VISA/MASTERCARD REQUIREMENTS FOR MERCHANTS WITH ECOMMERCE WEBSITES

The rapid growth of electronic commerce and new Internet business models continues to pose risk management challenges for Acquirers/Processors. Visa and MasterCard have mandated that all merchants who process and/or accept credit card orders using a shopping cart, web hosting company or other internet means (often referred to as “ecommerce transactions”), must adhere to the following regulations to remain compliant.
Websites now must display all of the information listed below. Account Executives can provide this information as a checklist for their merchants.
A complete description of the goods and/or services offered.
Business and contact information, including the business address and telephone number. The address displayed must match the physical address of the business.
Alternate contact information (including email address and fax number).
The currency in which the transaction will be conducted.
Customer service telephone number.
Delivery standards, including delivery method (i.e., FedEx, UPS, USPS, etc.) and time standards i.e., product will arrive within three business days). Both domestic and foreign import/export shipping time standards must be included (if applicable).
Merchants must disclose the business’s country of origin (i.e., United States).
Card association logos must be displayed.
Terms and conditions, as well as export and/or legal restrictions (including for international transactions, if applicable) must be displayed on:
The same screen as the checkout screen (where the total purchase amount is displayed), OR
Within the sequence of Web pages the cardholder accesses during the checkout process.
A clear and concise privacy policy. This must also disclose what information is collected, how it is tracked and with whom it is shared.
The business’s refund/return policy must be described in full detail, so that cardholders are aware of their options before purchasing the product or service. It must also include a “Click Here to Accept” function.
The Website’s security method for the transmission of payment data (i.e., SSL Secured 128 bit).
Customers must be able to review all information prior to completing the sale and have the option to cancel the sale.
Contact information for the Web hosting service must also be displayed.
The above information will be reviewed by Underwriting when an ecommerce application is submitted. The deal will be pended if the website does not display all of the above information. Account Executives must inform their merchants who process ecommerce transactions of the above Visa/MasterCard requirements. In addition to the initial underwriting review, annual reviews are required by VISA and will be conducted by the Transaction Risk Department for each ecommerce merchant. Merchant will be contacted if non-compliant items are noted. If not corrected, the merchant account may be subject to termination.