. For example, Target, qualifies as a grocery store, so knowing this, even if you purchase things that aren’t considered grocery items, because Target is a “grocery store” according to Visa, you will still receive the 5% cash back for your entire purchase.

Conversely, however, you should keep an eye out to make sure that a business that you think is in one category, is in fact, in another. For example, you may think that 7-11 might qualify as groceries, but in fact it actually falls into “service stations” category. A great resource to use to find out what businesses fall under what MCC is to use Visa’s Supplier Locator website.

How MCC Affects Merchants

While how MCC affects consumers is relatively simple, for merchants, it gets a little more complicated. MCC can affect a merchant’s interchange rate, now we’ve spoken about interchange briefly when we discussed tiered pricing v. cost plus pricing. However, there are a few factors, some of which are outside the business owner’s control. For example, the type of card, how your payment processing account is configured, as well as what steps you take to complete each transaction can all affect your interchange rate. For the sake of brevity, we’ll just focus on how your interchange rate is affected by how your business is categorized.

Certain industries qualify for special incentive programs that mean better rates. For instance, card associations may feel that these specific industries have a markedly higher growth potential and want to encourage card use. Or, the special rate could be an incentive offered by Visa or MasterCard to promote card acceptance. Some examples of these industries include: charities, supermarkets, insurance providers, and gas/service stations. However, some businesses that do qualify for a better interchange rate don’t receive it because their accounts haven’t been properly categorized by their payment processor’s systems. To make sure you’re getting the best rate, talk to your payment processor and make sure they understand: what industry your business operates in, that your industry classification is correct, and whether or not your categorization qualifies you for a special interchange rate. These programs can lower your rates by 10 to 30 basis points lower than standard retail rates, saving merchants between $1.00 to $3.00 on every $1,000 processed.

10 Tips To Prevent Credit Card Fraud This Holiday Season

With EMV in full swing, there is a much higher chance this holiday season for merchants to end up with coal in their stocking due to the potential of CNP fraud rising because of EMV. However, there’s no need to worry, as long as you stay vigilant and know what to look for, here are 10 signs that you might be subject to CNP fraud.

Tip #1: First Time Shopper

This one might seem kind of silly, but always be wary of first-time shoppers, criminals are always looking for new victims, this also plays into to tip #2.

Tip #2: Larger Than Normal Orders

Stolen cards or account numbers have a limited life span before they get flagged. Because of this fraudsters are looking to get the most out of their purchases so it’s, “go big or go home” when it comes to their purchases.

Tip #3: Orders That Include Multiples Of The Same Item

This comes down to simple math, criminals are looking for as much profit as possible, having multiples of the same item increases their profits.

Tip #4: Order Is Only “Big Ticket” Items

Your big ticket items have the maximum resale value, and therefore the maximum profit potential for fraudsters. Watch out for orders like these, it might be exciting to see, but always verify with the customer first before you fulfill it.

Tip #5: Shipping To An International Address

A significant number of fraudulent transactions occur outside of the US since Visa AVS can’t validate non-U.S. purchases, outside of Canada and the UK.

Tip #6: Single Address, Transactions on Multiple Cards

This should be a red flag when this appears, as this could involve account numbers that were generated using pirate software, or even be done with a batch of stolen cards.

Tip #7: Multiple Transactions On One Card Over A Short Period Of Time

This could be an attempt to “run the card” (make as many transactions as possible) before the account associated with the card is closed.

Tip #8: Multiple Cards Used From Single IP

If more than one or two card is being used to purchase from your store from the same IP address, then there is a high possibility that the transactions are fraudulent.

Tip #9: Multiple Transactions On Card with Single Billing Address, but Multiple Shipping Addresses

This kind of fraud usually indicates organized activity rather than a single fraudster at work. Be very cautious of these kinds of orders.

Tip #10: “Too Good To Be True”

The old adage rings true for online business, if the order is uncharacteristically large for your business or if the sale is otherwise outside the norm for your business, it’s probably too good to be true and is a fraudulent sale.

Tiered Pricing v. Cost Plus Pricing

Cost plus v. tiered pricing is commonly misunderstood by merchants. If you’ve ever scouted for better credit card processing rates, you’ve probably been asked by competing merchant account services to present your previous months’ statements for them to analyze.

When you get back quotes from them, you could see a difference in cost from just a few tenths of a percentage point, to hundreds of dollars a month in potential savings. However, if the rate you’re being quoted is the same as the one you have now, how is it that there is such a huge discrepancy in the numbers?

Welcome to one of the most misunderstood and potentially confusing parts of the payment gateway industry: merchant account pricing and its wide variety of different payment structures. The most common being Interchange/Cost Plus Pricing versus Tiered Pricing.

But, before we go into the pros and cons of each, you should first understand that one of the reasons behind why there could be such a huge difference in cost from one account provider to the next is how they have your company set up to process credit cards. There are a lot of different factors that can influence the rate you’re given by your merchant account provider:

  • Type of card used(a no-frills basic Visa card versus a Visa Reward Card will process at different rate “buckets” or “tiers;” the interchange on a rewards card will be higher)
  • The way a transaction is processed (swipe in-person, over the phone orders, keying in card number in person, accepting payments online)
  • The type of business accepting the card (are you selling high-risk, high ticket items? Is your business type historically prone to troublesome chargebacks?)

