This article needs additional citations for verification .(June 2012) |
An acquiring bank (also known simply as an acquirer) is a bank or financial institution that processes credit or debit card payments on behalf of a merchant. [1] The acquirer allows merchants to accept credit card payments from the card-issuing banks within a card association, such as Visa, MasterCard, Discover, China UnionPay, American Express.
The acquiring bank enters into a contract with a merchant and offers it a merchant account. This arrangement provides the merchant with a line of credit. Under the agreement, the acquiring bank exchanges funds with issuing banks on behalf of the merchant and pays the merchant for its daily payment-card activity's net balance — that is, gross sales minus reversals, interchange fees, and acquirer fees. Acquirer fees are an additional markup added to association interchange fees by the acquiring bank, and those fees vary at the acquirer's discretion. [2]
The acquiring bank accepts the risk that the merchant will remain solvent. The main source of risk to the acquiring bank is fund reversals. Consumers can trigger the reversal of funds in three ways:
Card associations consider a participating merchant to be a risk if more than 1% of payments received result in a chargeback. [3] Visa and Mastercard levy fines against acquiring banks that retain merchants with a high chargeback frequency. To defray the cost of any fines received, the acquiring banks are inclined (but not required) to pass such fines on to the merchant. These fees are generally charged to the merchant. [ citation needed ]
New merchants pose risk to acquiring banks as well, beyond solvency concerns. A fraudulent new merchant could take a large number of orders, and after receiving payment, disappear without delivering the promised goods or services. As such, identifying legitimate vs. fraudulent new businesses is critical for acquiring banks. [4]
Due to the high amount of risk that acquiring banks are anticipated to face, as well as their key position in the payment chain, the security of electronic payments is a great concern for these institutions. For this reason, they have been involved in the development of electronic point-of-sale security standards such as PCI DSS. Many acquiring banks insist on their merchants being PCI DSS compliant. If merchants are not PCI DSS compliant, the merchants themselves may be responsible for losses due to fraud, which may result in fines from the card schemes. [5]
Dynamic currency conversion (DCC) or cardholder preferred currency (CPC) is a process whereby the amount of a credit card transaction is converted at the point of sale, ATM or internet to the currency of the card's country of issue. DCC is generally provided by third party operators in association with the merchant, and not by a card issuer. Card issuers permit DCC operators to offer DCC in accordance with the card issuers' processing rules. However, using DCC, the customer is usually charged an amount in excess of the transaction amount converted at the normal exchange rate, though this may not be obviously disclosed to the customer at the time. The merchant, the merchant's bank or ATM operator usually impose a markup on the transaction, in addition to the exchange rate that would normally apply, sometimes by as much as 18%.
A chargeback is a return of money to a payer of a transaction, especially a credit card transaction. Most commonly the payer is a consumer. The chargeback reverses a money transfer from the consumer's bank account, line of credit, or credit card. The chargeback is ordered by the bank that issued the consumer's payment card. In the distribution industry, a chargeback occurs when the supplier sells a product at a higher price to the distributor than the price they have set with the end user. The distributor submits a chargeback to the supplier so they can recover the money lost in the transaction.
A payment gateway is a merchant service provided by an e-commerce application service provider that authorizes credit card or direct payments processing for e-businesses, online retailers, bricks and clicks, or traditional brick and mortar. The payment gateway may be provided by a bank to its customers, but can be provided by a specialised financial service provider as a separate service, such as a payment service provider.
A merchant account is a type of bank account that allows businesses to accept payments in multiple ways, typically debit or credit cards. A merchant account is established under an agreement between an acceptor and a merchant acquiring bank for the settlement of payment card transactions. In some cases a payment processor, independent sales organization (ISO), or member service provider (MSP) is also a party to the merchant agreement. Whether a merchant enters into a merchant agreement directly with an acquiring bank or through an aggregator, the agreement contractually binds the merchant to obey the operating regulations established by the card associations. A high-risk merchant account is a business account or merchant account that allows the business to accept online payments though they are considered to be of high-risk nature by the banks and credit card processors. The industries that possess this account are adult industry, travel, Forex trading business, multilevel marketing business. "High-Risk" is the term that is used by the acquiring banks to signify industries or merchants that are involved with the higher financial risk.
