Saturday, May 10, 2014

MasterCard Regulations and so called MOTO transactions.

Fellow B/SotL, I apologize for my inactivity as I venture into a new business ownership opportunity and sell my own cigars. Today, I want to discuss a very important issue for small businesses in the Cigar trade. I will attempt to be as factual as possible, as a single violation of the rules can result in a ban from accepting credit cards in professional business.

As you probably already know, businesses wishing to handle financial information such as credit card numbers of their customers must conform to PCI Compliance standards. This is mandatory, and not following their standards places your customers financial information in a potential state of risk. One standard, for example, is not storing any credit card data in an un-encrypted format. If a business were to take credit card transactions by carbon copy ream, the copies would have to be destroyed immediately after clearing.

PCI compliance was established by the five major crediting agencies: Discover, Visa, American Express, MasterCard, and JCB Financial, and it was supposed to standardize the requirements for merchants to do safe business with consumer credit information. Remember that word, "Standardize", for a moment. We're coming back to it.

The idea is simple, no matter what agency holds your cards, no matter what financial institution credits them, the standard by which they are protected should be the same, right? This makes it, among other things, so that a Merchant doesn't need different equipment for different standards of card? Imagine if you had to put your card in the correct reader every time you pumped gas. It's stupid.

MasterCard has decided that, for certain industries, PCI Compliance isn't good enough. Yes, you heard me right. The standards that they developed, they now render insufficient in certain markets.

"Well Ephram, how fucked, exactly, is the situation?"

At this time, I can still take a MasterCard in a face to face transaction where the card is read via magnetic stripe or chip. If I can prove I have a record of the card being present, and the transaction is PCI compliant, I'm still safe. However, if I take that transaction online, or over the phone, in what's referred to as a MOTO (Mail Order/Telephone Order) transaction, MasterCard demands an additional compliance fee of $500 dollars annually, as well as an annual write up from an independent attorney, showing my business complies with all regulations in my state, as well as the states I ship to.

Don't want to play ball? That's fine. If MasterCard catches you in the act, they fine your Merchant Services provider $10,000, and guess what, they won't pay it. Why should they? It's your "mistake". They pass that fine on to you. They may also close your account. They may also blacklist your business from getting another merchant services account, effectively denying your ability to take credit cards in your business. It's a Death Sentence for small businesses.

Even if you decide to play ball and register every year, get your attorney, cough up the money, etc. should you ever decide not to re-register, they might blacklist you anyways to "protect" the integrity of the electronic marketplace for other consumers. Is this starting to sound like the mafia yet?

"So, what can I do about it? I'm just a consumer."

To protect your favorite retailers of cigars, the best thing you can do is not use a MasterCard - any MasterCard. This may not be good enough soon, if Visa jumps on the bandwagon as they have discussed recently.

If you're dedicated to the cause, close your MasterCard, show them their Mafioso practices are unappreciated. I don't honestly expect anyone to do this, but I know I would if I had one. Stay appraised of these issues as the world tries to shut down our beloved hobby and lifestyle. My merchant services provider, or MasterCard, would not have informed me of these practices until it was too late. Keep knowledgeable to protect yourself and others.

Please Read for more info: http://www.ipcpr.org/?page=PCICompliance

-Ephram Rafael
Current Smoke: My Father Cedros Deluxe

No comments:

Post a Comment