For example, if your business started out as an online store and now you’ve opened a brick and mortar store front processing card present transactions, you’ll save an incredible amount of money if you simply inform your merchant account provider of this change. Basically, each transaction will cost you less because you’re processing a card face to face, which is much more secure than a card not present transaction (processing a credit card through an estore or over the phone order). So before you even begin shopping for rates, make sure your business is set up to process card orders the right way.

Tiered Pricing

Let’s first look at how tiered pricing works. The word “tiered” means that the merchant account provider splits all card transactions into separate “tiers” or “buckets.” The most common tiered pricing structure includes three tiers: Qualified, Mid-Qualified, and Non-Qualified. Another tiered system that you might see is a six-tier which includes special pricing for PIN-entered and PIN-not-entered debit card transactions. Three tier pricing is much more common, so we’ll mainly focus on that system in this article. The major credit card networks post something called a Qualification Matrix which dictates what interchange category a transaction will post to based on:

  • How the transaction is entered (swiped, keyed in, etc.) and
  • What type of card is used (reward, non-reward, corporate)

Once the card is swiped or keyed in, the credit card terminal talks to the cardholder’s bank to identify the card type and then places the transaction into one of the three “tiers” we talked about earlier. To better understand this system here’s an example of how it works:

  • Qualified Rate: 1.85% (regular card, swiped in a card present transaction)
  • Mid-Qualified Rate: 2.25% (rewards card swiped, keyed in)
  • Non-Qualified Rate: 2.55% (corporate card, ZIP code verification incorrect)

Example 1: A rewards card is swiped at your terminal. You pay Mid Qualified 2.25% plus any surcharges that the MSP charges for this tier of transaction.

Example 2: A corporate card is swiped at your terminal. You pay Non-Qualified 2.55% and any surcharges that the MSP charges for this tier of transaction.

When speaking to an account rep and they quote you “their rate” of X% and if you know they’re based off of a tiered system, be aware that “their rate” of X% is the QUALIFIED RATE only. Trust me when I say you’re bound to process cards that fall under the mid and non-qualified tiers, so make sure you ask what their additional rates are when researching merchant accounts.

Cost/Interchange Plus Pricing

The second and just as common pricing structure offered by merchant account providers is interchange plus otherwise known as cost plus pricing. This structure is a little easier to understand. When a card is processed, it doesn’t fall into a “tier.” Rather, each card has its own interchange rate attached to it, and then your merchant services provider adds on its own interchange markup fee (a percentage) plus a flat-rate transaction fee (usually only 10 to 20 cents per transaction). For example, lets say you run a basic Visa card via a swiped transaction. That specific card is looked up on a standardized rate table that breaks card types into 400 or more categories and assigns each card a percentage based off of that table. Your merchant account provider then adds their own fixed percentage PLUS 10-20 cents. That total of percentages and cents is your processing cost for that transaction. Let’s break this example down further:

Your merchant account provider charges you .77% + $0.15 per transaction. You accept a basic, no-frills Visa with an interchange of 1.60%. Your cost for that transaction is 1.60% plus .77% plus $0.15 or 2.37% and $0.15.

After reviewing this information between Cost/Interchange Plus vs. tiered pricing, you’re probably wondering which pricing model is best for your company. The answer is: it depends on your business type, your processing volume, and which types of cards you encounter most frequently. I would recommend gathering at least three previous months of processing statements or, if you’re opening a new business, make some educated guesses about the aforementioned questions and send them to several different merchant account providers. Most will analyze your statements (or the information you’ve provided them) and be able to quote you how much they would charge you based on your transaction history. Some will be able to come in much lower than others based on either their flat cost plus fee or the way that they’ve set up their “tiers.” It pays to look at several offers from competing service providers while trying to get the best rate and price structure possible for your company.

The EMV Liability Shift: How Does This Affect Online Merchants?

This October, the much-discussed Payment Networks’ Liability shift with EuroPay, MasterCard, and Visa (EMV) is due to take effect in the US. What does this mean for online merchants who don’t have a brick-and-mortar presence? It could result in higher costs due to increased fraudulent purchase attempts. However, taking preemptive measures can save you and your company a pretty penny in the long run.

“The Liability Shift”

The October 1 2015, date denotes what is commonly called, “the liability shift.” After this date, when credit card fraud takes place, liability for the costs falls on the entity using the lesser technology. In 2015, the liability for credit card fraud in the US is estimated to total more than $15 billion.

After the shift occurs, if a merchant is still using the swipe and signature method, and the customer has a “smart card” (a credit card with the EMV chip technology in it) then the merchant is liable. If the merchant is using the chip and PIN technology which will become the new standard for the terminals, but the bank hasn’t upgraded to the smart card chip, then the bank is liable. However, this technology is only denoted to be used by brick-and-mortar merchants, this increase in physical security has no effect on CNP transactions.