Chargeback fraud, also known as friendly fraud, cyber shoplifting, or liar-buyer fraud, occurs when a consumer makes an online shopping purchase with their own credit card, and then requests a chargeback from the issuing bank after receiving the purchased goods or services. Once approved, the chargeback cancels the financial transaction, and the consumer receives a refund of the money they spent. Dependent on the payment method used, the merchant can be accountable when a chargeback occurs.
3-D Secure is a protocol designed to be an additional security layer for online credit and debit card transactions. The name refers to the "three domains" which interact using the protocol: the merchant/acquirer domain, the issuer domain, and the interoperability domain.
Merchant Account Providers give businesses the ability to accept debit and credit cards in payment for goods and services. This can be face-to-face, on the telephone, or over the internet.
Chargeback insurance is an insurance product that protects a merchant who accepts credit cards. The insurance protects the merchant against fraud in a transaction where the use of the credit card was unauthorized, and covers claims arising out of the merchant's liability to the service bank.
Interchange fee is a term used in the payment card industry to describe a fee paid between banks for the acceptance of card-based transactions. Usually for sales/services transactions it is a fee that a merchant's bank pays a customer's bank.
The Payment Card Industry Data Security Standard is an information security standard used to handle credit cards from major card brands. The standard is administered by the Payment Card Industry Security Standards Council, and its use is mandated by the card brands. It was created to better control cardholder data and reduce credit card fraud. Validation of compliance is performed annually or quarterly with a method suited to the volume of transactions:
Internet fraud prevention is the act of stopping various types of internet fraud. Due to the many different ways of committing fraud over the Internet, such as stolen credit cards, identity theft, phishing, and chargebacks, users of the Internet, including online merchants, financial institutions and consumers who make online purchases, must make sure to avoid or minimize the risk of falling prey to such scams.
Credit card fraud is an inclusive term for fraud committed using a payment card, such as a credit card or debit card. The purpose may be to obtain goods or services or to make payment to another account, which is controlled by a criminal. The Payment Card Industry Data Security Standard is the data security standard created to help financial institutions process card payments securely and reduce card fraud.
An issuing bank is a bank that offers card association branded payment cards directly to consumers, such as credit cards, debit cards, contactless devices such as key fobs as well as prepaid cards. The name is derived from the practice of issuing cards to a consumer.
A credit card is a payment card, usually issued by a bank, allowing its users to purchase goods or services or withdraw cash on credit. Using the card thus accrues debt that has to be repaid later. Credit cards are one of the most widely used forms of payment across the world.
Card schemes are payment networks linked to payment cards, such as debit or credit cards, of which a bank or any other eligible financial institution can become a member. By becoming a member of the scheme, the member then gets the possibility to issue cards or acquire merchants operating on the network of that card scheme. UnionPay, Visa and MasterCard are three of the largest global brands, known as card schemes, or card brands. Billions of transactions go through their cards on a yearly basis.
A card-not-present transaction is a payment card transaction made where the cardholder does not or cannot physically present the card for a merchant's visual examination at the time that an order is given and payment effected. It is most commonly used for payments made over the Internet, but can also be used with mail-order transactions by mail or fax, or over the telephone.
A card security code is a series of numbers that, in addition to the bank card number, is printed on a credit or debit card. The CSC is used as a security feature for card not present transactions, where a personal identification number (PIN) cannot be manually entered by the cardholder. It was instituted to reduce the incidence of credit card fraud.
In a credit card or debit card account, a dispute is a situation in which a customer questions the validity of a transaction that was registered to the account.
Point-to-point encryption (P2PE) is a standard established by the PCI Security Standards Council. Payment solutions that offer similar encryption but do not meet the P2PE standard are referred to as end-to-end encryption (E2EE) solutions. The objective of P2PE and E2EE is to provide a payment security solution that instantaneously converts confidential payment card data and information into indecipherable code at the time the card is swiped, in order to prevent hacking and fraud. It is designed to maximize the security of payment card transactions in an increasingly complex regulatory environment.
The Four Corners model, often referred to as the Four Party Scheme is the most used card scheme in card payment systems worldwide. This model was introduced in the 1990s. It is a user-friendly card payment system based on an interbank clearing system and economic model established on multilateral interchange fees (MIF) paid between banks or other payment institutions.