Due to the nature of the Payment Facilitation (PF) model where transactions are processed and funds disbursed, the card brands (Visa, MasterCard, AMEX, Discover) require PF’s to adhere to their operating regulations and card-acceptance policies. Here are basics you need to know:
Card Brand Registration
In order to become an authorized intermediary between buyers and sellers, PF’s are required to register as an aggregator with the card brands. This process requires sponsorship from an acquirer and adherence to regulations that the cards brands have established. Required information includes: types of merchants, information they must collect & report, and policies & procedures.
Payment Card Industry Data Security Standard (PCI DSS)
The Payment Card Industry Data Security Standard (PCI DSS) Council was founded in 2006 by the card brands (Visa, MasterCard, AMEX, Discover) to provide guidance for maintaining payment security. PF’s must register as a Level 1 PCI DSS-Compliant Service Provider due to the fact that they are storing and processing sensitive cardholder data.
PF’s are required to ensure their merchants don’t engage in activities that harm the Card Brands. This includes fraudulent, business practice and sales of prohibited goods/products (adult content, gambling, etc.).
PF’s must adhere to the rules that the Card Brands have implemented around charging transaction fees. For example, a PF would be prohibited from using surcharges to encourage the use of a preferred card or payment method.
Want to learn more about ‘what good looks like’ in supporting, payment facilitators, marketplace and other third-party complex payment models. Contact us.