The acceptance of a card-present payment is a fairly straightforward process. You or your customer swipes her card through your POS terminal, which reads and transmits the payment information to the card issuer who then either approves or declines authorization and you complete the transaction accordingly. This short series of interactions is in fact a more or less precize description of how the vast majority of merchants accept credit cards in a face-to-face setting. However, it is also incomplete.
Sticking to the above card acceptance process does get the job done perfectly well most of the time, but it leaves out a couple of steps, which, if taken, would ensure that you do it well every time. Here is how you should be accepting card-present payments.
5 Steps to Processing Card-Present Transactions
1. Swipe the card. No surprises here. The payment process begins with you or your customer swiping the card through or waving it by (for wireless payments) a POS terminal. Not much can go wrong here, unless the terminal cannot read the card. If that happens, you should:
- Check whether the machine is working properly and make sure that the card is swiped correctly.
- If there is nothing wrong with the terminal, inspect the card’s security features for signs that it may have been altered in some way. If that is the case, make a Code 10 call. Otherwise, take the next step.
- If the card does not appear to have been tampered with and the problem seems to lie with the magnetic stripe, follow your internal procedures. One option would be to key-enter the transaction information or you may request a voice authorization. Alternatively, you may request another payment form from your customer.
- If you choose either the key-entry or voice authorization option and the transaction is successfully authorized, make an imprint of the card on the sales receipt to prove that the card was present at the time of the transaction. This may be needed for re-presentment purposes in case of a chargeback.
- If the terminal cannot read an unembossed card (which has a flat surface, rather than one with raised numbers and letters), do not key-enter the transaction information, but request another form of payment. You cannot take an imprint of such a card, which leaves you unprotected against chargebacks.
2. Inspect the card. While the terminal communicates the transaction information with the issuer and you are waiting for the authorization decision, examine the card’s security features to ensure it has not been tampered with.
3. Obtain an authorization approval. You should never process a card transaction, unless the issuer approves your authorization request. If you receive a decline, do not key-enter the transaction or make another request, but ask for another payment form.
4. Obtain your customer’s signature. If the card looks OK and the issuer approves the transaction, ask your customer to sign the receipt printed by your terminal.
5. Compare the information on the receipt to the one on the card. The last stage of the payment acceptance process is comparing the name, account number and cardholder signature on the card to the corresponding information on the receipt and making sure they match.
If at any stage of the process you become suspicious either of the authenticity of the cardholder or the validity of the card, you will need to make a Code 10 call to your processor. You will end up speaking with a representative of the card issuer who will decide on how to proceed with the transaction and instruct you on what to do.
If you go through each of these five payment processing stages every time a card is swiped through your POS device, you will no longer have to worry about fraud. Yes, it is possible that a fraudulent transaction may yet sneak its way through your defenses, but that would be a rare exception to the rule and one you could easily live with.
Image credit: Dutchpod101.com.