A guide to what is required on your Payment Page.
Before accepting any electronic commerce transactions over the internet, you must establish a website (approved by the merchant) which clearly displays the following information:
Your business trading name, which must correspond with:
the name that will appear on cardholder statements (you must state on your website what name will appear on cardholder statements)
the name advised on the payment record.
If the name of your website is different to your business trading name, it is especially important that your business trading name is prominently displayed so the cardholder can readily identify you as both the merchant and the name that will appear on cardholder statements.
Your legal business name (if this differs to your business trading name).
The physical address (including the country) of your approved place of business. A merchant that primarily operates from a personal residence must include the city, state/province, and country of its Permanent Establishment, but is not required to provide the residence address.
Your business and customer service contact details must include a telephone number or email address for customer queries, along with a secondary contact detail of the following:
facsimile number(s)
social media, such as Facebook, Twitter, lnstagram
chatbot/chat box
A complete description of the goods and services available for purchase on your website with the price clearly stated.
Details of your return/refund policies, cancellation policies, and other purchase terms and conditions, and a confirmation of acceptance of the terms and conditions upon customers' purchases. This can be achieved through either:
A 'click to accept' (or other acknowledgement) button, checkbox, or location for an electronic signature in the sequence of final pages before checkout.
A statement that confirmation of acceptance of terms and conditions is implied by submission of the order on the checkout screen near the 'submit' button.
Details of your delivery times for goods and services, which are to be appropriate for your type of business. (If delivery is to be delayed, the cardholder must be notified of the delay and an option provided to obtain a refund).
If applicable, details of any export restrictions and legal restrictions.
Payment Choice - provide the customer with a clear choice of payment brands. Visa, MasterCard, and/or UnionPay full color logos (of equal size) to indicate card acceptance and credential on file.
Credential on file is account information (including, but not limited to, an Account Number or Payment Token) that is stored by a merchant or its agent to process future transactions for a cardholder with cardholder consent. A merchant must display on the payment screen and all screens that show account information both:
The last 4 digits of the account number or token
The Card Schemes logo in full color
Card Security Code (CVV2/CVC2/CVN2) - the payment page of your website must obtain the customer's card security code value for verification. For information security purposes merchants are prohibited from storing the Card Security Code.
Information Security - outline your site's security capabilities e.g. how card payment information is protected.
Secure your page from potential miss use, by using Re-Captcha or similar, this will mitigate any unauthorised transaction attempts. Please Note if payment page is not behind a login, 2FA or is not a one time link, Re-Captcha is strongly advised.
To further improve your security please talk to your account manager about implementing 3D Secure or Kount, both available as part of the Payrix Software suite.
PAYMENT WEBSITE BEST PRACTICE
Additional items that should be included on a merchant's website include:
Establish a clear, concise statement of your refund and credit policy including:
Make this statement available to website visitors through clearly visible links on your home page.
Provide 'click through' confirmation for important elements of the policy. For example, when purchasing tickets for a sporting event, customer should be able to click on a button - 'Accept' or 'I Agree' - to acknowledge that they understand that the tickets are non- returnable unless the event is postponed or cancelled.
Customer Service Access
Provide an e-mail inquiry option. Your customers are likely to have questions or concerns regarding their online purchase. By offering your customers an easy way to contact you and by providing them with a prompt response, you can help avoid customer disputes and subsequent chargebacks.
Develop an e-mail inquiry response policy
Establish e-mail inquiry response standards and monitor staff compliance.
Offer local and toll-free telephone customer service support and display your phone numbers on your website.
Product Description, make sure your goods or services are accurately described on your website including:
Develop clear, complete product descriptions to reduce customer disputes and dissatisfaction over the actual product received versus what is described on your website.
Use product images and photos, if possible.
Further clarification of Delivery Policy
Clearly state any product or service delivery policy restrictions on your website. This is particularly important if you have geographic or other restrictions that may impact under what circumstances you will provide delivery.
Order fulfilment information, including:
State timeframes for order processing and send an e-mail confirmation and order summary within one business day of the original order
Provide up to date stock information if an item is backordered
Shipping
Develop a clear, comprehensive shipping policy and make it available to customers through a link on your home page and at the time of the online purchase.
Develop an e-mail response to inform customers of any goods or service delivery delays.
Consider not providing the tracking number if you are selling higher fraud risk merchandise and are not allowing redirection of the shipment. Online merchants have discovered fraudsters using the correct billing address and shipping to that address, then redirecting the merchandise. This practice could be applied selectively, based on merchandise type and amount
Billing Practices
Develop a description of your billing practices terms and conditions and make them available to customers at the time of the online purchase, including:
Explain to customers when their credit cards will be billed.
If you use a billing service provider, let the customer know how the transaction will be reflected on their payment card statement (i.e., the service provider name and amount will be shown). This will reduce the risk of confusion when the statement arrives.
Encourage cardholders to retain a copy of the transaction.
Develop a clear, concise statement of your privacy policy and make it available to website visitors through links on your home page. This practice may be subject to legal requirements. To allay customer concerns about providing personal data, your privacy policy should define:
What customer data is collected and tracked
With whom this information is shared and
How customer can opt out
Additional Information Security
Create an FAQ page that includes questions and answers on how customers can protect themselves when shopping online
Discourage the use of e-mail of transactions
Digital Content Policies
Implement a policy that the cardholder will not be billed until the website service is actually accessed via the applicable password
Avoid the use of negative renewal options or other marketing techniques that may create a false expectation to cardholders around the product offering.
Ensure that all terms and conditions are clear and concise. Before a sale is conducted, you must clearly communicate any special restrictions to cardholders.