How The Liability Shift Affects Online Merchants

Now, you might be thinking that, “I don’t have a retail store, so I won’t have to worry about this effecting my business, since all of my transactions take place online or via mobile.” Well, it is true, that the liability shift does not effect online merchants, you won’t have to worry about having a card reader that can utilize the new security features. But, this also now makes online purchases the path of least resistance for counterfeit purchases and credit card fraud. In a study conducted in 2014, CNP (card not present) fraud made up 45% of total US card fraud.

EMV will not result in the elimination of counterfeit fraud, nor will EMV spell an end to database breaches; it will merely force criminals to adjust their tactics and targets. In Canada, when they performed the EMV shift, counterfeit and lost/stolen fraud had a 54% decline from 2008 to 2013, while CNP saw a corresponding increase, jumping 133% over the same period.

Canada, wasn’t alone in this jump. In the UK, CNP fraud rose by 79% when they performed the liability shift back in 2005. Development of more sophisticated fraud analytics by issuers and merchants and an increase in use of 3-D secure technology (explained below) has helped to rein in CNP fraud, soft targets such as call centers has caused this form of fraud to start rise again.

The good news is that there are a wide variety of solutions available to secure the CNP environment; as with any type of fraud prevention, no single point solution will suffice. Instead, merchants should take a layered approach to their defenses. Here are a few different security tactics that you can use to secure your data further.

Behavioral Analytics

Behavioral analytics are a key technology for merchants seeking to bring their fraud-mitigation technologies down to the transaction level. Behavioral analysis tools detect fraud by monitoring the user session and transactions to detect suspicious activities and patterns associated with possibly counterfeit cards. However, as with any tool, you do have a certain level of false positives. To minimize the level of false positives, it is good to have a stepped-up authentication process that includes the end user.


Tokenization is a great compliment to EMV; it essentially picks up where EMV leaves off in the card security process. EMV secures the communication between the card and the POS terminal, but does nothing to encrypt the data, between the merchant and the issuer. This is where Tokenization takes over and replaces the card data with a secure token.

Tokenization removies the account number on the payment card from merchants’ databases and replaces it with a string of letters and numbers that serve as a proxy for the true cardholder data. Which can be used by the merchant to facilitate settlement, recurring payment, chargebacks, etc., but is useless to criminals if the merchant’s system is compromised.

3-D Secure

Finally, there is the 3-D secure protocol which adds an additional layer of authentication in CNP transactions. You know these as Verified by Visa, MasterCard SecureCode, and AMEX SafeKey. One of the key value driver for this level of security is that when they use 3-D Secure, for CNP transactions, the fraud liability shifts to the issuer, even if the issuer doesn’t have the corresponding Access Control Server infrastructure to support a 3-D Secure request.


Card fraud is rapidly escalating at POS and in CNP channels. The arrival of EMV will certainly help stamp out counterfeit fraud, but the experiences of other countries shows that the arrival of EMV will do nothing to stop database breaches, and CNP fraud will rise precipitously unless preventative measures are taking preemptively. With the clock quickly ticking away to the October 2015 liability shift. Merchants should begin to implement the above security methods to guard themselves from this incoming rise in attacks once the shift happens.

What is The EMV Liability Shift?

Blog Title EMV Liability Shift

EMV chip technology is currently rolling out to consumers and merchants based in the United States. These chips help protect in-store payments by generating a unique, one-time code needed for the transaction to be approved. This feature makes it virtually impossible to counterfeit cards, which will help eliminate in-store fraud. However, there are a few things that as a merchant you’ll need to know sooner rather than later where this technology is concerned.

The Liability is Shifting

In October of this year, in-store counterfeit fraud liability will shift to the party that has not adopted the chip technology, whether this is the financial institution backing the card or the merchant who hasn’t adopted the necessary equipment to use this technology effectively. Here are the rules that will affect all merchants starting in October.

Rule 1

If a traditional magnetic stripe card is swiped by the customer at a magnetic stripe terminal and the purchase is a counterfeit transaction, the merchant is not generally liable, just like today.

Rule 2

However, if a chip card is used at a traditional magnetic-stripe only terminal. If the purchase is counterfeit, the merchant will generally be held liable, because the issuer (Visa, Master Card, et al.) has invested in the technology to make the transaction more secure, however, the merchant did not.

This rule is the one big rule that bears repeating, if you do not invest in the new EMV chip terminals, you, as the merchant, will be held liable for any counterfeit transaction that occurs within your store, regardless if the counterfeit card is a chipped card or a stripe only card.

Rule 3

When a chip card is used at a chip-enabled terminal that has been activated by the merchant, if the purchase is a counterfeit transaction, the merchant will not be liable, and the issuer will continue to bear the responsibility of the fraudulent activity.

While these rules seem to be putting the squeeze onto the merchants, the bright side is that when both parties, merchant and issuers adopt the EMV chip technology, this is predicted to virtually eliminate counterfeit fraud due to the security technology embedded within the EMV chip.

Visa EMV Technology Infographic